Home
-
Blog
-
Sycope launches version 3.2 with advanced detection, expanded integrations and enhanced automation
12/05/2026

Sycope launches version 3.2 with advanced detection, expanded integrations and enhanced automation

Building on previous releases, Sycope 3.2 focuses on three key areas: enhanced API observability, advanced detection and forensic capabilities, and expanded ecosystem integrations.

Author: Magda Bącela
Sycope announces the release of Sycope 3.2, introducing significant advancements in detection capabilities, integration visibility, and automation. The new version strengthens Sycope’s position as a central platform for network observability, security analytics, and incident response across complex IT environments. Building on previous releases, Sycope 3.2 focuses on three key areas: enhanced API observability, advanced detection and forensic capabilities, and expanded ecosystem integrations.

Key Highlights of Sycope 3.2

1. Advanced API Observability & Integration Control

Sycope 3.2 introduces new capabilities that significantly improve visibility into system integrations and automated workflows. A new REST Audit Stream provides a complete history of API interactions, allowing organizations to track all requests and responses across external integrations. Additionally, the Alert API Response Collector enables tracking of responses from external systems triggered by alerts, offering greater transparency and validation of automated actions. These enhancements improve troubleshooting, compliance, and overall observability of integration-driven environments.

2. New Level of Detection & Forensic Analysis

With version 3.2, Sycope expands its detection capabilities beyond real-time monitoring by introducing retrospective alert detection. The new Run Rule On-Demand feature allows users to execute detection rules against historical data, enabling:

  • forensic investigations
  • validation of new detection rules
  • analysis of past incidents

In addition, Sycope introduces enhanced device detection capabilities, including:

  • identification of unknown and rogue devices
  • IP address conflict detection
  • automatic vendor identification based on MAC/OUI

These features provide organizations with deeper control over network assets and improved visibility into unauthorized or unexpected activity.

3. Expanded Automation & Ecosystem Integrations

Sycope 3.2 significantly extends integration capabilities, enabling seamless interaction with external tools and platforms.

New and enhanced integrations include:

  • Slack and Microsoft Teams – sending alerts as interactive messages
  • Jira – automatic incident creation and updates
  • Microsoft Power Automate – advanced workflow automation
  • phpIPAM – synchronization of hosts and subnets

Additionally, support for CEF-compatible syslog ensures smooth integration with leading SIEM platforms such as Splunk, QRadar, and ArcSight.

Together, these capabilities position Sycope as a central hub for correlation, automation, and response in SOC and NOC environments.

 

Other improvements in Sycope 3.2

  • improved syslog configuration with selectable encoders (CEF / legacy)
  • redesigned REST Client configuration for easier setup
  • enhanced rule management with granular alert routing
  • extended capabilities for custom aggregations using lookups

Sycope 3.2 represents another step forward in transforming raw network data into actionable intelligence. By combining real-time monitoring, historical analysis, and deep integration capabilities, Sycope enables organizations to move from reactive alert handling to proactive detection and response.

Sycope 3.2 is now available!
Documentation: https://documentation.sycope.com
Release notes: https://documentation.sycope.com/Release-Notes
For more information, visit www.sycope.com or contact us at contact@sycope.com.

Sycope 3.2
You may also like
Blog
Sycope S.A. signs distributor agreement with Looptech Co.
This new distributor agreement unlocking exciting opportunities for expansion and growth across the GCC Countries and the Middle East.
Magda Bącela
03/06/2025
Read more >
This week top knowledge
Blog
NDR vs SIEM vs XDR – differences NDR XDR, NDR vs SIEM and choosing a network monitoring system
How do SIEM, NDR, and XDR complement each other in the SOC, and why do they only become truly effective when combined into one monitoring ecosystem?
Paweł Drzewiecki
10/10/2025
Read more >
Blog
How to monitor encrypted traffic in Sycope?
Due to the prevalence of encrypted traffic in organizations, monitoring it as a technique can be particularly advantageous.
Paweł Drzewiecki
16/04/2025
Read more >
Blog
Network flow monitoring – a valuable source of data for SIEM systems
SIEM is the central security system for most organisations, network flow monitoring can help to increase companies’ defensive capabilities.
Marcin Kaźmierczak
16/04/2025
Read more >
x
Leveraging the nTop nDPI for Application Visibility within Sycope/nProbe integration
< Previous video
Next video >
Leveraging the nTop nDPI for Application Visibility within Sycope/nProbe integration
Products
Products
Visibility Performance Security Asset Discovery
Resources
Resources
Resource library
Documentation
 Integrations Case studies FAQ
Company
Company
About Careers Partners For Investors
© 2026 Sycope Ltd. All rights reserved. Privacy Policy
This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.