To allow your team to use their enterprise credentials, we've added SAML as an authentication method. In addition to using the default method of one-time links and Google OAuth 2.0, administrators can now choose to enable SAML in place of OAuth. Lacework SAML supports both service provider and identity provider SSO.
File Hash Links to VirusTotal
The FIM dossier now contains links to VirusTotal for malicious file hashes. In the Known Bad Files table, select the hash of interest.
On the file page, click the VirusTotal link.
To improve table loading times, pagination was added. Instead of attempting to load all records, only those that can be loaded in a reasonable amount of time are displayed. You can select additional pages to cycle through table data.
In the event summary, severity level is displayed differently. Instead of using numbers, “Critical”, “High”, “Medium”, “Low” or “Info” are used to maintain consistency with how severity is displayed in the dashboard and timeline.
International Character Set
Users who were unable to use their email address as 'username' because of our limited character set support can now do so.