Release Date: June 1, 2023 Secure & Govern 18.8 Release
Probable Ransomware - Added User Information to UX, Public API & SIEM
User information has been added to the Secure & Govern Issues View, Issues API and SIEM integrations. The additional user details will provide customers the user information to more quickly address a potential Ransomware attack. The following user information has been added.
Link to Public API (SIEM field format)
Secure & Govern Issues View (Under User Info)
- IP Address/Hostname
- Location
- Entry Point (Web UI, Desktop App, etc...)
- Operating System
- All Ransomware Types Detected
Secure & Govern Issues API and SIEM Integrations
- The following will be found under “violationDetails”
- Type - All Ransomware Types Detected
- Found under “violationDetails/machineDetails”
- IP Address/Hostname
- Location
- Entry Point (Web UI, Desktop App, etc...)
- Operating System
- Found under “violationDetails/reason/noteDetails”
- Ransomware note name
- Ransomware note checksum
- The following will be found under “item\issueDetails”
- Separate Affected User Name and User Email fields
FedRamp - Update UX Banner Information
The Secure & Govern FedRamp banner has been updated to help distinguish between Public and FedRamp environments. This was done to help customers and users easily identify which Secure & Govern environment they are working in.