Login
    Contents x
    January 2025
    • 13 Feb 2025
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    Contents

    January 2025

    • Updated on 13 Feb 2025
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    Article summary

    New Features

    • New health history trendline component in the DataBee UI.

    • The device entity pages display suggested owners along with the potential owners.

    • The CVE/vulnerability findings are extracted from matched events and included in detection chain findings.

    • DataBee-generated Detection Findings Events have been enhanced to include the following:

      • When present in the matching originating event, the following objects are now written to their corresponding evidence items:

        • DNS Query

        • File

        • HTTP Request

        • HTTP Response

        • Job

        • Process

        • Script

      • Mapping of CVEs to Vulnerability Objects in Detection Chains:

        Common Vulnerabilities and Exposures (CVEs) are now mapped to the vulnerability object within detection chains, enhancing the identification and tracking of known security issues.

      • Mapping of Non-MITRE ATT&CK and Non-CVE Tags to Enrichment Objects:

        Tags that do not pertain to MITRE ATT&CK or CVEs are now mapped to the enrichment object, providing additional context and information within detection findings.

    Feature Enhancements

    • Tooltips are added for inclusion and exclusion filters in the data source configuration page.

    • A tooltip is added to the 'Add Parameter' options for Basic Search.

    • The Related Node graph now shows the selected owner as well for devices, applications, or products.

    • A potential owner relationship is added to applications/products.

    • In the Data Collector UI, the proxy URL validation is updated to allow only HTTP, and the description under 'Enable Proxy' is removed.

    • The date time picker is updated with a new style making it easier to set custom times.

    Bug Fixes

    • The issue where the API version was not populated during step 2 of configuring a data source of the Data Collector ingest type is fixed.

    • The issue where duplicate alerts appeared in the data feed timeline for multiple feeds is fixed.

    • The Out of Memory(OOM) issue observed on Organization Hierarchy ETL within the Core Data Products is fixed.

    • The issue where extra fields were being stored in the configuration management system in the API Time Ingest window component is fixed.

    • The issue causing a server error under some conditions when retrieving feed audit history is fixed.

    • The issue causing the 'Most Common Data Quality Alerts' widget to error is fixed.

    • A JavaScript error that occurs when filtering JSON fields using the 'contains' function on the search page is fixed.

    • The issue where the Create Detection Chain button is visible when the tenant does not have Security Threat Entitlement is fixed.

    • The issue where the detection chaining service failed to retrieve suppressions is fixed.

    • The issue causing Model Not Fitted error in owner discovery is fixed.

    • The issue resulting in some invalid cluster predictions in owner discovery is fixed.

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Eddy AI, facilitating knowledge discovery through conversational intelligence