Initially released on 16th September 2021
A smaller release, focussing on back end improvements and enabling future features.
- Began migration of cloud sources ingestion to new infrastructure for improved performance
- Introduced auto-scaling to better handle spikes in alert volume
- Security and performance updates
- Fixed: CEF header bug affecting parsing of Microsoft ATA alerts
- Fixed: No more duplicate alert counts or records within the activity timeline for merged clusters
- ManageEngine ADPlus
- Netwrix Auditor
- Additional threat mapping of FortiAnalyzer alerts
¶ SOC.OS Wiki and help pages
- New tutorial article on interpreting the cluster Visualisation
- Improved navigation and links throughout the wiki