What's new?
Notable new features, enhancements, and bug fixes.
The Anvilogic platform releases continuously. This list is periodically updated with the latest functionality and changes
Release 7.44
June 18, 2025
New Features & Enhancements
MITRE ATT&CK upgraded to v17
Bug Fixes
Issues related to Unified Detect and Search.
Release 7.43
June 12, 2025
New Features & Enhancements
Allowlisting now native to Anvilogic Platform
Not yet available customers with Splunk App
Unified Detect for Splunk v2
Search on Splunk without Waygate
Bug Fixes
Issues related to Search, Gold Normalization Macros, search and tuning insights.
Release 7.42
June 5, 2025
New Features & Enhancements
Private preview of Search and Build Agents, AI Workbench
Enhancements to threat scenario creation workflow
Enhancements to configuring rule validation including expiration settings
Bug Fixes
Issues related to Detect summary pages, Maturity score, Threat Priorities, Threat Identifiers, Threat scenarios, and Cases.
Release 7.41
May 29, 2025
New Features & Enhancements
Ability for the Copilot to analyze an SOI (threat scenario)
Bug Fixes
Issues related to bulk import, gold normalization and insights.
Release 7.40
May 22, 2025
New Features & Enhancements
Enhancements within Updates section of home page
Ability to see Groups within access control
Bug Fixes
Issues related to Gold normalization, Unified search and Integrations.
Release 7.39
May 15, 2025
New Features & Enhancements
General availability of Unified Detect for Databricks
Support for Databricks on GCP
Revised processing of Insights and Copilot EOI analyzer
Bug Fixes
Issues related to Maturity score, home page, docs and threat scenarios
Release 7.38
May 08, 2025
New Features & Enhancements
Enhanced EOI drilldown to use unified search across all supported data respositories (excluding Splunk), improving access and consistency across key pages.
Robust data ingestion support for Google SCC Alerts
Bug Fixes
Issues related to threat scenario creation/modification
Release 7.37
May 01, 2025
New Features & Enhancements
TI Recommendations - Enhance the recommendation engine to include trending topics and Insights
Bug Fixes
Groups attributes fetching require changes for Microsoft Azure SSO
Import Rules - Bulk import functionality is not working
Release 7.36.0.2
April 30, 2025
Bug Fixes
Unable to edit macros
Release 7.36
April 24, 2025
New Features & Enhancements
Extract SAML Attribute Names from SAML Response XML (Case-Insensitive)
Raise a Health Insight when all the required fields are not mapped for a feed normalization macro
Allow ability to add Victim Platform when importing rules
Auditing capabilities for Search and UD queries
Bug Fixes
Issues related to threat scenarios
Release 7.35
April 17, 2025
New Features & Enhancements
Enable Productivity Score Metrics - Alerts, Triage Dwell Time, Triage Percentage and Alert to Analyst ratio across all data repositories
Raise a Health Insight when there is significant volume drop in EOIs within Databricks
Monte Copilot can now invoke EOI Analyzer
Bug Fixes
Issues related to macros and unified search
Release 7.34
April 10, 2025
New Features & Enhancements
Support Unified Detect for Databricks running on Azure
Bug Fixes
Issues related to threat scenarios and Azure integration
Release 7.33
March 27, 2025
This release includes the following features and enhancements:
Data Onboarding
You can now ingest any log data from AWS S3 buckets directly into Anvilogic, expanding data ingestion flexibility.
Introduced a macro-based approach for normalizing raw events from the Silver table to the Gold table.
Anvilogic will automatically create and manage Snowflake Tasks & Streams, abstracting pipeline complexities from the user.
Users can now request Monte Copilot to auto-generate SQL normalization logic for transforming raw data from Silver to Gold.
Copilot leverages table schemas, data repositories, and domains to generate Snowflake SQL, streamlining data standardization.
Copilot - EOI Analyzer
Users can now ask Copilot to analyze an Event of Interest (EOI) from a Threat Identifier, enabling seamless investigation.
