Contents x
      Version 2.5
      • 27 Jan 2022
      • 1 Minute to read
      • Dark
        Light
      • PDF
      Contents

      Version 2.5

      • Updated on 27 Jan 2022
      • 1 Minute to read
      • Dark
        Light
      • PDF
      Article Summary

      What's new in CDC Version 2.5

      January 2022

      Highlights

      • Severity-based alert email notifications
      • Observables tags added to Alerts grid
      • Escalation reminder - multiple mailing lists for a group
      • New escalation reminder indication and Mitre ATT&CK update in Timeline and Chat
      • Copy description of closed incident
      • Pop-up for use case changes connected to external playbooks

      Severity-Based Alert Email Notifications

      You can now receive email notification alerts, based on an alert's severity. This enables you to reduce the time needed on handling less important emails. You can choose more than one severity, or disable them all.

      The options for these alert notifications are defined in Profile > Notification Settings.
      EmailAlertNotification.png

      Observables Tags Added to Alerts Grid

      The Alerts grid now contains an Observables Tags column, giving analysts the ability to improve their alert analysis.

      The column contains all tags from all related observables.
      ObservablesTags.png

      Escalation Reminder - Multiple Mailing Lists

      Escalation reminders are now supported for more than one mailing list for a group. This allows for more flexibility with incident escalation.

      image.png

      Escalation Reminder Indication and Mitre ATT&CK Update

      Escalation reminder indications and Mitre ATT&CK updates can now be seen in both the Timeline and Chat.

      Copy Description of Closed Incident

      You can now copy a description of a closed incident, so that you will not have to write the incident in a report again.

      Pop-Up for Use Case Changes Connected to External Playbooks

      When changing a use case for an alert that is connected to an external playbook, the playbook of the alert is changed. You will now see a pop-up confirming that you want to change the playbook.

      Bug Fixes

      • Evidence description filed should be optional and not mandatory (CYB-13613).
      • In the Incident channel, there is an error while marking a message as evidence (CYB-13758).
      • Pass axa users do not receive an escalation email notification (CYB-13670).
      • Observable's tags are not updated when a new alert with the same observable is created (CYB-13105).

      Known Issues

      • Playbook completion message (evidence) is not fully shown in chat (CYB-13896).
      • Removing Mitre ATT&CK message duplication in chat and timeline (CYB-13262).
      • Global search - messages with emojis are shown as plain text (CYB-11137).
      • Status column sorting error (CYB-12977).
      Was this article helpful?
      What's Next