<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=3026858&amp;fmt=gif">

1 min read

Binalyze AIR Release Notes 1.7.40

Featured Image

Version 1.7.40

  • New feature: AIR-QRadar integration. Now, an acquisition can be started by triggering AIR via QRadar (credits: Esra Kulüp)
  • New feature: Added Roles and Privileges. Starting from this version AIR contains 70+ user privileges for more fine-grained control
  • New feature: Added backup support for case reports and config files. (Database backup is already available beginning from v1.7.16)
  • New feature: Added AES encryption option for backups
  • New feature: Added SFTP support to store backups on the remote server
  • New feature: Added performing bulk operations on the selected endpoints (adding/removing tags, deleting endpoints, starting acquisition triage, and much more. credits: Babak Mirzahosseiny)
  • New feature: Added triage support to Linux. Now, the file system and memory can be scanned using YARA rules. (credits: Hilko Bengen (https://github.com/hillu/) Author of go-yara (https://github.com/hillu/go-yara))
  • New feature: Added Custom Content collection from Linux distributions
  • Added progress update for compression and SFTP upload process on Linux
  • Added sending matched triage rules to Syslog
  • Added advance filter options to data grids
  • Added auto-generated shell script to facilitate Linux deb and rpm packages deployment
  • Added AIR integration guideline to documentation
  • Improved policy creation UI & UX
  • Improved setup process UI & UX
  • Improved custom SSL certificate information
  • Improved task completion status UX
  • Improved nats communication in agent
  • Implemented more secure cookie-based authentication
  • Optimized Audit logging performance
  • Optimized Syslog bulk processing performance
  • Fixed changing proxy settings when the license is lockdown
  • Fixed an issue in the agent installer
  • Fixed some security vulnerabilities
  • Minor changes and bug fixes

How to perform compromise assessment with 1 click?

Compromise assessment is an analysis of a network of endpoints or a single endpoint to uncover unknown security breaches, malware, and any sign of...

Read More

Microsoft Exchange Server Vulnerability Scanner (CVE-2021-42321)

UPDATE 15.11.2021.

Microsoft patches actively exploited Exchange, Excel zero-days (CVE-2021-42321). Please refer to their site for more details. 

...

Read More

The Tenth Step to Forensic Readiness: Legal review

When we plan our incident response strategies and forensic readiness steps, we strongly pay attention to digital evidence acquisition, storage,...

Read More