RELEASED BUILDS

Build IDs: 6-1-5-1, master-185

**Note: this release moves annotations and response jobs into the new Casebooks feature set. See the video in the Features section for details.

Features

Improvements

  • Extreme artifact search improvements using new algorithm (https://vimeo.com/527776837/e84c152b1b)
  • Detailed Product information attached to assets and Incidents to assist in investigations
  • Expanded support for operation in delayed/disconnected, intermittently-connected, low-bandwidth (DIL) networks
  • Compliance and Framework definitions defined in WitFoo Library meta definitions to all updates without new build of Precinct
  • Resilient memory handling
  • Disk maintenance to handle corrupted disk partitions due to power or hypervisor failure
  • WitFoo Global Threat and Geographic Intelligence database fully synchronized with Precinct to reduce need for external lookups
  • Improved queuing of global Indicator of compromise (IOC) submissions to improve processing speed and to support DIL networks
  • FIPS-140 compliant encryption on data access
  • Tightened appliance firewall configuration to restrict remote access to appliances
  • New data caching framework to reduce IOPS and improve performance
  • Improved memory allocation and monitoring
  • Incidents can be sorted by suspicion or date
  • Speed Incident retrieval through indexed calls
  • Default selections made on user creation form to simplify creation
  • Setting for Email Domains to make license compliance checking more accurate
  • Infrastructure devices filtered out of counts for compliance reporting
  • Improved AWS Cloudwatch/Cloudtrail ingestion logic

Bug Fixes

  • Patch vulnerabilities in dependency packages
  • SOAR Data may not load in certain conditions
  • Incidents may not load when clicked
  • Refreshing Cluster status data does not refresh the artifact count

NOTE: How to take control of when your deployment of Precinct upgrades.

NOTE: Clear Chrome cache using the instructions linked here.

RSS Feed for release notes is: https://community.witfoo.com/category/release-notes/feed/

Email notifications for WitFoo Release Notes can be subscribed to here: http://eepurl.com/dBO0EH