Official Announcement
The ALL-SOC V2.6 version has been updated on January 10, 2026! The update features are as follows:
* Introduced AI Confidence Score (ACS) for alerts
* Introduced AI Confidence Score (ACS) for alerts
You can click "AI Noise Reduction" on the [Work Order] page to enable this feature. Once enabled, the system
will automatically perform multi-dimensional AI scoring for newly generated security work orders, assisting
engineers in quickly assessing alarm risks.
* Introduced AI-based dynamic alert noise reduction
On the [Work Order - AI Noise Reduction] page, you can freely configure and combine alert rules and alert
methods (immediate alert, aggregated alert, no alert). AI will dynamically adjust the alert rhythm of work
orders based on your strategy, significantly reducing redundant alert interference and alleviating alert
fatigue for engineers.
* Add a new customizable alert email template
You can manage your exclusive alert email templates on the [Settings - Email - Alert Email Template] page.
New alerts will be automatically sent using the adapted template according to the rules. You can also check
"Custom Content" in the alert content of [Security Operation Rules] to customize notifications for specific
use cases, achieving professionalization and standardization of alerts.
* Newly added security intelligence and handling system
You can configure the API credentials for the intelligence system (Weibu) and the handling system
(Fortigate, Azure) on the [Settings - Security System] page (which need to be applied for by the enterprise
itself, and assistance can be obtained by contacting the Feiluo team). Additionally, you can quickly query
security intelligence (IP analysis) and perform security handling (ban IP, ban account) in the [Work Order]
details. In the future, support for more intelligence and handling systems will also be available.
* Add observation list management
You can create and manage multiple types of custom blacklists/whitelists (such as IP, MAC, accounts, etc.)
on the [Data Management - Watchlist] page, and directly reference them in [Security Operation Rules, Search]
(FNL syntax: index='watchlist name'; KQL syntax: _GetWatchlist('list name')) to facilitate batch management
and application.
* Support for customizing views for work orders
On the "Work Orders" page, you can "Save as View" for commonly used filtering criteria, and efficiently
query work orders in different scenarios through quick view switching, simplifying daily operation
processes.
* Compatible with LA (Log Analytics) log sources and KQL (Kusto Query Language) queries
For customers who have already utilized LA, you can configure the parameters of the existing LA log source
on the [Settings - System Settings] page (LA log source does not consume license capacity). Once configured,
you can directly use KQL statements for querying and analysis in [Security Operation Rules, Search, Digital
Dashboard], achieving integration with the existing log service.
* Added log backup function
You can click "Log Backup" on the "Data Management - Log Management" page to set backup policies, and
perform manual or incremental backups to provide additional protection for important log data.
* Enhance system security strategy
In [Settings - System Settings], new configuration items such as "User Password Expiration Date", "Force
Password Change on First Login", and "User Token Expiration Date" have been added to help you further
enhance your account security and compliance control level.
* Optimize multilingual support and system experience
We have optimized the English and Japanese translations of the page, and comprehensively enhanced the
fluency and stability of system operations, providing you with more reliable operational support.
English