Release Notes

  • Updated

    Release notes are displayed in reverse chronological order. Known issues are listed with the most recent release.

    November 2023

    New Features

    • API Gateway: Introducing the Netenrich API Gateway—a dedicated platform to manage, secure, and publish REST APIs. This gateway enables third-party developers to securely access our API service in their applications. To get started, an active subscription and access to the Resolution Intelligence Cloud are required.
    • Outbound Policies: We've added outbound policies for ITSM (Jira, ServiceNow) and Security (Chronicle SOAR) integrations. These policies, found in the platform's integration section, allow rule-based control over tickets sent to the platform, based on defined criteria during configuration.
    • LogicMonitor Integration: LogicMonitor, a SaaS based infrastructure and monitoring platform, stores the client assets. Integration with LogicMonitor allows you to send signals (raw data) to Resolution Intelligence Cloud where the signals are enriched and contextualized to derive the insights that support decision making.
    • Data Completeness: Gain enhanced transparency into your Behavior model's data pipeline with this update. Easily identify data ingestion issues and ensure all behaviors are successfully ingested into your models for more accurate insights and improved model performance.

    Enhancements

    • Enhancements in Behaviour Analytics

      • Disable a Model: Disable allows you to deactivate any model which is in active state.

      • Enable a Model: Enable allows you to activate any model which is in inactive state.

      • Clone a Model: Cloning allows to create a copy of a specific model with all the defined parameters.

      • Activity Log: Activity log tracks all activities performed by user on each model.

    • New Version button in Detection Rules: New version button is enabled only if the latest version of a rule is in published or disabled states.

    • Usage Metrics: Added the 'ML_models' metric in the Usage and Limits section, displaying the total number of consumed ML models.

    • Event Notifications: Enabled notification services for various events occurring in Situations or ActOns, such as SIGNAL_APPENDED, SIGNAL_DELINKED, SIGNAL_UDPATE, ENTITY_ATTACHED, ENTITY_UPDATE, and UPDATED.

    • Time Zone Settings: Enabled time zone adjustment for the Data extraction feature, allowing users to set their preferred time zone when extracting data from the Resolution Intelligence Cloud.

    • Correlation Rules: Restricted the correlation rules offered by Resolution Intelligence Cloud and these rules do not include the OpsRamp's correlated signals.

    • UI Enhancements: Improved the right menu in the signal UI to display all UDM fields in a single pane, enhanced Tenant Mapping screens, and refined the interface for domain users to view associated tenants.

    • Chronicle SOAR Integration: Enabled Chronicle SOAR integrations only for users with an active Chronicle subscription.

    • Activity Logs: Users can now track actions performed on AWS, Azure, and GCP assets through the Activity logs under Configurations, allowing better monitoring of asset-related actions.

    • Audit Logs: Introduced the ability to track tickets assigned to external users in audit logs.

    • User Interface Improvements: Enhanced the interface for domain users, improved Accessibility features for different hierarchical levels, and made user creation an optional step when creating a tenant or organization.

    • Email Invitations Restriction: Added the ability to restrict email invitations in domain accounts to prevent the addition of unwanted emails to the domain list.

    • BYOC Interface: Enhanced the Bring Your Own Chronicle (BYOC) interface for a more seamless user experience.

