Product Update - Jan. 1st, 2024

New Features & Enhancements

  • Endpoint Visibility in Stories Workbench: We’re integrating Microsoft Defender for Endpoint with Cato Detection & Response to let analysts include endpoint devices in their investigations in the Stories Workbench. This will be available for all Cato customers who use Microsoft Defender for Endpoint.
    • There is a new Endpoint Alerts story type that incorporates data about suspicious activity from Defender Alerts and Evidences, including:
      • Device and user details
      • Relevant processes, files, registry values, and more
    • A new event sub-type Endpoint Alert is generated for Microsoft Defender events, and you can review it in the Events page


Note: Content described in this update is gradually rolled out to the Cato PoPs over a two-week period. In addition, new features are gradually activated in the Cato Management Application over the same two-week rollout period as the PoPs. For more information, see this article. See the Cato Status Page for more information about the planned maintenance schedule.

Was this article helpful?

0 out of 0 found this helpful


Add your comment