cognitix Threat Defender version 20191129.0 provides various improvements of the threat intelligence and protection platform.

For further information on cognitix Threat Defender, visit

 or contact us at

New Feature

Free Configuration of Processing Interfaces

It is now possible to freely allocate the processing interfaces of cognitix Threat Defender to bridges and assign VLANs as required.


  • Improved reporting:
    • The Analytics screens were restructured to further improve the user experience.
    • We added new charts that display the logged policy severities.
    • You can now easily switch the direction between source and destination when you analyze traffic based on IP addresses and assets.
  • Improved asset handling:
    • It is now possible to use asset tagging in policies. This means you can now dynamically assign tags to assets based on their behavior in the network.
    • To streamline your workflows, you can now carry out operations (merging assets into one, adding and removing tags) for multiple assets at once.
    • You can now exclude complete MAC prefixes from automatic asset discovery. This means that you can exclude prefixes used by virtualization solutions, for example.
    • You can edit the login and display names of assets and users separately, meaning that they may differ from each other.
  • We revised the overall menu structure of cognitix Threat Defender to allow for easier navigation in the user interface.
  • The audit logs generated by Threat Defender now log additional events, such as all system actions, enabling/disabling of IPS rules, etc. Furthermore, the audit log contains a new chart that displays all events logged in the previous 24 hours.
  • The flow state tracking was improved for:
    • current phase 
    • seen handshake 
    • flow timeouts
    • out-of-state packets    
  • Threat Defender now reports a warning when the flow table of a processing thread is almost full (see also Connection Handling). The first warning is issued at 90% capacity, the second warning at 95% capacity.

Solved Issues

  • We increased the allowed password length to 72 characters.
  • We solved an issue with aligning fragments to flows.


We solved counter-intuitive behavior of the logging and late logging rule actions so that handling rule severities is now more consistent