December 2024 New features
SOAR for Palo Alto Firewall
Palo Alto Threat Response is now live. This new feature allows for threatening IP Addresses to be automatically blocked within seconds, increasing security, reducing attack surface, and saving manual work.
For more information, see Setting up SOAR For the Palo Alto Firewall
Files unquarantined when Allow Listing an endpoint
Now, when you add an endpoint threat to the Allow List, the files that were identified as a threat are now moved out of quarantine automatically. This saves the time and effort of removing them manually.
Additional enhancements to Respond to SOC
As part of our effort to give users the tools they need to respond to the SOC without wasting time on the phone, we have added the following enhancements:
Notification email options - By default, you are no longer sent an email notification. However, you have the option to receive email notifications.
Respond to closed tickets - You can now respond to tickets with the status of closed within four weeks of the ticket being closed.
The responder's userid is now included in the summary.
Changes to the Integrations page
By default, the Integrations page is now sorted by product by default.
In addition, there is also an option to show the cards of enabled integrations only.
Changes to the Escalation Call List
The Escalation Call List now has a separate country code field and stricter phone number validation.
Device degradation alerts
The device name has been added to the second line.
Changes to the User Management page
The User Management page now defaults to showing all columns.
The User Management page now has a refresh status button for unregistered users.
General
The Dashboard now has improved wrapping of button labels and filters, intended to improve the UI experience for smaller screens.