New Cortex Xpanse features and enhancements in release 2.7 (September 2024).
The table below describes the features and enhancements introduced in the Expander 2.7 (September 2024) release.
Note
Cortex Xpanse typically upgrades customers over a three-week time frame. Contact customer success to find out your specific upgrade date.
Feature | Description |
---|---|
Scanning enhancements | NoteScanning on 60+ additional protocols will be released by the end of October. Periodic discovery scans on all 65k ports was released in September. Cortex Xpanse now performs periodic discovery scans across global IPv4 address space for all 65k ports and on 60+ additional protocols. Once a service is found, we scan it daily until it becomes inactive. These enhancements reduce the possibility of important exposures being missed, making it easier for you to secure your attack surface. |
Services XQL dataset enhancements | Cortex Xpanse has enhanced the external services XQL dataset to include more detailed CVE data and additional service classification and geolocation information. This enhanced dataset will enable you to configure more targeted custom alerting and more detailed custom dashboards. |
Alerts Overview dashboard | The Alerts Overview dashboard (formerly called the Comprehensive Alerts Overview) has been updated to present trends such as alert resolution journey and top ten alerts by type and cloud provider, over a one year period. |
QRadar outbound Integration | This new integration forwards Xpanse-discovered risks for correlation and alerting within QRadar. |
Active Response Improvements | Enrichment improvements:
Increased coverage of remediation for the following attack surface rules:
|
Remediation Report | This new report provides detailed information, broken down by business unit, on your security risks, prioritization of those risks, and instructions on how to reduce your overall security risk. Use this report to share detailed risk remediation information with individuals who do not have access to Expander. |
Version column added to alerts table | A software version column has been added to the Alerts table, enabling you to export and filter on the detected software version. |
New attack surface rules and attack surface tests | Detect and verify new risks with the introduction of more than 30 attack surface rules and 40 attack surface tests. |