Document toolboxDocument toolbox

Exchange 1.7.0

Owned by Anthony Shevlin (Deactivated)
Nov 24, 2023
2 min read

Release date November 24, 2023.

This release encompasses two different releases, with a big focus on alert management issues. Read on below to get all of the details on this latest release.

Darkmode

  • Components adapted to the new view.

  • Changes in font types, colors and bold formats when necessary.

  • Adjust Window frame to image size inside opened Cards.

  • Titles, subtitles, tags, descriptions, sources views, sections, everything was checked and adapted when necessary to the new view.

  • General review about set of Card and Highlights images with darkmode – but no changes were
    needed here.

Synchronize Alert State

  • Alert packs were defined two years ago with a different approach compared to today: alerts would always be inside an alert pack and Exchange would handle it as a single piece of content. Thus, installing, uninstalling and updating were designed to be applied to the whole Alert Pack, to affect all alerts at once.

  • When Devo took the decision to offer out-of-the-box SecOps alerts to all customers in Exchange, the source version of these alerts in Exchange was different from SecOps Content Manager, as there were no enrichments or lookups dependencies. Although names were the same, the alerts were not. Exchange only marked as INSTALLED the alerts installed from Exchange.

  • Now, having made a big change in Alert Packs to handle alerts individually, and having the same version of each alert in all applications (Content Manager, Mitre, Exchange) with enrichments and lookups dependencies, now we need to synchronize this state at any time.

  • Another important reason is that now, with the multiselect option (and very soon with new update capability), we will introduce bulk actions over one, several, or all alerts.

Multiselect in Alert Packs

  • Multiselect selection for one, several, or all alerts of the Alert Pack.

  • Bulk actions when selection is done.

  • Install when all alerts selected are not installed.

  • Uninstall when all alerts selected are installed.

  • Both options when there are installed and uninstalled alerts

  • Change colors in buttons following the design patterns. Now the button is blue for INSTALL (default) and grey for UNINSTALL. Installed indication for individual alerts disappears (not for Alert Pack).

  • Spinners for each of the alerts when they are installing or uninstalling.

  • Uninstall button disappears as generic button for Alert Packs. Now the only generic button will be OPEN and UPDATE (the latter will also disappear in the next release to be added in bulk actions).