We are excited to introduce you to the software release version 8.0.2 (V8)!
What’s so special about V8?
Our goal is to provide a powerful insider threat detection and response tool. In doing so, we put an emphasis on three pillars:
- Visibility - as detailed, granular, and comprehensive as can be.
- Automation - machine learning- and policy-based detection and response, and incident-based user training.
- Ease of use - clear UX to augment operators.
In the life of a startup, there are different phases. Jazz became generally available in September 2018, and during the time since launch, while we continued to innovate, we received a lot of valuable customer feedback. Some of it came from happy customers who wanted “more of that Jazz” and some from prospects that explained what they would like to see in the product.
What makes V8 different from previous releases is that V8 is solely dedicated to acting on customer feedback!
We focused V8 on ease of deployment, ease of use, and reporting.
Ease of deployment
When we launched Jazz, the Agent was deployed using individually signed enrollment bundles that were numbered and had a set expiry date. While this method is indeed secure, we wanted to make it easier for mass deployments.
Jazz Agent enrollment code
Save deployment time by enrolling the Jazz Agent with a code. This new alternative to the enrollment bundle authenticates the Jazz Agent on devices and enables communication with the Jazz Infrastructure. Enrollment codes are compatible with the soon-to-be-released Jazz Agent version 6.0.1.
Jazz Agent enrollment token extension
With V8, you can see and extend the expiry and maximum number of uses for an enrollment bundle and code to avoid the hassle of expired and invalid enrollment bundles and codes.
As part of this new functionality, the solution issues a token when an enrollment bundle and code are generated. To ease administration, the Jazz Web UI alerts you when a bundle and code is nearing expiry, so you can update the associated token if needed.
Ease of use
Our policy engine is designed to allow maximum customization of policy templates. As we now have hundreds of policy templates (and counting), we decided to simplify the process for customers.
V8 delivers 70+ policy templates that work without configuration, covering the following areas:
- Cyber hygiene: Contains policies that detect activities that may unintentionally put employees or your organization at risk, such as connecting to insecure and open Wi-Fi networks and downloading potentially dangerous files.
- Insider risk: Contains policies that detect potentially unauthorized or unapproved activities within your organization, intentional or unintentional, through unusual logins and use of unauthorized tools.
- Data tracking: Contains policies that detect movement of files on and across systems, such as file copying and printing.
- Attack indicators: Contains policies that detect attempts of infiltration and/or compromise by malicious actors, such as Windows RDP BlueKeep, Pass-the-Hash, Microsoft Active Directory reconnaissance, and keystroke injection attacks.
Policy group exporting and importing
Our partners are delivering great value to our customers by wrapping services around the Jazz solution. MSSPs at times configure policies at mass and asked us for a way to replicate policy groups across their various customers. With V8, you can enable policies with ease using policy exporting and importing capabilities.
Some of our customers deploy Jazz in their SOC, having their security team operate the solution. Others use MSSPs, which use Jazz to deliver security and provide insights on their environment. Most of our customers buy our Cybersecurity Analyst Services to have a team of specialists hunt for threats, compromises, and bad behaviors.
Policy violation reporting
With V8, you can understand and transform your security posture with interactive policy violation reporting. From the new policy reports page, you can see which policies are breached the most across your organization and by whom.
The policy reports page lets you view high- and low-level policy sensor data, so you can assess the effectiveness of your existing security controls and identify areas for improvement. You can export reports to CSV.
I’m very proud of our development team and what we achieved in V8, and I am looking forward to great innovation in the coming versions!