So, what's new in CyberEasy?
Basically, everything! Our extensive team of experts has been working hard to provide you with a renewed experience from the visual aspect and powerful new functions to detect new and more threats. There are 15 new features.
Exciting, isn't it? Here’s the low-down:
New look and feel.
The user interface has been redesigned and modernized, making it even more user-friendly. After all, this is meant to be as easy as CyberEasy! It not only allows you to see and handle incidents more efficiently but also helps you not to get bombarded with overwhelming and useless data.
Detection of malicious PowerShell events.
You might wonder, why detecting PowerShell events is relevant? PowerShell is a useful and powerful tool from Microsoft, consisting of a command-line shell and associated scripting language, which allows Sys-admins to perform several tasks. However, as almost every tool in life, you can use it either for good or for evil. It's not different for PowerShell; you might have heard about PowerShell attacks. It is nothing more than PowerShell being misused. Which could allow an attacker to download malware, steal credentials, or move laterally. It is known as “Living off the Land” attacks or often known as “fileless” attacks.
Now CyberEasy can detect malicious PowerShell activity such as commands, scripts, or abnormal launching of the same. Something that an antivirus can't, since many antivirus systems work based on signatures, and these attacks don't have a signature since they have no file. Here is where the AI kicks and analyses behaviors, at the same time reducing false positives like from a Sys-admin just doing regular work and an adversary trying to compromise your network.
Hosts visibility and alert.
Knowing abnormal behaviors, like times of connection, can give you clarity on other significant threats. It can give you an insight about insider threats, also like the Wake-on-Lan which is a feature that can power on computers or servers remotely. This feature can be misused to power on devices and from there steal information.
Having this alerting on CyberEasy allows you to have better visibility over devices, whether they are online or offline. Also, if critical devices lose connectivity, our tool can easily alert you about the disconnection of the device.
Immediate Errors Detection.
Our new agent has built-in error management, which helps our developers to know whether there was an error during the installation process—allowing us to see the root cause of the issue and fix it as soon as possible without the need to open a support ticket.
Manage the installation process.
This new feature is handy when you are deploying the new agent in your organization. It gives you the total visibility on all devices, whether they have it already installed or not, or only downloaded or neither of both, making the deployment process of the new CyberEasy v2.0 very easy.
We are pleased to announce that we have support for four different languages, English, Irish, Spanish, and French. Now you can set it in your preferred language for more convenient use. If your preferred language is not here, don't worry, we are working on it 😉. Our next update will provide other languages like Portuguese, German, Mandarin, Russian and Ukrainian.
Increase of data sources with the possibility of customization.
The new agent comes with a lot of new features by itself. One of them is the possibility to fetch logs from several data sources inside your device, providing us a better understanding of the background things that might or might not be happening in your device, concentrating logs in our tool. It also makes your job easier without the need to have multiple consoles to manage. If you need to get logs from a specific path, give us a shout, and we will customize it for you.
Access to Host reporting details.
Our new web portal has unique functions to play around with, which are quite helpful. Now super-users can access host details, like last time seen connected, which OS and versions have successfully installed the agent, whether alerts are pending to be reviewed for a given device, the number of events and size generated, and much more.
The new portal comes with interactive icons and visualizations, where you can click on them, and it will filter for what you want instantly. For instance, now you can click on the 'Alerts' icon, and it will show you all the alerts, if any.
Inbound and Outbound GEO IP.
Our geolocation of IPs used to work only for outbound connections. Now you can see geo information about inbound connections as well. It is quite handy as can give you visibility of connections to your device if you see an unrecognized connection you can act quickly and spot anomalies easily.
Increased detection of malware types.
Excited to announce our new integration of several threat intelligence feeds from where we correlate information on known threats. It gives you more verbosity when it comes to managing an alert.
Alerts management system.
Speaking of managing alerts. YES! We have integrated alert managing inside the portal. It is super helpful when dealing with multiple alerts. Now you can mark an alert as checked, as false positive or leave it pending for further review without the need to see if that alert was already handled.
Probably the handiest function you can encounter in this new version. Now you don't need to know all the queries you need to make in the search bar. Our new portal comes with a new function that contains all the most used filters to drill down through events and alerts.
You asked, we listened. Our new Linux agent version has been released for the Enterprise plan. A lot of servers use Unix-like Operating Systems. We are pleased to announce we can now protect them with CyberEasy.
Exportation of data in XLS (Excel) format.
To make your life even easier, plenty of the information and any table can now be downloaded as an XLSX file containing the data you need.