This document is no longer updated as of May 23, 2025. Read new release notes in the Command Platform Help.

This InsightIDR release includes new ABA detection rules, as well as various improvements and fixes.

This InsightIDR release includes new ABA detection rules, improvements to event sources, and several fixes.

This InsightIDR release includes improvements to various event sources and to the UI. It also includes multiple fixes.

This InsightIDR release includes updates to SentinelOne, Crowdstrike, Okta, Bitdefender, and Palo Alto Networks event sources. It also includes various improvements and fixes.

This InsightIDR release includes updates to the Watchguard XTM event source, Log Search, and new cloud event sources, as well as various improvements and fixes.

This InsightIDR release includes new cloud event sources, improvements to the WinMonitorLog data source, as well as various improvements and fixes.

This InsightIDR release includes a help docs link in the Universal Webhook Data Exporter, pre-computed queries as default when building dashboard cards, pre-computed queries accessible from Log search home tab, as well as various improvements and fixes.

This InsightIDR release includes proactive key suggestions, linking from notable events to evidence in logs, as well as various improvements and fixes.

This InsightIDR release includes a new event source, as well as improvements to Admin Activity and User Details.

This InsightIDR release includes an update to Event Source email notifications, new filter options in Log Search, a new time range picker in Log Search, access to pre-computed queries, as well as various improvements and fixes.

This InsightIDR release includes improvements to deleting variables, limit configuration, grouping results in Log search, as well as various fixes.

This InsightIDR release includes new Cloud event source capabilities, new pre-computed query functionality, and improvements across the InsightIDR interface.

This InsightIDR release includes updates to the Log Search query bar and improvements to the honeypot OVA and AMI.

This InsightIDR release includes a new filter when you create an event source, the application of role-based access controls to certain Log Search functionalities, and readability improvements to the user interface.

This release includes updates to event parsing and general improvements across the product.

This release includes response actions powered by InsightConnect, new connection points between Investigations and Log Search, and updates to event source parsing.

This release includes includes the addition of InsightConnect Quick Actions to Log Search, a detection rule migration, and several updates to event source data parsing.

This release includes additions to dashboard visualizations, Sentinel One EDR's injection support, and improvements to Log Search.

This release includes additions to the Log Search experience, a new rule action for detection rules, and improvements to Investigations.

This release includes Custom Detection Rules, new detection rules, and improvements to event sources.

This release includes updates to Log Search, new event sources, and improvements to the Investigations experience.

This release includes new features in Log Search Open Preview and enhanced details for alerts in investigations

This release includes new features in Log Search Open Preview, access to the multi-customer experience for MSSPs, LEQL exceptions, and improvements to event sources.

This release includes new features in Log Search Open Preview, Detection Library updates and improvements in Investigations and Event Sources.

This release includes new ABA Detection rules and updates to Log Search Open Preview.

This release includes a new API collection method for SentinelOne EDR, new ABA Detection rules and updates to Log search open preview.

This release includes the addition of an audit log to Investigations, a new API collection method for Palo Alto Cortex Data Lake, and MDR access to the Onboarding Progress Tracker.

This release includes enhancements to Investigations for Managed Detection and Response customers and new functionality in Dashboards and Reports.

This InsightIDR release includes new Cisco Meraki Cloud API Support and improvements to Log Search's groupby function.

This InsightIDR release includes new Log Search documentation, multiple new event sources and improvements to the Webhook Data Exporter.

This release includes new logs in the Endpoint Activity log set, improved maintenance notifications, and additional support for Microsoft Azure Active Directory admin activity.

This release includes new 360° XDR with InsightIDR + Threat Command, a new Exception Preview for ABA detection rules, and extended syntax highlighting features.

This release includes the new InsightConnect automation workflow triggered by ABA detection rules and a new detection rule for Anomalous Data Transfer (ADT).

This release includes the new Relative Activity Score for Attacker Behavior Analytics (ABA) detection rules, improvements to the Log Search UI and viewing permissions, and added support for multiple event source parsers.

This release includes new MDR customer control over ABA Detection Rules, HTML report generation in InsightIDR, improvements to syntax highlighting and the Log Search context menu, and an overall boost to system performance.

This InsightIDR release includes a new log collection method, improvements to rule changes for ABA Detection Rules, and contextual Quick Actions explorations with Log Search results.

This release includes a new integration with Threat Command, additions to the IDS Network Sensor's ruleset, and an update to Custom Alert queries.

This release includes our new ABA Amazon GuardDuty detections, our new syntax highlighting feature, and updates to the Insight Network Sensor.

This release includes our new Quick Action feature, chart color customization, and improvements to Investigation Details.

This release includes our new rule priority for custom alerts, Dashboard chart captions, Rapid7 Resource Names (RRNs) and improvements to User Interface (UI) color palette.

This release includes our new rule priority for UBA detection rules, newly improved Assets Details page, and improvements to search performance speeds in Log Search.

This release includes our new copy investigation evidence to exception rule feature, improvements to log line attribution, and mixed quote support.

This release includes MITRE ATT&CK mapping views and Attacker Behavior Analytics process and Command Line Detection Rules.

This release includes a unified Alert Settings experience, Event Source Health Monitoring, global Dashboard filtering and updates to Log Search.

This release includes a new Auth0 Event Source, updates to our LEQL search queries, Alerts and language.

This release includes a new InsightIDR dark mode feature, new user pages for active and disabled users, and updates to the dashboards and reports.

This release includes new parsing support for Microsoft Azure and updates to the Exploits page, IP Addresses tables and a new classification for SharePoint admins.

This release includes updates to the Duo Security event source, Entry Inspector, and Investigations Timeline, as well as improvements to Network Sensor Health.

This release includes a new category for ingress events and functionality updates to the User Watchlist page.

This release includes support for the Google Cloud Platform event source and new LEQL functionality.

This release includes updates to the InsightIDR Detection Library, Hash Reputation Enrichment and Asset Details page.

This release includes updates to InsightIDR settings and custom parsing tool improvements.

This release includes new custom parser functionality and support for three new event sources.

In this release, we introduced Enhanced Endpoint Telemetry, improved filtering in Log Search, and fixed some issues.

In this release we've got a new monthly log data usage chart, Insight Agent log collection, the ability to add up to 5 fields to a single query, plus several improvements and fixes.