Release notes from UTMStack

v11.2.4

2026-03-06T13:14:51Z

UTMStack v11.2.4 Release Notes

We're excited to announce the release of UTMStack v11.2.4! This update brings minor improvements and bug fixes to enhance your experience with our Unified Threat Management and SIEM Platform.

What's New

No new features were introduced in this release.

Improved

Enhanced performance for faster threat detection and response.
Improved user interface for easier navigation and usability.

Fixed

Resolved an issue that caused occasional delays in alert notifications.
Fixed a bug that affected the accuracy of reporting metrics.

Thank you for using UTMStack! We are committed to continuously improving your experience.

Full Changelog: v11.2.3...v11.2.4

v11.2.3

2026-02-12T11:56:48Z

Release Notes for UTMStack v11.2.3

In this release, we've introduced several new features and improvements to enhance your experience with UTMStack. We've also addressed some bugs to ensure smoother operation.

What's New

Added enhanced log parsing capabilities for VMware and Netflow filters.
Introduced updates for Microsoft 365 and SonicWall filters for better integration.
Added support for new Cisco filter updates, including Cisco ASA and Meraki.
Updated the UTMStack filter configuration to version 3.0.5.

Improved

Enhanced sorting in the asset view to prioritize asset status and last input.
Improved error handling and response mapping for module configuration validation.
Enhanced configuration encryption to support file data types.
Updated layout styles for the API documentation component for better clarity.

Fixed

Resolved issues with cloud region URL parsing for CrowdStrike configuration.
Fixed timestamp handling in correlation rules and logstash filter services.
Improved validation checks for alert targets and log objects.
Cleaned up alert detail view logic and HTML formatting for better readability.

EventProcessor Changelog

Sparkle Features

Log Pusher: Added support for Unix socket-based log pushing.
Log Pusher: Added UUID generation to log entries for improved tracking.
Plugins: Added UUID to alert payloads for better identification.
Reliability: Implemented a circuit breaker for rule evaluation failures to prevent system instability.

Bug Fixes

Feeds: Fixed analyze function to return immediately for denied, blocked, or failed actions.
Log Pusher: Improved error handling when closing connections.
Memory Management: Fixed memory release issue after successful queue registration.
Feeds: Added playground mode check and improved error handling.

Enhancements & Refactoring

Plugins (CEL): Optimized rule reloading with change detection and state tracking.
Plugins (CEL): Unified error handling for rule processing and correlation evaluation.
Plugins (CEL): Refactored rule processing logic and modularized key functions.
Plugins (General): Renamed analysis plugin to cel and updated build paths.
Rule Management: Added support for tenant-specific and global rule disabling; refactored rule indexing.
Rule Properties: Updated rule properties for better categorization and technique details.
Configuration: Updated NewDynamicSourceManager to handle nil configuration gracefully.

Build & Maintenance

Build System: Added log-pusher and opensearch-fetcher binaries to Dockerfile and build artifacts.
Build System: Fixed Dockerfile paths for plugins directory.
Cleanup: Removed deprecated plugin configuration files.
Cleanup: Removed unused libraries and deprecated integration_test.go files.

Documentation

Plugins: Added comprehensive README for the CEL analysis plugin.
General: Added links to the official wiki for detailed implementation guides.

Dependency Updates

Go SDK: Upgraded github.com/threatwinds/go-sdk to v1.1.14 across all modules.
Genproto: Updated google.golang.org/genproto to latest versions.
Modules: Updated dependencies and enhanced error handling (added delays).

We hope you enjoy the new features and improvements in this release!

Full Changelog: v11.2.2...v11.2.3

v11.2.2

2026-01-30T15:30:53Z

UTMStack v11.2.2 Release Notes

In this release, we've introduced several new features and improvements to enhance your experience with UTMStack. This update focuses on better log analysis, improved visualization tools, and enhanced alert management.

What's New

Added support for SQL queries in LogExplorer, allowing for more flexible data retrieval.
Introduced new filters for Azure and GCP, improving log analysis capabilities.
Enhanced the LogExplorer with custom keyword suggestions for easier search.
Implemented a new adversary management module, providing better insights and control over alerts.

