IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
8.13
edit8.13
edit8.13.4
editBug fixes
editThere are no user-facing changes in 8.13.4.
8.13.3
editEnhancements
edit- Ensures that Elastic Defend can’t be installed on versions earlier than Windows 10 or Server 2016.
Bug fixes
edit- Fixes a bug that caused a warning to display after you added any type of exception to a rule (#180800).
-
Fixes a bug with the
is one of
Timeline filter that generated incorrect Query Domain Specific Language (DSL) queries (#180455). - Fixes the loading page layout on the Intelligence page. Also improves the Indicators table loading speed after you set up a threat intelligence integration (#178701).
- Fixes a bug that stopped indicator filters from working correctly on the Intelligence page (#179607).
8.13.2
editBug fixes
edit8.13.1
editBug fixes
edit8.13.0
editFeatures
edit-
Allows you to define an entity’s (such as a host’s or user’s)
Asset criticality
, which can affect risk scores (#176815, #176294, #172417, #176056). - Allows information on the Data Quality dashboard to now persist in Elastic Security rather than disappearing after each session (#175673, #173185).
- Adds field-by-field diffs to the rules upgrade flyout so you can see what’s changed between versions (#174564).
- Adds alert suppression to the Indicator Match rule type (#174241).
-
You can add Elastic Defend’s
kill-process
orsuspend-process
response actions to detection rules to automatically terminate or suspend a process on an affected host (#161645). - Allows you to isolate and release a SentinelOne-protected host from detection alerts and the response console, and view third-party actions in the response actions history log (#173927, #175810).
- Allows you to enable and disable cloud security Benchmark rules (#174575).
Enhancements
edit- Enables advanced sorting and customization options for the Findings page’s Vulnerabilities table (#174413).
- Adds the ability to analyze an event within a specific time range and data view (#176364).
- Enables the newly expanded host and user details flyouts, which allow you to view host or user details, risk data and inputs, and asset criticality (#175899).
- Improves the header layout in the alert details flyout so basic alert details are better organized (#175075).
- Adds inline actions and a search bar to the left panel in the event analyzer UI and improves formatting issues (#172397).
Bug fixes
edit- Fixes a bug that prevented the event analyzer preview from loading properly for ES|QL rules (#178389).
- Fixes a bug that prevented you from editing, adding, or removing query filters when creating or editing a custom query, indicator match, or new terms rule (#178207).
- Fixes a bug that caused unnecessary error messages to appear in Kibana server logs when using the MITRE ATT&CK® Coverage page (#178126).
- Prevents an infinite loading state on the Add Rules page for users with limited permissions (#178005).
- Fixes a bug that prevented the Reset Fields action on the Alerts table from resetting the table’s columns (#177986).
- Fixes a bug that interfered with the rule filtering interface when you opened it from specific parts of Elastic Security (#177946).
- Ensures that text within the risk score preview table translates correctly (#177680).
-
Fixes a bug that could prevent the correct
kibana.alert.threshold_result.terms.value
field value from appearing in the alert details flyout (#177472). - Fixes multiple bugs affecting the rule filters on the rule details page (#177081).
- Updates the alert assignment UI to make its data model and intended usage clearer (#176442).
- Fixes rule overwrite behavior when importing new rules. Now, when a new rule overwrites an existing rule, the new rule completely replaces all the fields of the old one, and the old rule’s fields are never included in the new rule (#176166).
- Fixes a bug that allowed you to add a Timeline as a favorite before it was saved (#175161).
- Fixes a bug that could result in an unnecessary negative sign in the risk score table within the expandable user and host flyouts (#177015).
- Adds file and size constraints to value lists (#176074).