Log360 Cloud can now audit GPO changes, thereby enhancing security and visibility into the Active Directory infrastructure.
Released on 14 November 2023
New feature
Professional Edition: Exclusive edition to cater to custom log retention needs, starting at $1,995. With this edition you get:
Storage: Default 150GB
Search Retention: 90 days.
Storage Retention: Customizable by the user.
Standard Plan update: Standard Plan now starts at $995, with 150GB default storage.
Released on 07 November 2023
Enhancements
OU filter performance was enhanced.
Fixes
The error "Domain already exists" on adding two different domains of the same name has been fixed.
Search export button visibility issue has been fixed.
Time zone mismatch between the search page and my-accounts page has been fixed.
Default fields missing issue in Search Add/Remove feature has been fixed.
Non security group logs in security group reports issue has been fixed.
Released on 03 November 2023
New Features
Active Directory Reports:
Log360 Cloud now supports Active Directory reports, allowing users to view them on the comprehensive AD Overview dashboard.
The dashboard helps users gather vital insights about their Active Directory with predefined reports, allowing them to customize the reports, filter them based on domains and do much more.
Account settings now include Domain Controller information and Audit Policy configuration required for certain Active Directory reports.
Users can now sync Domain Groups and Domain Users.
Ticketing Tool Status:
Log360 Cloud now supports the following ticketing tools: Jira Service Desk Cloud and Freshservice Cloud.
Users can view the ticket details and the live status fetched from the configured ticketing tools in the Alerts page.
Fixes
Issues related to Domain Objects synchronization have been fixed.
Language update: Log360 Cloud now additionally supports Japanese and Simplified Chinese.
Audit logs from Dell, Forcepoint and Stormshield devices: Log360 Cloud now supports log collection and offers pre-defined reports from Dell, Forcepoint and Stormshield devices.
Enhancements
The release supports revamped reports for network devices.
Fixes
The release fixes few usability bugs, UI and log parsing issues.
A Bulk Refresh IP option has been added in the "Other devices" page in device configuration settings. This allows the other device users to bulk refresh their IPs.
The cloud account configuration, AWS fields and data source configuration have been revamped.
Enhancements have been made to cloud protection usability, alert, and correlation criteria matching.
Fixes
This release fixes the space issue in the "To address" tab in alert email notification.
The Meraki firmware upgrade which caused the parsing issue of Meraki logs has also been fixed.
Log360 Cloud MSSP is now available for managed security service providers. Learn more.
New features
New Cloud Protection dashboard tab has been added in Log360 Cloud Home
Cloud Protection tab can be now filtered with date-time range.
Enhancements
UI enhancements have been made in the Manage Gateway Server, CA Certificate page & Certificate Trust Store page
Enhancements have been made in Banned Applications and Sanctioned Applications
Remarks column is added in Add New Cloud Applications to Sanctioned List/Banned List with a popup to notify users about conflicting configurations.
Fixes
When PAC Proxy is chosen in Gateway Server configuration, an issue related to handling multiple choices is now fixed.
Troubleshoot
Troubleshoot link is now provided in Gateway Servers list page along with error status codes.
New Gateway Server error status codes for low disk space, sync failure, PAC proxy error are handled
Released on 18 April 2023
New Feature
Improved Incident Dashboard: An Incident Overview dashboard has been added to show the status of incidents and provide analysts with the insights to take better incident response measures.
Audit Logs from VMWare ESXi Device: Log360 Cloud now supports log collection from ESXi Devices. This allows you to audit login/logoff events, VM state changes, VMWares System Events and Server Events.
Support Access: Administrators and operators can now share data during debugging to provide optimal support. When enabled, they will be able to provide view or modify access to their app account data with the Log360 Cloud's support team for a specified time.
Storage Estimation: Users can now estimate the amount of storage they need to purchase based on their devices and events requirements.
Historic Log Collection: Administrators can now retrieve the past logs for a particular device based on the time range given by them.
Listener Ports: Syslog listener port handling has been moved from Manage Agents to Listener Ports to efficiently configure and manage the syslog ports.
Enhancements
Added end-to-end encryption for data in transit between the Log360Cloud server & its agents using industry standard AES-256 protocol.
Peer device verification force enabled in all agents
Inventory Synchronization: When Windows Devices are renamed in Active Directory, the updated names will be reflected in Log360 Cloud. When Windows Devices are deleted from Active Directory, they will be shown as decommissioned devices in Log360 Cloud.
Real-time log collection - Windows logs can now be collected in real time via agent-based log collection
Log collection filter - User can now add filters for log collection for Windows and Syslog Devices to exclude or collect the logs which are only required to save storage and network bandwidth
Enhancements
Password and username can be simultaneously updated for multiple devices.
The IP address can be updated by refreshing all devices or selected devices in Log360 Cloud.
Log360 cloud now supports Microsoft 365 auditing. Users can add multiple tenants to gain insights on usage, accesses, and modifications to spot anomalies and prevent breaches.
Enhancements
Log sources: when click action is implemented in event counts & last 10 events shown in Devices and Cloudsources table, log data will be displayed in drilldown popup.
Dashboard: Recent-alerts widget is introduced. Most of the dashboard widgets will have drilldown popup, which will show the underlying data of the widget report. You can export the data for further analysis.
Alerts and incidents: Clicking more details on correlation alerts ,will display correlation data in timeline view.
Device management settings: On clicking the last 10 events present in last message time column of devices, syslogs table , log data will be displayed in drilldown popup.
Sorting option has been added to the reports table on the reports page.
This release fixes ZVE-2022-2665 vulnerability which restricted guest users from performing Device Groups actions.
Fixes
This release fixes ZVE-2022-2671 vulnerability where the guest user can enable/disable compliance therefore committing privilege escalation, reported by Amit khandebharad.
Log360 Cloud now provides out-of-the-box compliance reports for the Protection of Personal Information Act (POPIA) and the California Privacy Rights Act (CPRA).
Log360 Cloud incorporates cloud access security broker (CASB) capability by providing a cloud protection server in networks to help organizations:
Monitor cloud application usage
Track data transfer to cloud
Monitor and control the use of shadow applications
Block high-risk cloud applications
New feature:
Monitor and audit AWS accounts: Log360 cloud now supports monitoring changes made to AWS accounts. It allows you to audit access to AWS S3 buckets and track Elastic Load Balancing (ELB) traffic.
Log360 Cloud now offers a Threat Management console to detect and track malicious content.
Log360 Cloud now provides Advanced Threat Analytics. You can now get crucial information on the severity of threats when potentially malicious URLs, domains, and IP addresses intrude into the network.
Log360 Cloud now helps you streamline security incident management.
Investigate and track security incidents.
Create incidents and assign technicians to investigate them.
Track the status, severity, and the progress made in the investigation of incidents.
You can now map triggered alerts, reports, and log search results as incidents and assign a technician to investigate them.
Log360 Cloud now provides notifications for important events in users' network via both email and SMS. It provides notifications for the following actions:
Access Key Regeneration
Account Termination
Agent Down
GDPR Enabled
Reload Historical Logs
Storage Threshold Reached
User Management
Log360 Cloud now provides the option to reload historical logs.
Service Packs