November 2023
Supported Integrations
We are constantly expanding our list of supported integrations, see links to the newly supported telemetry sources and Integration guides:
- Aruba Networks Clearpass
- Claroty xDome
- Trellix Endpoint Security (ENS)
-
Microsoft Graph Security API
- Please review the guide for supported Microsoft products/services.
We have renamed FireEye HX to Trellix Endpoint Security (HX) to avoid any confusion.
October 24 2023
Samurai MDR Application:
Reports
Get valuable insights into your MDR service through the reporting feature!
You can now generate reports based on a time period you define which utilizes a standard template. This template has been designed to provide various metrics based on security incidents reported, requests you have submitted and also your data ingested into the Samurai platform. Refer to Samurai MDR Reporting for additional information.
Telemetry Monitoring Notifications
Receive notifications of telemetry data ingestion issues we encounter whilst providing you the MDR service!
Users of your Samurai MDR application can now receive email notifications of telemetry health issues. Refer to Telemetry Monitoring for additional information.
We are improving our notifications functionality in coming releases - for example self service, user profile based selection of notifications.....watch this space!
Integration Descriptions
The integration description field has been extended to a larger multi-line text box of 256 characters and you can now edit the description field as required after an integration is complete.
Cloud Native Collector
We have released a new Collector type - we call it a Cloud Native Collector!
The Cloud Native Collector is effectively a new transport method to ingest telemetry from cloud based storage. It is built to monitor storage accounts and is completely agnostic to the data, it simply picks up any files for ingestion into the Samurai platform.
We currently support Azure Blob storage. Configuration is completed through an Azure Resource Manager (ARM) template in your subscription with a key to register with the Samurai platform.
The Cloud Native Collector will be used to support specific Azure products/services (for example Azure Firewall) and any supported third parties, therefore anticipate associated configuration guides that will utilize the new Collector type (we are currently in the process of writing the guides).
For more information on the Cloud Native Collector refer to Samurai Collectors and Samurai Cloud Native Collector.
Support for Amazon Web Services (AWS) S3 is coming soon.
Release Notes
You've already found them if you are reading this article!
We want to ensure you are aware of any new features, bug fixes and enhancements therefore all will be documented here in future. You can easily find the release notes from a link that is now displayed within the Samurai MDR application Main Menu under Documentation.
What's been fixed/enhanced?
- Case sensitivity when searching for products/vendors when completing an integration.
- Telemetry monitoring indicator in the main menu that displays the number of integrations with potential issues.
Supported Integrations
We are constantly expanding our list of supported integrations, see links to the newly supported telemetry sources and Integration guides:
Other new or updated documentation
We have updated some Microsoft integration guides in support of our preferred method of using Beat agents. See the updated integration guides for more information:
We have updated the Local Collector Deployment guide to include deployment to an Amazon EC2 instance. View the updated article:
Samurai MDR Add-on: Dynamic Block List Support
We have added support for Cisco FirePower.
Please review Dynamic Blocklist and the associated configuration guide.
If you want to onboard your devices then submit a DBL Onboarding request via the Samurai Help Center.
Comments
0 comments
Article is closed for comments.