What's New

What's New in 7.8

• Email Clients Monitoring & Visibility

  • Provides visibility into a central exit and entry point of sensitive data by monitoring emails sent from your company's email client, files attached to emails, and attachments saved from emails.
  • New Email Diary screen for viewing and filtering all email information in one screen.
  • Monitor sensitive information arriving as email attachments from outside the organization and track what the employee does with the files.
  • Provides visibility into file exfiltration via email, a popular method for file exfiltration.
  • Full search and reporting capabilities.
  • Easily distinguish between internal and external emails and set policies to treat accordingly.
  • Granular and comprehensive email activity alerting.
  • Maximum flexibility for customized monitoring by specifying event types, and defining filters for senders and recipients.

  See: Email Clients Monitoring and Visibility

• Ongoing Alerts Tuning

  • New tuning button in the Alerts screen provides easy and fast access to Alert tuning options.
  • Fine-tune alerts for more accurate detection and less noise from false positives in the future.
  • Easily delete or change false positive status of already-triggered alerts.

  See: Ongoing Alerts Tuning

• Activity Replay for Windows: 

  • Flexible recording policy that lets you monitor user activity in a more granular way.
  • Lets you work in metadata-only by default, and turn on/off screen capturing to record what happened before and after an alert.
  • Maintains your employees' privacy while protecting against potential threats by recording only content you need.
  • Reduces storage requirements so total cost of ownership (TOC) is improved.
  • Lets you work in metadata-only and exclude selected applications and web sites from being recorded at all.

  See: Activity Replay option in Application Recording Policy

• Endpoint Local Time Zone 

  • View time-related fields in both endpoint local time and server time.
  • Lets you monitor the connection between users' activities across different time zone.

    See: Showing Agent Time

• File Events Grouping 

  • In the File Activity view, file events for related transactions display as groups providing better visibility and usability for large amounts of information.

    See: File Events Grouping

• Paste Encryption

  • To maintain employee privacy, captured text content of Paste activity is stored as encrypted.

• New File Activity Monitor driver

  • Next-Gen FAM driver provides further enhanced agent performance for File Activity Monitoring.
  • Microsoft certified.

• Insider Threat Management Library (ITL) Enhancements

  • 5 new rules related to Email Monitoring added.
  • 66 top (Windows and Mac) rules identified and are activated by default. All other rules are initially deactivated to lower the noise. (Updated documentation available for GA.)

• Enhanced Mac Capabilities

  • New Mac Recording Policy type with Mac-related fields only. Smooth upgrade from previous recording policies that were linked to both Windows and Mac Agents.
  • Mac Endpoint Group auto-created during installation or upgrade to version 7.8.
  • Search by Mac OS type.
  • System Policy setting Recapture only the window in focus has been added for Mac.
  • Lets you set dedicated alert rules for Mac easily.

• Mac Certification and Notarization

  • ObserveIT received notarization status from Apple from Mojave 10.14.5.
  • From version 7.8, Mac certification is for a period of 5 years. Previously re-certification was required every year. Click Mac Certification Upgrade to update certification.

• Additional support for monitoring activity on Mac

  • Monitoring browsing activity within TOR Browser
  • Monitoring browsing activity within Firefox Browser

• More features

  • One-click both way easy navigation from File Diary to specific session and time in the Timeline View.
  • Option to Alert on file size.
  • File size information and filters added to File Diary.