This release of Security Operations brings in new functionality that improves analyst workflows in the triage and investigations workbenches and updates to the content manager!
Geo Availability
| Region | Status |
|---|---|
| CA | Released |
| US | Released |
| EU | Released |
| APAC | Released |
Table of Contents
New features
Open in Dedicated tabs
We have enhanced SecOps to allow you to open the entire application and sections in separate tabs, increasing the modularity of your workflow.
SecOps - You can open SecOps in a new tab from the General Menu.
Alerts from the Triage Page can now be launched in a new tab by right-clicking on the alert and choosing “open in a new tab”.
Investigations can be opened in a new tab from the Triage page by right-clicking on the alert and selecting “open in a new tab”.
Investigations can also be launched in a new tab from the investigations page by right-clicking on an alert and choosing “open in a new tab”
Improvements
Increased Visible Alerts
We have increased the visible alerts displayed in the Triage page.
| View | Count |
|---|---|
| No Grouping View | 10,20,30,50 (Default 20) |
| Entity Grouping View | 5,10,20,30 (Default 10) |
| Alert Type Grouping View | 5,10,20 (Default 10) |
| Investigations Table View | 5,10,20 (Default 10) |
Content Manager expanded to support All alert types
It is now possible to install all alert types not just “each” from Content Manager.
- Rolling
- Deviation
- Gradient
- Several
- Each
Content Manager Subquery Support
Subqueries are now supported by adding these parameters:
- externalOffset
- internalOffset
- internalPeriod
Triage Filtering
Triage can now filter Entities using AND / OR conditions.
Increased security of investigations and Enigma Endpoints
Updates to internal APIs are adapted to Devo roles with the associated End Points.
