Jump to content

Recommended Posts

  • Administrators
Posted

Release date: November 6, 2020

ESET Enterprise Inspector 1.5 has been released.

The build 1.5 is now available for download from the download page.

Changelog:

  • Added: Ability to work with rules via Public REST API (list, create, edit and delete)
  • Added: Ability to trigger Network Isolation via Rules (only for Windows endpoints)
  •  Added: Support for full Unicode characters
  • Added: Ability to add multiple comments to Detection, Executables, Computers, and Processes
  • Added: Various performance improvements (e.g. faster search, purge, rules engine and others)
  • Fixed: Multiple issues related to internal server errors and exclusions

New detection capabilities:

  • Added: Improved detection capability for advanced code injection methods
  •  Added: Ability to invalidate trust attributes of compromised processes
  • Added: Information related to execution of files via shortcuts (LNK files)
  • Added: Visibility into file reading operations for specific scenarios (e.g. reading of passwords)
  • Added: Visibility into WMI Query behavior
  • Added: Information about named pipes (to detect e.g. Cobalt Strike)
  • Added: Visibility into MS Office VBA macros (if enabled in MS Office)
  • Added: Ability to detect suspicious protocols (e.g. TOR, VNC, and BitTorrent)

 

Known Issues:

When upgrading to v1.5 from previous versions installer doesn't remove obsolete rules. You can delete obsolete rule 'Network communication through port typical for TOR [B0503]' manually.

 

Support Resources:

  • Marcos locked this topic
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...