Top New Features, Enhancements and Fixes
- Criminal Activity and Violence Sites added to Location Policy
- Install Configuration Links Replace Tags
- Public Safety, General Hazard, and Protest added to the Accounts Policy
- Email Compromise Classifier Renamed
- Simplified People Entity Creation
- User Opt-Out for Workflow Related Email
- Privacy for Commenter Content
Social Profile Manager
- Pre-Review for Facebook Business Pages
- Pre-Review for Linkedin: Experience Logo
- Profile Status Report Enhancements
- Advanced Search Improvement
- Website Title in Domain Details
- Monthly Reports on Threat Center
- Splunk Connector Improvements
The features described here will go live on October 24th, 2018 and are available to all licensed customers (unless otherwise noted).
New Feature Details
Criminal Activity and Violence Sites added to Location Policy
The Criminal Activity Sites and Violence Sites Classifiers may be interesting to Physical Security Teams monitoring for threats to Locations. These classifiers have been added to the Location Threat Monitoring Content Policy. Violence Sites has also been moved from the Controversial Topics policy group to the Physical Security policy group.
Install Configuration Links Replace Existing Tags
Prior to this release, Install Configuration Links add new Tags to accounts already protected by Patrol, leaving any existing Tags in place. However, many customers would like to replace Tags entirely so that the supervisory structure of Accounts can be updated. Therefore, we have updated Install Configuration Link Behavior as follows.
- Existing Tags are removed and then replaced with new Tags specified by the Install Link
- If no Tags exist on an Account, any new Tags specified by an Install Link are added
- If no Tags are specified by an Install Link, existing Tags are not changed
Public Safety, General Hazard, and Protest added to Accounts Policy
Public Safety Reports, General Hazard Reports, and Protest Language Classifiers may be interesting to security and/or marketing teams monitoring content on brand-owned social accounts. Therefore, these language-based classifiers have been added to the Accounts Content Policy.
Email Compromise Classifier Renamed
We’ve renamed the Email Compromise classifier to Credential Compromise. This classifier can be found under Security > Cyber-Security > Credential Compromise.
Simplified People Entity Creation
To simplify and clarify creation of People Entities, we eliminated the need to select “Name-Only Threat Scan” to search for content that includes First Name + Last Name without additional context (e.g. Title or Company). Now, if your executive has a unique name and you would like to perform name-only searches, simply leave the Title and Company fields blank.
User Opt-Out for Workflow Related Email
For some users that are responsible for workflow on multiple accounts, they prefer to work from the task view. In this scenario, the users prefer not to receive the system generated emails for workflow related events. The system can now be configured to allow individual users to opt-out of receiving workflow related emails. The default configuration is to not allow a user to opt-out of any of these emails. When enabled, a user can choose not to receive categories of workflow emails by navigating to Settings, located in the upper right of the Social Patrol screen.
The user removes the check next to the category of emails he wishes to no longer receives. The opt-out is set once the user selects Save. The user can see the subject of the emails covered by the opt-out category.
Because workflow related emails can contain critical information concerning a managed account for content, profile or both, the default option is to not allow users to opt-out. If you want to enable this feature for your users, please contact email@example.com.
Privacy for Commenter Content
In some organizations, Commenter (someone other than the account owner) activity must be anonymous in Social Patrol and in the archive records it sends. The system now can be configured to support this.
Social Patrol scans protected social media accounts and retrieves the activity – in this example the brand content by the protected account “Joe Mass Financial Advisor” and commenter content by “Peter Cottontail.”
In Social Patrol, by default, Commenter content, such as post and comments, is attributed to the individual. Social Patrol includes the name and profile image for the Commenter when viewing the Content/Incidents view, reports, and archive records.
When the customer is configured to use the Privacy for Commenter Content then Commenter content is anonymized. Social Patrol replaces the name of the individual with “Private Private” and changes the profile image to a generic image. The anonymization carries through to the archive records.
Please contact firstname.lastname@example.org if you wish to enable Privacy for Commenter Content.
Social Profile Manager
Social Profile Manager Pre-Review for Facebook
Social Profile Manager Pre-Review now supports managing Facebook business pages. This new option requires users to submit proposed changes to the managed profile for review. Review supports both one reviewer and two reviewer workflows. Only approved changes are published to the page. Changes made to the page, outside of this process, are automatically reverted by the system.
If you are currently using Social Profile Manager Post Review for a Facebook business page and want to switch to Pre-Review, contact email@example.com.
To manage a Facebook Business page with Social Profile Manager Pre-Review, select Patrol from the blue menu and then select Profile Policies. You can create a new policy or update an existing policy. To configure the policy for pre-review the option “Enforce Pre-review” must have a check.
