Please enable JavaScript in your browser!
What's new
Deep
integration with the Kaspersky Endpoint Detection and Response Expert
(KEDR Expert). Integration is available only with a Symphony XDR license.
Added
integration with Kaspersky Industrial CyberSecurity for Networks
in asset inventory and response scenarios.
Expanded
integration with Kaspersky Security Center
.
Expanded
capabilities for an SQL search
based on events in storage.
Expanded capabilities of event collection components (collectors):
Added
enrichment with information about the region by IP address
(GeoIP).
Added
capability of enrichment from dictionaries (tables)
filled in manually in the web interface or via API.
Added capability to
adjust the time according to the time zone
of the event source.
Added computable
variables
to cover complex threat detection scenarios during event correlation.
Added capability to
collect events from an isolated segment containing a data diode
when there is no possibility of transmitting network UDP packets.
Added capability to configure
custom templates
and alert
notification rules
.
Expanded
analytics
tools and added
new widgets
.
Added
asset audit
function.
Added
sFlow traffic telemetry support for Juniper hardware. Similarly to Netflow, event data can be collected without limitations when using a license with an active Netflow module.
Page top