Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security logs tell you who accessed a system, but they won’t tell you where a CSV file went after someone exported it. Files move between apps, users, and third-party vendors without anyone truly tracking where they go, who touches them, or how they’re used. And that’s a massive problem when a breach happens, when auditors come knocking, or when you’re trying to tighten internal controls.

Data exfiltration incidents are some of the hardest cases to handle in DFIR. There’s no malware signature, no ransom demand, and usually, no clear intrusion point. You just get a vague alert (or worse, a tip from legal), and suddenly, you’re under pressure to figure out what data was taken, how it happened, and whether any evidence still exists. Miss one key detail, and you risk losing the trail. Or in some cases, corrupting evidence that legal teams or regulators will need later.

We are excited to announce Platform Release 829, a major update designed to give you surgical control over your monitoring environment while bringing the Mac Agent closer to feature parity with Windows. This release focuses on delivering greater flexibility in tracking, ensuring privacy and security go hand-in-hand. Here is a summary of the new features and improvements available in this release. For an extensive list, please refer to the detailed Release Notes.