This month’s release includes a new integration module that enables security event information to be automatically fed to third party SIEM platforms such as Splunk which import standardized Syslog Common Event Format (CEF) data. This is particularly useful for SOC teams that want to include endpoint protection visibility to their event aggregation workflows.
You will find the new ‘Integration’ section at the end of your Workspace Settings page in MyEmsisoft. Add a new Integration and choose which events you want to receive. Then select the type ‘Syslog’, specify the hostname of your syslog compatible logging server and confirm the configuration. For additional information about setup, see the Help notes.
In addition, we have ramped up threat detection in the cloud. To date, our EDR platform can detect more than 500 different types of attack patterns as defined by the MITRE ATT&CK framework. And we’re not done yet!
NOTE: This update will require that systems be restarted.
All 2022.7 improvements in a nutshell
Device protection (desktop)
- Several minor tweaks and fixes.
Management console (web app)
- New Syslog integration feature.
- Improved in-the-cloud behavior detection (MITRE).
- Several minor tweaks and fixes.
How to obtain the new version
As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically during your regularly scheduled updates, which are hourly by default.
Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. This gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically.
Emsisoft Enterprise Security + EDR
Robust and proven endpoint security solution for organizations of all sizes. Start free trialHave a great and well-protected day!