Skip to main content
Hello. How can we help you?

January 27, 2025 – Application Update

We are happy to introduce new features and enhancements to improve your experience with our platform. Here’s what’s included in this release:

What’s New

  • Seamless Case Management

    Swiftly mark multiple cases are closed

    Users can select and close multiple cases at once, streamlining case management and improving efficiency. Know More.

More status options in cases

Users can now manage and monitor cases more effectively with the introduction of In Progress and On Hold status values. These new status values provide greater clarity and control over case workflows. 

  • In Progress: This status indicates that active investigation or resolution is underway, helping teams stay focused on high-priority tasks. It provides visibility into which cases are being addressed and by whom, ensuring accountability and smoother collaboration.
  • On Hold: This status is used for cases that are temporarily paused due to dependencies, lack of information, or other reasons. It ensures that paused cases are not forgotten and can be revisited when conditions are favourable.

By utilizing these statuses, teams can prioritize tasks more effectively, avoid unnecessary duplication of effort, and maintain an organized approach to incident management. The enhanced tracking capabilities also contribute to improved response times, better resource allocation, and overall operational efficiency. Know More.


Focused Analysis: Date range filters for case listing page

Users can now streamline their case search process with the newly introduced Date Time filter, allowing them to narrow down cases to a specific timeframe. This feature makes it easier to locate and analyze relevant cases without sifting through unnecessary data. Additionally, the statistics panel on the case listing page dynamically updates based on the filters applied, providing an accurate and focused summary of case distribution by severity, status, and other key metrics. Know More

Note: By default, the case listing page will now display cases created in the last 24 hours.


Enhanced case list export with filters and metrics

The exported case list now includes filter criteria, ensuring the report accurately reflects the selected subset of cases. Additionally, key performance metrics like MTTA (Mean Time to Acknowledge) and MTTR (Mean Time to Resolve) are included, providing valuable insights into response and resolution times. This added context allows teams to analyze case trends, evaluate performance metrics, and make informed decisions more effectively. Know More


Exporting case details

Users can now export case data, including associated case notes, for up to 50 selected cases in CSV format. This feature allows for easy sharing and analysis of case details outside the platform. By exporting the data in a structured CSV format, users can review, archive, or present the information as needed. Know More.


  • Enhanced Traceability: Log events are now enriched with PICO details

    Log events can now be traced back to the specific PICO through which they were ingested, providing enhanced visibility and traceability in your log management process. This enhancement introduces the capture of the following additional fields:
    •   PicoSystemIP
    •   PicoCompID
    •   PicoSystemName

      Note: This feature is available for PICO version 9.4.2 and above. Please ensure that your PICO systems are updated to leverage this enhanced functionality.

  • Streamlined Access: SAML Support for Google Workspace

    Users can now seamlessly log into the DNIF console using their Google credentials. Know More

  • Support for configurable Protocol and Port in PICO Raw Forwarder

    The PICO Raw Forwarder now supports TCP also for log forwarding. Users can also specify the destination port while configuring the Raw Forwarder.
    Note: This feature is available for PICO version 9.4.1 and above.
Enhancements

  • Collection Status page

    Users can now add descriptions to the Collection Status page, allowing them to include additional details and insights about the Source for better context and clarity. Know More.

  • MITRE page

    The enhanced MITRE page provides users with powerful tools and insights to better understand and manage detection coverage. Key features include
  • Visual and Interactive insights
    • Colourful Heatmap Views: Easily interpret detection coverage with intuitive visual representations and legends.
    • Complete MITRE TTP mapping
  • Coverage details
    • Detection Coverage: Understand coverage based on the workbooks created by users
    • Active Detection Coverage: Gain insights into the active detections linked to your log sources
  • Advanced filtering options: Refine your view of detection coverage using enhanced filters, including:
    • Streams
    • Workbook Scheduling (On-demand, Streamed and Scheduled)
    • Workbook Type (Native and Custom)
    • Workbook Stages
    • Workbook Profile
  • Addition of MITRE sub-techniques
  • View details of individual MITRE techniques
    • Description of the technique
    • List of workbooks
    • Signal activity
  • Additional tab to view Signal activity for each MITRE TTP per day, per week and per month

  • Audit Trail

    • The Audit Trail now tracks and displays the following user activities:
    • Workbook Export
    • Workbook Import
    • Audit Trail Export
    • Multiple Case Closure on Case Listing Page
    • Stream Download
    • Dashboard List Export 
    • Dashboard Import
    • Multiple Case Export from Case Listing page
    • Signal Export
    • Collection Status List Export
    • Enrichment List Export
    • Manage Token List Export