- 12 Apr 2021
- 2 Minutes to read
- DarkLight
- PDF
Version 1.7
- Updated on 12 Apr 2021
- 2 Minutes to read
- DarkLight
- PDF
What's new in CDC Version 1.7
Aug, 2020
Highlights
- Improved Incident page with new functionality and enhanced user experience, including:
- New incidents table
- Incident quick view
- Updated collaboration area
- Enhanced UI for Playbook, and Timeline tabs
- A new, built-in, incident escalation workflow that allows for uniform team operation throughout teams and locations. Every step in the reveal, respond, and mitigate offense/defense line is tracked within the Incident Timeline.
- You can now assign and escalate incidents to a group (e.g., L1, L2), as well as to specific users.
- You can attach evidence, messages, and files to completed playbook steps, thereby enhancing and supporting Incident handling and its documentation process.
- New SOC KPI measurements have been incorporated, indicating major events on the Operations team timeline such as:
- Triage alerts time
- Incident handling time per group
- And many more
- New Role-Based Security – allowing assigned users to a built-in CDC platform pre-defined roles based on logical permissions. Users can be assigned to one or more of these roles, where each role has its own set of permissions.
New and Improved Incidents Page
Enhanced Filter Functionality
- Click Filters to view filtering options in a dedicated side window.
- Select the items you want to filter by, and press Apply
Selected filtering items are displayed indicating the filtering options used.
Enhanced UI continues to allow sorting columns by ascending/descending order, by clicking their column headers.
Incident Quick View: Click on any incident to open an Incident Details window that slides in from the right.
Updated collaboration area: double-click the incident or Open the Incidents Page (at the bottom of the Quick View window) to view the full Incidents Page. The Collaboration and ChatOps window posted to the right and the Incident-multi-tab-menu directly below it.
Enhanced UI for Playbook tab: One or more playbooks are displayed in this tab. Click on a playbook to show its steps.
Enhanced UI for Timeline tabs – clearly showing the events leading up to the most current item.
Incident Escalation Workflow
This workflow allows for uniform team operation throughout teams and locations.
Every step in the reveal, respond, and mitigate offense/defense line is tracked within the Incident Timeline.
- Assign incidents to a group (e.g., escalate to L1, L2) and/or user.
Playbooks
- You can now attach evidence, messages, and files to completed playbook steps, thereby enhancing and supporting incident handling and its documentation process.
- For each step, when clicking Mark as Done, a dedicated window opens allowing you to add evidence in free message form or by adding files. This information is then saved in the message timeline.
KPI Measurements
New SOC KPI measurements have been incorporated, indicating major events on the Operations team timeline, such as:
* Triage alerts time
* Incident handling time per group
* And many more
Role-Based Security
New role-based security allowing roles for assigned users – built in to the CDC platform are pre-determined roles based on logical permissions. Users can be assigned to one or more of these roles, where each role has its own set of permissions.
For example, you can create a role for the Incident contributor, one for the Automation Operator, or any other role that fits your organization’s time-trusted traditions.