In this article:
Release notes are displayed in reverse chronological order. Known issues are listed with the most recent release.
- A new breadcrumb left menu has been introduced using which you would know where you are and how you have reached to a feature within Resolution Intelligence Cloud platform. This applies to all top level navigation within Resolution Intelligence Cloud.
- Usage Metrics & Limits: Resolution Intelligence Cloud provides you a detailed view of resource consumption based on your subscription plan.
- Chronicle Instance Setup: Resolution Intelligence Cloud supports Google Chronicle instance setup where you can bring your own instance or inherit Netenrich Chronicle’s license to ingest your telemetry and security data.
- Threat Feeds: With this feature, now you can create a list of curated threats and push them into Chronicle to defend against potential threats from external hackers. Also, you can understand the hacker’s tactics, techniques, and methods so that you can improve security posture of your organization.
- Do It Yourself: Do It Yourself (DIY) is an automation method that ensures the first-time users to setup the mandatory configurations required to leverage the full capacity of Resolution Intelligence Cloud without the aid of an expert or a support team. The automation screen is visible for the first-time users of a domain or an organization or a tenant after they logged into the Resolution Intelligence Cloud. If you are a user from organization, you must switch to a specific tenant account to view the configuration steps that are carried out to setup their account.
- Configuration UI: Navigate and access the features available across Configurations tab. You can access and configure the following features.
- Account Management: This section deals with the account creation for your organization’s internal users, existing user accounts within your organization, and the subscription plans that you purchased.
- Platform Management: This section includes the packages with associated features that are acquired after purchasing a subscription or an add-on. You can assign roles and permissions to other users within your organizations and control them effectively.
- Product Catalogue Management: includes the product plans or account subscriptions and short cuts of frequently used items such as product family, product category, metric type, metric unit, metric limit, packages, and modules.
- Rule management: deals with the correlation rules and detection rules
- Parser management: manages the Chronicle CMS items – Parsers, Content Packs, Threat feeds, and Reference lists.
- Logs: includes the audit logs (), access logs (logs generated when a user is added), error logs (logs generated when user encounters errors while accessing a feature).
- Sharing and Scheduling Reports: Resolution Intelligence Cloud lets you schedule a report from user-defined dashboards on daily, weekly, monthly, quarterly, and yearly basis to be delivered to a target user by adding their email IDs. Also, you can download in PPT or PDF formats and share them with others either internal or external to your enterprise via multiple ways like slack message.
- ServiceNow and Jira integration enhancements: With an interactive UI, after you have setup ServiceNow and Jira integrations, you can map them to multiple tenants now. Resolution Intelligence Cloud allows you to flow the entities such as Incident, Change, Problem, Service request and Case to Jira and ServiceNow.
- Interactive UI for Situations & ActOns:
- View ActOns in an isolation mode: Isolation mode makes you open any ActOn in a full screen when you are working on another ActOn.
- Card layout for ActOns & Situations: You can differentiate between Digital Ops and Security by looking at the cards layout.
- Visibility of an ActOn: The Domain and Organization level users can add their tenants and notify them about an ActOn being added to their account.
- Bottom screen of a task in ActOn: You can open and verify the details of a task in the bottom screen of an ActOn.
- Marking a Situation as an ActOn: Most Situations are resolved automatically, but some Situations turn into ActOns and trigger notifications to IT OPs and NOC teams in order to remediate them and prevent extreme outages in your IT infrastructure. Now you can convert any situation into an ActOn in simple steps.
- Chronicle Instance setup: Resolution Intelligence Cloud empowers you to use Netenrich Chronicle instance, or you can bring your own chronicle instance whether you are an Organization, or Tenant user.
- Account Subscriptions: Are you struggling to add the new add-ons or plans to your existing account? Now you can enhance or upgrade to an additional plans or add-ons along with your existing plans to perform your operations smoothly. Also, you can cancel or make any subscription plan in-active associated with your account ID.
- Left navigation menu UI enhancements in Configurations: Resolution Intelligence Cloud brings the new intuitive, personalized left navigation bar under Configurations that enables your organization to drive productivity, improve engagement, and inspire learning with our platform. You can easily navigate to any feature set with fewer clicks in the Configurations.
