Serie v3.0.x

v3.0.0 (2025-06-18)

• Dependency upgrades for performance and security: Updated core libraries to their latest stable versions to improve runtime efficiency, maintain compatibility with modern systems, and include recent security patches.
• Performance improvements across large environments: Optimized inventory queries, alert queries, and network traffic lookups to reduce load times and improve responsiveness in busy OT networks.

Sensor

• On-demand network capture in PCAPNG format: The sensor can now record live network traffic into PCAPNG files using a ring buffer and controlled capture window, enabling targeted forensic captures without interrupting production.
• Remote capture orchestration from the console: Captures can be triggered remotely, automatically uploaded back to the platform, and stored for later download and analysis.
• Improved interface discovery and reporting: The sensor now sends its version and the IP addresses it uses in each monitored network, giving operators clearer visibility into deployment state.
• More accurate passive device discovery: Device discovery now uses the IP ranges actually monitored by each OT interface, reducing noise and false “new device” reports.
• Stability improvements during sensor restarts: Fixed issues related to restart timing, inactive thresholds, and outbound traffic parsing to make collection more resilient in noisy or unstable networks.
• Event delivery improvements: Shifted to a more reliable messaging approach for delivering instructions to sensors, improving command delivery at scale.

On-Prem Console

• New Capture Management UI: Added a dedicated Captures page to list available packet captures, start new captures with a defined duration, track upload progress, and download capture files for offline analysis.
• Faster, more responsive Overview dashboard: The main Overview screen now loads incrementally (traffic trends, alert trends, etc.) and uses skeleton loading states, improving usability on large plants.
• Improved Alerts page scalability: Alert history, per-rule trends, and per-day breakdowns are now retrieved via separate concurrent queries and backed by new database indexes, making investigations significantly faster.
• Interactive network visibility upgrades: The topology map redraws faster and avoids unnecessary recalculations; inbound and outbound traffic are visualized together, heavy flows are highlighted with thicker arrows, and traffic trends now use an AreaChart for easier volume comparison.
• Rule tuning directly from alerts: From an alert, operators can now add a source or destination IP directly into an allowlist parameter of the related rule, with safeguards against duplicates and immediate visual confirmation.
• Auto-suggest values for rule parameters: The console now surfaces suggested parameter values (including sensor IPs and most common IPs seen in past alerts) to reduce manual tuning effort.
• Stormshield integration and policy generation: Added an integrations page under Settings to enable/disable integrations and publish inventory to Stormshield, including automatic grouping by vendor and generation of baseline filtering policies.
• Compliance visibility in Overview: The Overview page now surfaces common benchmarks (MITRE, CIS, NIS2) so teams can see at a glance how their environment aligns with key security and regulatory frameworks.
• More accurate network and inventory context: Device cards and topology now include network information and device type; console now exposes Siemens vendor details and applies vendor grouping logic for Stormshield.
• Improved alert chart correctness and UI polish: Fixed missing titles, ensured rule details only appear when valid, corrected negative outbound traffic edge cases, added spacing and margins in network diagrams, and removed noisy developer-only views.
• Backend query performance: Added multiple new indexes (alerts by account, alerts grouped by rule, source/destination autocomplete, per-account traffic materialization) to speed up investigations and trending views in large plants.