0
1.8.5
Australia, Zurich, Yokohama, Xanadu
Standalone Application
The Security Analysts and Security Operations Center (SOC) Managers use the Security Incident Response (SIR) Workspace to resolve security incidents and perform all SOAR-related activities. The Standard record pages (a platform capability to build and maintain record pages) are supported from Tokyo Patch 7 or higher.
The Security Incident Response Workspace will be used by the Security Analysts and SOC Managers to resolve Security Incidents and perform all SOAR-related activities.
- New
- Added the option to compose email in the Response Task details.
- Default landing tab is configurable (Overview or Details).
- Right-Side pane is collapsed by default and preferences are preserved.
- Option to add Quick-Filters configuration is added on the administration tab.
- Added the option to Auto refresh of security incident list view.
- System properties are added to the Administration tab.
- Fixed
- Fixed the issue where the associated MITRE ATT&CK and D3FEND modal titles do not support localization.
- Fixed the issue where the Link as children button on Similar Security Incidents is not working when Select All Items in the list is selected.
- Fixed the issue where inline editing was not supported for observables on the Investigation tab.
- Fixed the issue where there was an issue reading the "query" property from null showing under sirw security incident tabs.
- Fixed the issue where bulk close function is not fetching the custom close codes dynamically in the same way it fetches in record page.
- Fixed the issue where after the Yokohama upgrade, user was not able to add Group as recipient to MS Teams Bridge Call in SOW.
- Required plugins and products
- Dependencies
- Properties that need to be created or set to activate the content pack
- Affected business rules
- Affected script includes
- .jar files that need to get uploaded, if applicable
The minimum Now Platform version for standard record page support is Tokyo Patch 7.