We're pleased to announce the availability of Network Insight v6.4!
The following is information from the available PDF release notes for Network Insight v6.4. To view all release notes details and information, please download the full PDF document on this article.
The Network Insight v6.4 release notes contain information on:
• About the Core Network Insight 6.4 Release
• New Features and Enhancements
• Features in Detail
• Database Schema Changes
• Product Improvements
• Known Issues
• Available Hotfixes
• Installation/Upgrade Information
About the Core Network Insight 6.4 Release:
Core Network Insight 6.4 is the latest release in the Core Security product line. It includes enhancements like HAM (Host Account Mapping), which enables users to see which accounts are logging into which devices. For example, if user A’s device just became infected and is seen logging into other devices they have never logged into, it must be addressed. Additionally, this release adds exploit and vulnerability context, a threat-hunting search for domains and operators, and the ability to kick off a workflow in ServiceNow.
New Features and Enhancements:
Network Insight 6.4 includes these major features:
• HAM (Host Account Mapping) – Network Insight 6.4 includes HAM to give incident responders context around which users are logging into which devices. This combination of device behavior with user activity allows responders to quickly determine if an attacker is misusing credentials.
• Threat Hunting Search – Network Insight 6.4 includes a new threat hunting capability. Threat hunting allows searches for threat operators and different domain names to see if they exist in Core Labs database.
• Exploitable Vulnerability Context – Network Insight 6.4 includes the ability to add device vulnerability and exploitability context. A responder can search for infected or suspected devices that have common exploits or vulnerabilities across the entire organization to quickly see if an attacker is using an exploitable vulnerability to move laterally across your network.
• ServiceNow Ticketing Integration - Network Insight 6.4 now integrates with ServiceNow ITSM to kick off a workflow and take action. Responders can easily create a ticket from Network Insight manually based on infected or suspicious devices, or automatically based on user-defined criteria.
Core Network Insight 6.4 also includes these additional enhancements:
• Carbon Black integration and GUI improvements (Support for Carbon Black 6.x API and port)
• Upgrade pre-requisite “readiness” enhancements
• Improved IP to hostname resolution (HAM adds a 3rd and best method to resolve IP address to hostnames)
• Product reinstall option to keep or wipe ILO config
• Sensor to MC VPN performance improvements
• System messaging and disk usage performance improvements