Release Notes: Xcitium Enterprise Platform Update - April 30 2026

Product Updates Release Notes
1

Hello Xcitium Community,

We’re rolling out a release today for Xcitium Enterprise. This release includes new updates on the portal
The deployment is expected to take approximately 2 hours. While no service interruptions are expected, please don’t hesitate to reach out if you experience any issues afterward.

Deployment Schedule:

  • Thursday, April 30, 2026, at 03:00 AM EST/ 08:00 AM GMT/ 01:30 PM IST, across US and EU portals.

Xcitium Enterprise Platform

What’s in This Release

→ Create Alerts from Windows System Events and Investigate Them in Full Detail
What you can see: “System Event” is now available as an event source when configuring alert policies in the Enterprise Portal, with two new fields in expanded event rows: Windows Event ID and raw event XML payload.
What you can do: Build alert policies targeting specific Windows Event IDs, click a System Event ID to refine your query, and open the XML viewer to inspect the full raw event payload.
Why it matters: Windows System Events are critical for detecting threats like credential attacks and persistence mechanisms — now natively integrated into your alerting and investigation workflows.

→ Bulk Alert Closure Now Runs Asynchronously in Alerts Search
What you can see: A pop-up notification now appears confirming that the alert closure request has been submitted and is processing in the background. A Refresh button is available to monitor progress.
What you can do: Close large volumes of open alerts in one command without the system becoming unresponsive.
Why it matters: Previously, closing very large alert sets risked system unresponsiveness. Asynchronous processing ensures the platform remains stable while bulk closures run in the background.

→EDR: Additional Telemetry Fields Now Available in Alerts Search and Event Search
What you can see: Nine new file and process metadata fields are now visible in expanded EDR alert
detail views and in the Query Fields and Select Fields panels in Event Search.
What you can do: Filter and query events by criteria such as digital signature status or company name and add them as columns in your event results table.
Why it matters: These fields provide critical context about process provenance and authenticity, helping analysts identify threats and build detection rules faster without leaving Xcitium Enterprise.

APPENDIX

New Portal Versions

  • Xcitium Enterprise Platform: 4.63

If you have any questions or feedback, don’t hesitate to reach out. We appreciate your continued support and look forward to delivering more improvements!

Best regards,
Xcitium Product Management Team