Summary
In February, we released hundreds of new reports and over a dozen new detection rules to continue to support your organization’s security and compliance programs. We’re continuing to improve how we use logged data to quickly show where threats may exist so you can stop or contain them. This enables you to keep up with the ever-changing threat landscape while reducing the burden of creating detections and reports.
Feature and Platform Updates
Global Reports: We added 245 new reports to the Saved Reports menu in Report Builder, including the following:
-
Compliance reports for CIS Controls (47), CMMC (50), FERPA (48), FINRA (49) and ISO 27001 (43)
-
Four Google Workspace reports to facilitate investigations into suspicious logins after receiving related findings in the app
-
“AnyDesk Process per Endpoint” report, which helps identify whether AnyDesk is running in your environment, which is an audit we recommend performing in response to the AnyDesk cyberattack
-
Two new Microsoft 365 reports detailing the changes made to users' MFA methods
-
“Sophos XG: Firewall Rule Configuration Change” report is an alternative option to a new default-disabled detection rule by the same name to help audit configuration changes
Detection Updates
Bug Fixes and Improvements
We have improved and expanded parsing of data from the following integrations:
- Carbon Black Endpoint Standard
- Cisco Meraki Firewall
- Sophos XG Firewall
- WatchGuard Firebox Firewall
January Highlights
In case you missed the January updates, you can find and review those notes here.
