HYAS Protect R24.9
Release # | UI: R24.9, Agent: N/A |
|---|---|
Date |
What's New in HYAS Protect!
Self-Serve Syslog Data Export NEW
This month, we’ve introduced a new method for exporting your DNS logs directly from the HYAS Protect UI. Our Syslog Data Export enhancement enables you to seamlessly export DNS logs to your preferred Syslog server, allowing the data analyzed by HYAS Protect to enrich your SIEM/SOAR systems.
Benefits:
No Need for Cloud Storage: With the ability to export directly to a Syslog server, clients no longer need to host their own cloud storage for DNS log exports, reducing costs, simplifying infrastructure management, and ensuring compliance with regional regulations regarding cloud storage.
Data Enrichment: Exporting DNS logs directly to a Syslog server enhances your ability to integrate with SIEM/SOAR systems, allowing for more effective data enrichment.
Improved Efficiency: The self-serve functionality from the HYAS Protect UI simplifies the export process, giving clients more control and reducing the need for manual intervention or external tools.
Ruleset Creation on Device Name & UsernameIMPROVEMENT
Clients now have the added ability to create Rulesets based on Device Name & Username.
Benefits:
Tailored Security Policies: Clients can create highly customized rules based on specific devices or individual users, aligning security policies more closely with their organization’s unique needs. This tailored approach ensures that protection is effectively targeted where it’s needed most.
Enhanced Control and Precision: The ability to set rules for particular devices or usernames provides clients with greater control over a Client’s security measures. This precision allows for more accurate responses to threats and reduces the risk of over-blocking or under-blocking.
Flexible Protection Strategy: By enabling ruleset creation for both individual devices and users, this feature supports a more adaptable security strategy. Clients can adjust their protection mechanisms in response to evolving threats or changes in their organizational structure, enhancing overall security posture.
Latest Release Graphic and Notes NEW
With each new release, users will now see a “NEW RELEASE!” banner, encouraging them to click either the banner or the documentation icon, which now features a link to the latest release notes. This provides a quick way to explore the newest updates for HYAS Protect. Once clicked, the banner will disappear until the next release is available.
Benefits:
Increased Awareness of Updates: The banner and link ensure that users are immediately informed about the latest features, fixes, or enhancements.
Streamlined Navigation: Offers a convenient and simple way to access detailed release information, saving time and effort when trying to understand how updates affect usage of HYAS Protect.
Microsoft Defender for Endpoint Integration Block Reason VisibilityIMPROVEMENT
When utilizing the Microsoft Defender for Endpoint integration, Client’s are now given the additional context into why the query was blocked. This additional information is included in the ‘Description’ section in MDE and under the ‘Notes’ section in the HYAS Protect MDE list.
Benefits:
Enhanced Clarity: Clients receive detailed context on why queries were blocked, including specific reasons like ‘Blocked Category - Criminal’ or ‘Malicious Cyber Activity - Dangerous 3rd Party Infrastructure’. This transparency helps Clients understand the rationale behind each block.
Improved Data Management: With additional information provided in both the MDE and HYAS Protect lists, Clients can more easily sort and manage their data. This helps in efficiently handling block lists and ensuring that critical security decisions are based on well-understood factors.
Streamlined Adjustments: The detailed context allows clients to quickly identify and adjust any configurations if necessary. Understanding the reasons behind blocks facilitates more informed decisions about potential changes to their security settings.