    September 2023

    New Features

    • Functions Tab: Security ActOns are enabled with the Functions tab to provide the type of functions that are mapped with an ActOn.
    • Data Ingestion Criteria for CMDB integrations: Added Data Ingestion criteria for Google Cloud, Microsoft Azure, and Amazon AWS integrations to ingest the specific data relevant to the attributes - source, created time, updated time, name, alias name.
    • Configurable Statuses: You can personalize the default status of an ActOn or a Situation to your desired one to match the business workflows, which enhances the productivity and collaboration among the team members.
    • Alerting in Threat Feeds: With Alerting feature, you will be notified of a signal generated in the signals home page whenever a malicious IP, URL,hash static or domain is detected in your network.
    • Enhanced Behavior Analytics Homepage: We've overhauled the landing page of Behavior Analytics to elevate user experience. Models can now be sorted by behaviors tracked and signals generated along with an aggregate insight of models on the right.
    • Ease of accessing Behavior Analytics: Now you can access and explore Behavior analytics directly from the home page.
    • SendGrid Integration: Integration with SendGrid allows you to setup custom SMTP and email domains to deliver email notifications. The emails are sent with your organization's domain rather than using Netenrich domain.
    • Renaming Services: Services are now called Functions to align with the other significant features and to meet the business strategies.
    • August 2023
    • New Features
    • Timezone support: Set your default time zone to automatically view timestamps, data in dashboards, and reports in your chosen time zone.
    • Notifications Webhook for Microsoft Teams: Set up Microsoft Teams Webhook to notify updates from Situations and ActOns in Teams for an enhanced collaboration experience.
    • July 2023
    • New Features
    • Behavior Analytics (Beta version): Behavior Analytics feature to gain insights about hidden patterns, and anomalies present in the complex data. Behavior Analytics uses data and analytical modeling to understand how users interact and communicate with the systems. Read more details in this article.
    • Signal Analytics (Beta version):
      This feature empowers the security analysts to gain momentum in analyzing the hidden patterns in multiple signals generated from the behavior-based detections, YARA-L based detections, exposure-based detections, and threat intelligence feeds. Signal Analytics can consolidate and aggregate all signals and identify anomalies, irregular patterns and correlations, there by enhance the threat detection and response. Read more details in this article.
    • Usage Metrics & Limits at Organization and Domain level: Users at organization and domain levels can see their aggregated resource consumption.
    • Notification Logs: A centralized logging allows comprehensive tracking and visibility into all the notifications sent from the Resolution Intelligence Cloud. You can view the status, details of the policy that triggered the notification and more..
    • ServiceNow Integration: Feature enhancement enables you to integrate ServiceNow at the Tenant level in the account hierarchy.
    • Log Source Monitors: Enables you to determine what events are occurring in your systems and generate signals when a source stops sending logs.
    • Confidence Score: Feature enhancement helps you to determine how confident that an incoming signal carries a risk or an abnormality. A higher confidence score indicates a higher abnormality of a signal.
    • June 2023
    • New Features
    • Notifications: The Notifications in the Resolution Intelligence Cloud platform allows users to stay informed about important events and changes related to signals, situations, ActOns, and entities. Configure notification channels (webhook or email), customize notification templates, and configure notification policies to receive alerts in a timely manner. 
      Learn more on how you setup notification channels, templates, and policies to send a notification to the respective owner.
    • May 2023
    • New Features
    • A new breadcrumb left menu has been introduced using which you would know where you are and how you have reached to a feature within Resolution Intelligence Cloud platform. This applies to all top level navigation within Resolution Intelligence Cloud.
    • March 2023
    • New Features
    • Usage Metrics & Limits: Resolution Intelligence Cloud provides you a detailed view of resource consumption based on your subscription plan.
    • Chronicle Instance Setup: Resolution Intelligence Cloud supports Google Chronicle instance setup where you can bring your own instance or inherit Netenrich Chronicle’s license to ingest your telemetry and security data.
    • Threat Feeds: With this feature, now you can create a list of curated threats and push them into Chronicle to defend against potential threats from external hackers. Also, you can understand the hacker’s tactics, techniques, and methods so that you can improve security posture of your organization.
    • Do It Yourself: Do It Yourself (DIY) is an automation method that ensures the first-time users to setup the mandatory configurations required to leverage the full capacity of Resolution Intelligence Cloud without the aid of an expert or a support team. The automation screen is visible for the first-time users of a domain or an organization or a tenant after they logged into the Resolution Intelligence Cloud. If you are a user from organization, you must switch to a specific tenant account to view the configuration steps that are carried out to setup their account.
