Start Using New FeaturesStart Using New Features
There are many exciting new features that you can enable after you have upgraded to 11.7. The following is a list of the new features for each area of NetWitness. For a detailed description of the new features in this release, see the Release Notes for RSA NetWitness Platform 11.7. Go to the NetWitness All Versions Documents page and find NetWitness Platform guides to troubleshoot issues.
- Investigation
- Endpoint Investigation
- Concentrator, Decoder, and Log Decoder Services
- Event Stream Analysis (ESA)
- Platform
- Upgrades
- NetWitness Services
Investigation Investigation
-
Meta Only Event Reconstruction
-
Improved Broker Query Experience
-
Email Reconstruction Improvement
-
Direct Query Interaction with Meta Keys in Event Filter Panel
-
Network Fragment Identification
-
Saved Time Ranges
Endpoint InvestigationEndpoint Investigation
-
Granular Role Based Access Control for Endpoint Server
-
Few Privileges Removed From endpoint-server.agent.manage And Added to endpoint-server.file.analyze
-
Manage Hosts Using Tags
-
Enhanced Windows Agent to Support Detecting the Persistence Techniques Targeting the Registry
-
Enhanced Suspicious Thread Detection
-
Delete Blocked Files Through Elevated Command Prompt
Concentrator, Decoder, and Log Decoder ServicesConcentrator, Decoder, and Log Decoder Services
-
Introduction of Centralized Configuration Management
-
Enhanced Query Accuracy
Event Stream Analysis (ESA)Event Stream Analysis (ESA)
-
Enhancements for persisting Events and Incidents
Platform Platform
-
Backup and Restore Improvements
UpgradesUpgrades
-
Introduction of Pre-Upgrade Check Utility
NetWitness ServicesNetWitness Services
-
Introduction of NetWitness Service Topology Map
