What's new?

The Anvilogic platform releases continuously. This list is periodically updated with the latest functionality and changes

Release 7.31

March 13, 2025

This release includes the following enhancements:

• Threat identifiers created using Unified Detect now show the update () icon when there are rule updates available. Previously, update notifications were not available for threat identifiers created from Unified Detect.

• Pipeline updates for the Crowdstrike EDR and Proofpoint vendor alerts, as well as push alerts.

Release 7.30.2

March 6, 2025

This maintenance release includes various bug fixes.

Release 7.30.1

February 27, 2025

This maintenance release includes various bug fixes.

Release 7.30

February 20, 2025

This release provides support for integrating Databricks on AWS as a Beta feature for all customers.

Release 7.29.1

February 13, 2025

This maintenance release includes the following enhancements:

• If you don't have Splunk configured, EOI drilldown links won't be active anymore.

• Updates to the algorithm for recommending rules in the Armory.

• Bug fixes in the Azure and Databricks integrations.

Release 7.29

February 6, 2025

This release includes enhancement to the Databricks integration to include creating a group, and adding the service principal to the group, along with a variety of bug fixes.

Release 7.28

January 30, 2025

This release includes the following enhancements:

• Enhancements to the Azure UD integration.

• Bug fixes and enhancements to the Databricks integration.

• Enhancements to some tuning recommendations. including priority tuning for some threat identifiers.

Release 7.27

January 23, 2025

This release enables you to configure rule enrichment macros used to customize the Enrich component in the Unified Detect builder.

Release 7.26

January 16, 2025

This release includes the refactored workflow for creating threat identifiers. The new workflow integrates the Unified Detect rule builder for various data repositories.

Release 7.25

January 9, 2025

This release enables you to quickly identify macros with available updates from the home page, list of macros, and macro details.

Release 7.24

December 19, 2024

This release includes the following new features and enhancements:

• Deobfuscator tool for Monte Copilot.

• Updated Monte Copilot API endpoints to provide entity analysis in your investigations.

Release 7.23

December 12, 2024

This release includes various bug fixes and enhancements related to data onboarding.

Release 7.22.1

November 21, 2024

This release includes various bug fixes.

Release 7.22.0

November 14, 2024

This release includes a new hunting insight for unusual IP location.

Release 7.21.0

November 7, 2024

This release introduces the following enhancements:

• Enhancements to Azure UD data feeds, ability to configure the ADX cluster size, and including Azure as a data logging platform in the first-time onboarding.

• Enhancements to SSO SAML configuration:

  • Prevent password change and reset

  • Invitations are no longer sent to new users for SAML enabled accounts

  • SAML Group Mapping enable accounts will reflect the corresponding roles in Anvilogic, and the roles are also included in audit events.

• Google Cloud Platform (GCP) logs Snowflake integration.

• Previously, you can only view diffs for rules imported from the Armory. This release expands this capability so that you can view diffs for custom imported rules.

Release 7.20

October 24, 2024

This release introduces a new Snowflake integration to onboard the data in your Amazon S3 buckets and generate detections on that data.

Release 7.19

October 17, 2024

An architectural adjustment to have threat scenarios are run directly on the Anvilogic platform, rather than being deployed on your Snowflake environment. This change simplifies the management of threat scenarios, reducing the overhead involved in maintaining custom code for multiple data repositories. This adjustment also ensures minimal delays or data loss when gathering EOIs from various log repositories, leading to more effective threat detection.

Release 7.18

September 26, 2024

This release introduces the following feature enhancements:

• The threat scenario deployment workflow is updated so that threat scenarios are first added to the Workspace before they are deployed.

• The Search and Unified Detect page is enhanced to support search across Azure data feeds and macros on the Anvilogic platform.

Release 7.17

September 19, 2024

This release introduces Azure as a supported data logging platform.

Release 7.15

August 22, 2024

This release includes the following enhancements:

• The integrations workflow to get data sources into Snowflake is enhanced to provide self-managed pipeline options the UI when available.