    • Major Updates
    • Configuration UI: Navigate and access the features available across Configurations tab. You can access and configure the following features.
      • Account Management: This section deals with the account creation for your organization’s internal users, existing user accounts within your organization, and the subscription plans that you purchased. 
      • Platform Management: This section includes the packages with associated features that are acquired after purchasing a subscription or an add-on. You can assign roles and permissions to other users within your organizations and control them effectively. 
      • Product Catalogue Management: includes the product plans or account subscriptions and short cuts of frequently used items such as product family, product category, metric type, metric unit, metric limit, packages, and modules.  
      • Rule management: deals with the correlation rules and detection rules
      • Parser management: manages the Chronicle CMS items – Parsers, Content Packs, Threat feeds, and Reference lists.
      • Logs: includes the audit logs (), access logs (logs generated when a user is added), error logs (logs generated when user encounters errors while accessing a feature). 
    • Sharing and Scheduling Reports: Resolution Intelligence Cloud lets you schedule a report from user-defined dashboards on daily, weekly, monthly, quarterly, and yearly basis to be delivered to a target user by adding their email IDs. Also, you can download in PPT or PDF formats and share them with others either internal or external to your enterprise via multiple ways like slack message.
    • ServiceNow and Jira integration enhancements: With an interactive UI, after you have setup ServiceNow and Jira integrations, you can map them to multiple tenants now. Resolution Intelligence Cloud allows you to flow the entities such as Incident, Change, Problem, Service request and Case to Jira and ServiceNow.
    • Interactive UI for Situations & ActOns:
      • View ActOns in an isolation mode: Isolation mode makes you open any ActOn in a full screen when you are working on another ActOn.
      • Card layout for ActOns & Situations: You can differentiate between Digital Ops and Security by looking at the cards layout.
    • Visibility of an ActOn: The Domain and Organization level users can add their tenants and notify them about an ActOn being added to their account.
    • Bottom screen of a task in ActOn: You can open and verify the details of a task in the bottom screen of an ActOn.
    • Marking a Situation as an ActOn: Most Situations are resolved automatically, but some Situations turn into ActOns and trigger notifications to IT OPs and NOC teams in order to remediate them and prevent extreme outages in your IT infrastructure. Now you can convert any situation into an ActOn in simple steps.
    • Chronicle Instance setup: Resolution Intelligence Cloud empowers you to use Netenrich Chronicle instance, or you can bring your own chronicle instance whether you are an Organization, or Tenant user.
    • Account Subscriptions: Are you struggling to add the new add-ons or plans to your existing account? Now you can enhance or upgrade to an additional plans or add-ons along with your existing plans to perform your operations smoothly. Also, you can cancel or make any subscription plan in-active associated with your account ID.
    • Left navigation menu UI enhancements in Configurations: Resolution Intelligence Cloud brings the new intuitive, personalized left navigation bar under Configurations that enables your organization to drive productivity, improve engagement, and inspire learning with our platform. You can easily navigate to any feature set with fewer clicks in the Configurations.
    • February 2023
    • New Features
    • Global Search: You can search other users across the Globe using search option enabled at top right corner in User profile.
    • Chronicle Data Feeds: Ingest data into Chronicle from multiple sources such as Carbon Black, Crowdstrike, Amazon AWS and Microsoft Azure using Resolution Intelligence UI.
    • Chronicle Forwarders: Download and install forwarders in your local machine to ingest on-premise data to Chronicle without using Cloud buckets from Resolution Intelligence UI.
    • UI segregation for ActOns, Situations, and Signals: Navigating through ActOns, Situations, and Signals has become easy now with an interactive UI.
    • Mapping Tenants in Jira and ServiceNow integration: Once you configure integration between Jira and Resolution Intelligence Cloud, you can map it to multiple tenants if you are at Organization or MSSP level.
    • Major Updates
    • Nomenclature changes across Resolution Intelligence Cloud: The following terms have been renamed
      • Alerts to Signals
      • Correlated Alerts to Situations
      • Incidents to ActOns
    • January 2023
    • New Features
    • Guided Tours: Now you can navigate throughout Resolution Intelligence by following instructions appear on the user interface.
    • Announcements: You will be notified the upcoming events after you have logged into the platform
    • Support Center: You can raise support tickets from the Resource center to support team at the bottom right corner.
    • Use LaaS detection rules that are gathered from multiple vendors - Splunk, Elastic Security & Open Source Sigma.
    • December 2022
    • New Features
    • You can make use of new charts (Scatter chart and Packed bubble chart) while creating a dashboard.
