What's New in 7.8.2
New Features Release 7.8.2
Notification Policy Frequency
Mac Agent Mass Deployment installation enhanced. If Agent becomes disconnected, installation still completes successfully. The Agent will continue trying to check connectivity and register against the server.
Other Features Release 7.8.x
Email Clients Monitoring & Visibility
- Provides visibility into a central exit and entry point of sensitive data by monitoring emails sent from your company's email client, files attached to emails, and attachments saved from emails.
- New Email Diary screen for viewing and filtering all email information in one screen.
- Monitor sensitive information arriving as email attachments from outside the organization and track what the employee does with the files.
- Provides visibility into file exfiltration via email, a popular method for file exfiltration.
- Full search and reporting capabilities.
- Easily distinguish between internal and external emails and set policies to treat accordingly.
- Granular and comprehensive email activity alerting.
- Maximum flexibility for customized monitoring by specifying event types, and defining filters for senders and recipients.
Ongoing Alerts Tuning
- New tuning button in the Alerts screen provides easy and fast access to Alert tuning options.
- Fine-tune alerts for more accurate detection and less noise from false positives in the future.
- Easily delete or change false positive status of already-triggered alerts.
Activity Replay for Windows:
- Flexible recording policy that lets you monitor user activity in a more granular way.
- Lets you work in metadata-only by default, and turn on/off screen capturing to record what happened before and after an alert.
- Maintains your employees' privacy while protecting against potential threats by recording only content you need.
- Reduces storage requirements so total cost of ownership (TOC) is improved.
- Lets you work in metadata-only and exclude selected applications and web sites from being recorded at all.
Endpoint Local Time Zone
- View time-related fields in both endpoint local time and server time.
- Lets you monitor the connection between users' activities across different time zone.
File Events Grouping
- In the File Activity view, file events for related transactions display as groups providing better visibility and usability for large amounts of information.
See: File Events Grouping
- To maintain employee privacy, captured text content of Paste activity is stored as encrypted.
New File Activity Monitor driver
- Next-Gen FAM driver provides further enhanced agent performance for File Activity Monitoring.
- Microsoft certified.
Insider Threat Management Library (ITL) Enhancements
- 5 new rules related to Email Monitoring added.
- 66 top (Windows and Mac) rules identified and are activated by default. All other rules are initially deactivated to lower the noise.
Enhanced Mac Capabilities
- New Mac Recording Policy type with Mac-related fields only. Smooth upgrade from previous recording policies that were linked to both Windows and Mac Agents.
- Mac Endpoint Group auto-created during installation or upgrade to version 7.8.
- Search by Mac OS type.
- System Policy setting Recapture only the window in focus has been added for Mac.
- Lets you set dedicated alert rules for Mac easily.
Mac Certification and Notarization
Additional support for monitoring activity on Mac
- Monitoring browsing activity within TOR Browser
- Monitoring browsing activity within Firefox Browser
One-Click Installation Modification
- To improve how you access the installation files, the ObserveIT.Installer.exe file is now located in the TypicalInstall folder which is created when you extract the setup files from the archive. In versions previous to 7.8.x, the the setup.exe file was located in the root directory.
- One-click both way easy navigation from File Diary to specific session and time in the Timeline View.
- Option to Alert on file size.
- File size information and filters added to File Diary.