Product Update - Jan. 1st, 2024

New Features & Enhancements

  • Endpoint Visibility in Stories Workbench: We’re integrating Microsoft Defender for Endpoint with Cato Detection & Response to let analysts include endpoint devices in their investigations in the Stories Workbench. This will be available for all Cato customers who use Microsoft Defender for Endpoint.
    • There is a new Endpoint Alerts story type that incorporates data about suspicious activity from Defender Alerts and Evidences, including:
      • Device and user details
      • Relevant processes, files, registry values, and more
    • A new event sub-type Endpoint Alert is generated for Microsoft Defender events, and you can review it in the Events page


Note: Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.

Was this article helpful?


Add your comment