The cognitix Threat Defender version 20180615.0 provides various new features and improvements of the threat intelligence and protection platform.

For further information on the cognitix Threat Defender, visit cognitix.de/threat-defender or contact us at support@cognitix.de.


New Features

  • Enhanced threat intelligence feature
    • Threat Defender now provides dedicated threat intelligence dashboards that display the current threat situation in the network and the devices at risk in a clear and structured manner.
    • Incident logs are displayed in a time chart and as a table.
    • It is possible to browse the threat intelligence database and look up all data sets and references it contains.
    • All threat intelligence information is presented with extensive filter options.
  • Improved threat intelligence integration in policy engine
    The policy engine of Threat Defender contains new conditions to create rules using various threat intelligence tags.
  • Logging based on threat severity
    It is now possible to create rules that log threat intelligence incidents based on their level of severity. Threat Defender provides a predefined correlation scenario for this purpose that users can adapt to their system as required.

Improvements

  • Threat Defender is now protected against vulnerability CVE-2018-1111.
  • Classification by groups of applications/protocols: The Threat Defender policy engine now provides the classification of traffic by groups of applications and protocols. Multiple applications and protocols can be selected at once when designing policy rules. A complete list of the available groups and their content can be found in the Threat Defender user documentation.
  • The reporting feature of Threat Defender now contains information on the source country of traffic flows.
  • The Threat Defender user interface has been reworked to ease navigation.

Solved Issues

  • When creating objects inline, unsaved input in relevant input fields is no longer reset to the last saved state.