This release brings a set of major features such as the support for the Delegation of permissions and the first components of a new SIC detection engine
Profile pictures are very helpful elements in our interfaces. It allows SIC operators to easily know who did an action and gain some details on the underlying reasons. A simple but really effective optimization was done on our web pages to reduce the number of queries needed to retrieve profile pictures.
A SIC operator can preset the severity of a rule through its definition in its related template.
Ingested events are enriched with a short description, a source and a target. A SIC Operatior can leverage these information to get a clear and concise definition of the events that triggered the alert he is reviewing.
A SIC operator can request a notification with the content of the alert for every updates made on an alert (new comments, status changes, counter-measure updates, …). This notification is sent through the EventsAPI and is available as a stream.
Two assets can now share the same name to support any naming strategy followed by the user.
There are avatars, API keys, and applications that require access to data and actions from other communities. To address this need, we added a Delegation mechanism to our APIs. A community can delegate a set of permissions to avatars or API keys of another community. The delegation is revocable at any time and community administrators can audit all delegations in their communities. A validity deadline can be set when creating the delegation.
SEKOIA.io database architecture is now based on a central database, hosted on multiple replicated servers. This release brings an automatic server failure detection to trigger the re-election of the principal database among the available databases thus improving our SLOs.
If you have any concerns, feel free to contact us at firstname.lastname@example.org.