Release Notes

A fully transparent and collaborative product development process, in partnership with our customers, has been critical to our success.

We love hearing customer feedback and feature requests. If you have any use the button below to submit your ideas directly to our engineering team.

Binalyze AIR Release Notes

Version 1.7.55


  • This is the last AIR Console version that supports the MSI installer. In future releases, Docker will be the only deployment option.
21 Jun 2021

Version 1.7.50


This is the stable release of the previous RC version (v.1.7.45)

  • Fixed a bug upgrading endpoints with old version to newer version
  • Fixed notifying NATS for the endpoints that need to be upgraded to the new version
  • Fixed a bug regarding database backup
  • Added support for validating settings for Azure Blob Storage and AWS S3
9 Jun 2021

Version 1.7.45 (RC)


  • New Feature: CSV import support for Timeline
  • New Feature: Amazon S3 Bucket evidence repository support
  • New Feature: Azure Blob Storage evidence repository support
  • New Feature: LDAPS integration support
  • Changed Triggers to Webhooks
  • Added Sources field for Investigation
  • Added support for deleting timeline resources
  • Added LimaCharlie Webhook support
  • Added new predefined YARA rule: NSA Mitigating Webshells
  • Added name field to evidence repositories
  • Improved timeline filtering
  • Improved timeline performance
  • Improved progress reporting based on percentage and time on Linux agent
  • Improved recursive directory walk when compressing case directory on Linux agent
  • Improved isolation task assignment validation
  • Improved task cancellation for network share evidence repository on Windows agent
  • Improved SFTP upload on Windows agent
  • Fixed delay on task receiving after an agent is upgraded to a new version
  • Fixed deploy script bug for non-HTTPS servers
  • Fixed minor bugs on Linux agent
  • Fixed an issue in YARA scanner on Windows agent
27 May 2021

Version 1.7.41


  • Minor bug fixes
6 May 2021
Version 1.7.40

  • New feature: AIR-QRadar integration. Now, an acquisition can be started by triggering AIR via QRadar (credits: Esra Kulüp)
  • New feature: Added Roles and Privileges. Starting from this version AIR contains 70+ user privileges for more fine-grained control
  • New feature: Added backup support for case reports and config files. (Database backup is already available beginning from v1.7.16)
  • New feature: Added AES encryption option for backups
  • New feature: Added SFTP support to store backups on the remote server
  • New feature: Added performing bulk operations on the selected endpoints (adding/removing tags, deleting endpoints, starting acquisition triage, and much more. credits: Babak Mirzahosseiny)
  • New feature: Added triage support to Linux. Now, the file system and memory can be scanned using YARA rules. (credits: Hilko Bengen (https://github.com/hillu/) Author of go-yara (https://github.com/hillu/go-yara))
  • New feature: Added Custom Content collection from Linux distributions
  • Added progress update for compression and SFTP upload process on Linux
  • Added sending matched triage rules to Syslog
  • Added advance filter options to data grids
  • Added auto-generated shell script to facilitate Linux deb and rpm packages deployment
  • Added AIR integration guideline to documentation
  • Improved policy creation UI & UX
  • Improved setup process UI & UX
  • Improved custom SSL certificate information
  • Improved task completion status UX
  • Improved nats communication in agent
  • Implemented more secure cookie-based authentication
  • Optimized Audit logging performance
  • Optimized Syslog bulk processing performance
  • Fixed changing proxy settings when the license is lockdown
  • Fixed an issue in the agent installer
  • Fixed some security vulnerabilities
  • Minor changes and bug fixes
27 Apr 2021

Version 1.7.35


  • New feature: GNU/Linux support for Debian and Redhat based distributions (Preview)
  • New feature: Added SFTP support to evidence repositories
  • New feature: Added compression and encryption support for evidences
  • New feature: Added endpoint isolation for Windows platform
  • New feature: Added policy support that gives you the ability to manage evidence repository location, compression, encryption, and CPU limit based on rules (credits: Turkcell CDC)
  • Added extended file information for triage files
  • Added dependecy checking to evidence repository deletion process
  • Added linux acquisition evidence list
  • Added "Use options provided in policies" and "Use custom options" choices to the acquisition, triage, trigger process
  • Added platform column to endpoint datagrid
  • Added platform, isolation status, and policy filters to endpoint page
  • Added Linux deploy steps to deploy page
  • Added assigning log retrieval task to offline endpoints.
  • Optimized caching to minimize performance bottlenecks caused by high request load
  • Optimized security token check performance
  • Optimized concurrent message handling on Nats server
  • Refactored worker pool to works based on priority
  • Refactored the endpoint task queue to work with the task configs in policies and custom configs
  • Removed patrol from AIR
  • Fixed XSS exploit on audit logs
  • Fixed the performance bottleneck on the task progress update process
  • Fixed a memory leak in the visit process on the windows agent
  • Fixed a problem in windows agent installation version check
  • Updated EULA
  • Minor UX improvements
  • Minor bug fixes
31 Mar 2021

