Exchange 2.0
RELEASE DATE: July 4, 2024
[ New features ] [ Improvements ] [ Bug fixes ]
New features
New multitenant category
When your domain is part of a multitenant structure and is configured to see data from other tenants, this new section appears in Exchange to display the content that is compatible with multitenant use. Learn more here.
Search improved
Now the search provides a recent searches section so that users can reuse them effortlessly. Furthermore, new searching criteria has been included to find items based on their data sources or the tactic and technique they belong to. Learn more here.
Alert packs redesigned
Alert packs now display more info to help you decide if a specific alert is what you actually need, such as the number of alerts in the pack and the number of them installed, the priority of the alerts, or each alert’s data source. They also include a search and filters to help you find specific alerts, as well as a legend for the priorities. Learn more here.
Catalog expanded
New items have been published in Exchange to provide easy access to data and other utilities for a variety of purposes:
Alert packs:
Activeboards:
Lookups:
Synthetic data:
Use case:
Catalog updated
New versions of the following items have been published in Exchange to show data more accurately, improve interaction, or increase the scope action:
Alert packs:
SIEM detection capabilities enhanced.
Performance enhanced with improved filters.
Threat detection accuracy improved.
Multitenant migration
Problems solved about subqueries, deprecated operations, false positives, and operations on non-existing lookups.
Applications:
Alert dependencies removed (now they can be installed only via Exchange alert packs), visuals improved, aggregation tasks created, and performance optimized.
Devo 360 for Palo Alto → v1.1.1
Devo 360 for Crowdstrike → v1.1.1
Devo 360 for AWS → v1.1.1
Activeboards:
Microsoft Active Directory → v1.1.0 → change source to
box.all.win
, fix keys in Voronoi, and change period to one day.Data Sources Insight → v1.0.1 → add default table before selection.
Office365 Overview → v1.0.1 → fix Sharepoint widget.
Windows Activity Monitoring → v1.1.0 → fix neq functions and selectors.
Office365 Active Directory → v1.0.2 → fix widgets.
Office365 One Drive → v1.1 → fix user agent widget and reorder widgets.
OKTA Service Overview → v1.1.0 → reorganize widgets, change e-commerce sources, and delete external dependencies.
OKTA Authentication Activity → v1.1.0 → change deprecated geo functions (mm by mm2).
Firewall Monitoring → v1.2.0 → change map, time periods, and deprecated geo functions.
Devo Users Tracking → v1.1.1 → migrate to multitenant.
Content packs:
Modify Mitre Tactics to add the new techniques.
TA0001 → T1190 added.
TA0002 → T1059 and T1072 added.
TA0005 → T1211 added.
TA0007 → T1018 and T1082 added.
TA0009 → T1074 added.
TA0011 → T1571 and 1572 added.
TA0040 → T1496 added.
TA0042 → T1585 and T1587 added.
Improvements
Discover category
The navigation of the carousels inside the different sections has been improved to bring a full set of items when clicking instead of one tile only, providing a more dynamic experience.
Error handling
When an error occurs, a more comprehensive message is displayed to let users know the actual cause of the problem so that they can better decide how to proceed.
Bug fixes
For you section: this section has been fixed to show the correct content for the current user.
Vulnerabilities are up to date.