This documentation contains work-in-progress information for future Elastic Stack and Cloud releases. Use the version selector to view supported release docs. It also contains some Elastic Cloud serverless information. Check out our serverless docs for more details.
« 8.14 8.12 »
Elastic Docs Elastic Security Solution [8.16] Release notes

8.13

edit

8.13

edit

8.13.4

edit

Bug fixes

edit

There are no user-facing changes in 8.13.4.

8.13.3

edit

Enhancements

edit
  • Ensures that Elastic Defend can’t be installed on versions earlier than Windows 10 or Server 2016.

Bug fixes

edit
  • Fixes a bug that caused a warning to display after you added any type of exception to a rule (#180800).
  • Fixes a bug with the is one of Timeline filter that generated incorrect Query Domain Specific Language (DSL) queries (#180455).
  • Fixes the loading page layout on the Intelligence page. Also improves the Indicators table loading speed after you set up a threat intelligence integration (#178701).
  • Fixes a bug that stopped indicator filters from working correctly on the Intelligence page (#179607).

8.13.2

edit

Bug fixes

edit
  • Fixes a bug that prevented Alert table filters from retrieving the correct values if you used the Filter In or Filter Out inline actions (#179911).
  • Fixes a bug that automatically checked checkboxes on the Alerts page when you clicked filter labels (#179610).

8.13.1

edit

Bug fixes

edit
  • Fixes a bug that automatically checked checkboxes on the Alerts page when you clicked filter labels (#179610).
  • Fixes a bug that prevented the KQL bar on the Intelligence page from providing suggestions and applying filters correctly (#179153).

8.13.0

edit

Features

edit
  • Allows you to define an entity’s (such as a host’s or user’s) Asset criticality, which can affect risk scores (#176815, #176294, #172417, #176056).
  • Allows information on the Data Quality dashboard to now persist in Elastic Security rather than disappearing after each session (#175673, #173185).
  • Adds field-by-field diffs to the rules upgrade flyout so you can see what’s changed between versions (#174564).
  • Adds alert suppression to the Indicator Match rule type (#174241).
  • You can add Elastic Defend’s kill-process or suspend-process response actions to detection rules to automatically terminate or suspend a process on an affected host (#161645).
  • Allows you to isolate and release a SentinelOne-protected host from detection alerts and the response console, and view third-party actions in the response actions history log (#173927, #175810).
  • Allows you to enable and disable cloud security Benchmark rules (#174575).

Enhancements

edit
  • Enables advanced sorting and customization options for the Findings page’s Vulnerabilities table (#174413).
  • Adds the ability to analyze an event within a specific time range and data view (#176364).
  • Enables the newly expanded host and user details flyouts, which allow you to view host or user details, risk data and inputs, and asset criticality (#175899).
  • Improves the header layout in the alert details flyout so basic alert details are better organized (#175075).
  • Adds inline actions and a search bar to the left panel in the event analyzer UI and improves formatting issues (#172397).

Bug fixes

edit
  • Fixes a bug that prevented the event analyzer preview from loading properly for ES|QL rules (#178389).
  • Fixes a bug that prevented you from editing, adding, or removing query filters when creating or editing a custom query, indicator match, or new terms rule (#178207).
  • Fixes a bug that caused unnecessary error messages to appear in Kibana server logs when using the MITRE ATT&CK® Coverage page (#178126).
  • Prevents an infinite loading state on the Add Rules page for users with limited permissions (#178005).
  • Fixes a bug that prevented the Reset Fields action on the Alerts table from resetting the table’s columns (#177986).
  • Fixes a bug that interfered with the rule filtering interface when you opened it from specific parts of Elastic Security (#177946).
  • Ensures that text within the risk score preview table translates correctly (#177680).
  • Fixes a bug that could prevent the correct kibana.alert.threshold_result.terms.value field value from appearing in the alert details flyout (#177472).
  • Fixes multiple bugs affecting the rule filters on the rule details page (#177081).
  • Updates the alert assignment UI to make its data model and intended usage clearer (#176442).
  • Fixes rule overwrite behavior when importing new rules. Now, when a new rule overwrites an existing rule, the new rule completely replaces all the fields of the old one, and the old rule’s fields are never included in the new rule (#176166).
  • Fixes a bug that allowed you to add a Timeline as a favorite before it was saved (#175161).
  • Fixes a bug that could result in an unnecessary negative sign in the risk score table within the expandable user and host flyouts (#177015).
  • Adds file and size constraints to value lists (#176074).
« 8.14 8.12 »