Cognito® Version 5.9 includes the following features and enhancements as well as a few bug fixes:
- Vectra Threat Intelligence, a new detection based on curated IP and domain indicators that augments behavioral detection coverage and labels active threat actors.
- Enhanced details for Syslog and Kafka output that provide additional host and account information to enrich SIEM workflows
- New triage fields for SQL Injection and SMB Brute Force detections, giving you the ability to triage SQL injection by SQL fragment and SMB Brute Force by account
- Host and Account API Improvements
- MITRE ATT&CK mapping for all Cognito® detections
- Improvements to Custom Model management in the Cognito UI
- New Cognito Recall Saved Searches for Maze ransomware IoC's, Metasploit and outbound SMB
Click below to download the release notes for Cognito® Version 5.9.