Welcome to
Help Desk

Product Updates
Training
Support
Ideas Contact Support

Secure & Govern (18.8) - Probable Ransomware and Add User Detection Information

Release Date: June 1, 2023  Secure & Govern 18.8 Release

Probable Ransomware - Added User Information to UX, Public API & SIEM

User information has been added to the Secure & Govern Issues View, Issues API and SIEM integrations. The additional user details will provide customers the user information to more quickly address a potential Ransomware attack. The following user information has been added.

Link to Public API (SIEM field format)

Secure & Govern Issues View (Under User Info)

  • IP Address/Hostname
  • Location
  • Entry Point (Web UI, Desktop App, etc...)
  • Operating System
  • All Ransomware Types Detected 

Secure & Govern Issues API and SIEM Integrations

  • The following will be found under “violationDetails”
    • Type - All Ransomware Types Detected
    • Found under “violationDetails/machineDetails”
      • IP Address/Hostname
      • Location
      • Entry Point (Web UI, Desktop App, etc...)
      • Operating System
    • Found under “violationDetails/reason/noteDetails”
      • Ransomware note name
      • Ransomware note checksum
  • The following will be found under “item\issueDetails”
    • Separate Affected User Name and User Email fields

FedRamp - Update UX Banner Information

The Secure & Govern FedRamp banner has been updated to help distinguish between Public and FedRamp environments. This was done to help customers and users easily identify which Secure & Govern environment they are working in.Secure_and_Govern_External_6-1-23_1.png

 

Was this article helpful?
0 out of 0 found this helpful

For technical assistance, please contact us.