Alert Logic console release notes
Alert Logic console release notes
2022
Release date: September 21, 2022
Bug fixes
None
Features
Alert Logic released a series of enhancements to streamline working with incidents in the Alert Logic console. These updates include improvements to the Incidents page, the decommission of the older Incidents page, and expanded adoption of the MITRE ATT&CK framework.
Improvements to the Incidents page:
- Advanced Search support—You can now create complex queries that can combine with selected filters to further refine your incident search results.
- Status filters improvement—All incident statuses are now shown by default. Previously, only open incidents filter and counts were shown.
Decommission of the old Incidents page:
- Incidents page toggle to switch experiences has been removed.
- URLs pointing to the previous Incidents page now redirect to the upgrade page.
Expanded adoption of the MITRE ATT&CK framework:
Alert Logic continues to adopt the MITRE ATT&CK framework over the legacy Alert Logic attack classification system. To support ongoing adoption efforts, Alert Logic will continue removing the legacy attack classification system from the console.
- The Incidents page no longer includes Classification as a filter option. The page now uses MITRE Tactic and Technique to classify threats.
-
Reports with threat data no longer include Classification visualizations. Threat reports now use MITRE Tactic and Technique to classify threats. Reports affected include:
- AWS Incident Analysis Reports
- Azure Incident Analysis Reports
- Incident Analysis Reports
- Incident Account Summary Reports
- Enterprise Risk Reports
- Partner Analysis Reports
- HIPAA-HITECH Security Audit Reports
- PCI Audit Reports
- PCI DSS Audit Reports
- Incident notifications now provide MITRE ATT&CK information instead of the legacy classification that was previously part of the e-mail preview. For more information, see Incident Notifications.
Security
None
Changes
None
Notice
None
Release date: June 3, 2022
Bug fixes
None
Features
Alert Logic deprecated some legacy pages and features in the Alert Logic Console. These pages and features are replaced with new or improved versions of the capabilities that were deprecated. The following are the deprecated features and their corresponding and improved replacement features or pages:
-
The Event page under the Search tab is deprecated and replaced by the improved IDS Event Search feature in the new Get Started with Search experience. For more information, see IDS Event Search.
-
In the Blocking Configuration option of the Network IDS page, under the Configuration tab, the Policies and Whitelist features are now read-only, and you cannot create or change existing policies or whitelist entries. IDS Event Search feature includes the ability to block hosts in the Events detail page. For more about the Events detail page, see Details view .
-
The Correlation feature both in the Policies and in the Alert Rules pages of Log Management under the Configuration tab are deprecated. Legacy correlations is replaced by the improved Correlation feature in the new Get Started with Search experience. For more information, see Improved Correlations and Search.
-
Cases, in the Search page, Case Alert, in the Case page under the Notifications tab, and Case Reports, in the Scheduled page under the Reports tab, are deprecated and you cannot add cases. Cases are replaced by Incidents, Scans, and Reports.
Security
None
Changes
None
Notice
None
2018
Release date: April 25, 2018
Bug fixes
- This release resolves an issue with updating agent policies. The issue is resolved and users can create and update agent policies as normal.
- This release resolves an issue with events, incidents, and blocking alert rules. To access the pages, click CONFIGURATION, then click Notifications, and then select the type of alert rule you want to create.
- This release resolves cosmetic issues with page layout on several configuration screens, and the Zones and Host Groups screens.
- This release resolves an issue that redirected users when they clicked a link to an incident.
- This release resolves an issue with updating block requests in the incidents panel.
- This release updates an error message that appears when a read-only user tries to access unauthorized tools or content.
- This release resolves an issue with list filters on the sources pages. All filters appear as intended now.
- This release resolves an issue with a link in the PCI Dispute system.
Features
- This release adds a time zone selection field to the New Source menu. You must choose a time zone to create a source.
Security
None
Changes
None
Notice
None
Release date: April 20, 2018
Bug fixes
- This release resolves an issue where Azure deployments did not show protected hosts associated with the deployment.
- This release resolves cosmetic issues with page sizing and scrolling.
- This release resolves an issue in the menu to add a new certificate. For some users, the menu timed out before they were done filling in all the information. This issue has been resolved.
- This release resolves an issue with the Save button on the correlation policy and flat file log sources screens for certain deployments. The Save button now displays and works as expected.
Features
- This release adds a feature that displays the full name of the account you are viewing in the Alert Logic console.
Security
None
Changes
None
Notice
None
Release date: April 17, 2018
Bug fixes
- This release resolves an issue with user time zone settings.
- This release resolves an issue where the host metadata displayed the private IP as a public IP.
- This release resolves an issue with viewing log messages within cases.
- This release resolves compatibility issues with Internet Explorer version 11.
- This release resolves an issue that caused the Alert Logic console to display an error when users tried to turn a host into a protected host.
- This release resolves an issue with appliances and agents filtering on Azure deployments.
- This release resolves an issue where metadata was missing on some log sources.
- This release resolves an issue with the Save button on the correlation policy editing screen.
Features
- This release adds a feature that allows users to select the customer account they want to use in the Statistics tab of Scans.
Security
None
Changes
None
Notice
None
Release date: week of April 9-13, 2018
Bug fixes
- This release resolves an issue with retrieving SSL certifications.
- This release resolves an issue with the search function.
