|
2 | 2 | title: What's new in Azure Defender for IoT |
3 | 3 | description: This article lets you know what's new in the latest release of Defender for IoT. |
4 | 4 | ms.topic: overview |
5 | | -ms.date: 10/20/2021 |
6 | | -ms.custom: ignite-fall-2021 |
| 5 | +ms.date: 11/07/2021 |
7 | 6 | --- |
8 | 7 |
|
9 | 8 | # What's new in Azure Defender for IoT? |
@@ -56,35 +55,47 @@ If the Key state is detected as Program or the Run state is detected as either R |
56 | 55 |
|
57 | 56 | #### Visibility and risk assessment |
58 | 57 |
|
59 | | -- Use the Device Inventory to view the PLC state of organizational PLCs as well as contextual device information. Use the Device Inventory Settings dialog box to add this column to the Inventory. |
| 58 | +- Use the Device Inventory to view the PLC state of organizational PLCs, and contextual device information. Use the Device Inventory Settings dialog box to add this column to the Inventory. |
60 | 59 |
|
61 | | - :::image type="content" source="media/release-notes/device-inventory-plc.png" alt-text="Device inventory showing plc operating mode."::: |
| 60 | + :::image type="content" source="media/release-notes/device-inventory-plc.png" alt-text="Device inventory showing PLC operating mode."::: |
62 | 61 |
|
63 | 62 | - View PLC secure status and last change information per PLC in the Attributes section of the Device Properties screen. If the Key state is detected as Program or the Run state is detected as either Remote or Program the PLC is defined by Defender for IoT as *unsecure*. The Device Properties PLC Secured option will read false. For more information, see [View and manage device properties](how-to-work-with-the-sensor-device-map.md#view-and-manage-device-properties). |
64 | 63 |
|
65 | | - :::image type="content" source="media/release-notes/attributes-plc.png" alt-text="Attributes screen showing plc information."::: |
| 64 | + :::image type="content" source="media/release-notes/attributes-plc.png" alt-text="Attributes screen showing PLC information."::: |
66 | 65 |
|
67 | 66 | - View all network PLC Run and Key State statuses by creating a Data Mining with PLC operating mode information. |
68 | 67 |
|
69 | | - :::image type="content" source="media/release-notes/data-mining-plc.png" alt-text="Data inventory screen showing plc option."::: |
| 68 | + :::image type="content" source="media/release-notes/data-mining-plc.png" alt-text="Data inventory screen showing PLC option."::: |
70 | 69 |
|
71 | 70 | - Use the Risk Assessment Report to review the number of network PLCs in the unsecure mode, and additional information you can use to mitigate unsecure PLC risks. |
72 | 71 |
|
73 | 72 | ### PCAP API |
74 | 73 |
|
75 | | -The new PCAP API lets the user retrieve PCAP files from the sensor via the on-premises management console with, or without direct access to the sensor itself. This is accomplished by using the management console as a proxy. |
| 74 | +The new PCAP API lets the user retrieve PCAP files from the sensor via the on-premises management console with, or without direct access to the sensor itself. |
76 | 75 |
|
77 | 76 | ### On-premises Management Console audit |
78 | 77 |
|
79 | | -Audit logs for your sensor’s deployment are now available from the On-premises management console. |
| 78 | +Audit logs for the on-premises management console can now be exported to facilitate investigations into what changes were made, and by who. |
80 | 79 |
|
81 | 80 | ### Webhook extended |
82 | 81 |
|
83 | | -Webhook extended can be used to send all of the information in the Webhook alert, as well as extra data to the endpoint. |
| 82 | +Webhook extended can be used to send extra data to the endpoint. The extended feature includes all of the information in the Webhook alert and adds the following information to the report: |
84 | 83 |
|
85 | | -### Unicode support for certificate passphrases |
| 84 | +- sensorID |
| 85 | +- sensorName |
| 86 | +- zoneID |
| 87 | +- zoneName |
| 88 | +- siteID |
| 89 | +- siteName |
| 90 | +- sourceDeviceAddress |
| 91 | +- destinationDeviceAddress |
| 92 | +- remediationSteps |
| 93 | +- handled |
| 94 | +- additionalInformation |
86 | 95 |
|
87 | | -Unicode characters are now supported when working with sensor certificate passphrases. For more information see, [About certificates](how-to-deploy-certificates.md#about-certificates) |
| 96 | +### Unicode support for certificate passphrases |
| 97 | + |
| 98 | +Unicode characters are now supported when working with sensor certificate passphrases. For more information, see [About certificates](how-to-deploy-certificates.md#about-certificates) |
88 | 99 |
|
89 | 100 | ## April 2021 |
90 | 101 |
|
@@ -121,7 +132,7 @@ New fields are available for users working with alert APIs. |
121 | 132 | - Source and destination address |
122 | 133 | - Remediation steps |
123 | 134 | - The name of sensor defined by the user |
124 | | -- The name of zone associated with the sensor |
| 135 | +- The name of zone associated with the sensor |
125 | 136 | - The name of site associated with the sensor |
126 | 137 |
|
127 | 138 | **Sensor** |
@@ -166,6 +177,7 @@ This feature is available on the on-premises management console with the release |
166 | 177 | - [Onboarding](#onboarding) |
167 | 178 | - [Usability](#usability) |
168 | 179 | - [Other updates](#other-updates) |
| 180 | + |
169 | 181 | ### Security |
170 | 182 |
|
171 | 183 | Certificate and password recovery enhancements were made for this release. |
|
0 commit comments