​SIA​ administrators can now schedule a daily or weekly report that generates with alerts or all event data for the selected time period. Reports are generated and emailed to users who an administrator configures to receive scheduled report notifications.

From the Communication tab on the Utilities page, ​SIA​ administrators can now easily provide email addresses for alert notifications. In future releases, the improved design of the Communication tab will allow administrators to configure notification emails for specific ​SIA​ features.

From the Sinkhole tab on the Utilities page, ​SIA​ administrators complete a new process to create a custom sinkhole. ​SIA​ administrators can also now modify a sinkhole policy assignment.

In an upcoming release, ​SIA​ administrators will be able to download an OVA file to create a virtual machine that is configured as a sinkhole in your network. The ​SIA​ sinkhole receives suspicious or malicious traffic and identifies machines that are infected with malware. To participate in the beta of the ​SIA​ sinkhole feature, contact your account representative.

New reporting criteria or dimensions, including additional reporting dimensions for DNS activity. On the DNS Activity page, users can now view DNS activity data based on threat category and Autonomous System (AS) Name.

The ability to create a PDF of the Dashboard or the DNS Activity page. Each PDF contains an image of the entire page, including the data, graphs, and applied filters.

​SIA​ administrators can now manage sinkholes from the Utilities page. A new Sinkhole tab is available.

New options are available to upload text files that contain known or suspected domains or IP addresses for a custom list configuration.

​SIA​ administrators can now report a domain they believe is misclassified in a security list or incorrectly categorized in the Acceptable Use Policy.

The “Drop” list action in a policy configuration is no longer available. If a list was previously assigned the “Drop” action, the lists are instead assigned the “Deny” action.

The “Warning” action for a security or custom list in a policy is now called “Blockpage”. The behavior of the action has not changed.

To share domain search results, an ​SIA​ user can now provide the URL of the Indicator Search results page to other ​SIA​ users.

If a malicious or harmful domain is found with the Indicator Search, the search results now list known bad URLs within those domains.

Event reports now generate data at near realtime.

The ​SIA​ user documentation is updated, including the online help, User Guide, and Quick Start Guide.