ACSIA Help Center

Release Note ACSIA SOS V.7.0.0

Permanently deleted user
Permanently deleted user
  • Updated

 

Dectar announces the new version 7.0.0 of ACSIA SOS. 

New Features in v7.0.0

  • Added "Staff User" with specific privileges:
     
    • The user can view the branding/whitelabeling page on the UI interface.

    • The user can access audit logs on the UI interface.

  • Audit Log (Auditing Tenant and User Operations and Accesses) visible only by Staff Users:

    • The platform's administrative dashboard includes a detailed log of all accesses and management operations.

    • Administrators can filter log entries based on specific tenants and users.

  • Added Whitelist/Blacklist in Network Policy:

    • The system can automatically whitelist/blacklist IPs or networks based on rule triggers.

    • Network security administrators can manually whitelist/blacklist IPs or networks from the incident view.

    • Network security administrators can manually whitelist/blacklist specific IPs, networks, or IP ranges with details.

    • Notification actions are configured to ignore the IPs or networks in the whitelist or blacklist.

  • Rules Management - Enable/Disable rules from UI: Users now can disable Sigma rules. This provides a more flexible and customized approach to rule management within the system.

  • IP Block Preferences / Isolate Configuration: The "Tenant" section now enables Users to see relevant information on that specific tenant, such as License, Automatically Block Private IPs, Automatically Block Public IPs, Ban on a single device only, Allowed IPs for isolated hosts, Block malicious files.

  • Sysmon: Enable/Disable Block Download Malicious Files: this can be applied at the tenant level, on a single device, or in bulk.

  • Isolate Host (Linux, Windows):
     
    • Host Isolation and Unisolation features are implemented in the ACSIA UI and can be performed in bulk.

    • Hosts are reachable from the ACSIA server during isolation for monitoring and remote investigation.

    • The ACSIA admin can disable live notifications for isolated hosts.

  • Disable Agent from UI: Agents can be temporarily disabled to manage exceptional situations or perform maintenance operations without compromising the overall security of the system.

  • MFA & Password Reset

Fixes in v7.0.0

  • Bug fix: Email/Teams Notifications

  • Bug fix: Suricata didn't start on Windows 11 Pro