Release 7.32
March 20, 2025
This release includes the following features and enhancements:
Introduces new health insights for issues related to the data integrations
Release 7.31
March 13, 2025
This release includes the following enhancements:
Threat identifiers created using Unified Detect now show the update (
) icon when there are rule updates available. Previously, update notifications were not available for threat identifiers created from Unified Detect.
Pipeline updates for the Crowdstrike EDR and Proofpoint vendor alerts, as well as push alerts.
Release 7.30.2
March 6, 2025
This maintenance release includes various bug fixes.
Release 7.30.1
February 27, 2025
This maintenance release includes various bug fixes.
Release 7.30
February 20, 2025
This release provides support for integrating Databricks on AWS as a Beta feature for all customers.
Release 7.29.1
February 13, 2025
This maintenance release includes the following enhancements:
If you don't have Splunk configured, EOI drilldown links won't be active anymore.
Updates to the algorithm for recommending rules in the Armory.
Bug fixes in the Azure and Databricks integrations.
Release 7.29
February 6, 2025
This release includes enhancement to the Databricks integration to include creating a group, and adding the service principal to the group, along with a variety of bug fixes.
Release 7.28
January 30, 2025
This release includes the following enhancements:
Enhancements to the Azure UD integration.
Bug fixes and enhancements to the Databricks integration.
Enhancements to some tuning recommendations. including priority tuning for some threat identifiers.
Release 7.27
January 23, 2025
This release enables you to configure rule enrichment macros used to customize the Enrich component in the Unified Detect builder.
Release 7.26
January 16, 2025
This release includes the refactored workflow for creating threat identifiers. The new workflow integrates the Unified Detect rule builder for various data repositories.
Release 7.25
January 9, 2025
This release enables you to quickly identify macros with available updates from the home page, list of macros, and macro details.
Release 7.24
December 19, 2024
This release includes the following new features and enhancements:
Deobfuscator tool for Monte Copilot.
Updated Monte Copilot API endpoints to provide entity analysis in your investigations.
Release 7.23
December 12, 2024
This release includes various bug fixes and enhancements related to data onboarding.
Release 7.22.1
November 21, 2024
This release includes various bug fixes.
Release 7.22.0
November 14, 2024
This release includes a new hunting insight for unusual IP location.
Release 7.21.0
November 7, 2024
This release introduces the following enhancements:
Enhancements to Azure UD data feeds, ability to configure the ADX cluster size, and including Azure as a data logging platform in the first-time onboarding.
Enhancements to SSO SAML configuration:
Prevent password change and reset
Invitations are no longer sent to new users for SAML enabled accounts
SAML Group Mapping enable accounts will reflect the corresponding roles in Anvilogic, and the roles are also included in audit events.
Google Cloud Platform (GCP) logs Snowflake integration.
Previously, you can only view diffs for rules imported from the Armory. This release expands this capability so that you can view diffs for custom imported rules.
Release 7.20
October 24, 2024
This release introduces a new Snowflake integration to onboard the data in your Amazon S3 buckets and generate detections on that data.
Release 7.19
October 17, 2024
An architectural adjustment to have threat scenarios are run directly on the Anvilogic platform, rather than being deployed on your Snowflake environment. This change simplifies the management of threat scenarios, reducing the overhead involved in maintaining custom code for multiple data repositories. This adjustment also ensures minimal delays or data loss when gathering EOIs from various log repositories, leading to more effective threat detection.
Release 7.18
September 26, 2024
This release introduces the following feature enhancements:
The threat scenario deployment workflow is updated so that threat scenarios are first added to the Workspace before they are deployed.
The Search and Unified Detect page is enhanced to support search across Azure data feeds and macros on the Anvilogic platform.
Release 7.17
September 19, 2024
This release introduces Azure as a supported data logging platform.
Release 7.15
August 22, 2024
This release includes the following enhancements:
The integrations workflow to get data sources into Snowflake is enhanced to provide self-managed pipeline options the UI when available.
The QnA tool in Monte Copilot is enriched with information from the Anvilogic Armory so that it can now pull information about threat identifiers and threat scenarios, in addition to its existing capability of pulling data from Google searches and Anvilogic Forge Threat Reports.
