<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=3026858&amp;fmt=gif">
TRY NOW
TRY NOW

1 min read

Binalyze AIR Release Notes 1.7.40

Picture of Amina Zilic Amina Zilic : Sep 10, 2021 8:25:56 AM

Binalyze AIR
Featured Image

Version 1.7.40

  • New feature: AIR-QRadar integration. Now, an acquisition can be started by triggering AIR via QRadar (credits: Esra Kulüp)
  • New feature: Added Roles and Privileges. Starting from this version AIR contains 70+ user privileges for more fine-grained control
  • New feature: Added backup support for case reports and config files. (Database backup is already available beginning from v1.7.16)
  • New feature: Added AES encryption option for backups
  • New feature: Added SFTP support to store backups on the remote server
  • New feature: Added performing bulk operations on the selected endpoints (adding/removing tags, deleting endpoints, starting acquisition triage, and much more. credits: Babak Mirzahosseiny)
  • New feature: Added triage support to Linux. Now, the file system and memory can be scanned using YARA rules. (credits: Hilko Bengen (https://github.com/hillu/) Author of go-yara (https://github.com/hillu/go-yara))
  • New feature: Added Custom Content collection from Linux distributions
  • Added progress update for compression and SFTP upload process on Linux
  • Added sending matched triage rules to Syslog
  • Added advance filter options to data grids
  • Added auto-generated shell script to facilitate Linux deb and rpm packages deployment
  • Added AIR integration guideline to documentation
  • Improved policy creation UI & UX
  • Improved setup process UI & UX
  • Improved custom SSL certificate information
  • Improved task completion status UX
  • Improved nats communication in agent
  • Implemented more secure cookie-based authentication
  • Optimized Audit logging performance
  • Optimized Syslog bulk processing performance
  • Fixed changing proxy settings when the license is lockdown
  • Fixed an issue in the agent installer
  • Fixed some security vulnerabilities
  • Minor changes and bug fixes

Webinar & Events

How to perform compromise assessment with 1 click?

Picture of Amina Zilic Amina Zilic : Nov 19, 2021 2:16:02 PM

Compromise assessment is an analysis of a network of endpoints or a single endpoint to uncover unknown security breaches, malware, and any sign of...

Binalyze DRONE compromise assessment
Read More

Microsoft Exchange Server Vulnerability Scanner (CVE-2021-42321)

Picture of Amina Zilic Amina Zilic : Nov 11, 2021 7:26:02 PM

UPDATE 15.11.2021.

Microsoft patches actively exploited Exchange, Excel zero-days (CVE-2021-42321). Please refer to their site for more details. 

...

DRONE Incident Response CVE-2021-42321 Microsoft
Read More

The Tenth Step to Forensic Readiness: Legal review

Picture of Amina Zilic Amina Zilic : Nov 3, 2021 9:59:03 AM

When we plan our incident response strategies and forensic readiness steps, we strongly pay attention to digital evidence acquisition, storage,...

Forensic Readiness
Read More