Version 1.7.31


  • Fixed the bug related to task assignment to endpoints that are associated with multiple tags
1 Mar 2021

Version 1.7.30


  • Improved triage match results
  • Improved AD sync performance
  • Improved audit log db write transactions
  • Improved license capacity checks
  • Improved LDAP login
  • Highly optimized task core module performance
  • Highly optimized endpoint task queue memory usage
  • Highly optimized audit log storage
  • Highly optimized realtime task assignment to endpoints
  • Optimized logging on agent
  • Optimized debugging log on worker tasks
  • Optimized Agent Installer download performance
  • Optimized task result upload performance
  • Optimized db bulk operations
  • Optimized triage rule storage
  • Optimized task storage
  • Refactored worker core module
  • Fixed an issue related to sending triage task result
  • Fixed performance issue caused by Patrol module
  • Fixed disappearing endpoint tags after AD sync issue
  • Fixed loading up tasks to endpoint queue issue caused by db migration
  • Fixed the register required bug that is caused by latency on endpoint registration
  • Fixed the performance issue on visit requests caused by agent update load balancer
  • Fixed investigating same endpoints multiple times in the same investigation
  • Fixed security token mismatch bug on visit requests
  • Fixed the bug caused by reloading task details on the UI
  • Fixed the bug related to license validation for online and offline environments
25 Feb 2021

Version 1.7.24


  • Fixed a critical issue on the task assignment module
27 Jan 2021

Version 1.7.23


  • Improved endpoint connection error logging
  • Changed max memory cache size to maximum
  • Highly improved memory usage of the endpoint task queue
  • Increased node's memory usage limit to 6GB
  • Reduced effect of long-running tasks on the starting speed of the application
  • Fixed performance and memory issue on sending events to Syslog and audit logs
  • Fixed a minor bug on the endpoint registration issue
  • Fixed a minor bug on fix endpoint issue task
  • Fixed a minor bug on the installer
24 Jan 2021

Version 1.7.21


  • Fixed an issue in UI
  • Other minor bug fixes and improvements
18 Jan 2021
Version 1.7.20

  • Fixed minor bugs
14 Jan 2021

Version 1.7.16 (RC)


  • Added getting endpoint system resources feature
  • Added database backup feature that allows admin to create database backups regularly (credits: Turkcell CDC)
  • Added version column to the endpoint page
  • Added two new endpoint issue types
  • Added agent update management feature (credits: Turkcell CDC)
  • Added capability to fix registration issue for endpoints that re-installed
  • Improved error report sending on the installer
  • Improved offline license check
  • Improved endpoint issue filter
  • Improved dashboard page statistics
  • Improved automatic page data polling
  • Highly improved backend and agent logs
  • Improved re-upload task mechanism
  • Fixed an issue on triggers that cause not to ignore recurring requests
  • Fixed getting 404 when trying to download an external resource from the report
  • Fixed an issue in task fail upload condition
  • Fixed an exception in downloads collector
  • Other minor bug fixes and improvements
11 Jan 2021

Version 1.7.13 (RC)


  • Fixed an issue in agent installer
  • Other minor bug fixes and improvements
29 Dec 2020

Version 1.7.12 (RC)


  • Highly improved Yara Scanner speed
  • Improved getting agent logs from AIR
  • Improved process collector
  • Fixed an issue in Yara Scanner
  • Fixed an issue in Prefetch collector
22 Dec 2020

Version 1.7.11 (RC SunBurst Edition)


  • Fixed minor typo
14 Dec 2020

Version 1.7.10 (RC SunBurst Edition)


  • Added FireEye Red Team Tool Countermeasures Yara Rule
  • Added FireEye Mandiant SunBurst Countermeasures Yara Rule
  • Added support for both filesystem and memory triage
  • Added support for getting agent logs from AIR
  • Added support for agent log rotating
  • Highly improved AIR backend for concurrent operations
  • Fixed an issue in triage results
  • Fixed a minor issue in license
  • Other minor bug fixes and improvements
17 Dec 2020

