RocketCyber SOC Platform Update Summary Sept 2020

RocketCyber Updates Sept 2020

This RocketCyber SOC Platform Update includes: Bugfixes, Updates, Features and New Apps that are available now.

  • September we expanded our RESTful API preparing us for future App, PSA and Partner integrations. This effort enabled us to replace legacy PSA integrations with a more robust bi-directional communication between RocketCyber incident tickets and the PSA. As always, we encourage reporting bugs to support here and new feature or app requests here.

Apps

    • New IRONSCALES Email Security App is now available. Help Doc | Configure IRONSCALES
    • Firewall Log Analyzer changes:
      • Added configuration checks for most firewall brands | login failures, admin logins, ...
      • Development for Juniper firewall commenced
    • Microsoft 365 Manager - Added if Microsoft 2FA is enabled/disabled by users monitored
    • Cyber Terrorist Network Connections - Added an 'Enable All Gelocations' expanding TCP/UDP connection monitoring coverage
    • SentinelOne AV Monitor - Fixed triage column not displaying Host Name data for Incident Ticket view

Dashboard

    • New Added data retention log policy - Managed SOC threat data to remain in the dashboard for 30 days and the archival of historical data for 365 days (archive state starts Oct 8)
    • New Enable 2FA at root MSP or Customer level forcing 2FA downstream for users
    • New Integrations top level nav to connect API's for PSAs & Threat Intel
    • New Added configuration to set autologout duration for console users
    • Added phone number field to Provider Settings / Incident Notifications for critical verbal threat response
    • Fixed searching logic to query by HOST or MAC Address | Console / Devices

Agent

    • macOS:
    • updated agent improving CPU/memory utilization
    • added support for Apple's next release 'Big Sur'

API | Integrations

    • New Autotask PSA RESTful Integration with ticket configuration
    • New ConnectWise PSA RESTful Integration with ticket configuration
    • New Import, Map and Sync PSA customers to RocketCyber
    • RESTful API v1 released to support provisioning, threat details, incident tickets & billing
    • Added API Key generation to Console / Provider Settings
    • Added Integrated vendors to website Resources / Developers / Integrations

Knowledgebase | Help Docs

Press | News | Blog

    • Sept 9 - Blog: Cyber Cases from the SOC - Fileless Malware Kovter. Read
    • Sept 11 - Blog: What is a SOC & why you need one. Read
    • Oct 28 - Next SOC-as-a-Service Webinar Register
Share Post:
Follow RocketCyber


Subscribe to Blog