While release notes provide a comprehensive view of our 8.7 release updates, here is a preview of our most exciting new features.
Insights for Log4Shell
Are you concerned about the recent Log4Shell vulnerability? Check out our forum and blog post to learn about our response!
Detection Catalog
We expanded our Detection Formats page into a Detection Catalog. You can still create custom detection formats through these settings, but now you can also view all built-in detections. Click any entry to navigate to more details.
Decryption-Enabled Detections
We can't find what we can't see! Decryption provides visibility into encrypted traffic where attacks are often hidden. Easily identify detections enabled by the secure decryption of your network traffic.
Threat Briefings
Threat briefings can now be archived and restored; briefings are automatically restored anytime information is added or updated by the system.
Plus, you can configure the system to email you when a threat briefing is published or an archived briefing is restored with an update.
Custom Models for Devices
Although the ExtraHop system automatically determines the model of a device, you can now manuallychange the device model.
This feature is also available through the REST API with the PATCH /devices/{id} operation.
Reveal(x) 360 Only
For our existing tenants, we'll be reaching out to you soon with details about your specific implementation, but consider this preview your first look at our upcoming improvements to authentication and user management.
Over the next few months, we'll reach out to schedule your migration from the ExtraHop Okta built-in identity provider to a native configuration that is more convenient and with an improved user experience. Instead of navigating to Okta, you will be able to manage users directly from the Reveal(x) 360 console.
We are committed to minimizing the hassle to you during this update. Here are the basics you need to know:
- For tenants configured with the built-in identity provider, we migrate these settings for you. All users will need to reset their password once.
- For tenants with a custom identity provider, we'll work with you to identify a good maintenance window for the migration. You'll need to update the entity ID with your identity provider before your users can log in again.
- All users configured for multi-factor authentication must reset their settings.
Look for emails from ExtraHop over the next few months for more details!
Administration and API
Firmware Downloads
The Firmware page in the Administration settings now shows you when an upgrade is available and enables you to download and upgrade the firmware directly from the system.
This feature is also available through the REST API with the POST /extrahop/firmware/download operation.
Visit our Customer Community for upgrade options and let us know if you have any questions!