Dark Mode for Perch Web Console
It would be very nice if the Perch web console had a persistent per-user option in settings to enable a "dark mode" color scheme.
Perchybana filtering by customer
If a customer gets selected from the dropdown, It would be great if the Perchybana search automatically only searches for that particular customer instead of for everyone
Office 365 Cloud App Security
Possibly collect CASB and UEBA analytics data from Office 365 Cloud App Security.
Active Directory Integration - SOAR functionality to disable/enable user accounts
Add SOAR functionality to disable/enable user accounts
Hostname in IDS Alerts
It would be very helpful if the IDS alerts were able to resolve the hostname of the internal device that triggered the alert, and if we could then remediate/false positive based on that hostname. This is particularly useful in situations where a client wants to whitelist an application for certain devices in a DHCP environment. Maybe the sensor can do an nslookup and attach the results to the alert?
Leverage YARA rules in Perch IDS
Allow the Perch IDS (Network sensor) to ingest Yara rules and alert based on detected network traffic. Ideally this would allow for matching certain files, images, etc... detected in clear text protocols. - For example compressed files, Microsoft Word, PDF, RTF, txt, powershell, vbs, etc... - Image examples may include png, jpg, ico, etc... This would further help in the detection of malware based on the family of malicious traffic rather than a traditional signature.
Threat intel detection on log data
as we add more logs to Perch it would be great to be able to get alerts based on the log data we are collecting. One specific need at the moment is: We are logging SHA's of executed applications on our workstation's and would like to check these against current IOC's to get real time alerting.