Nebula has been enhanced with new features and improvements on November 29, 2018.
With this update, we’re continue to improve our cloud platform for greater scalability and detection efficiency. These features also provide simplified management of common, everyday tasks to save time, while also providing granularity needed for businesses with complex security requirements.
New Features
- Nebula now features new user experience improvements for the Exclusions page along with enhanced capabilities. This provides administrators with visibility into exclusion status and enables them to temporarily disable exclusions—saving the previous effort and time spent permanently deleting the exclusion for testing purposes.
- In a single view, administrators can see whether an exclusion is enabled, the name, the exclusion type, the admin user who last updated it, when it was updated, and the protection technology layers applied to that exclusion:
- Exclusions were globally applied across all of our layers of protection technology. Now, you can control which layers the exclusion will be applied to and visually see at a glance which layers have been affected via icons in the “Applied To” column on the Exclusions page. Additionally, you can add an optional comment or description for the exclusion:
- Added ability to automatically exclude commonly detected potentially unwanted modifications (PUMs). Nebula detects Windows registry changes caused by common Group Policy Objects as PUMs. Enabling this feature automatically excludes 18 registry keys (shown below). This ensures our protection capabilities do not interfere with common business applications or operating practices:
- Added an endpoint interface option that, when enabled, places shortcuts in the Start Menu and on the Windows desktop of the end-user’s computer. This empowers your users with additional methods to run Threat Scans on their Windows device:
- [For Endpoint Protection and Response only]: Added an aggressive detection mode policy option for Suspicious Activity. This setting is ideal for businesses with an extremely conservative security posture. We recommend administrators only enable this setting for their most sensitive endpoints:
Improvements
- [For Endpoint Protection and Response only] Customers with Syslog Logging enabled, Suspicious Activity detections will now be included in your syslog messages
- Changed our unmonitored email address from no-reply@cloud.malwarebytes.com to do_not_reply@cloud.malwarebytes.com to reduce the chance of cloud console emails being flagged as spam
- Fixed: [For Endpoint Protection and Response only] – When a Remediation action succeeds but Rollback action fails, the Suspicious Activity status is stuck and displays “Pending Remediation”
- Fixed: The Deployment and Discovery tool would throw a 504 error when importing Active Directory groups that contained a large number of endpoints
- Fixed: Some temporary files were being left behind after installation or endpoint agent updates
- Fixed: Customers with large number of endpoints were unable to sort by “Last Seen At” on the Manage Endpoints page
- Fixed: In some cases, when a reboot prompt is shown, the reboot timer sometimes reset with a 1-minute countdown
Our next Nebula update is scheduled for January 2019.