October 5, 2022
© 2022 SOC Prime Inc.
All rights reserved. This product and documentation related are protected by copyright and distributed under licenses restricting their use, copying, distribution, and decompilation. No part of this product or documentation related may be reproduced in any form or by any means without the prior written authorization of SOC Prime. While every precaution has been taken in the preparation of this book, SOC Prime assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.
New Opportunity for Charity
Now, when ordering an On Demand plan you can add 10% to the plan's price to make a donation and stand up with Ukraine. Your contribution will help to defend Ukraine and save lives of Ukrainians.
Alternative Translation Search
We've improved the search for alternative translations. Now, when you use Lucene syntax to find translations based on a specific config (an alternative data schema used in your SIEM), all results are relevant to the query.
Custom Field Mapping in Jobs
We've improved the dynamic application of the Custom Field Mapping profiles depending on the environments the profiles are linked to. Now, if you have multiple Custom Field Mapping profiles created for the same log source but linked to different environments, a Job will apply only those profiles that are linked to the environment selected in that Job.
Splunk Environment Settings
We've removed the default index for search from the settings of a Splunk environment for hunt (web search). Now, if you'd like to set a default index, you can make it through a Custom Field Mapping profile.
UI Improvements
Upgrade Page
We've improved the design of the Upgrade page and updated it according to the new subscription plan model that will be released soon.
Professional Services Modal
We've redesigned the Professional Services modal to enhance the descriptions, add more details, and update the list of available services.
Content Availability Filter
We've removed the deprecated content statuses (Basic and Advanced) from the Content Availability filter in Advanced Search and Detection Engineering.
Accordingly, we've removed the options from the Threat Bounty Portal as well.
Terms of Service Modal
We've removed the modal shown to new users right after registration where they could read the Terms of Service and confirm they agree to the document.
Now, the users can open the Terms of Service and agree to it right on the Sign Up page.
Sorting in Techniques Filter
We've changed the order of sorting search results in the Techniques filter. Now, the results are sorted by ID rather than by name.
Cyber Threat Search Engine Improvements
We've improved the design and behavior of tooltips:
Made the tooltips stay on the screen longer so that the user has enough time to interact with them
Added scrolling where a tooltip contains long text
Uncoder.IO Improvements
We've polished the wording that is used on the uncoder.io page.
Platform Guides Update
We've updated our Platform Guides so they reflect the latest functionality.
Key Bug Fixes & Improvements
With this release, we’ve made the following key bug fixes and improvements to enhance the user experience with the SOC Prime Platform:
Resolved the issue on the Threat Bounty Portal where in some cases an incorrect Created date appeared for Sigma rules. Previously, when the Updated date of a content item was changed after adding a new translation platform, its Created date was changed as well.
Replaced the wrong icon for Search in Kibana on the Elastic Stack Query tab of a rule's Page.
Fixed the broken layout on the Sign Up and Log In pages.
Fixed a bug where the dropdown menu to select the search type was overlapped by suggested search results.
Fixed bugs on socprime.com:
Corrected the Log In and Sign Up buttons alignment in the mobile view. Previously, to see the Sign Up button the user had to scroll the screen.
Fixed collapsing menu items in the mobile view. Previously, the user could collapse a menu item only by expanding a different item.
Removed a redundant click for the user. Previously, to clear the search bar the user had to click on two X icons one after another.
Fixed a bug that appeared when creating a new environment. If the user entered an environment name that had already existed and then, after the validation error, replaced it with a unique name, the new environment was not added unless the page was refreshed.
Resolved the issue in GitHub environment setup that resulted in applying the Auto Merge and Auto Delete Branch parameters while both corresponding fields had No values.
Replaced Default with None in the Custom Field Mapping dropdown on a rule's page. The previous naming was misleading since no mapping was applied when this option was selected.
Fixed a bug in the Create New Custom Field Mapping Profile modal where after changing the platform not the whole page was blurred and the loading icon was not centered.
Fixed the layout and style bugs in some dropdowns in the environment setup modal.
Introduced an automated update of an environment when a linked Custom Field Mapping profile is updated. This ensures that the most recently updated Custom Field Mapping profile linked to the environment is always used in Quick Hunt and CCM.
Fixed a bug that resulted in an incorrect rendering of the confirmation modal that appears on the Inventory page of Continuous Content Management after deleting a content item both from the Inventory and the SIEM.
Resolved an issue where platforms that belong to the same group were not sorted properly in the Platform filter in Advanced Search and Detection Engineering.