• The QnA tool in Monte Copilot is enriched with information from the Anvilogic Armory so that it can now pull information about threat identifiers and threat scenarios, in addition to its existing capability of pulling data from Google searches and Anvilogic Forge Threat Reports.

Release 7.14

August 8, 2024

This release makes Monte Copilot generally available under a licensing model.

This release also addresses a variety of bug fixes, including the following:

• The ability for users to validate a rule via API.

• The ability to sync feeds when onboarding task is incomplete and is pending on data feeds sync from Snowflake.

Release 7.13

July 29, 2024

This release includes the following enhancements:

• MonteAI Copilot is enhanced with additional tools such as IoC to check if an URL or IP address is an indicator of compromise (IoC), and AnvilogicAllowlistProcessRegexGenerator to help you generate regex patterns for allowlisting benign processes.

• The UI libraries are updated to provide an enhanced experience. In some cases, you may notice a slight difference in the look and feel of the page or component.

Release 7.12

July 11, 2024

This release includes the following new features and enhancements:

• On-demand sync for data feeds.

• Additional event types are supported for the Lacework vendor alert integration.

• The existing Snowflake Custom Data integration for Anvilogic-managed pipelines is replaced by separate Cribl Stream and Forward Events integrations.

Release 7.11

June 27, 2024

This release provides the ability to create and manage your own techniques and sub-techniques outside of the MITRE ATT&CK framework.

Release 7.10

June 13, 2024

The Threat Priorities page is updated so that when you are viewing your prioritized threat techniques, the default view is now a list of prioritized techniques. Previously, you saw a matrix view of your prioritized techniques by default. You can click List View or Matrix View to switch between the views.

Release 7.9

May 30, 2024

This release includes the following features and enhancements:

• Ability to auto accept tuning insights.

• Upgrade to version 15.1 of the MITRE ATT&CK framework. This upgrade introduces additional data categories for alerts on the Anvilogic platform.

Release 7.8

May 16, 2024

This release includes enhancements to the alert ingestion pipeline with machine learning-based enrichments and improved performance.

Release 7.7.1

May 9, 2024

This maintenance release provides support for Microsoft Security Alerts and Incidents vendor alert integration.

Release 7.7

May 2, 2024

This release includes the following features and enhancements:

• (Beta) MonteAI Copilot, your SOC assistant trained by the common personas within the SOC to help assist any person within the SOC. MonteAI Copilot has access to the commonly used tools and data sets that enable these personas to perform their day-to-day activities.

• (Beta) Auto Investigate automatically populates the Hypothesis and Resolution in hunting insights generated after May 2, 2024 to help you perform more efficient investigations.

• The CrowdStrike FDR integration for self-managed pipelines is enhances to support additional data types.

Release 7.6

April 18, 2024

This release includes a variety of bug fixes, and the addition of the edit_hunting_insight_automation privileges to the Content Developer role.

Release 7.5

April 4, 2024

This release provides Google Workspace Snowflake integration to get your admin, drive, and login events into Snowflake to generate detections on the Anvilogic platform.

Release 7.4

March 21, 2024

This release introduces the beta version of the ability to create native Snowflake threat scenarios.

Release 7.3

March 7, 2024

This is a maintenance release to address performance issues and includes several bug fixes.

Release 7.2

February 22, 2024

This release includes back-end enhancements in the Unified Search area, along with a variety of bug fixes.

Release 7.1

February 8, 2024

This release provides the following new features and enhancements:

• A redesigned investigation experience, featuring a new timeline that makes it easier to pivot from the timeline and add EOIs and notes to the timeline.

  • The EOI Summary dashboard is moved under the Detect in the navigation bar.

  • Saved investigation are called cases, which can be managed and shared by your team of analysts.

• The workflow for deploying trending topics and detection packs is updated to align with the threat scenario deployment workflow, where macro verification happens at the end of the workflow instead of at the beginning.

Release 7.0.1

February 1, 2024

Introducing Ask MonteAI, enabling you to interact with the product documentation using MonteAI from any page on the Anvilogic platform.

Release 7.0

January 25, 2024

This release provides the ability to create and manage your own platforms outside of the MITRE ATT&CK framework.