New Features
HCP is a cybersecurity application framework that provides the ability to parse diverse security data feeds, enrich, triage, and store the data at scale, and detect cybersecurity anomalies. HCP 1.4.1 provides the following new features:
Support for Elasticsearch 5.6.2.
Elasticsearch 2.x is no longer supported.
Support for Kibana 5.6.2 including updated dashboards.
Support for Curator utility provided by Elasticsearch.
Data Pruner is no longer supported.
Alerts user interface
Displaying alerts
Searching alerts
Saving searches
Viewing your recent and saved searches
Configuring Alerts table
The ability to group alerts into meta-alerts
Adding comments
Alert status based workflow
Ability to escalate alerts to external ticketing systems
Significant performance improvement for parsing
M-pack based installation and configuration for Profiling
Performance improvement for Indexing
Additional geospatial and hash functions in Stellar
Short circuit evaluation and multi-line Stellar statements