Skip to main content

Cyware Orchestrate

Release Notes 3.0

What’s New in Orchestrate

Orchestrate has been significantly upgraded with a number of new and powerful capabilities. These capabilities include:

  • A newly curated Playbook canvas, which is a powerful visual editor with an easy-to-use drag and drop facility of various nodes (Action, Condition, Input, Memory) to develop logical workflows for your orchestration needs.

  • Introduction of an Appstore which provides a safe and trusted place to install and use numerous out of box/stock Apps (previously referred to as connectors).

  • Support for Bring your own apps model, which is the ability to build your own custom apps which can simply be achieved in the user interface without having the need for any SDK.

  • Over-the-air update availability for the Appstore apps makes it easier for you to choose and upgrade an app to the latest supported version.

  • In order to make it super easy for you to search and list filters of interest, support for custom and quick filters are now available for Playbooks, Apps, and Run Logs features.

  • Launch of guided product onboarding walkthroughs and videos that allows new users, in particular, to explore and learn some of our key features such as Playbooks & Appstore.

  • Orchestrate Deployment and Expansion is now even more simpler and easier with Docker changes in deployment.

  • The 3.0 version of Orchestrate also delivers a new look and feel with a theme that is more cloud friendly and offers a better user experience. The upgrade includes a new logo, redesigned interfaces, and product workflows in order to compliment your overall product experience.

New Features

Explore Apps from Appstore

Previously, for every customer environment, there was a need to manually deploy and integrate various third party apps that were required for the various security orchestration and automation solutions.

Today, with the introduction of Cyware’s online Appstore, users can explore a plethora of apps that will assist you in comprehensive threat data collection, prioritization, and various other analytics.

unnamed__34_.png

There are two tabs available under the Apps page:

  • Appstore: This page lists all the apps that Orchestrate ships with. You can simply install the required Apps to use them in a relevant Playbook. Note that you require API credentials to successfully connect and configure these Apps. For a video tour of the Appstore, watch this video.

  • My Apps: This page lists all the installed apps or any custom created apps for your organization. For a video tour of MyApps, watch this video.

Custom Apps Development

Orchestrate also extends the ability to build your own custom apps to suit any specific business needs.

Build your own custom apps using python code to suit your specific security operation. This is important especially when you want to create your own apps to target a specific purpose in your security process. You can uninstall the custom apps at any point as long as they are not associated with a Playbook.

unnamed__35_.png

Over-the-Air Updates for Apps

Updating an app is now made simpler and faster with the availability of over-the-air updates for the Appstore apps. If there is an update to the app, the newer versions are listed with a version number, release date, and the corresponding release notes.

unnamed__36_.png

Playbook Canvas

Orchestrate offers an easy-to-use Playbook canvas to help you build logical workflows for your orchestration needs. Define your workflow in this canvas using a simple drag-and-drop facility of all the supported nodes (Action, Condition, Input, and Memory). You can also configure the overview of the Playbook, schedule the Playbook, and perform other supported Playbook configurations in the same view.

unnamed__37_.png

References:

For a video tour of the Playbook Canvas, watch this video.

Guided Walkthroughs

For a better user onboarding process, we have now integrated guided walkthroughs for key features of Orchestrate. We have also embedded some high-quality product video tutorials that you can refer to at any point for a better product experience.

unnamed__38_.png

A typical walkthrough will include an interactive demonstration of using that feature by clicking the Next button.

unnamed__39_.png

Introduction of Filters

Previously, the ability to filter Playbooks and Apps was limited and was available along with the Search option. In order to make it super easy for you to search and list filters of interest, support for custom and quick filters are now available for Playbooks, Apps, and Run Logs. You can also save the filter selection for future use.

Filters in Apps

You can filter apps based on Category, Agent Compatibility, Installation Date, Custom or System Apps, Owner, and App Status.

unnamed__40_.png

Filters in Playbooks

You can filter Playbooks based on Schedule, Bookmark Status, Created and Modified By, Labels, Tags, Apps, Actions, Status, and Recent Updates.

unnamed__41_.png

Filters in Run Logs

You can filter Run Logs based on Playbook Run Status, Playbook Status, specific Playbooks, Apps, Actions, Run by User, Playbook Type, and Date Range of Run. You can also apply various filters on Run Logs to view Run Logs of only the Master Playbooks or include the Run Logs for the Sub-Playbooks as well.

unnamed__42_.png

Enhancements

Playbook Enhancements

Experience a whole new revamped version of the Playbooks feature with a powerful and easy-to-use Playbook canvas. It offers a simple drag-and-drop feature to add various elements or nodes to develop logical workflows for your orchestration needs. You also have the ability to import Playbooks (that are developed externally or may have been exported previously) to your environment, and then customize it. You now have two tabs available under Manage Playbooks:

unnamed__43_.png

  • Cyware Playbooks: Previously, this tab was referred to as System. Jumpstart your automation and orchestration efforts by utilizing our vast library of pre-configured Playbooks and customizing them to your specific workflows. You can export or clone these Playbooks, and customize them further to suit the threat response needs of your organization.

