Skip to main content

Cyware Situational Awareness Platform

Release Notes 3.5

We are excited to introduce you to the new and enhanced version of our latest release of Cyware Situational Awareness Platform - v3.5. This release comes with new features, a few enhancements, and minor bug fixes for the CSAP Member Portal.

New Features
Threat Defender Library

CSAP’s new Threat Defender Library is a new threat intel content repository that contains information and files used in threat hunting and threat defense. Members can create, upload, maintain, and collaborate using the information in the content library. Using the threat defender library, members can create or upload information in different categories such as:

  • Threat detection files including Yara rules, log sources, Suricata, Snort Rules, and more

  • Rule files belonging to Splunk, QRadar, Devo, or other SIEMs

  • Analytics files of the type CAR

  • Response files of type Playbooks

  • MITRE ATT&CK data including tactics, techniques, and sub-techniques

Members can choose to:

  • Save the threat defender content and maintain their organization repository.

  • Share threat defender content with analysts for approval.

  • Make content available for other members of the organization.

  • View threat defender library dashboard with metrics on draft, submitted, approved, declined, and shared with members.

The threat defender library enables an organization’s security operations teams to:

  • Reuse the content and quickly respond to organization-specific threats.

  • Reduce time spent by analysts researching the threat.

  • Use analysis and files received from the threat defender such as a SIEM Rules file to quickly send out information to a SIEM or XDR and act on a threat faster.

  • Increase threat hunting capabilities and significantly reduce the time taken to detect and respond to a potential security incident.

TDL_Member_Portal-1__1_.jpg
Enhancements
Request a Survey

Members can request surveys in the CSAP Member Portal and submit them to analysts for review. Members can directly create customized surveys on any topic such as evaluating threats or vulnerabilities or malware, or security best practices. Analysts can then review and publish.

Survey_Member_Portal.png
Receive Email or Push Notifications by Alert Categories

Members can configure to receive email or push notifications to get notified when alerts from their chosen alert categories are published. This can help them track required information and stay on top of things.

Alert_Email_Mobile.png
Mark Alerts as Read

Members can now select alerts and mark them as read in one go.

mark_alerts_as_read.png
View RFI Responses

All members can view all the RFI responses posted on a Request For Information form which helps them view comments and responses from other members and analysts.

RFI_Responses.png
Alert Member Admins on Domain Expiry

The member admins of an organization receive an email alerting them when a domain configured in the organization detail approaches its expiry date. They will receive an email when the expiry is in seven days.

Bug Fixes

  • Members are able to upload and replace doc library files with the same name, TLP, and recipient groups.

  • If you star mark a folder in the doc library, you can view the folder and the files inside it in the Starred section.

  • Editors of a collaborative note can successfully edit the files shared with them.

  • Members are able to search for files inside a folder using the global search filter and view them.

  • Some fixes are included to improve the overall security of the product.