Release Notes for Cisco XDR 2.40
Release Date: April 16, 2025
New Features and Updates
Getting Started
No new customer-facing features or updates in this release.
Control Center
|
Feature |
Description |
Help Topic |
|---|---|---|
|
Help updates |
The following updates have been made to the Help:
|
MITRE ATT&CK® Coverage Map |
Incidents
|
Feature |
Description |
Help Topic |
|---|---|---|
|
Help update |
The following update has been made to the Help:
|
Investigate
|
Feature |
Description |
Help Topic |
|---|---|---|
| Help updates |
The following updates have been made to the Help:
|
Intelligence
No new customer-facing features or updates in this release.
Automate
|
Feature |
Description |
Help Topic |
|---|---|---|
|
Request Approval task activity |
Both the Create Approval Request and Wait For Event task activities, deprecated since release 2.36, have now been removed from Automation. Workflows using these obsoleted activities will fail. Please replace them with the Request Approval task activity. |
|
|
Automation Remote |
On May 31, 2025, Ubuntu 20.04 LTS will reach the end of its standard five-year support window. Your existing Remote configuration will continue to work. However, we recommend that you redeploy your Remote VM with our updated 6.40.0 OVA to maintain support using the newer Ubuntu 24.04 LTS. Refer to the instructions in the Automation Remote Help topic. |
|
|
Rate limits |
To preserve system resources and ensure the integrity and performance of the platform, Automation rate limits have been updated. Refer to the Webhook API in the Workflows Help topic. |
|
|
Help update |
The following additional update has been made to the Help:
|
Assets
|
Feature |
Description |
Help Topic |
|---|---|---|
|
Bulk action bar |
A bulk action bar has been added to the Devices and Users page. Use this bar to update values and labels for one or more devices or users at the same time. |
|
|
Help updates |
The following updates have been made to the Help:
|
Client Management
|
Feature |
Description |
Help Topic |
|---|---|---|
|
Bulk action bar |
A bulk action bar has been added to the Clients page. Use this bar to move multiple devices to a different deployment at the same time. |
|
|
Zero Trust Access profile |
You can now upload a Zero Trust Access profile to the Profiles page and select a Zero Trust Access profile when creating new deployments. |
|
|
Deployments page |
The Deployments page now has tabs to separate the Default Deployments and Custom Deployments. |
|
|
Help updates |
The following updates have been made to the Help:
|
Administration
|
Feature |
Description |
Help Topic |
|---|---|---|
|
API Clients page |
The |
(View) icon has been removed from the Integrations
|
Feature |
Description |
Help Topic |
|---|---|---|
|
Microsoft Defender for Office 365 GCC update |
The Microsoft Defender for Office 365 GCC application in Microsoft Government Community Cloud (GCC) integration on the Integrations page now supports threat hunting and investigation capability. Use the Microsoft Defender for Office 365 GCC integration to search for security detections and associated indicators, reputations, and references, involving specified email addresses, URLs, email subjects, message IDs, IPs, file names, or SHA-256 hashes. |
Cisco and Third-Party Integrations and Supported Capabilities |
| Help updates |
The following updates have been made to the Help:
|
Cisco and Third-Party Integrations and Supported Capabilities AbuseIPDB IP Checker Integration AlienVault Open Threat Exchange Integration |
Ribbon and Pivot Menu
No new customer-facing features or updates in this release.
Resources
No new customer-facing features or updates in this release.
Previous Release Notes
To view the Release Notes for previous releases, see Previous Release Notes for Cisco XDR.