Threat Manager v2.7 Service Pack 1
This is an overview of the changes and enhancements that are introduced in Threat Manager v2.7 Service Pack 1, released in September 2021.
NEW – Investigation Date Picker
- A new date picker has been added to the Investigate page, which allows for searching within more granular time frames. Some customers may have millions of events per day, so this feature can help narrow down the results to smaller subsets of data.
NEW – Event Normalization
- Event normalization has been implemented in Threat Manager to reduce the amount of data stored increasing overall performance as well as storage costs.
NEW – Tag Management
- A few new features have been added to help increase the utility of tagging within SD: the ability to delete and edit tags, as well as the ability to search for and remove tag members. This adds flexibility in tag management, as existing tags may be now edited as desired, unwanted tags outright deleted, or the unwanted members may now be untagged.
Improved – Threats
- The Hidden Object threat now includes authenticated users and domain users by default.
Threat Manager v2.7 New & Improved Features
This is an overview of the changes and enhancements that are introduced in version 2.7 of Threat Manager released in April 2021.
NEW – Addition of UBA False Positive Feedback
- Previously, marking UBA threats as false positive had no influence on ongoing detection. The UBA detection engine now tracks threats marked as false positive and automatically influences their threat detection. Perpetrators with previous false positive threats will be evaluated differently than perpetrators who have not previously had threats marked false positive, which results in an immediate decrease in detection of false positives.
Improved – Updates to Investigation Workflow
- Finding desired information as well as saving and creating custom threats is now streamlined via the enhanced Investigations interface. StealthDEFEND investigations have undergone a layout and workflow update to enhance the usability, reliability, and performance of Investigations.
Improved – Enhanced Threat Detection Performance
- Threat Manager 2.7 includes a rewrite for many of the primary threat detection framework components, which enables much faster event processing to ensure real-time threat detection at scale.
Improved – Enhanced Installer
- The Threat Manager installer now has a variety of new configuration options, including support for off-host PostgreSQL databases. Installation and upgrades of Threat Manager are also notably faster due to improvements in the database upgrade procedure.
Bug Fix List
See the Netwrix Threat Manager v2.7 - Bug Fix List for a list of bugs fixed in this version.