20200805.0

cognitix Threat Defender version 20200805.0 rolls out a number of new features and improvements. Find out what’s new below.

Update Compatibility

The following versions are compatible with cognitix Threat Defender version 20200805.0:

Warning

As of version 20200805.0 cognitix Threat Defender no longer supports the legacy non-UEFI boot and installation mode. If your system does not support UEFI, install version 20200519.0 or 20200619.0. Then upgrade to the current version via the user interface (see Updating cognitix Threat Defender). We do not support upgrading from software versions older than version 20200519.0, however.

New Features

UEFI Boot Mode Support

cognitix Threat Defender now supports the UEFI system boot and installation mode.

Global Configurable Password Policy

Users are now asked to change their password after they first log in to increase the system security. Furthermore, you can now define global password requirements under Settings > General. This includes the required password length and complexity as well as password expiration.

Copying Policy Rules

Rules can now be copied to speed up the creation of similar rules under Policy > Rules.

Improvements

Improved Asset Handling

  • Asset tags can now be deleted by policy rules.

  • Under Inventory > Asset Logs, the Last Seen asset information now includes information from the MAC table, such as bridges, VLAN tags, etc.

  • The deep search function for assets was improved and now comprises Last Seen information.

  • All table columns under Inventory > Assets can now be sorted.

CentOS 8.2

We upgraded the base OS of Threat Defender to CentOS 8.2.

IDS: Improved HTTP Support

The IDS engine now supports additional keywords and fields for HTTP.

Network Analytics Show Flows

The dashboard under Analytics > Network now shows the number of currently open and new traffic flows.

Solved Issues

  • The tooltips in the user interface are now more consistent.

  • A documentation bug regarding the Filebeat setup in Exporting Reporting Data to Elastic/ELK was fixed.

  • The /tmp directory does no longer overflow if the configuration is frequently applied.

  • Network objects are now correctly sorted under Policy > Network Objects.

  • Numbers in Analytics widgets are no longer incorrectly truncated in the Safari browser.

  • We fixed a possible memleak issue in the MAC table dump.

Known Issue

There may be errors (wrong version and validity) if you update a license and keep the old license in the system. To avoid this, delete the old license after adding the new one.