With the v52.00.00 release of IRONSCALES, we are pleased to announce the following product improvements and new features:

'Quick Launch' campaign improvements

By design, Quick Launch campaigns randomly select the campaign's template and landing page. However, the selection was done indiscriminately and could include bad or low-quality assets. To correct this, our Simulation & Training team has set up a pool of verified IRONSCALES-created assets for Quick Launch campaigns, ensuring the selected templates and landing pages are of the highest quality.

In addition, the campaigns will only use assets that have not been used over the last year.

'Campaign Participants' report displays all results by default

The Campaign Participants report (in the Campaign Results page) used to show the "Clicked" participants by default. So, to provide the Campaign Manager with the full picture, we removed the default filter selection and now the report displays all results. Please note that this is just a display enhancement. The Clicked filter option is still available in the Participants Type dropdown list.

300% improvement in auto-detection and classification of Spam incidents (Keyword Model for Spam)

We're excited to share that the Keyword Model for Spam we released last month is exceeding expectations, presenting a 300% improvement in the automatic detection and classification of Spam incidents. As this is a self-learning model, its capabilities are improving all the time, as it continues to train itself to detect and remediate Spam.

While we are to happy celebrate these results with you, please note that we continue to invest in our machine-learning models and are hoping to release more exciting enhancements to our auto-detection and auto-classification soon. Stay tuned!

New 'Assigned to' Incidents tab filter

It is now possible to filter the incidents explorer via the assigned user. The new filter option is available both in the Unclassified Incidents and Classified Incidents pages for customers that have the assign option enabled - for details, please contact your IRONSCALES Customer Success Manager.

'Reported Incidents' page now remembers the user's last used filters

The Incidents > Reported Incidents page now remembers your last used filters in the same IRONSCALES visit. So, if you navigate to another page or dashboard in IRONSCALES and return to the Reported Incidents, the incidents will remain filtered using the filters you set before you navigated away from the page.

Add details to 'Multiple failed user login attempts' account takeover alerts

To allow your security team to better investigate account takeover attacks, we expanded the Multiple Failed User Login Attempts alert messages in the incident details page's Recent Alerts section. It now also includes the targeted app and timestamp of the failed login attempt.

• From this: "Multiple failed user Log ins to an app were attempted by "
• To this: "Multiple failed user Log ins to were attempted by in "

Add details to 'Atypical Travel' account takeover alerts

To allow your security team to better investigate account takeover attacks, Atypical Travel alerts in the incident details page's Recent Alerts section now also include the Timestamp in addition to the existing IP and Location.

Add details to 'Password Spray' account takeover alerts

To allow your security team to better investigate account takeover attacks, Password Spray alerts in the incident details page's Recent Alerts section now also include the Timestamp of the attack.

Option to 'Rescan' Teams incidents

Attachments may sometimes change over time, revealing their malicious nature. So, to help you detect such occurrences, we've added a Rescan option to Teams incidents.

As this is an important capability, clicking Rescan will work even if attachment scanning is disabled in the IRONSCALES AI-Powered Incident Response settings page.

New IP addresses for SIEM Integration (firewall exceptions)

For customers using SIEM, we've added several new IP addresses to the US and EU sites (listed in the SIEM article's Prerequisites section). Please make sure to add them to your firewall exceptions list.

(Google Workspace integration) Option to unselect specific groups using 'Customized Sync'

To speed up the Google Workspace integration process, customers now have the option to exclude specific groups from the sync.

To do so:

1. In IRONSCALES, go to Protected Mailboxes > Upload / Sync > AUTO SYNC > Customized Sync.
2. Choose the Selected Groups option.
3. Make sure all groups are selected and unselect the groups you'd like to leave out.
4. Complete the integration.

New setting: 'Do not delete meetings from calendars together with invite email notifications'

In the past, reclassifying a meeting invitation email (that was clustered under a Phishing incident) as Safe would not reinstate the email's invitation. The reason was that IRONSCALES would delete the meeting invitation itself as soon as the invite was classified as Phishing. Following customer requests, we've added a new option (to the AI-Powered Incident Response settings page) that prevents the deletion of the invite itself when classifying the incident as Phishing.

By default, the checkbox is unselected, meaning invites are not deleted when the incident is classified as Phishing.

Make 'Set Mobile Push Notifications' actionable in Account Setup

To make it easier for our customers to set up their accounts, we've linked the Set Mobile Push Notifications task to a knowledge base article explaining how to install and set up the IRONSCALES mobile app.