![]() This is made possible through the analysis of the interactions following a given detection and then assigns a verification outcome to the corresponding event. Lastline appliances now have the capability to infer if the activity observed within a network event was successful or not. This new feature was tracked internally as SENT-2518 DISPLAY NETWORK EVENT VERIFICATION OUTCOME IN PORTAL The new URL reputation pipeline improves detection coverage, especially for phishing threats that can be found in email processing. Sensors with this release start to benefit from a new URL reputation pipeline that will be used to make prefiltering and detection decisions in all modes. This new feature was tracked internally as FEAT-3558 ENABLE REPUTATION FEED ON SENSOR This provides a central interface to investigate threats on hosts and investigate hosts that may not have an active security incident associated with them. Security Analysts will now be able to get complete visibility on all hosts on their network and filter the list based on host attributes such as OS, Applications seen on the hosts etc. Lastline has expanded the Host Lists to show all hosts seen on the network - expanding from just showing hosts with security incidents. This new feature was tracked internally as FEAT-4627 IMPLEMENT NEW HOSTS LISTING VIEW Users downloading malicious files for further analysis via the Analysis Overview page now have the option of downloading an encrypted (password-protected) ZIP archive of the file, so that other solutions monitoring traffic do not automatically inspect the threat. This new feature was tracked internally as FEAT-3633 ADDED PASSWORD PROTECTION SUPPORT FOR ANALYSIS ARTIFACT DOWNLOAD This includes failed SPF checks and other evidence of spam behavior. This allows the identification of threats that may be located in the message body or metadata. The sensor can now identify harmful content in an email message independently from the analysis of its attachments or URLs. Support for analysis of artifacts extracted from HTTP uploads.MITRE ATT&CK techniques and details now available in Analysis report.Access host overview sidebar from intrusion profile.Extend displayed analysis information for mail messages.Display Lastline IDS signatures for detectors.Display network event verification outcome in portal.Added password protection support for analysis artifact download. ![]() Lastline Enterprise On-Premises Release Notes Version 9.1 New Features
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |