Serie v4.2.x

Serie v4.2.x

v4.2.0 (2025-10-27)

Dependency upgrades for performance and security: Updated core libraries and build dependencies to improve runtime efficiency, maintain compatibility with modern systems, and include recent security patches.

Adaptive ML tuning: Increased default thresholds for protocol expansion and port-scanning detections to reduce noise in stable environments.

Response Engine: Introduced a new Response Engine that automates notifications and responses to security alerts. Supports configurable notification channels (Slack, Email, and Syslog) and allows per-rule configuration for automated actions.
Notification Channels: Added UI and backend support for creating, enabling, and managing notification channels directly from Settings.
Syslog integration: Added a Syslog responder to send alerts as JSON events to external SIEM or log systems.
Automatic tagging: Alerts now automatically tag affected resources with the triggering rule to improve incident traceability.
IEC 62443-3-3 benchmark mapping: Added and expanded control mappings for the IEC 62443-3-3 benchmark to strengthen compliance coverage.
Alert processing performance: Alert deduplication, enrichment (GeoIP + IP reputation), and grouping are now processed asynchronously by the background worker for faster response.
UI fixes and improvements: Improved theme consistency and fixed issues with the plant selector.