Skip to main content
McAfee Enterprise MVISION Cloud

5.2.1 Release Notes (October 2020)

MITRE Dashboard

The MITRE Dashboard provides a holistic view of different types of activities that are compromised in the infrastructure of cloud services such as Salesforce, Box, Office 365, and more. The MITRE ATT&CK framework identifies compromised activities and evaluates an organization's risk. For details, see About the MITRE Dashboard.

Resources Connections Graph View

The Resource Connections Graph View provides an interactive graph of IaaS and Container Security resource connections and network flow for AWS, Microsoft Azure, and Google Cloud Platform (GCP). If you have enabled Amazon Virtual Private Cloud (VPC) Flow Logs, the connections graph is also overlaid with VPC Flow Logs data. For details see, About Resources

Connected Apps for Microsoft Office 365

Connected Apps now supports Microsoft Office 365, which is enabled by default when you integrate MVISION Cloud with O365. For details, see About Connected Apps

Connected Apps Date Picker and Chart View

The Connected Apps page now includes a date picker, which allows you to select a preset or custom date range to display data for only this date range. It also includes a Chart View, which allows you to display your Connected Apps data in a chart. For details, see Connected Apps Page

Updated Threats and Anomalies

The Threats and Anomalies pages now have an updated user interface and discrete locations in the MVISION Cloud menu. MVISION Cloud's Threat Protection enables real-time threat and anomaly detection and remediation for security, compliance, and data governance across all Sanctioned Cloud Services. For details, see Threats and Anomalies

Policy Violation Filter to Sanctioned DLP 

On the Policy Incidents Summary and Policy Incidents page, as of Unified Cloud Edge 1.5, the Incident Type filter label and Omnibar value Policy Violation is changed to Sanctioned DLP. For details, see Policy Incidents Summary

ServiceNow File Decryption

ServiceNow file decryption is supported for both single file and bulk file download. For details, see Configure ServiceNow Encryption.

Multi-Geo Model for Office 365

MVISION Cloud supports the Multi-geo capabilities for SharePoint and OneDrive. For details, see Multi-Geo Model for Office 365.

Tombstone Configuration (Reverse Proxy)

In the Policy Settings page, the Tombstone Configuration (Reverse Proxy) tab allows you to create and upload a custom tombstone file, also called a blocked message file, for specific user actions instead of the default McAfee tombstone file. For details see Tombstone Configuration (Reverse Proxy)

Granular RBAC Report from the Users Page

On the Settings > User Management > Users page, an administrator can export a CSV file of users and roles. This report now includes a list of the user's current roles, access privileges, and resources, as well as information on Shadow, Sanctioned, and Web Jurisdictions. For details, see Export Users and Roles to a CSV File

Cloud Security Advisor New or Discontinued Metrics

In the Cloud Security Advisor, new metrics are occasionally introduced and old ones are discontinued. For this reason, you may see a drop in your Visibility and Control scores or you will see new behavior in the Quarter comparison graph. For details, see Cloud Security Report

Container Security

Container Assets in the Resources Connections Graph View

The Resource Connections Graph View provides an interactive graph of IaaS and Container Security resource connections and network flow for AWS, Microsoft Azure, and Google Cloud Platform (GCP).It also provides visibility of container assets for Azure Container Registry (ACR) and Google Container Registry (GCR), displaying container images stored as resources, and operating system inventory from container images. For details see, About Resources

Vulnerability Incident Details 

On the Policy Incidents page, when you filter for Vulnerability Violations, the Details pane provides an extended view. Incident details include a list of all Vulnerabilities, then a link to the specific CVE you want to investigate. For details, see Vulnerability Incident Details

Discover Container Assets for ACR and GCR

The Resources page also provides visibility of container assets for Azure Container Registry (ACR) and Google Container Registry (GCR), displaying container images stored as resources, and operating system inventory from container images. For details see About Resources

Search for Container Assets

On the Resources page, in the Omnibar, you can now search for CVE Numbers, Namespaces, Packages, and Operating Systems.  (OS’), & packages. This is supported for ECR and ACR. For details see, CVE Number Search and About Resources

Vulnerabilities Report

The Vulnerabilities report for Container Security lists all of the Common Vulnerabilities and Exposures (CVEs) stored in your container images.​ For details, see Report - Vulnerabilities

 

  • Was this article helpful?