We have been working hard since the last updates now deployed on the community version of our platform you can try right now.
đ Revamped Home Page
Get straight to the action. Weâve tweaked how investigations are displayed and started to make it easier to started.
You can now manage your profile from the Home Page. No need to open an investigation to update your display name and color.
Update your connections in one click. Weâve added a Connections page to manage your active connections from one place and easily update credentials or URLs when they have changed.
You name it! We now suggest names for your new investigations when youâre out of ideas.
đĄ Copilot
Is this what you want? The copilot, after a little bit of thinking, will now automatically suggest leads you might want to try and which ATT&CK technique and tactic could qualify an item. No need to ask anymore!
Best visualization. The copilot now suggests the best available visualizations when creating cards.
Selective learning. You can specify your expertise in your profile to indicate whether or not the copilot should learn from your actions!
đ Ingestion
Reuse Mappings. Adding a new dataset with the same structure? Previous mappings will automatically be sourced and suggested from your previous data sources so you can save time.
More intuitive datasource selection. No more confusion with a search input, it is now a button where you can select multiple options.
Search through fields. Filtering fields is now possible when mapping before ingesting or connecting with an index.
Edit connection indexes. Select an existing index to edit and remap fields.
đ Analytics
Better correlation suggestion. Hovering over a field on a card now shows you if a correlation can be made. You can also access it by clicking on the field menu.
Did you know you could quickly add a filter by pressing Ctrl / Cmd + K ? You wonât miss it now, it is displayed on the filters area which is also clickable.
Revamped filters. Values are co-located with their fields and itâs now possible to have more control over it with partial filters by looking for results starting or ending with the desired value.
Filters that are not applied to a card are indicated on the card.
Paginate through distributions. You are not limited to the first 20 top/bottom values of a distribution anymore, just scroll to get more.
Timeline. New time picker to fine-tune your selection and a 24H format to reduce confusion and view events at a glance.
đ Case Management
STIX export. Easily copy bundles from Malizen as valid STIX JSON.
Continue where you left off. Each lead now suggests the next path to investigate.
Severity selector. Add colors and codes to quickly pick the severity.
đ Documentation
Learn by watching. Weâve added a video to explain the basics of what you can do in Malizen. Itâs in French for now so you can practice.
MITRE ATT&CK docs. Quickly access documentation from what has been suggested to you. Weâve added links to the doc.
Miscellaneous
A splashscreen welcomes you when you load the app.
đ Bug fixes
Investigation deletion from Homepage : was not removed from cache. Could result in deleted investigations still displayed.
Card data export file name now includes field category.
Type only (e.g. ip) filter was not taken into account when flagging.
Optimisation regarding the tooltip, improve performance.
Removed delete button from investigations that have been shared with you.
MongoDB connector: seconds (%s) and milliseconds (%Q) since epoch produced an error.
Prevent blocking any geoheatgrid correlations
Treemap: flagging, filtering for URLs and copy data
At Malizen, our mission is to provide you with powerful and user-friendly tools to better empower cyber teams, and this update is a testament to that commitment. See you soon for the next one!
Comments