• Support
  • Forums
  • Blogs

USM Anywhere 2017-06-13 Update

RyanLeatherburyRyanLeatherbury

AlienVault Employee
+3

We've updated USM Anywhere with the improvements and defect fixes listed below. The USM Anywhere service and Sensors are updated automatically so you do not need to take any additional actions for the update to take effect.

 

Improvements

ATLAS-9488    Allow users to define and apply custom labels to vulnerabilities indicating status, assignment or some other designation.

ATLAS-10593  Allow the user to enable a daily network-based discovery scan from the setup wizard

ATLAS-10595  Improved reliability of operating system discovery for asset scans

ATLAS-10726  Show asset groups with no members in job scheduler

 

Defects

ATLAS-10669  VMware API is not discovering all assets

ATLAS-10584  USM Anywhere creates duplicate assets if the same asset is discovered by the Vmware API and asset discovery scan. duplicates assets.

 

 

Threat Intelligence

 

New Element

[AR-825/AR-826] - New Rule for FireEye devices

intent="System Compromise" strategy="Security Critical Event" method="Indicator of Compromise found"

intent="System Compromise" strategy="Malware Infection" method="Malware infection or callback reported by FireEye"

intent="Exploitation & Installation" strategy="Malicious Website" method="Web infection or malware object reported by FireEye"

 

Improvements

[AR-822] - Improved the FireEye MPS plugin

[AR-824] - Improved the FireEye HX Plugin

[AR-829] - Improved the Arbor Networks Sinkhole rule

Share post:

Sign In or Register to comment.