Threat Defender Version 20180615.0 : Support

The cognitix Threat Defender version 20180615.0 provides various new features and improvements of the threat intelligence and protection platform.

For further information on the cognitix Threat Defender, visit cognitix.de/threat-defender or contact us at support@cognitix.de.

New Features

Enhanced threat intelligence feature
- Threat Defender now provides dedicated threat intelligence dashboards that display the current threat situation in the network and the devices at risk in a clear and structured manner.
- Incident logs are displayed in a time chart and as a table.
- It is possible to browse the threat intelligence database and look up all data sets and references it contains.
- All threat intelligence information is presented with extensive filter options.
Improved threat intelligence integration in policy engine
The policy engine of Threat Defender contains new conditions to create rules using various threat intelligence tags.
Logging based on threat severity
It is now possible to create rules that log threat intelligence incidents based on their level of severity. Threat Defender provides a predefined correlation scenario for this purpose that users can adapt to their system as required.

Threat Defender is now protected against vulnerability CVE-2018-1111.
Classification by groups of applications/protocols: The Threat Defender policy engine now provides the classification of traffic by groups of applications and protocols. Multiple applications and protocols can be selected at once when designing policy rules. A complete list of the available groups and their content can be found in the Threat Defender user documentation.
The reporting feature of Threat Defender now contains information on the source country of traffic flows.
The Threat Defender user interface has been reworked to ease navigation.

When creating objects inline, unsaved input in relevant input fields is no longer reset to the last saved state.