readme.html

<!-- File: readme.html

  Licensed under the Apache License, Version 2.0 (the "License");
  you may not use this file except in compliance with the License.
  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing, software distributed under
  the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
  either express or implied. See the License for the specific language governing permissions
  and limitations under the License.
-->

<html>
  <head></head>
  <body>
    <h2>Overview</h2>
    <p>
      The Cybereason platform finds a single component of an attack and connects it to other pieces of information to reveal an entire campaign and shut it down.
      There are two types of alerts that Cybereason will create:
      <ul>
        <li>Malops: This stands for a Malicious Operation, and will describe machines, users, processes, and connections used in the attack.</li>
        <li>Malware: These alerts are generated when a user tries to run a piece of malware.</li>
      </ul>
    </p>

    <h2>Playbook Backward Compatibility</h2>
    <p>
      <ul>
        <li>The below-mentioned actions have been added. Hence, it is requested to the end-user to please update their existing playbooks by inserting | modifying | deleting the corresponding action blocks for this action on the earlier versions of the app.
          <ul>
            <li>isolate specific machine</li>
            <li>unisolate specific machine</li>
            <li>upgrade sensor</li>
            <li>restart sensor</li>
            <li>query machine ip</li>
          </ul>
        </li>
      </ul>
    </p>
  </body>
</html>