20231010.5

Improvements!

Unknown Domain Age Filtering

• Admins can now block domains lacking age data through a new "Is Unknown" condition when targeting Domain Age in Rulesets.

• Clients can choose to proactively block domains with insufficient reputation history, stopping unknown threats sooner.

• Provides flexibility to handle undefined domain ages based on an organization's security posture.

• Benefits:

  • Stops potentially malicious traffic with insufficient reputation data sooner.

  • Reduces risk exposure from domains lacking age indicators.

  • Expands defensive options for clients seeking maximum protection.

• ⚠ CAUTION ⚠

  • Use judiciously as internal domains often lack age data.

  • Only recommended with additional filters to avoid blocking valid internal traffic. 

Expanded No Status Handling

• No Status was added as a logs filter to isolate unclassified queries in our April release. 

• This feature adds a "No Status" option for targeting unclassified queries within Rulesets when the "Status" Type is used in a Rule

• Allows custom actions like "Allow" or "Block" for undetermined traffic based on security needs.

• Handles unknown reputation traffic to reduce blind spots.

• Benefits:

  • Flexibility to isolate and control unclassified queries in Rulesets.

  • Tunable enforcement balancing business needs, security, and risk tolerance.

  • Reduce blind spots by specially handling unknown reputation traffic.

List Management Add/Remove Consistency

• Standardizes language and icons for adding/removing artifacts across lists.

• Replaces inconsistent terminology and symbols with consistent add/remove actions.

• Uses familiar plus and minus icons instead of checkmarks.

• Benefits:

  • Intuitive, predictable patterns for managing lists.

  • Reduces confusion around add/remove actions.

  • Admins spend less time interpreting interfaces and work more efficiently.

  • Improved usability through standardized add/remove interactions.