New Features & Enhancements
-
Endpoint Visibility in Stories Workbench: We’re integrating Microsoft Defender for Endpoint with Cato Detection & Response to let analysts include endpoint devices in their investigations in the Stories Workbench. This will be available for all Cato customers who use Microsoft Defender for Endpoint.
- There is a new Endpoint Alerts story type that incorporates data about suspicious activity from Defender Alerts and Evidences, including:
- Device and user details
- Relevant processes, files, registry values, and more
- A new event sub-type Endpoint Alert is generated for Microsoft Defender events, and you can review it in the Events page
- There is a new Endpoint Alerts story type that incorporates data about suspicious activity from Defender Alerts and Evidences, including:
Note: Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.
0 comments
Please sign in to leave a comment.