Resolved -
After several hours of monitoring, we are confident our patch has resolved the issue for the time being. The SOC Team is being extra vigilant for any reoccurrences of this behavior and will notify you immediately.
For more details please reference the recent SOC Advisory "Ingestion Delay Incident and New CyFlare Status Page" that was posted within our ONE platform for our clients.
Apr 5, 16:51 EDT
Update -
At this time we are not observing any notable ingestion delays from our XDR Product to our SOAR Platform, however we are continuing to monitor this until we are extremely confident that issues will not persist.
Apr 5, 09:05 EDT
Update -
We are continuing to monitor for any further issues.
Apr 4, 20:22 EDT
Update -
We are continuing to monitor for any further issues.
Apr 4, 20:20 EDT
Monitoring -
A patch has been implemented and alerts are beginning to flow. The analyst team and our playbooks are processing the large amount of alerts in a short amount of time and this may result in slower disposition times for a few hours. Fortunately there is still no loss of visibility.
Clients may experience a large amount of escalations during this period of catching up with the queue.
CyFlare is continuing to monitor the issue in case it appears again. We will notify when we are confident this issue is completely resolved.
Apr 4, 20:18 EDT
Update -
The CyFlare team is still actively working towards a solution regarding ingestion delays being experienced at this time. If any concerns please reach out to socir@cyflare.com.
Apr 4, 18:58 EDT
Identified -
An identified bug in our connector code in SOAR for our XDR solution has caused frequent delays of ingestion. We are working to identify a permanent solution for this bug. Fortunately there is no loss of data or loss of Security Event visibility, we are just experiencing slower ingestion at this time.
Apr 4, 13:30 EDT