Detections
Introducing Detections!!! Detections provide an aggregated visibility into related events / signals. A detection is a collection of events and alerts that are triggered in the last 15 minutes from a common ancestor.
Cloud compliance
The AWS Compliance Overview dashboard now features an early support for SOC2 AWS and Non Compliance dashboards.
MITRE ATT&CK dashboard
A new MITRE ATT&CK dashboard is available to monitor attack tactics and techniques related to Linux, Mac and Windows endpoints.
Alert management
Uptycs now supports a new entry for every alert triggered instead of incrementing the counts of related alerts. Related alerts are now grouped into one detection and they can be monitored via the Detections page.
Alert destination
New configuration options are available on the Add alert notification page. These options allow forwarding all alerts to a destination and auto-closing them after a reliable delivery to the destination.
Event rule builder
Event rules builder now supports:
Custom dashboards
Custom dashboards now support:
VirusTotal integration
A new Detections field is available while configuring VirusTotal integration. In this field, you can enter the number of detections to trigger an alert when VirusTotal has detected a SHA for the file that was sent to VirusTotal for detection processing.
Following customer related issues were also addressed in this release
Fixed an issue with un-throttling alert rules. Users can now un-throttle alert rules.
Refer to the help section on the portal for further details.
Let us know if you have any queries / concerns.
Uptycs Support Team