– Join rules: simple sequences of events can be defined to identify specific situations (e.g. a user session) ( LM > Configuration > Join Rules ).
– Multiclass analysis: a new complex widget, similar to Pattern analysis, is available.
– Packages: starting from this version, specific sets of patterns, dashboards, rules and reports will be periodically available ( SCM > Applications ).
– UBA updates: User Behavior Analytics can now be extended to show the assets and the networks involved.
– UBA extension: Behavior Analytics can now be extended to all the events which have a score assigned, and not only to user-related events.
– NVS: it is now possible to upload a XML report obtained from an external scan, to import results into SGBox.
– API: an API is available to directly obtain a specific encrypted log file,
– CLI: command line interface has been improved with new system functionalities.
– Minor fixes.
SGBox appliance need web access to www.sgbox.it and Ubuntu repositories ( it.archive.ubuntu.com and security.ubuntu.com ) to complete the upgrade.
To upgrade SGBox, access to SGBox web interface:
SGBOX > SCM > Applications
Click on install