- This release resolves a cosmetic issue with the layout of the Scans Dashboard page.
- This release resolves an issue with the reporting system in the Alert Logic console. All users can now access reports normally.
- This release resolves an issue with the forgotten password link on the login page.
- This release resolves an issue with incident and event counts on the dashboard pages. All counts are now accurate.
- This release resolves an issue with cached pages causing certain links to redirect users. The issue is resolved, and all links and navigation tools work as expected.
- This release resolves issues where the Alert Logic console did not work normally for users who accessed it from certain browsers. The issue is resolved, though if you continue to experience issues, use Google Chrome.
- This release resolves an issue where an internal Alert Logic feature appeared to customers as a dead link. The link no longer appears for non-Alert Logic users.
- This release resolves an issue where users could view data on the Scan dashboard for all accounts for which the user had access. The issue is resolved, and customers now only see data for the selected account.
Features
- This release adds multiple ID numbers to identify incidents and events.
- This release adds a feature that allows allowing users to easily share links to events.
- In the Alert Logic console, click SEARCH, and then click Events. In the list that appears, find the event you want to share, and then click the share icon (
) in the Share column. A new browser tab opens and shows event details. The URL in the new tab is a direct link to the event details page. - You may also click an event to view the event details page. From the event details page, click the share icon () at the top of the page. The A new browser tab opens, and the URL in the new tab is a direct link to the event details page.
- In the Alert Logic console, click SEARCH, and then click Events. In the list that appears, find the event you want to share, and then click the share icon (
Security
None
Changes
None
Notice
None
Release date: April 7, 2018
Bug fixes
None
Features
Alert Logic updated the Alert Logic console to provide a single login and universal navigation for all products and subscriptions. This update allows you to easily find everything you need in one place across the entire Alert Logic portfolio. The top-level navigation is organized around functional categories (incidents, remediations, search, reports), and is subscription-aware, which means you see only the content relevant to your organization. In addition, you can access all of your Alert Logic products, across all your data-residencies, within one portal. Other features in this release include:
- The upgraded reporting console provides richer, interactive reports. The new reporting console is intuitively organized and easily searchable. Incident Analysis reports provide valuable insights and trending data for incidents created from all subscribed detection sources (Network IDS, Log Management, Web App IDS, and Amazon GuardDuty). Service Summary reports provide summary information and visibility into product configuration, product status, and security outcomes from your subscribed services.
- Enhanced portal navigation improves your ability to find everything you need across the entire Alert Logic portfolio. The top-level navigation is organized around functional categories (incidents, remediations, search, reports), and is subscription-aware, so you see only the content relevant to your organization.
- Streamlined Deployments page the Deployments page provide a single menu to create, view, and edit deployments for all Alert Logic products. In addition, for Cloud Insight Essentials customers:
- You can use CloudFormation templates to easily create the IAM roles necessary to create Cloud Insight and Cloud Insight Essentials.
- Deployment tiles clearly display the level of assessment chosen for your deployments.
- You can use the new Guided Mode to create Cloud Insight deployments for which you determine where to deploy scanning instances in your infrastructure.
- Role-based user permissions allow you to quickly and easily provision new users and modify existing permission levels using an industry standard, role-based model. This enhancement allows you to assign users to one of five of the following roles
- Administrator
- Owner
- Power User
- Support/Care
- Read-only
- Multi-factor authentication (MFA) adds a second layer of protection to your login. This opt-in feature enables you to further protect your organization from compromised credentials. MFA gives you the option to decide to enable the feature either at the account level if you wish to make MFA mandatory, or on a per individual user level. Alert Logic leverages Google Authenticator on mobile phones as the technology for the hardware-based authentication.
Security
None
Changes
None
Notice
None
2017
Release date: May 30, 2017
Bug fixes
None
Features
- Alert Logic updated the Alert Logic console for the Cloud Defender suite of products, specifically for Log Manager and Threat Manager. Access to the Classic UI and the ability to switch between the two is currently available. For more information, click Improved Experience for Cloud Defender Console | Software Updates.
Security
None
Changes
None
Notice
None
Release date
March 16, 2017
Bug fixes
- N/A
Features
The Alert Logic login page now allows you to reset your password. An update to the login page includes color scheme modifications and a highly requested feature – the ability to reset your password.
NOTE: If you lock your user interface account after multiple failed login attempts, you cannot use the password reset function to unlock your account. You must contact your service provider or the Alert Logic help desk to unlock your account.
Security
- N/A
Changes
- N/A
Notice
- N/A
Release date
February 16, 2017
Bug fixes
- N/A
Features
- This release adds a customer selector that allows you to select one customer or a parent customer and all of its child customers.
- This release decouples the page load from query execution.
Security
- N/A
Changes
- N/A
Notice
- N/A
2016
Release date
June 6, 2016
Bug fixes
- N/A
Features
- This release provides a new web technology update and a new web CSS theme that is applied to the current web portal. This does not affect navigation, menu, or workflow, as this is only a web skin update.
- This release provides a new task and notification bar, as well as an AWS account IDs page for Threat Manager customers with agents and appliances installed within an AWS account.
Security
- N/A
Changes
- A new CSS theme applied to the current NGUI
- A new operating system (from Debian Squeeze to CentOS 6.7)
- PHP version upgraded to 5.6.20
- Support to the latest version of TLS (TLS 1.2)
Notice
- N/A