DRONE Release Notes

SUBMIT FEATURE REQUEST

Today

09/03/2022

Version 2.2.1

 

  • Fixed minor memory leak in the Events of Interest analyzer

     

09/03/2022

24/02/2022

Version 2.2


Features

  • Added Exclusions support for preventing the finding from being reported using their paths.


Enhancements

  • The events of Interests configuration file(DRONE.EventsOfInterest.yml) have now been migrated to the main configuration file(DRONE.Config.yml).

  • Improved YARA Scanning for Unicode containing filenames


Fixes

  • Fixed an issue with Tower UI grid filter functionality.

  • Minor fixes and improvements

20/01/2022

Version 2.1


Features

  • Added Sigma Linux support

  • Added Device (Live) Event Record search with Sigma

Enhancements

  • Improved command keyword search

  • Improved Tower UI/UX

  • Improved Application Analyzer

  • Improved DRONE performance

  • Improved Prefetch Analyzer

  • Improved YARA Scanners

Fixes

  • Fixed an issue with TOR usage checks

  • Fixed an issue with Sigma execution

  • Fixed an issue with Linux Process Analyzer

  • Fixed an issue with MFT Analyzer

  • Hash scanner verdict level changed from Dangerous to Matched

20/01/2022

13/12/2021

Version 2.0

Features

  • Added a new mode; DiFFer - this brand new mode makes it possible to compare a DRONE analysis to a baseline and list the differences between the two

  • Added file import support to the Keyword Search and Hash Search

  • Added an option to the CLI for executing an external Sigma rule

  • Added Hash search capability on the file system and evidences

  • Added possible TOR usage checks

  • Added AWS S3 and Azure Storage usage checks

Enhancements

  • Improved Tower UI/UX

  • Improved Keyword search

  • Improved Process Analyzer

  • Improved Application Analyzer

  • Improved Vulnerability Analyzer

  • Improved Webshell Analyzer

  • Improved Ransomware Analyzer

  • Improved Browser History Analyzer

  • Improved Sync Sigma command - now supporting external Sigma repository URLs through the config file

Fixes

  • Fixed an issue with the Event Record details UI/UX

  • Fixed an issue with the Event Record Analyzer

  • Fixed an issue with the Process Analyzer

11/11/2021

Version 1.7.2

  • Added Microsoft Exchange Server Remote Code Execution Vulnerability (CVE-2021-42321) identifier to Vulnerability Analyzer

11/11/2021

13/10/2021

Version 1.7.1

  • Fixed an issue with the Package Manager Analyzer 

  • Fixed an issue with the auto selection of the available analyzers

 

7/10/2021

Version 1.7.0

  • DRONE can now fly on Linux with the analyzers below;

    • Generic WebShell Analyzer

    • Vulnerability Analyzer

    • YARA Scanner

    • Process Analyzer

    • CronJob Analyzer

    • Package Manager Analyzer

    • Shell History Analyzer

  • Added support for 32-bit systems

  • Added Regex and Wildcard support on keyword search

  • Added SMB v1 identifier to Vulnerability Analyzer

  • Added minimum score to report option to the CLI

  • Added support for analyzing multiple MFT files

  • Improved YARA scanner performance

  • Fixed an issue on Sigma rule execution

7/10/2021

11/8/2021

Version 1.6.0

  • Blog News: DRONE v1.6.0

  • Added YARA Scanner

  • Added Ransomware Identifier

  • Added an option on CLI to synchronize Sigma public repository

  • Added an option on CLI to pull YARA repositories given from the config file

  • Added an option on CLI to specify the output directory

  • Added an option on CLI to specify of case id

  • Improved Process Analyzer

  • Webshell verdict level increased to Dangerous from Matched

  • Fixed an issue with the license usage

  • Fixed an issue with the process loader

13/7/2021

Version 1.5.0

  • Added HTTP Proxy option to the CLI

  • Added Admin share usage detection via Shellbags

  • Added Provider filter option to the Events of Interest Analyzer

  • Improved Browser History Analyzer

  • Improved Tower's data transmission

  • Fixed an issue with the Tower's grid renderer

 

13/7/2021

2/7/2021

Version 1.4.1

 

12/6/2021

Version 1.3.0

  • Blog News: v1.3.0

  • Added config file for saving settings and license (DRONE.Config.yml)

  • Added support for custom event list (DRONE.EventsOfInterest.yml)

  • Added -a parameter for enabling analyzers from the command line

  • Added attribution to Sigma Detections

  • Improved Syslog reporting

  • Improved HTML reporting

  • Updated VMProtect version

  • Updated Sigma Rules repository

  • Decreased file size to 17MB

  • Removed manual command line mission providing

  • Fixed an issue with Datetime parsing (credits: Chris Culina)

  • Fixed an issue with Syslog

  • Fixed an issue with the HTML report

 

12/6/2021

2021

DRONE was born on 13th May 2021 with our first public Beta release 1.2

Download the AIR Features Guide
New call-to-action
Providing Cyber Resilience to World-class Enterprises Globally
logo-customers-pwc logo-customers-garmin logo-customers-sophos logo-customers-thy logo-customers-kpmg logo-customers-ey logo-customers-deloitte logo-customers-turkcell logo-customers-integrity360