RocketCyber SOC Platform Update Summary July 2021

RocketCyber Updates 2021

This RocketCyber SOC Platform Update includes: Bugfixes, Updates, Features and New Apps that are available now.

  • This release includes our latest development efforts and we are very enthused to announce a number of new exciting updates to the MSP industry. As always, we encourage reporting bugs and feature requests here.

SOC Facilities

    • New EMEA Data Center instance in Dublin, Ireland
    • New Expanded Dallas SOC with a Physical SOC location and team based in Miami, FL

Apps

    • New - Print Nightmare Hunt - Checks Windows Remote Code Execution Print Spooler Vulnerability CVE-2021-34527 App. 1. Checks if the print spooler service is enabled 2. Scans the %SystemRoot%\System32\spool\drivers for suspicious files 3. Checks the windows registry for PointAndPrint settings 4. Checks for the presence of patches related to CVE-2021-34527.
    • New - VSA Threat Hunt App - detects numerous IOCs, TTPs, registry key values, malicious files, complimenting the previous detection capabilities from our Breach Detection and TCP/UDP apps, all before the encryption executes.
    • Fixed Office 365 Failed Login Analyzer - bug where white listed countries were reporting data
    • Fixed Office 365 Secure Score and Risky User app - bugs where data was not populating
    • New Firewall Log Analyzer - Added support to exclude unwanted network devices in the syslog by IP and MAC address. - Added firewall log monitoring support for:
      • Checkpoint
      • Palo Alto
      • Mikrotik
      • Zyxel
      • Sophos UTM

Dashboard | Reporting

    • Fixed Dashboard loadtimes, increased backend performance for better navigation and usability while eliminating timed out error pages
    • Updated Office 365 Failed Login Analyzer - added the ability to configure 365 Login settings from the root MSP account, applying any changes downstream to all tenants
    • Fixed bug not generating 30-day reports
    • Fixed bug where a expired account banner was displayed on dashboard for some customers

Agent

    • macOS:
      • added support for Apple's M1 chip and improved performance for Big Sur
    • Windows:
      • Fixed agent bug released on July 1 causing some devices to have been removed
      • Fixed websocket communications to our backend where some agents had to be restarted due to a Heroku outage on July 7
      • Fixed agent offline/online light indicator bug where an agent was perceived offline under unique scenarios
      • Updated remote operations to improved remote log requests and device isolation capabilities

API | Integrations

    • Updated Kaseya BMS PSA RESTful Integration: to better provision new customers and enhanced ticket routing setup
    • Fixed ConnectWise and Autotask PSA mapping bugs where all customers were not being pulled
    • Fixed BitDefender & SentinelOne issues when authenticating to non-US domains and now support user specified API URL configurations
    • Updated Moved Cylance configuration to the root MSP Integration section

Knowledgebase | Help Docs | Data Sheets

Press | News | Blog

    • US & EMEA - SOC Team back in person and presenting on the road at Connect IT Register
Share Post:
Follow RocketCyber


Subscribe to Blog