Analytics & Reporting Cloud

December 2024

Version: 5.1.0

December, 2024

New Features

  • There are no new features or enhancements in this release.

Fixes

  • Resolved an issue where event details were missing in the Incident Summary for specific Incident IDs.

November 2024

Version: 5.0.0

November, 2024

New Features

  • This release introduces UI theme customization, allowing users to switch between light and dark modes in their preferences. With dark mode becoming increasingly popular for its benefits like reduced eye strain, improved readability, and enhanced accessibility, this feature enhances usability and caters to individual preferences, providing a more personalized user experience.

  • In this release, updates have been made to enhance user experience and streamline workspace management for customers.

    • "Workspace Manager" renamed to "All Workspaces," displaying workspace tabs on the dock for a more organized view.

    • Home sign removed from the workspace tile; the first tab is now set as the Home tab by default.

    • Pin/unpin icon removed; users can now pin or unpin workspaces by right-clicking on the workspace tab.

    • Workspace time fields UI updated.

    • Enhancements to the application toolbar, streamlining navigation and workspace management.

Fixes

  • Resolved an issue where the federated users were unable to download CSV files from ARC workspaces. Adjustments were made to the permissions for these users, allowing successful downloads.

  • Resolved an issue where Mac users with usernames starting with an underscore (_) were being added to the ARC computer inventory, similar to a previous issue with Windows users. A filter has been added to prevent this.

  • Resolved an issue where the event details section under incident details was inaccessible for customers, with the fields appearing greyed-out.

September 2024

Version: 4.12.0

September, 2024

New Features

  • A new external API endpoint GET /1.0 /dynamic_group /{group_id} has been implemented to retrieve current dynamic group membership from ARC. This API will allow users to fetch the current members of a specified dynamic group.

  • Digital Guardian introduces a new Secure Service Edge (SSE) solution powered by Lookout technology. This integration provides comprehensive security coverage from endpoint to cloud, bridging the gap between traditional endpoint security and cloud-based threats. The SSE solution offers full visibility and control across all web traffic, SaaS applications, and private applications, ensuring sensitive data remains protected regardless of its location or the devices accessing it.

  • ARC now integrates with Slack, enhancing communication monitoring and data protection capabilities. This feature allows seamless monitoring of Slack chats, messages, and shared files, while enabling custom ARC detection rules for Slack communications. Additionally, ARC enables you to review Slack chat history for investigations and compliance purposes, ensuring consistent enforcement of data protection policies across all Slack channels.

  • The integration of Fortra Threat Brain (FTB) into our solutions provides a comprehensive threat intelligence hub. FTB delivers reputational analysis and coverage across files, executables, domains, IPs, URLs, and email addresses. This integration enhances incident triage capabilities, improves event detection, and provides critical insights to bolster overall security coverage.

Fixes

  • Resolved an issue where the ${event.comp_machine_status} variable for agent status was inconsistently populated in detection rule alarm names, showing status codes instead of readable statuses. This issue is now resolved.

  • Resolved an issue where the User section in Administration & Configuration was not visible despite having "All" permissions for Users and Roles.

August 2024

Version: 4.11.0

August 17, 2024

New Features
    There are no new features or enhancements in this release.
Fixes

  • Resolved an issue in which the WIP certificate expiration notice was still being sent after the expiring certificate had been updated with a new certificate.

  • Resolved an issue in which the Install Time for some macOS Agents was missing.

  • Resolved an issue in which the Top Riskiest Users portion of the Insights report was not being generated properly.

  • Resolved a problem in which the UI landing page was incorrect if the user’s home workspace was not available.

  • Resolved an issue in which the content restriction option values for a role were not being applied correctly.

  • Resolved an issue in which a customer’s workspace was not displaying information for federated users properly.

June 2024

Version: 4.10.0

June 30, 2024

New Features
    There are no new features or enhancements in this release.
Fixes

  • Resolved a problem where the $(event.comp_machine_status) variable for Agent status was not populated consistently with the correct status when the customer used it as the Alarm name variable in a detection rule.

  • Resolved a problem in which adding an email template to a DG-built template that you tried to modify but are not allowed to caused the fields in the added email template to be populated with the DG template values and grayed out so you cannot change them.

Version: 4.9.0

June 10, 2024

New Features
Enhanced Incident Management for Enterprise Tenants

  • When viewing a child tenant incident in the Enterprise tenant, the incident entry on the Incident panel displays the child tenant to which the incident belongs.

  • When you create a new incident, either by dragging-and-dropping an event or alarm to the create incident box or clicking the box, the New Incident dialog box now includes a Tenant option where you select the tenant to which you are assigning the new incident. After you select the tenant, you can assign the incident to a user from the selected tenant.

  • When you are filtering the list of incidents, a Tenant option lets you filter the list to see incidents from a specific tenant. Search displays only tenants that have incidents on the list.

Fixes

 

  • Resolved a problem where the Source and Destination Device sections of the table details

    pane were not properly populated with all the available device details.

  • Resolved a problem where custom data values were not properly populated in email

    notifications generated by ARC detection rules.

March 2024

Analytics & Reporting Cloud
Version: 4.8

Mar 28, 2024

New Features
  • DG Rule Component List Editing

    You can now add values to or delete values from component lists that you created in the DGMC directly from the Administration & Configuration pane in Fortra. To access component lists in Fortra, click Event Detection > Watchlists on the Administration & Configuration pane. For more information, refer to “Updating Component Lists” in the online help.

Enhancements
  • Policy Option Renamed Event Detection

    To more closely align with the content of the option, Fortra renamed the Policy entry on the Administration & Configuration pane to Event Detection. The contents of the option remain the same—Detection Rules, Event Filters, and Watchlists.

