-
New feature: AIR-QRadar integration. Now, an acquisition can be started by triggering AIR via QRadar (credits: Esra Kulüp)
-
New feature: Added Roles and Privileges. Starting from this version AIR contains 70+ user privileges for more fine-grained control
-
New feature: Added backup support for case reports and config files. (Database backup is already available beginning from v1.7.16)
-
New feature: Added AES encryption option for backups
-
New feature: Added SFTP support to store backups on the remote server
-
New feature: Added performing bulk operations on the selected endpoints (adding/removing tags, deleting endpoints, starting acquisition triage, and much more. credits: Babak Mirzahosseiny)
-
New feature: Added triage support to Linux. Now, the file system and memory can be scanned using YARA rules. (credits: Hilko Bengen (https://github.com/hillu/) Author of go-yara (https://github.com/hillu/go-yara))
-
New feature: Added Custom Content collection from Linux distributions
-
Added progress update for compression and SFTP upload process on Linux
-
Added sending matched triage rules to Syslog
-
Added advance filter options to data grids
-
Added auto-generated shell script to facilitate Linux deb and rpm packages deployment
-
Added AIR integration guideline to documentation
-
Improved policy creation UI & UX
-
Improved setup process UI & UX
-
Improved custom SSL certificate information
-
Improved task completion status UX
-
Improved nats communication in agent
-
Implemented more secure cookie-based authentication
-
Optimized Audit logging performance
-
Optimized Syslog bulk processing performance
-
Fixed changing proxy settings when the license is lockdown
-
Fixed an issue in the agent installer
-
Fixed some security vulnerabilities
-
Minor changes and bug fixes
Amina Zilic