- Global Search: You can search other users across the Globe using search option enabled at top right corner in User profile
- Chronicle Data Feeds: Ingest data into Chronicle from multiple sources such as Carbon Black, Crowdstrike, Amazon AWS and Microsoft Azure using Resolution Intelligence UI
- Chronicle Forwarders: Download and install forwarders in your local machine to ingest on-premise data to Chronicle without using Cloud buckets from Resolution Intelligence UI
- UI segregation for ActOns, Situations, and Signals: Navigating through ActOns, Situations, and Signals has become easy now with an interactive UI
- Mapping Tenants in Jira and ServiceNow integration: Once you configure integration between Jira and Resolution Intelligence Cloud, you can map it to multiple tenants if you are at Organization or MSSP level
- Nomenclature changes across Resolution Intelligence Cloud: The following terms have been renamed
- Alerts to Signals
- Correlated Alerts to Situations
- Incidents to ActOns
- Guided Tours: Now you can navigate throughout Resolution Intelligence by following instructions appear on the User interface
- Announcements: You will be notified the upcoming events after you have logged into the platform
- Support Center: You can raise support tickets from the Resource center to support team at the bottom right corner
- Use LaaS detection rules that are gathered from multiple vendors - Splunk, Elastic Security & Open Source Sigma
- You can make use of new charts (Scatter chart and Packed bubble chart) while creating a dashboard
- Aesthetics in the Header: You can see multiple color codes in your profile whenever you logged in to Resolution Intelligence. These color codes reset whenever you logged in or logged off
- The new header design (sleek and clean) with user profile navigation
- Left Menu style change in Home and Configurations
- Reorganized Left Menu items in configurations
- Introducing User Profiles: You can grant access to your internal users and outside of your organization-users by creating a user profile. Each user profile has a personal space to see your personal details such as your name, assigned role, and title. You can change personal settings like contact information and personalized notification rules.
- Switch between user profiles to access accounts
- You can leverage the MITRE Attack framework capability to detect threats across your IT infrastructure now
- Nomenclature changes across Resolution Intelligence
- Service Provider has been renamed to Domain
- Partner has been renamed to Organization
- Client/Customer has been renamed to Tenant
- Provided ability to configure AWS and GCP feed in Google Chronicle
- Support to accept private offers from Google Marketplace
- Support to change and cancel your subscription plans through the marketplace in Resolution Intelligence
- Roles/permissions enhancements (RBAC)
- Multiple subscription packages are available according to your requirements
- You can Run the report while scheduling your own report
- Navigate to Jira tickets using an external Jira ID in an Acton
- Subscriptions are visible to the tenants and organizations
- Enhanced Save as Draft behavior in dashboards
- "Import from account hierarchy" is enabled in ActOn Policy
- Settings icon is visible while editing a correlation rule
- RBAC menu is visible to the users who have permissions
- Added phone number with country code for both organization and tenant
- Enhanced UI (enabled toggle switch) for all integrations
- Added a radial chart in dashboards
- Enable and Disable buttons are alive in Rules listing page
- Alert buffering is added for Domain, Organization, and Tenant levels
- Updated License Information in asset visualization and investigation of user management
- Enhanced Search option (Search is working only if you enter complete word)
- Enabled new widget level filters for the following.
- Alert Source
- Alert Type
- Alert Event Type
- Incident Source
- Participant Name
- Alert Source
- Removed "Category Selection" in order to publishing dashboards or reports without any restrictions
- Added Quarterly Frequency for report scheduling
- Added a PPT support for stacked bar chart
- Now you can see date filter on a single widget in a dashboard
- Retained the "Sorting" feature when any update is done on the dashboard listing page
- In Entities & Evidences tab, enabled a "Add list option" under reference list
- Handoff time is now changed from 24:00 hrs to 00.00 hrs
- Enabled Apps icon
- Introduced Chronicle instance creation in the Europe region
- Chronicle SOAR (formerly Siemplify) integration is live now
- Introduced ActOn creation for all users of Domain, Organization, and Tenants from Resolutions
- Implemented a War room for Tenant and Organization users
- Siemplify SOAR details are available on ActOns timeline
- Enabled focus mode, expand mode and run time visualization on the dashboards
- Focus Mode: User can select a specific widget by clicking three dots at top right of any dashboard which results in background area is greyed out and enable user to focus on a required widget for better story telling.
- Expand Mode: User can focus and can have a detailed discussion on a specific widget by expanding dashboard area.
- Run-time Visualization: helps in providing an alternate view to the consumer of the dashboard by letting them change the visualization once the data is loaded (run time).
- Users with equal permissions can edit dashboards among themselves who ever creates the dashboard with in the same organization
- Mapping of attributes such as - alert and asset count is done with reference to Domain for ActOn Policy
- Duplication of rule is enabled when you use "Copy" or "Create New Rule" twice with same title and attributes
- Internal or external users can create dashboard and report templates according to their assigned permissions
- New options have been added to "Fields to correlate" feature
- Date range is enabled for users based on their local time zones in ActOn Policy
- Configurable correlation policies
- Rules renamed as Processing Rules and Incident rules as Scoring-Templatization Rules
- Dashboards for usage metrics, log sources health, visibility
- ActOn aka Ticket Policy configuration
These external release notes began as of March 2022. Resolution Intelligence Cloud has been in production since 2020 enabling secure operations for thousands of organizations and tenants.
Please sign in to leave a comment.