Version 1.7.8 (RC)


  • Fixed an issue in event log parser
14 Dec 2020

Version 1.7.7 (RC)


  • Added Log Retrieval action to endpoint
  • Added Timeline action to endpoint group and endpoint tag tree
  • Added Reset Password support for users
  • Added scroll support for timeline
  • Added downloading case entries from report
  • Improved TimelineIR experience
  • Fixed minor install/uninstall bugs
  • Fixed trigger recurrence bug
  • Fixed other minor bugs
  • Removed setting AD and proxy configs from the installer
10 Dec 2020

Version 1.7.6


  • Minor improvements and bug fixes
3 Dec 2020

Version 1.7.4 (Beta)


  • Fixed an issue in event log parser
30 Nov 2020

Version 1.7.3 (Beta)


  • Added support for downloading report as HTML (credits: Turkcell CDC)
  • Improved Quick Acquisition Profile
  • Improved agent update mechanism (credits: Orhan Solak - Barikat Cyber Security)
  • Fixed an issue in agent task processing mechanism (credits: Burak Karapınar - HAVELSAN)
  • Fixed an issue in agent manual uninstallation (credits: Orhan Solak - Barikat Cyber Security)
27 Nov 2020

Version 1.7.1 (Beta)


  • Added TimelineIR feature
  • Added Binalyze.Patrol feature
  • Added audit logs feature
  • Added role-based access control
  • Added "Acquire Evidence", "Schedule Acquisition", "Triage" and "Delete Endpoint" actions by tag
  • Highly improved agent performance
  • Highly improved agent memory usage
  • Improved settings page to separate The Users, License, and Evidence Repositories pages
  • Improved case file upload to handle .ppc files
  • Improved the installer prerequisites to handle the newer version of NodeJS
  • Improved debug logs
  • The minimum memory requirement for the AIR server increased to 8GB
  • Other minor bug fixes and improvements
20 Nov 2020

Version 1.6.14


  • Added support for parsing SRUM Application Resource Usage
  • Added support for parsing SRUM Network Data Usage
  • Added new event records
  • Added MAC time to crash dumps
  • Added Custom Content collection from all drives (credits: Mason Toups)
  • Added Triage on all disk drives (credits: Mason Toups)
  • Added host content to report
  • Added export process table as CSV (credits: Alexander Jarvis)
  • Added Last Write Time for Installed Applications
  • Added support for CPU usage limitation (credits: Turkcell CDC)
  • Added Refresh button to the endpoint groups section
  • Added Delete All Tags button to the endpoint tags section
  • Added Delete button to all detail pages
  • Improved settings page design
  • Improved design of table action buttons
  • Improved Browser History acquisition
  • Improved Network Share connection check
  • Improved exception handling
  • Fixed an issue with event logs
  • Fixed WMI query exception problem
  • Fixed Downloads section processed count
  • Fixed an issue with timestamping
13 Oct 2020

Version 1.6.11


  • Improved endpoint tags
  • Improved installer (credits: Babak Mirzahosseiny)
  • Fixed LDAP user login authentication (credits: Turkcell CDC)
  • Fixed LDAP endpoints register problem (credits: Turkcell CDC)
  • Fixed enable/disable debug logging bug
27 Sept 2020

Version 1.6.9


  • Added feature of adding tags to endpoints (credits: Yalkın Demirkaya)
  • Added LDAP Sync option to endpoint group tree
  • Added refresh button to the endpoint tags section
  • Added delete tag action to the endpoint tags section
  • Added New Profile button to acquisition profiles dropdowns
  • Improved server logger to make logs more readable
17 Sept 2020

Version 1.6.8


  • Added the Recent Tasks section to the dashboard
  • Added task assignment delete option
  • Added Scheduled Acquisition edit option
  • Added confirmation modal to Active Directory settings
  • Added status line to the task detail page
  • Added select all option to triage list of the endpoint
  • Added uninstall task assignment for unmanaged endpoints on a visit request
  • Added onetime scheduled task removal after execution
  • Added task execution history to dashboard backend API
  • Added task assignment removal to backend API
  • Added nats server port status checker job
  • Added match count stats to task details
  • Added support to login with an LDAP account
  • Added sending user deleted event to Syslog
  • Added e-mail field for the user
  • Improved task removal
  • Improved LDAP sync (credits: Babak Mirzahosseiny)
  • Improved SMTP validation logic
  • Improved server restart logic (credits: Babak Mirzahosseiny)
  • Improved agent https connection (credits: Babak Mirzahosseiny)
  • Refactored task assignment and scheduler
  • Fixed changing LDAP endpoint group after visit request (credits: Babak Mirzahosseiny)
  • Fixed https redirection bug (credits: Babak Mirzahosseiny)
  • Fixed report process tree view
  • Minor improvements and bug fixes
8 Sept 2020

