We have recently released content update 402 (6.7.0) and updates for earlier release of FortiSIEM
This release includes updates for Outbreak alerts, parser updates and geo database updates.
This content update contains the following:
Windows Parsing Enhancements
9 x Outbreak Rules and Reports
Outbreak: Atlassian Pre-Auth Arbitrary File Read Vuln detected on Network
Outbreak: Atlassian Pre-Auth Arbitrary File Read Vuln detected on Host
Outbreak: BURNTCIGAR MS Signed Driver Malware detected on Network
Outbreak: BURNTCIGAR MS Signed Driver Malware detected on Host
Outbreak: FortiWeb detected VMware Spring Cloud Func RCE Vulnerability on Network
Outbreak: VMware Spring Cloud Func RCE Vulnerability on Network
Outbreak: FortiWeb detected Zerobot Botnet Activity on Network
Outbreak: Zerobot Botnet Activity Detected on Host
Outbreak: Zerobot Botnet Activity Detected on Network
UnixParser support for Chronyd events
Dedicated rules for detecting FortiGate admin user creation/deletion
FortiGate: Admin User Added
FortiGate: Admin User Deleted
PaloAlto Parser updated to parse additional attributes for some log types
Latest GeoDB Updates
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.