Release 7.14
August 8, 2024
This release makes Monte Copilot generally available under a licensing model.
This release also addresses a variety of bug fixes, including the following:
The ability for users to validate a rule via API.
The ability to sync feeds when onboarding task is incomplete and is pending on data feeds sync from Snowflake.
Release 7.13
July 29, 2024
This release includes the following enhancements:
MonteAI Copilot is enhanced with additional tools such as IoC to check if an URL or IP address is an indicator of compromise (IoC), and AnvilogicAllowlistProcessRegexGenerator to help you generate regex patterns for allowlisting benign processes.
The UI libraries are updated to provide an enhanced experience. In some cases, you may notice a slight difference in the look and feel of the page or component.
Release 7.12
July 11, 2024
This release includes the following new features and enhancements:
On-demand sync for data feeds.
Additional event types are supported for the Lacework vendor alert integration.
The existing Snowflake Custom Data integration for Anvilogic-managed pipelines is replaced by separate Cribl Stream and Forward Events integrations.
Release 7.11
June 27, 2024
This release provides the ability to create and manage your own techniques and sub-techniques outside of the MITRE ATT&CK framework.
Release 7.10
June 13, 2024
The Threat Priorities page is updated so that when you are viewing your prioritized threat techniques, the default view is now a list of prioritized techniques. Previously, you saw a matrix view of your prioritized techniques by default. You can click List View or Matrix View to switch between the views.
Release 7.9
May 30, 2024
This release includes the following features and enhancements:
Ability to auto accept tuning insights.
Upgrade to version 15.1 of the MITRE ATT&CK framework. This upgrade introduces additional data categories for alerts on the Anvilogic platform.
Release 7.8
May 16, 2024
This release includes enhancements to the alert ingestion pipeline with machine learning-based enrichments and improved performance.
Release 7.7.1
May 9, 2024
This maintenance release provides support for Microsoft Security Alerts and Incidents vendor alert integration.
Release 7.7
May 2, 2024
This release includes the following features and enhancements:
(Beta) MonteAI Copilot, your SOC assistant trained by the common personas within the SOC to help assist any person within the SOC. MonteAI Copilot has access to the commonly used tools and data sets that enable these personas to perform their day-to-day activities.
(Beta) Auto Investigate automatically populates the Hypothesis and Resolution in hunting insights generated after May 2, 2024 to help you perform more efficient investigations.
The CrowdStrike FDR integration for self-managed pipelines is enhances to support additional data types.
Release 7.6
April 18, 2024
This release includes a variety of bug fixes, and the addition of the edit_hunting_insight_automation privileges to the Content Developer role.
Release 7.5
April 4, 2024
This release provides Google Workspace Snowflake integration to get your admin, drive, and login events into Snowflake to generate detections on the Anvilogic platform.
Release 7.4
March 21, 2024
This release introduces the beta version of the ability to create native Snowflake threat scenarios.
Release 7.3
March 7, 2024
This is a maintenance release to address performance issues and includes several bug fixes.
Release 7.2
February 22, 2024
This release includes back-end enhancements in the Unified Search area, along with a variety of bug fixes.
Release 7.1
February 8, 2024
This release provides the following new features and enhancements:
A redesigned investigation experience, featuring a new timeline that makes it easier to pivot from the timeline and add EOIs and notes to the timeline.
The EOI Summary dashboard is moved under the Detect in the navigation bar.
Saved investigation are called cases, which can be managed and shared by your team of analysts.
The workflow for deploying trending topics and detection packs is updated to align with the threat scenario deployment workflow, where macro verification happens at the end of the workflow instead of at the beginning.
Release 7.0.1
February 1, 2024
Introducing Ask MonteAI, enabling you to interact with the product documentation using MonteAI from any page on the Anvilogic platform.
Release 7.0
January 25, 2024
This release provides the ability to create and manage your own platforms outside of the MITRE ATT&CK framework.
Last updated
Was this helpful?