Release Notes - July 23, 2023

Release Notes - July 23, 2023

Release Notes - July 23, 2023

image

 

Release Notes - July 23, 2023

About Release 75.00.00

·       Document revision: A

·       Release date: July 23, 2023

Main features and enhancements

 

This release includes the GA release of Presumed Safe emails, AI-generated Spear phishing campaign emails, some MSP dashboard updates, a “set Silent Mode” option for partners, and more.

Area

Feature

Incidents

Incident Details enhancements: Escalated Email and Reporter

Investigation

Presumed Safe emails are now available for all customers

Show Presumed Safe emails for specific search

Option to enable/disable Presumed Safe emails

MSPs & partners

MSP Dashboard updates and option to set Silent Mode



Content summary

This section lists the main functionality updates, features and enhancements implemented in this release.

(IC-26870, IC-26874) Incident Details enhancements: Escalated Email and Reporter

The following enhancement relates to the Reporters card that appears for manually-reported incidents.

Background:

The Reporters card displayed the first email of the incident (the escalated email) and had a "Next" button that displayed the contents of subsequently reported emails. This would sometimes mislead users into believing the later emails somehow affected the incident's details.

Enhancements:

To allow the SOC analyst to quickly find the relevant reporting details, and to reflect the escalated email's purpose of displaying information about the initial email that triggered the incident, the following enhancements were made:

·       Renamed Reporters card to Escalated email

·       Moved Escalated email card to the top of the Incident Details page

·       Escalated email card only displays the escalated email (no longer displays subsequently reported emails as they don't affect the incident's details)

·       Added (to Escalated email card) tabs that display the escalated email's body, headers, links and attachments (links and attachments of the incident's other emails can be found in the dedicated Links / Attachments cards below). 

Click to expand:

In addition, we have added a Reporter dropdown list to the Incident Details card, which displays all the individuals who have reported or contributed to the incident. This dropdown list helps track and identify the different reporters involved in the incident, and in certain scenarios, analysts can leverage the expertise of these reporters in phishing incidents, enabling more accurate and efficient classification of the incident. Click to expand: