{"id":17815,"date":"2023-10-06T14:57:22","date_gmt":"2023-10-06T12:57:22","guid":{"rendered":"https:\/\/www.boc.de\/watchguard-info-portal\/?p=17815"},"modified":"2023-10-18T14:15:44","modified_gmt":"2023-10-18T12:15:44","slug":"neue-features-fuer-watchguard-soc-by-cytomic-orion","status":"publish","type":"post","link":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/2023\/10\/neue-features-fuer-watchguard-soc-by-cytomic-orion\/","title":{"rendered":"Neue Features f\u00fcr WatchGuard SOC by Cytomic Orion"},"content":{"rendered":"<p>Die neue Version 2.33.00 der Security Operations (SecOps) console von Cytomic Orion\/Covalent\/Ionic ist seit dem 05.10.2023 verf\u00fcgbar und enth\u00e4lt folgende neuen Features:<!--more--><\/p>\n<ul>\n<li><strong>M\u00f6glichkeit zur Verwendung regul\u00e4rer Expressions in den Hunting-Regeln Bedingungen und im Query Wizard:<\/strong><br \/>\nDies bietet mehr Flexibilit\u00e4t und Pr\u00e4zision bei der Suche nach Mustern und Bedrohungen, da Muster jetzt komplexer sein k\u00f6nnen.<\/li>\n<li><strong>Neuer Ereignistyp (DeviceOps) in den Definitionsoptionen f\u00fcr Hunting-Regeln und im Query Wizard:<\/strong><br \/>\nDer Ereignistyp und seine Eigenschaften sind folgende:<strong>DeviceOps<br \/>\n<\/strong><span style=\"font-size: inherit;\">-MUID<br \/>\n<\/span><span style=\"font-size: inherit;\">-DeviceType<br \/>\n<\/span><span style=\"font-size: inherit;\">-IsDenied<br \/>\n<\/span><span style=\"font-size: inherit;\">-IdName<br \/>\n<\/span><span style=\"font-size: inherit;\">-FriendlyName<br \/>\n<\/span><span style=\"font-size: inherit;\">-Description<br \/>\n<\/span><span style=\"font-size: inherit;\">-Manufacturer<br \/>\n<\/span><span style=\"font-size: inherit;\">-PhoneDescription<\/span><\/li>\n<li><strong style=\"font-size: inherit;\">Neue Eigenschaften f\u00fcr den ProcessOps-Ereignistyp in den Definitionsoptionen f\u00fcr Hunting-Regeln und im Query Wizard:<br \/>\n<\/strong><span style=\"font-size: inherit;\">Wir haben diese Eigenschaften zu ProcessOps-Ereignissen hinzugef\u00fcgt:<br \/>\n<\/span><span style=\"font-size: inherit;\">-ParentStatus<br \/>\n<\/span><span style=\"font-size: inherit;\">-ChildClassification<\/span><\/li>\n<li><strong>\u00dcberwachungsprotokoll f\u00fcr Hunting-Regeln<\/strong><br \/>\nDie protokollierten Vorg\u00e4nge sind:<br \/>\n-Create<br \/>\n-Modify<br \/>\n-Enable\/Disable<br \/>\n-Delete<\/li>\n<li><strong>Informationen zum Betriebssystem wurden bei den Ereignisbenachrichtigungen der <strong style=\"font-size: inherit;\">Hunting-Regeln<\/strong>\u00a0hinzugef\u00fcgt:<\/strong><br \/>\nMit Orion k\u00f6nnen Sie E-Mail-Benachrichtigungen definieren, um Empf\u00e4nger zu informieren, wenn ein Indikator generiert wird.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Die neue Version 2.33.00 der Security Operations (SecOps) console von Cytomic Orion\/Covalent\/Ionic ist seit dem 05.10.2023 verf\u00fcgbar und enth\u00e4lt folgende neuen Features:<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[445],"tags":[977,978,976,785],"class_list":["post-17815","post","type-post","status-publish","format-standard","hentry","category-aktuelle-nachrichten","tag-cytomic-orion","tag-security-operations-center","tag-soc","tag-threat-hunting"],"_links":{"self":[{"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/posts\/17815"}],"collection":[{"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/comments?post=17815"}],"version-history":[{"count":4,"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/posts\/17815\/revisions"}],"predecessor-version":[{"id":17916,"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/posts\/17815\/revisions\/17916"}],"wp:attachment":[{"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/media?parent=17815"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/categories?post=17815"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/tags?post=17815"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}