Software Update

Perception Update - Version 2.5.9

Version 2.5.9 adds a number of new features to Perception, including features to increase security, system performance, and usability issues.

Perception update blog header.png

To start, Perception now supports communicating over HTTPS with the UI, and allows the import of certificates.  Although communication over a secure VPN was already fully encrypted, the addition of standard web-security measures increases the security of the system as a whole.

Performance is always a priority for us at Perception, and in this update we continue to improve system performance.  We’ve changed the way our databases are structured, which means queries run faster and less disk space is required, we’ve also squashed a bug where very large databases were causing system performance issues.  Likewise, the cache of SMB data was causing some sensors to use too much memory, and this issue has been resolved with no effect on the detection performance of SMB-based behavioural identification.

Self-managed users will also benefit from the latest improvements to the user interface, including a number of smaller fixes that should improve usability.  You can now delete swimlanes in KnowledgeBase if they are no longer needed, and some ForensicAI alerts have been provided with more detailed microcontrol information, meaning the alert can be triaged better without even opening the alert at all.

 

A full list of updates are below:

  • Added support for HTTPS connections to the UI including certificate import.

  • Significantly enhanced database format giving improvements in query performance and disk space requirements.

  • Fixes for database performance issues when accessing very large databases.

  • Added ability to delete swimlanes from KnowledgeBase Incident Builder.

  • Improvements to SMB memory use to address issues with overloaded sensors.

  • Various UI fixes and improvements.

  • Enhancements to ForensicAI Alerts to give more detailed Microcontrol information and more accurate scoring.

  • Fix for Exceptions not matching on hostnames correctly.

 

This update will be pushed to all managed customers at the pre-agreed upgrade time.  Self-monitored customers can update their own systems using the software upgrade processes.  If you have any further questions about this upgrade please contact us at info@perceptioncybersecurity.com

Perception Update - Version 2.5.7

A number of features have been improved in version 2.5.7, including small changes to the KnowledgeBase feature.  

Perception update blog header.png

You can now annotate each event in KnowledgeBase so it’s clear what each connection means without just relying on the automatically generated metadata. We’ve also listened to your feedback and changed the way the column headers display so they look a little bit clearer.  Two more useful changes in KnowledgeBase include a reordering of events based on sample time, so they should be in a more intuitive order, and indicators for the direction of the connection too, so you can see which host initiated each connection.

There’s also some bug fixes and user enhancements, including refining the behaviours introduced in version 2.5.3, fixing issues with rendering some ForensicAI alerts, and protecting system stability with disk capacity protection.

 

A full list of updates are below:

  • Added support for text-based annotations to be included against KnowledgeBase events. This enables the user to add free text notes describing each event.

  • Fixed header position in KnowledgeBase swimlane diagram.

  • KnowledgeBase events now show direction of connection in swimlane diagram.

  • Updated KnowledgeBase to use sample time when ordering events in swimlane diagram.

  • Fix issue where behaviours were not loaded under HLC if the number of these exceeded a certain limit.

  • Added disk capacity protection to address issue seen on busier systems.

  • Enhanced metadata included in Host Activity classifier.

  • Added ability apply exceptions to Host Activity classifier.

  • Added an ability to purge all data from CCS and sensor should equipment need to be re-deployed or have all prior data removed

 

This update will be pushed to all managed customers at the pre-agreed upgrade time.  Self-monitored customers can update their own systems using the software upgrade processes.  If you have any further questions about this upgrade please contact us at info@perceptioncybersecurity.com