NOTE - This release contains new content that leverages SPEC 3.0.
Enterprise Security Content Updates v3.0.1 was released on June 4, 2020. It includes the following enhancements:
New UI Enhancements:
- Adds workbench panel investigations
New Analytic Story:
- Kubernetes Sensitive Object Access Activity
- Kubernetes Sensitive Role Activity
- Suspicious Zoom Child Processes
Updated Analytic Story:
- Kubernetes Scanning Activity
Full documentation: https://docs.splunk.com/Documentation/ESSOC/3.0.1