Improved

Updated Azure correlation rules for more accurate threat detection.
Enhanced the visualization creation flow with improved UI elements and validation.
Improved error handling and user experience in the log handling and display logic.
Enhanced the SAML and OIDC authentication processes with additional fields and validation.

Fixed

Resolved issues with log analysis filters for better accuracy in data retrieval.
Fixed bugs affecting the display of alert properties and improved layout consistency.
Corrected problems with alert management, including false positive tagging and alert status updates.
Addressed various bugs related to user authentication and login processes.

This release brings valuable enhancements to your UTMStack experience, making it easier to manage threats and analyze logs effectively.

Full Changelog: v11.2.1...v11.2.2

v11.2.1

2026-01-23T14:35:45Z

Release Notes for UTMStack v11.2.1

In this release, we've introduced several new features and improvements to enhance your experience with UTMStack. We've also addressed some bugs to ensure smoother operation.

What's New

Added integration tests for deduplication and grouping logic in alerts.
Introduced a new CrowdStrike plugin to collect and process security events from the CrowdStrike Falcon platform.
Enhanced PDF generation with improved response handling and error management.
Implemented sorting by last input in the assets view for better data organization.
Added filter options to exclude false positive alerts in the alert management system.
Enhanced configuration handling with version type support for better management.

Improved

Enhanced rule filters with status and formatting options for better usability.
Improved error handling in various features to provide clearer messages and better user guidance.
Updated AWS CloudWatch Logs streaming with dynamic configuration handling.
Enhanced SQL query suggestions in the code editor with limits and aggregation examples for easier querying.

Fixed

Resolved issues with incorrect cursor behavior in the SQL Query Editor.
Fixed PDF loading conditions to reduce waiting time and improve user experience.
Updated log detail terminology for clarity in application logs.
Corrected component naming and updated routing in email settings for better functionality.
Improved loading state handling and time filter management in compliance exports.

We hope you enjoy the new features and improvements in this release!

Full Changelog: v11.2.0...v11.2.1

v11.2.0

2026-01-12T17:31:24Z

UTMStack 11.2.0 – Release Notes

The UTMStack v11.2.0 release introduces key enhancements, new integrations, and important fixes to improve system stability, performance, and user experience.

Improvements & Fixes

Enhanced AWS integration with updated setup guides and improved log processing reliability.
Added CrowdStrike Falcon integration for advanced threat detection and response.

v11.1.8

2026-01-07T19:32:07Z

UTMStack 11.1.8 – Release Notes

The UTMStack v11.1.8 update delivers important fixes and usability improvements to enhance stability and user experience.

Improvements & Fixes

Improved AWS integration: updated setup guides and more reliable log processing.

v11.1.7

2026-01-07T07:49:22Z

UTMStack 11.1.7 – Release Notes

The UTMStack v11.1.7 update delivers important fixes and usability improvements to enhance stability and user experience.

Improvements & Fixes

Improved AWS integration: updated setup guides and more reliable log processing.

v11.1.6

2026-01-02T19:21:22Z

UTMStack 11.1.6 – Release Notes

The UTMStack v11.1.6 update delivers important fixes and usability improvements to enhance stability and user experience.

Improvements & Fixes

Enhanced Threat and Windows activity dashboards with new filters and aggregations for better data analysis.
Improved email notifications for alerts, providing clearer information and enhanced formatting for better user experience.

v11.1.5

2025-12-22T17:37:58Z

UTMStack 11.1.5 – Release Notes

The UTMStack v11.1.5 update delivers important fixes and usability improvements to enhance stability and user experience.

Improvements & Fixes

Standardized utm_visualization field names by replacing legacy O365 keys with new conventions.
Enhanced responsive behavior for TFA enrollment components based on viewport height.

v11.1.4

2025-12-22T11:51:42Z

UTMStack 11.1.4 – Release Notes

The UTMStack v11.1.4 update delivers important fixes and usability improvements to enhance stability and user experience.

Improvements & Fixes

Refined the styling of download links to improve clarity and accessibility.
Resolved a syntax error in the UTMStack installation command, ensuring smoother setup.
Corrected the display of pipeline card statuses and improved accuracy of event processing counts.