October 2025

  • Published on Nov 10, 2025
  • 2 minute(s) read
Prev Next

New Features

  • A new natural language search and insight generation feature called Riskflow is now available in private preview. Riskflow allows users to use natural language interactions to derive insights and build custom console pages. For more information see Riskflow: Ask A Question. If you are interested in participating in the private preview please contact your DataBee representative.

Feature Enhancements

  • Users can toggle Remediation Actions to create individual ServiceNow tickets per record instead of grouping them.

  • TLS-related fields are hidden from the Azure EventHub data source configuration UI, with TLS now enabled by default.

  • The Alert Settings form saves and fetches configurations from persistent backend storage, ensuring settings are reliably retained across sessions.

  • The Warnings/Alerts UI is updated to display Event instead of Endpoint to match feed onboarding terminology.

  • The Customer Support Portal ticket statuses and filters are updated to provide clearer visibility into ticket progress, including In Progress, Awaiting PM Feedback, Awaiting Customer Validation Feedback, Resolved, and Closed.

  • Non-admin roles have view-only access to feed configuration, while admins and data engineers retain full edit capabilities.

  • Potential Owner logic is updated to display only the three most recent unique users and the default schedule for discovered owners is changed to weekly.

  • The left-hand navigation sidebar remains locked in either open or closed position, instead of collapsing based on mouse hover.

  • A RAW_FIELDS object is added in OCSF feeds to consistently store preserved unmapped fields.

Bug Fixes

  • The issue where alert duration checks reset to 24 hours instead of retaining the user-configured interval when reconfiguring a feed is fixed.

  • The issue where event type and time window configurations were not retained after disabling and re-enabling a data source or its alert rule is fixed.

  • The issue where some alerts were incorrectly re-triggered when the Custom Ingest Scanner restarted is fixed.

  • The issue where the Submit button remained disabled for API ingest feeds even after completing all required fields is fixed.

  • An issue where users intermittently received “Unknown Server Error: Authentication token has expired” on the Remediation Actions page is fixed.

  • An issue where adding an SNS Topic ARN in the UI caused an error is fixed.

  • An issue where users were unable to onboard the Workday Learning feed, and the Initial Interval was not populated when saving the configuration is fixed.

  • An issue where expired JWTs prevented users from accessing the login screen is fixed.

  • An issue where the scrollbar sometimes did not appear on the feed creation wizard, preventing users from scrolling through the form is fixed.

  • An issue where manual API ingest of a single event did not set the event_type tag is fixed.

  • The base_url normalization in API Framework is fixed to prevent invalid URLs from trailing slashes in manual configurations.

  • The issue preventing Intel Inventory page from working as expected with Iceberg datalakes is resolved.