Feature |
Description |
Artifacts
|
Added a Related Incidents column in the incident's Artifacts tab that displays the number of incidents where this artifact appears. Clicking the number displays a table of the specific incidents.
Also changed the algorithm that relates artifacts to ignore the artifact's type. The relation is now based on the artifact's value regardless of type. For example, an incident with an IP Address-Source of 9.8.7.6 artifact matches to another incident with an IP Address-Destination of 9.8.7.6 artifact.
|
Audit log
|
Audit messages are logged for threat service enable and threat service disable.
|
Report and Analytics Performance
|
Introduced a number of performance improvements regarding generating reports and viewing analytics dashboards. These improvements include optimizing the Incident History Report, loading widgets in the Analytics Dashboard more efficiently, and improving the process of running multiple incident reports simultaneously.
|
Resilient for MSSPs
|
IMPORTANT: If you are using the Resilient QRadar plugin and you are upgrading your Resilient platform from Version 36.1 or earlier, make sure to upgrade the plugin to V3.4.1 before using it with the Resilient platform V37.
|
Security Updates
|
The security update for this release addresses various security issues. For on-premises customers, consult your Resilient Installation Guide for the location of these updates. On-Cloud customers are updated automatically.
|
SNMP monitoring
|
For on-premises customers, the Resilient SOAR Platform Virtual Appliance Installation Guide provides the procedures to monitor the Resilient platform using SNMP. This enhancement was in response to a customer's Request for Enhancement (RFE).
|
System Requirements
|
For on-premises customers, the virtual appliance default configuration has been changed to 4 CPUs and 16GB memory. This does not impact upgrades. For standalone installations, the minimum memory recommendation for the system hosting the Resilient platform has increased to 16GB, and the CPU recommendation is 4 CPUs.
|
Usability Improvements
|
This release contains a number of usability enhancements, including:
- The list of attachments displayed in an incident page is limited to three with the option to display more.
- The banner timeout in the task window is extended, and a user can make it remain open by hovering the mouse over it.
|
Web Browser Support
|
Internet Explorer is no longer supported. The Resilient platform supports the Chrome, Firefox, Safari, and Edge web browsers.
|
Dark Mode Default for New Users
|
Due to the extreme popularity, all new users added to Resilient will now have their default theme setting changed to Very Dark.
|
Notifications
|
We are now introducing the ability to enable/disable notifications within Resilient. The notifications can be disabled globally (turned off) or disabled within the platform or via email, allowing admins to become very granular and exact with their notifications.
|
Privacy
|
The privacy tab has now been revamped to only show the most relevant information for your organizations. Through configuration only the relevant data types and regulators are displayed to be able to gather your privacy regulation insights in the blink of an eye.
|
Performance
|
Performance improvements have been made to the Incident History Reporting, Auditing, and Privacy features.
|
Diagnostics
|
Improvements to logging have been done to accelerate troubleshooting complex support issues.
|