  • Enhanced Administration & Configuration Pane

    To prepare for upcoming efforts to streamline workflows, Fortra made minor enhancements to the Administration & Configuration pane. The enhancements include changes to align our portfolio of products to a unified user experience, removing feature icons from the menu options, and listing the options in alphabetical order.

Fixes

  • Resolved a problem where the Sample Match icon was not being displayed for send mail events in tables. In addition, it was not being displayed for email attachments.

  • Resolved an issue where it was not possible to view the details for an incident.

  • Resolved a problem with the DG Insights report where the format of the report was not correct. It did not match earlier versions and was not possible to read.

February 2024

Analytics & Reporting Cloud
Version: 4.7.0

Feb 25, 2024

New Features
  • DG SCIM API Available for External Access

    System for Cross-Domain Identity Management (SCIM) is an open standard that allows automation of user provisioning. Already in use by the Digital Guardian product, the DG SCIM API implementation is now accessible so you can use it for your custom identity management integrations. For additional information, refer to “Custom SCIM Connector” in the online help.

Enhancements
  • Enhanced Incident Details Timeline

    • Improved organization—the enhanced timeline allows you to consolidate all relevant events into a single, easy-to-read display. This helps you gain a comprehensive overview of the sequence of events, making it easier to identify patterns, dependencies, and potential issues.

    • Enhanced analysis—the enhanced timeline expands to include more details, enabling you to delve deeper into each event and gain a better understanding of its context. This can help you identify the root causes of incidents, track progress, and make informed decisions.

    • Efficient communication—the enhanced timeline provides a concise display that enables you to communicate complex information more effectively. It allows stakeholders to grasp the sequence of events and understand the impact of each event on the overall situation quickly. This can be particularly useful while managing incidents or when sharing updates with stakeholders.

    • Streamlined collaboration—the enhanced timeline provides a shared reference point for all stakeholders involved in an incident. It helps align efforts, facilitates collaboration, and ensures everyone is on the same page. This can lead to improved coordination, faster decision-making, and more efficient problem-solving.

    • Scalability—the expandable timeline accommodates additional events as they occur without cluttering the display, allowing you to maintain a clear overview as new information becomes available.

  • Enhanced Bundle Replay for Stability and Performance

    To enhance stability during bundle replays, ARC imposes a 120-day time limit on the replay process. In a single replay request, you can revisit up to 120 days of data. To replay more than 120 days, create multiple requests. For instance, to replay an entire year of data, generate four separate replay requests.

Fixes

  • Resolved an issue where a custom report is not applying the nested filter for the report correctly, returning incorrect data.

  • Resolved an issue where a streaming profile that specified the server process time was not applying the specified time format.

December 2023

Version: 4.6.0

Dec 6, 2023

New Features

  • Added and Enhanced Data Export Formats. To make exporting data from ARC more straightforward and improve performance, there are now three export formats, not two: JSON, JSON Table, and JSON Flattened Table. If you have existing export profiles that use the previous JSON format, they will now use JSON Flattened Table format so the exported data will be the same.

Fixes

  • Resolved a problem where the ANY and ALL filter operators were not working as expected in an ARC filter.

  • Resolved a problem where a customer’s detection was not matching or filtering on entries as expected.

  • Resolved an issue in which a customer’s scheduled reports were not honoring the where clauses in filters, causing the reports to include incorrect information.

  • Resolved an issue where underscore characters (_) in domain names were causing Azure AD LDAP sync not to work for a customer.

  • Resolved a problem that prevented reporting about component status from Computer Inventory information.

September 2023

Version: 4.5.0

September 6, 2023

New Features

  • Added Download Attachments Option on Incident Details Workspace

When you are working with one or more incidents in the Incident Details WS, you can now download the files attached to the incidents. The Download Attachments option downloads the files as a ZIP archive to a location you specify.

  • Added a <Repeat> XML Tag Option for Email Templates

To provide more flexibility in email templates, a new Repeat option is available when you create or edit an email template. Clicking Repeat adds the <repeat> </repeat> XML tags to the subject line or body of the template. Adding the tags allows the template to return variables, such as source file name, for multiple incidents in the email automatically.

Enhancements

  • Reconfigured the Incident Details Workspace

To ease using the Incident Details Workspace to investigate and analyze events, updated the organization and content to provide more direct access to information about the incident, including the ability to download files attached to the incident.

Fixes

  • Resolved an issue where the Insights Workspace does not display the central graph when there is a large number of classified files reported.

  • Resolved an issue where the intended recipients do not receive detection rule email alerts when the alert email uses a customer’s custom email template.

  • Resolved a problem in a customer’s enterprise where they were seeing computers in reported events that were missing policy names, and some alarm names reported as unknown, on the details pane for an event.

  • Resolved an issue where a customer found that a filter to exclude certain events by Policy Name unexpectedly excluded events that did not involve rule violations.

  • Resolved an issue where the columns in the tables on the Incident Details workspace displayed a sort indicator arrow where sorting is not supported.

August 2023

Version: 4.4.0

August 26, 2023

Features

There are no new features in this release.

Enhancements

This is a maintenance release. It includes enhancements for stability, usability and performance.

Fixes

This release does not include any fixes for customer-reported problems.

June 2023

Version: 4.3.0

June 6, 2023

Enhancements

  • Enhanced the implementation of the Investigation Workspace to make using it smoother, more responsive and faster to generate or update

  • Reduced the time it takes to display the workspace on initial load and improvedresponsiveness to user interactions

  • Enhanced the animations displayed during workspace updates

  • Improved the long-term stability of the workspace

Fixes

  • Resolved an issue where a customer’s ARC detection rules were not honoring the regex entries in the classification name field. Regex entries worked in other fields.