Release 3.3.1

June 7, 2024

What's New?

Detection Types added in the event.detectiontype Token

We have added detection types in the drop-down list for the event.detectiontype token. You get the list of objects that are impacted based on the selection of the following detection types:

  • Anti-Exploit

  • Content-Control

  • Network-Monitor

  • Anti-Phishing

  • Device-Control

  • On-Access

  • Anti-ransomware

  • Fileless-AMSI

  • On-Demand

  • Behavioral

  • Fileless-Cmdline

  • Traffic-Scan

The following screenshot is an example of the drop-down list of event.detectiontype token:

Assets Page that dispalys the EDR Status.

Multiple Rules Support

You can create multiple rules to quarantine assets. EDR applies the first rule that fits the criteria and appends other rule names with 'Audit.' This label indicates that the asset is either quarantined or pending in queue. Regardless of the status, assets remain quarantined until all rules are addressed.

Multiple Rules Support.