As we continue to enhance and expand the capabilities of the Cado platform, Q3 2024 brings a host of updates designed to improve the efficiency and effectiveness of your cloud investigations. This quarter’s updates focus on better monitoring, detection, and acquisition workflows to streamline your security operations.
In response to feedback from our users, we've implemented Detection Webhooks, a powerful integration capability that allows you to automate and streamline your incident response workflows. With detection webhooks, Cado can send real-time notifications directly to your chosen communication or ticketing systems whenever suspicious activity is detected.
Whether you’re integrating with Jira, Slack, Microsoft Teams, or a custom-built tool, this feature ensures that you can act on detection events immediately without manual intervention. For detailed instructions on setting up detection webhooks, take a look at our guide here.
One of the key updates in Q3 2024 is the introduction of Health Checks for Cross-Account Roles. This feature provides an essential layer of primitive security by ensuring that cross-account roles are functioning as expected. By continuously monitoring these roles, you can detect misconfigurations early, preventing access issues or unauthorized activity. Health checks help reduce investigation delays and ensure that your cloud environments remain secure and compliant.
For more detailed information on how to configure and monitor cross-account roles, visit our documentation here.
The Cado Team has added the collection of contextual data sources to the platform, acquiring lower fidelity alert data and telemetry around the timeframe of the alert. This means that analysts will be able to view not just information about an alert, but also what else was going on at the same time, providing them with even more context when making decisions.
We also launched our new automated investigation model. You can now enable the model Next-gen Automated Investigations which will bring improvements to the automated investigation algorithm. This will then score all events after we import and process them and show them on the automated tab.
This quarter also brings significant improvements to Cado Host Acquisition. We’ve optimized the process for gathering forensic evidence from cloud hosts with the launch of "Cado Host Max" collecting a greater number of files from instances, we switched from zip to lz4 format so now file compression is 4 times faster. These improvements enable faster time to insight, especially for complex environments with a large number of hosts.
Ready to see how these new features can enhance your cloud investigations? Request a demo today and discover how the Cado platform can help your team streamline detection, improve security workflows, and respond faster to emerging threats.