Security Onion 2.4 includes lots of new features! SOC Cases now supports dynamic observable extraction! For example, we escalated this alert to a case:
Going to Cases and then the Events tab, we see the escalated alert:
Going to the Observables tab, we see that the IP addresses were automatically extracted as observables:
You can read more about Cases and Observables in our documentation:
https://docs.securityonion.net/en/2.4/cases.html
More Security Onion 2.4 Features
To see other Security Onion 2.4 features, please see our other Feature o' the Day blog posts:
https://blog.securityonion.net/search/label/feature%20o%27%20the%20day
You can also check out our Release Notes:
https://docs.securityonion.net/en/2.4/release-notes.html
Migrating from 2.3 to 2.4
If you're still running Security Onion 2.3, please note that it reaches End Of Life on April 6, 2024:
If you would like to migrate your data from 2.3 to 2.4, you can find an overview of the process at:
No comments:
Post a Comment