    • Aesthetics in the Header: You can see multiple color codes in your profile whenever you logged in to Resolution Intelligence. These color codes reset whenever you logged in or logged off.
    • November 2022
    • New Features
    • The new header design (sleek and clean) with user profile navigation
    • Left menu style change in Home and Configurations
    • Reorganized left menu items in Configurations
    • Introducing User Profiles: You can grant access to your internal users and outside of your organization-users by creating a user profile. Each user profile has a personal space to see your personal details such as your name, assigned role, and title. You can change personal settings like contact information and personalized notification rules.
    • Switch between user profiles to access accounts
    • October 2022
    • New Features
    • You can leverage the MITRE Attack framework capability to detect threats across your IT infrastructure now
    • Nomenclature changes across Resolution Intelligence 
      • Service Provider has been renamed to Domain
      • Partner has been renamed to Organization
      • Client/Customer has been renamed to Tenant
    • Provided ability to configure AWS and GCP feed in Google Chronicle
    • Support to accept private offers from Google Marketplace
    • Support to change and cancel your subscription plans through the marketplace in Resolution Intelligence
    • Roles/permissions enhancements (RBAC)
    • Multiple subscription packages are available according to your requirements
    • You can Run the report while scheduling your own report
    • Navigate to Jira tickets using an external Jira ID in an Acton
    • Subscriptions are visible to the tenants and organizations
    • Improvements
    • Enhanced Save as Draft behavior in dashboards 
    •  "Import from account hierarchy" is enabled in ActOn Policy 
    • Resolved Issues
    • Settings icon is visible while editing a correlation rule
    • RBAC menu is visible to the users who have permissions
    • September 2022
    • New Features
    • Added phone number with country code for both organization and tenant
    • Enhanced UI (enabled toggle switch) for all integrations
    • Added a radial chart in dashboards 
    • Enable and Disable buttons are alive in Rules listing page
    • Alert buffering is added for Domain, Organization, and Tenant levels
    • Improvements
    • Updated License Information in asset visualization and investigation of user management
    • Enhanced Search option (Search is working only if you enter complete word)
    • Enabled new widget level filters for the following.
      • Alert Source
        • Alert Type
        • Alert Event Type
      • Incident Source
        • Participant Name
    • Removed "Category Selection" in order to publishing dashboards or reports without any restrictions
    • Added Quarterly Frequency for report scheduling
    • Added a PPT support for stacked bar chart
    • Resolved Issues
    • Now you can see date filter on a single widget in a dashboard
    • Retained the "Sorting" feature when any update is done on the dashboard listing page
    • In Entities & Evidences tab, enabled a "Add list option" under reference list
    • Handoff time is now changed from 24:00 hrs to 00.00 hrs
    • August 2022
    • New Features
    • Enabled Apps icon
    • Introduced Chronicle instance creation in the Europe region
    • Chronicle SOAR (formerly Siemplify) integration is live now
    • Introduced ActOn creation for all users of Domain, Organization, and Tenants from Resolutions
    • Implemented a War room for Tenant and Organization users
    • Siemplify SOAR details are available on ActOns timeline
    • Enabled focus mode, expand mode and run time visualization on the dashboards
      • Focus Mode: User can select a specific widget by clicking three dots at top right of any dashboard which results in background area is greyed out and enable user to focus on a required widget for better story telling.
      • Expand Mode: User can focus and can have a detailed discussion on a specific widget by expanding dashboard area.
      • Run-time Visualization: helps in providing an alternate view to the consumer of the dashboard by letting them change the visualization once the data is loaded (run time).
    • Improvements
    • Users with equal permissions can edit dashboards among themselves who ever creates the dashboard with in the same organization
    • July 2022
    • New Features
    • Mapping of attributes such as - alert and asset count is done with reference to Domain for ActOn Policy
    • Duplication of rule is enabled when you use "Copy" or "Create New Rule" twice with same title and attributes
    • Internal or external users can create dashboard and report templates according to their assigned permissions
    • Improvements
    • New options have been added to "Fields to correlate" feature
    • Date range is enabled for users based on their local time zones in ActOn Policy
    • June 2022
    • New features
    • Configurable correlation policies
    • Improvements
    • Rules renamed as Processing Rules and Incident rules as Scoring-Templatization Rules
    • May 2022
    • New features
    • Dashboards for usage metrics, log sources health, visibility
    • April 2022
    • New features
    •  
    • March 2022
    • New features
    • ActOn aka Ticket Policy configuration
    • Note
    • These external release notes began as of March 2022. Resolution Intelligence Cloud has been in production since 2020 enabling secure operations for thousands of organizations and tenants.
    •  
    •  
    •  

    Related articles

    Comments

    0 comments

    Please sign in to leave a comment.