Release Date: July 13, 2023 Secure & Govern 19.1 Release
Issues Unification - Improved Probable Ransomware Processing
Egnyte Secure & Govern now supports “Dismiss” status for Zero-day (Behavioral-based) Probable Ransomware issues. Prior to the 19.1 release, Zero-day Ransomware issues would be removed from the issues view entirely. Now these issue types will be moved to “Dismissed” status, the same as all other issue types, for Administrators to review at a later date or reopen.
More importantly, a user will no longer be whitelisted when a Probable Ransomware issue is “Dismissed”. Instead only the issue detected along with the files will be “Dismissed” for that day (nothing is whitelisted). A new issue can be detected for the user as well as files in the future, but only if new malicious behavior occurs.
For more information regarding the new issue creation/remediation process, refer to Upcoming Issue Remediation Improvements - Milestone 4
Probable Ransomware - Allow Whitelisting of File Extensions for Entropy Detections
Secure & Govern now supports whitelisting file extensions for Zero-day (Behavioral-based) Ransomware detections. When a file extension is whitelisted, no artifact-based or Zero-day Ransomware detection will occur for the whitelisted file extension in the future.
For more information on whitelisting file extensions, refer to Probable Ransomware Whitelisting
Public Links - Fix Crosslink to Egnyte Collaborate
The crosslink to Egnyte Collaborate (highlighted below) has been updated. When a user selects the crosslink, they will be brought directly to the folder or file the public link was created for.
Broad Version of Controlled Unclassified Information (CUI) Policy
A broad version of the Controlled Unclassified Information (CUI) policy is now available. The broad version will search for content that could constitute CUI based on keywords in the content as well as CUI banner markings. The narrow version will only search for CUI banner markings.