  • My Playbooks: Previously, this tab was referred to as Custom. Build a Playbook from scratch with an easy-to-use drag and drop facility to define your workflow based on the business needs and then modify it to suit your business needs. Users can also harness the power of a secure Python-based development environment to create custom functions for their Playbook directly in the Playbook canvas.

References:

For a video tour of the Playbooks feature & to understand the supported functionalities, watch this video.

Playbooks Usability Enhancements

The Playbooks user interface has been significantly upgraded. We have redesigned this feature to provide a brighter and cleaner workflow with a complete focus on navigability, user experience, and ease of use.

You can view Playbooks in a list view or a grid view. You can customize the fields displayed on the details page (except the mandatory fields).

For each Playbook, you can view statistics such as the number of associated Playbooks, number of Run Logs available, and associated apps and actions.

Table View

unnamed__44_.png

Grid View

unnamed__45_.png

App Enhancements

Users can view apps both in a table view and a grid view. For every app, you can view the version, description, available actions, instances, and associated Playbooks if any. From this view, you can also export the app package, clone, or uninstall an app. You can uninstall apps as long as they are not associated with any Playbook. The apps uninstalled from the AppStore remain visible and simply reverts to the Install status.

Table View

unnamed__46_.png

Grid View

unnamed__47_.png

Some of the other enhancements available for Apps are:

  • View Agent Compatible Apps: Viewing all the agent compatible apps is now made easier with the introduction of filters. You can filter the apps listing to view only the Agent Compatible Apps by selecting the agent compatible filters in the filter view.

  • View App Documentation: The presence of documentation for each app helps you to get a good overview of the purpose of the app, view detailed information about all the available actions and parameters that need to be configured for the app.

Run Logs Enhancements

Playbooks also offer a Run Logs feature that helps you analyze the execution details of a Playbook, especially the run details for each node that is defined in the Playbook workflow. This is especially helpful for debugging purposes. You can also apply various filters on Run Logs to view Run Logs of only the Master Playbooks or include the Run Logs for the Sub-Playbooks as well.

You can choose to view Run Logs for a specific Playbook from the Manage Playbooks page, or view Run Logs for all Playbooks.

unnamed__48_.png

Usability Enhancements

The user interface and experience (UI/UX) for Orchestrate has been upgraded extensively. Each of these enhancements creates a consistent experience to access and use objects in the application.

Left Navigation Menu Enhancements

unnamed__49_.png

The left navigation menu has been enhanced with the following changes:

  • Manage Playbooks and Run Logs features are now categorized together and available under Playbooks.

  • The options to configure triggers, view triggered events, and manage labels are now categorized and available under Triggers.

  • The Appstore and apps can be directly accessed from Apps.

  • Cyware Agents (previously referred to as CSOL Agents) and Data Sync features can also be directly accessed from the main menu.

Other Enhancements

Docker Changes in Deployment

Orchestrate Deployment and Expansion is now even more simpler and easier. In the 3.0 version, we have made tremendous progress with respect to Dockerization. By following Docker swarm guidelines, the deployment and expansion are now going to be easy and simpler.

User Profile

The User Profile gives you a holistic view of your personal information and activities.

To access this functionality, in the top-right corner, click the Profile icon, and select Profile Settings. You can view all the personal information, associated user groups, and option to change the password.

Bug Fixes

This release also incorporates a few minor bug fixes and security updates.

Orchestrate Connectors

This section contains the list of connectors that are integrated with the Orchestrate application in the latest releases.

Newly Added Connectors

The following newly added connectors are integrated with Orchestrate in this release:

  • Network Security

    • Flashpoint Card Fraud Mitigation

    • Connector Name

  • IT Services

    • Down Detector

    • Asana

  • Data Enrichment & Threat Intelligence

    • Ivanti Security Controls

    • Trend Micro Vision One

  • Vulnerability Management

    • Lynx Risk Manager

  • Analytics & SIEM

    • Humio

Enhanced Connectors

The following connectors are enhanced with new actions or bug fixes in this release:

  • Network Security

    • Azure Active Directory v2

    • Active Directory v2

    • Checkpoint Management Console

  • IT Services

    • Office 365

  • Data Enrichment & Threat Intelligence

    • Recorded Future

    • Google Safe Browsing

    • Virus Total v3

    • Digital Shadows

    • Cisco Secure Malware Analytics

    • Exabeam Analytics

    • Threat Connect

  • Cyware

    • Utility

    • CFTR v2

  • Email Gateway

    • IMAP

  • Messaging

    • Slack

    • Microsoft Teams

  • Endpoint

    • Tanium v2

  • Configuration Management Database (CMDB)

    • Symantec Management Center Service

  • Analytics & SIEM

    • Elastic SIEM

    • Azure Sentinel

  • Case/Ticket Management

    • Freshdesk Support Desk