The latest release of the Devo Platform is here! Release 8.15.3 brings a collection of improvements to the Alerts page and bug fixes. Starting with the addition of MITRE Tactics and Techniques added to all Alert Definitions. Add single or multi-technique tags to alerts and filter by them in the triggered alerts view. We have also added available Entity Attributes in Alert creation. Opening an Alert in the Query Editor has been improved to use available Extra Data, particularly useful for our MSSP’s as they can edit alerts with the appropriate client information in extra data. Read on to learn more!
Geo Availability
| Region | Status |
|---|---|
| CA | Released |
| US | Released |
| US3 | Released |
| EU | Released |
| APAC | Released |
Table of Contents
New Features
Add MITRE Tactics and Techniques to Alert Definitions
Users can now add MITRE Tactics, Techniques and Sub-Techniques in Alert Definitions. You can add multiple Techniques under each Tactic.
Search for MITRE Tactics and Techniques in Triggered Alerts
Supporting the addition of MITRE Tactics and Techniques, these new search filters allows you to find specific alerts by these new attributes.
Updated Features
Entity Attributes in Alert Creation, Edit, and Clone forms
We have added a new section to inform users about the available entity attributes based on the data source table and query in their alerts. Attribures highlited in blue will appear in triggered alerts, while those in gray are availabe in the table but not currently part of the alert definition.
Learn more in our Documentation.
Alert Extra Data is added as filtering when “Go to Query” is called
When information is available in the Extra Data of an alert, it is used to filter the data when it is opened in the query editor. This is particularly useful for MSSP Alerts, as you can the client information Extra Data and open the query with the correct filtering every time.
Enhanced Alert Auditing with Post filtering information
We’ve enhanced the devo.audit.alert.triggered table by adding information about post-filters. Users can now see if a post-filter was applied to a triggered alert. We are also recording events for triggered alerts that have been deleted via post-filter.
Improved Column Visibility control
Quickly hide columns by right clicking on any column header to reveal the Hide Column command. You can manage visibility of columns on the Ellipse menu at the right end of the table.
Improved Extra Data Visibility
We’ve added color formatting to extra data for enhanced readability.
View our full release notes in our Documentation.