Managing the Profile for a Newly Added Facebook Business Page
After onboarding a Facebook account to Social Patrol with Pre-Review configuration, the product automatically scans the account, submits a profile review, and notifies the personnel specified in the configuration policy who will perform the review. This review is called the Onboarding Review.
The reviewer launches the review editor from the task list or email. The editor displays profile fields that the product manages or monitors (see full list below).
The reviewer can action each field individually or as a batch of fields. For example, if the reviewer determines a field is not acceptable as submitted, the reviewer can select the checkbox to the right of the field.
“Revision Requires on Selected Changes” at the bottom of the form submits the check-marked edits.
The reviewer can then add a comment specific to the selected field and hit “Reject” to mark the field value as not accepted.
Once all fields are actioned, the Finalize button, located at the lower left of the review form, is enabled.
The reviewer selects “Finalize” to complete the review. Approved changes are published to the Facebook business page and the product displays a confirmation of the field changes.
The review is complete and the system sends the summary email the owner of the page.
All changes from this point in time forward must be submitted for pre-review using Social Profile Manager Pre-Review form.
User Submitted Changes
To request incremental changes to a profile, the user accesses the pre-review portal. The specific link is listed in the Profile Policy and should be shared with users as part of the training you provide.
The user selects the Facebook icon displayed on the pre-review portal landing page and then enters their Facebook credentials. Facebook validates the credentials and informs Social Profile Manager if the user is authorized. Social Patrol does not capture, store, or inspect the user’s credentials.
After the user is validated, Social Profile Manager displays a summary of the profile review history. If there is already an active review for the profile, the system will not permit the user to submit additional profile changes (see documentation above for “Social Profile Manager Pre-Review: Updated message”).
The user selects “Update Your Profile” to start a profile editing session. The user sees a list of all managed and monitored fields. He requests changes to a field by selecting the pencil to the right, applying the change and saving the requested change. The system identifies changes in red for removed text and green for added text.
Changes to fields are saved so that a user can make changes at different times. The changes are saved and submitted as a single review when the user selects Submit, which is located at the lower right of the profile edit form. The system generates a review, notifies the required personnel and acknowledges the submission to the user.
The review process for onboarding review, incremental review and expiration review (if configured) are identical. Reviewers use the same review tool.
The profile status of an account is reported in the Profile Status Report, which is run from the Threat Center menu.
Social Profile Manager Pre-Review: Updated message
When a user accesses the pre-review portal, the product verifies there are no reviews pending. If there are outstanding reviews, the product prevents the user from editing their profile and submitting additional changes. In this release, a message is added that informs the user they cannot edit their profile because there is already an active review for the profile.
Social Profile Manager Pre-Review for LinkedIn: Experience Logo
When managing a LinkedIn profile with Social Profile Manager, some work experiences did not display a company logo even when the company did have a logo associated on linkedin.com. The processing has updated so that when adding an experience, the product retrieves a list of companies from linkedin.com and the user can add their own or select from the list. By selecting from the list, the product associates the linkedin.com company code with the experience entry so that the company logo will display on linkedin.com.
Profile Status Report Enhancements
The Profile Status Report has been enhanced with the following updates:
CHANGE: This report no longer applies a timeframe. It always reports on the current status of all the accounts in the selected notification policies.
CHANGE: Column "ID". Currently the value is the account id. Change this to the URL to the account.
ADD: column with name "Compliance ID of Last Completed Review" and the value is the compliance id. If Compliance ID is not set then the value is blank.
ADD: column with name "1st Level Reviewer of Last Completed Review" List the user name of the reviewer who performed the first level of review.
ADD: column with name "2nd Level Reviewer of Last Completed Review" List the user name of the reviewer who performed the final level of review.
ADD: Column "Profile Expiration Date" column. It contains the date when the profile expires.
ADD: Column "Live Profile". Column is to be placed as the next column to the right of the column "Approved Profile". Column is to the URL to the public profile of the account.
CHANGE: Column "Status to "Review Pending". If the profile has a review in any state of review then the value is the compliance ID of the review. If the compliance ID is not available and there is a pending review then "Yes" else the field is blank.
Advanced Search Improvement
Use “or” to search for multiple keywords (ie. green or earth).
Website Title in Domain Detection Details
Monthly Summary Reports on Threat Center
The current summary report we provide is sent directly to our customers at the start of each month. We can make this report available on the threat center upon request.
Splunk Connector Improvements
Our product supports the option to export and consume audit log event data in a variety of ways, including forwarding to different SIEM and log management platforms. The Audit Log captures all system related events and changes across all product modules, including the customer portal (ie. every profile change on an account). Improvements to current Splunk integration to make it easier to communicate with customer's Splunk instance (on-premise or cloud), more usable for customers.