Table of Contents:
New Features
GitHub Integration
We're thrilled to announce our GitHub integration with the Resolution Intelligence Cloud. This integration empowers you to seamlessly sync GitHub repositories, teams, and users with Resolution Intelligence Cloud.
Enhancements
- Manage Columns in the Behavior Analytics
On the Behavior Analytics listing page, we have introduced the "Manage Columns" feature. With this feature, you can pick your desired columns to be shown on the listing page. - Grouping signals in Behavior Analytics
You are allowed to group the signals based on a specific dimension if more than one dimension is selected during the behavior model configuration. You can witness the signals generated for a model based on the alerting mode.-
- Flatten: No signal grouping is done based on the selected UDM fields. It is displayed when more than one UDM field is selected for signal generation.
- Group: Signals grouped by the specific UDM field. It considers only one UDM field out of all fields.
-
- Show all linked functions in the escalation policy
On the escalation policies home page, we have improved the UI to show all linked functions to an escalation policy. This improvement provides efficient issue resolution, transparency and accountability, proper resource allocation, and risk mitigation. - Labels in the Correlation Policies
Added labels field in the correlation policy creation form. Labels are the keywords that give additional context, easy search, filter, and categorize the correlation policies in the listing page. - Signals count increment in the export option
Under Resolutions, the exporting capacity of signals has been increased from 5000 to 40,000 in the Signals UI to cater to customer requirements. - Addition of new attributes in the Correlation Policies
Added the new attributes - Source IP, Username, Destination Host/Target Host, Source Host/Principal Host, LogSource Name which help enrich the Situation title in the Correlation policies. - Impact scoring evidence metric in the threat model
Introduced a unified impact scoring evidence for each asset with low criticality levels while evaluating a threat model. - Manage Columns feature in the Table view of ActOns
A unique functionality "Manage Columns" has been introduced in the table view of ActOns. With this new functionality, you can control and reorder what columns are allowed on the listing page, which allows you to work on the useful metrics to remediate an ActOn. - Enhanced UI for adding or editing task in the Security ActOns
In the ActOn page relevant to security, we have introduced a new UI for task handling in the Analysis log tab. This feature enables the user to set the start date and due date, add other dependency tasks, assign the task to respective personnel to take action, and set a category to which a task belongs. - Introduced a Security related filter in ActOns and Situations
ActOns and Situations are now filtered by the sources, ASI or Google Chronicle, related to security. In the Behavior Analytics, the threat models process not only Google Chronicle signals but also ASI signals now. - Enabled notification for low urgency ActOns
The Resolution Intelligence Cloud notifies users of low-priority ActOns in addition to high-priority ActOns. You can enable notification for low-priority ActOns in the escalation settings under My Profile. - Escalation summary in the ActOns UI
Added the escalation summary to the ActOns under the escalations tab to inform the user about the details of all escalations for quicker resolution of an issue. - Enabled Entities and Funtions tabs in the threat detection dashboards
In the threat detection dashboards, added both columns named Entities, and Functions that enable the security analyst to view all entities and their associated functions that contributed to triggering a specific signal. - Enhanced Entities Functionality
We've expanded the capabilities of our Entities functionality with several new enhancements:-
- Sync is now enabled for OpsRamp, AWS, Azure, and GitHub entities.
- Instantly sync metadata of existing entities to the platform.
- Download entities overview data to a PDF file for easy sharing.
- Added two new tabs to OpsRamp source - Applications and Patch - to provide comprehensive insights.
-
- Additional Attributes in Enrichment Policies
Two new attributes - User Group Name and Tags - have been included to enrich signals. You can use these attributes while configuring an enrichment policy. - Support for Microsoft Teams Card Icons
To differentiate various events in the Microsoft Teams chat window, different icons are used when a signal, a Situation or an ActOn is created. Users can easily identify the event triggered without having to go through each detail related to the event. - Function Scope
Functions now assigned at the domain level cannot be viewed at the organization and tenant levels. Likewise, the functions assigned at an organization level can be viewed at the organization level, and functions assigned to entities at a tenant level can be viewed at the tenant level only. - Enable or disable Netenrich Multi-Factor Authentication (MFA) on SSO
Users can now enable Netenrich Multi-Factor Authentication from the Federated Auths tab on the Authentication page, providing an additional layer of security during login via Single Sign-On. The check box is not enabled by default. When you enable it, Netenrich enables a secondary layer of protection for your account when you login.
Initially, the user must provide a single sign-on credential and verify their identity through the MFA verification method via the authenticator app. If users haven’t selected the verification method for the first time, they will receive a QR code to scan and generate the one-time passcode. Every time they login to the platform, this one-time passcode should be provided with the single sign on credentials. If the MFA is disabled, the two-step verification will be skipped. - Reorganized the Platform API key functionality
Previously, the API keys functionality was under Account Information in Configurations, and this has now been moved to the Authentication page. Specifically, this is found on the new tab named Platform API Keys. It is important to note that this restructuring does not affect the existing functionality of the API keys. - Added search bar in the left navigation menu of the platform
The search functionality has been added to the left navigation menu. This enhancement enables users to conveniently search for desired modules directly from the menu.
Comments
0 comments
Please sign in to leave a comment.