Threat Command
Improved
- Public Code Repositories | Improved Asset Mention Analysis Accuracy: The detection algorithm of the default Alert Profiler rule now delivers more focused Asset mention alerts that reflect exact matches to assets in public code repositories. This will reduce FP alerts.
The following conditions can be applied to the default detection algorithm:- ‘An exposed exact asset mention’ - matches exact finds
- ‘An exposed substring asset mention’ - matches exact and also substring finds
Note: the default rule is disabled by default.
Fixed
| ID | Case | Area | Description |
|---|---|---|---|
| CS-2560 CS-2556 | 04754873 04752701 | Leaked Credentials | The number of leaked credentials in the alert title and in the attached CSV are inconsistent. |
| CS-2559 | 04754679 | Asset mentions | Some Asset mention threats are not created. |
| CS-2542 | 04748494 | Vulnerabilities Alert Profiler | Product conditions for Alert Profiler rules do not trigger alerts. |
| PHIS-2627 | 04571678 | Phishing | An empty domain expiration date of a potential phishing website is treated differently by the Alert Profiler than it is by a policy. |
TIP
Improved
- Public API Update - Add New MSSP Customer: A new version of the “Add New MSSP Customer” route was introduced. The new route version behaves just like when adding a customer from the Multi-Tenant Platform.
The difference between the versions:- V1 - If no modules are defined, the system defined default modules will be assigned. From October 17, 2023, this route will no longer be supported.
- V2 - If no modules are defined, the modules assigned will be the same as the modules that are enabled for the MSSP.
Fixed
| ID | Case | Area | Description | |
|---|---|---|---|---|
| PLT-783 | 04750209 | Support Portal | When logging in to the Platform with SSO, the “Create a Case” button is not displayed. |