ESET Enterprise Inspector version 1.5 has been released

[Marcos 5,074]

Release date: November 6, 2020

ESET Enterprise Inspector 1.5 has been released.

The build 1.5 is now available for download from the download page.

Changelog:

• Added: Ability to work with rules via Public REST API (list, create, edit and delete)
• Added: Ability to trigger Network Isolation via Rules (only for Windows endpoints)
•  Added: Support for full Unicode characters
• Added: Ability to add multiple comments to Detection, Executables, Computers, and Processes
• Added: Various performance improvements (e.g. faster search, purge, rules engine and others)
• Fixed: Multiple issues related to internal server errors and exclusions

New detection capabilities:

• Added: Improved detection capability for advanced code injection methods
•  Added: Ability to invalidate trust attributes of compromised processes
• Added: Information related to execution of files via shortcuts (LNK files)
• Added: Visibility into file reading operations for specific scenarios (e.g. reading of passwords)
• Added: Visibility into WMI Query behavior
• Added: Information about named pipes (to detect e.g. Cobalt Strike)
• Added: Visibility into MS Office VBA macros (if enabled in MS Office)
• Added: Ability to detect suspicious protocols (e.g. TOR, VNC, and BitTorrent)

 

Known Issues:

When upgrading to v1.5 from previous versions installer doesn't remove obsolete rules. You can delete obsolete rule 'Network communication through port typical for TOR [B0503]' manually.

 

Support Resources:

• Online Help (user guide): ESET Enterprise Inspector