Product Update 4.12.4.0 - December 12, 2023

The Mandiant Security Validation (MSV) team is pleased to announce version 4.12.4.0 of the MSV platform.

General Enhancements

• As of this release, Assessments is available as a full Public Preview. This means that the feature is available to all customers, but further refinement before full General Availability (GA) is forthcoming. See the Assessments documentation for more information.

Bug Fixes

• Fixed an issue where exported Jobs with ‘Job Action Report' checked did not contain detailed Job information
• Fixed an issue where the "Add Integration" dropdown was not fully visible on the screen
• Fixed an issue that was causing a "NoMethodError" for some Job notifications
• Fixed an issue that was causing a "RunUpgradeError" for Director upgrades
• Fixed an issue where users were unable to open VID details when reviewing reports
• Fixed an issue where users were unable to use Captive IOC Actions with a Proxy
• Fixed an issue where Protected Theater Actions A104-775 and A104-777 were stalling without any error
• Fixed an issue where users were unable to import into their Director a pre-generated public/private key pair
• Fixed an issue where if Palo Alto Cortex XDR Queries were removed and then saved, the Queries were not fully removed
• Fixed an issue where users were unable to correctly suppress integration events and "Show All Raw" of the suppressed local host events did not show all the details
• Fixed an issue where the McAfee banner was appearing instead of Trellix for Preview Integrations
• Fixed an issue where the the Can Talk to Network (CTTN) switch wasn't retaining its setting when selected in Scheduled Bulk Job configurations
• Fixed an issue where creating or applying a tag to a VID from the Job View appears to work, but tags were not applied or created
• Fixed an issue where the network map wasn't loading
• Fixed an issue where the TAAM module errored with no notification to user
• Fixed an issue where an integration log file was missing the word "Alerts."

Known Issues

• When changing an email profile for an Email Action, the Actors are updated in the dropdown but not used for that Action. As a workaround, reselect the desired Actors in the Actor dropdown.
• OVA Directors have the ability to update Preview Integrations. Non-OVA Directors will be able to update Preview integrations in a coming release.
• The Multisite Reporting feature and Preview Integrations service are not working properly with RHEL8 Directors. We are working to resolve this issue as soon as possible.
• Local Event Filtering works as expected but is limited to Match Action, Match Integration, and Match Events (when the latter involves Raw Events). If a rule has a Match Event condition for any field other than Raw Event, the rule does not apply to Local Events. It only applies to events from standard local integrations in MSV.

Appliance OS Security Update

The latest platform security update can always be found on the Validation Section of the Docs Portal. This security update applies to all versions of the product and is cumulative.

Important Installation Notes

Minimum Director version 4.10.0.0 or higher is required to upgrade to version 4.12.4.0.