Version 1.6.4 (Code Name: Sirius)


  • New backend in NestJS (TypeScript) with 100% unit test coverage
  • New frontend in Vue.js
  • Added auto-complete support for YARA rule editor
  • Added support for YARA rule validation
  • Added group triage feature
  • Added global search feature
  • Added filtering support to all tables
  • Added local search for each page
  • Added security token refresh for triggers
  • Added new evidence types
  • Added new Custom Content collection editor
  • Added required port detection to the installer
  • Added Active Directory server setting alongside domain name
  • Added Memcache for decreasing response times
  • Added support for the upcoming Compromise Assessment feature (PPC file)
  • Added retry feature to agents in case there is no connection to evidence repository
  • Highly improved evidence selection page
  • Highly improved UX for task actions
  • Fixed minor issues in installer
  • Fixed minor issues in the Case report
  • Fixed an issue in NATS
  • Fixed an issue in license handling
  • Fixed Smart Screen warning on agent installation
14 Aug 2020

Version 1.4.1


  • Added collection of Autorun locations
  • Added collection of Downloaded Files information
  • Added collection of RDP Cache Files
  • Added port availability check for the installer
  • Added new license models
  • Added support for offline licensing
  • Added support for task cancellation
  • Highly improved report
  • Highly improved calculation on visit interval
  • Improved UI/UX
  • Fixed an issue with timezone handling
  • Fixed an issue in group task assignments
  • Fixed app manifest problem for console service
  • Removed internet dependency from the installer
  • Minor updates and improvements
17 May 2020

Version 1.4


  • Added support for Triage on FileSystem and Memory using YARA+
  • Added support for installation on Windows 7+ OSes
  • Added support for assigning a task to all endpoints in endpoint groups
  • Added support for sending case report after the task completion
  • Added support for anonymous network share connections
  • Added support for send notifications for failed tasks
  • Added Online filter into endpoints page
  • Added support for network share folder permissions check
  • Added support for updating endpoint details for upgraded OSes
  • Added support for filtering with endpoint groups are added
  • Added resilience to case report sending
  • Added sending match count after triage task completes
  • Added Yara rule validation
  • Added validating Yara rule file
  • Added sending Yara rule error message if the wrong rule provided
  • Added sending duration during the task
  • Highly improved evidence acquisition to network shares
  • Improved agent logs
  • Improved exception handling
  • Improved uninstall task
  • Improved fetching array from JSON
  • Improved network share authentication
  • Fixed an issue in LDAP Sync
  • Fixed unhandled exception with JSON GetValue
  • Fixed unhandled exception
  • Fixed wrong function usage for JSON
  • Fixed an issue with agent log
  • Removed unnecessary console API calls
  • Removed console out messages
  • Removed .NET Core dependency
  • Minor updates and improvements
13 Apr 2020

Version 1.3.6


  • Fixed an issue in agent update
  • Fixed an issue in license handling
  • Fixed a UX issue in agent register
26 Dec 2019

Version 1.3.5


  • Improved UI/UX
  • Highly optimized client connection handling
  • Highly optimized database operations
  • Added support for Custom Content
  • Added support for Syslog
  • Added console auditing logs
  • Added support for DB migration
  • Added edit button to tables
  • Added endpoint filter links to dashboard statistics
  • Improved license handling
  • Performance optimizations
  • Fixed an issue in LDAP synchronization
  • Fixed an issue leading to duplicate domain
  • Fixed an issue in tasks page showing incorrect endpoint
  • Fixed an issue in task scheduler
  • Fixed an issue in installer test LDAP button
  • Fixed an issue in installer test proxy button
  • Minor updates and improvements
25 Dec 2019

Version 1.3.3


  • Improved UI/UX
  • Added validation to settings save
  • Fixed screenshot not captured issue
  • Fixed clipboard not captured issue
  • Fixed UsnJournal not retrieved issue
  • Fixed Active Directory paging issue
  • Fixed multiple Active Directory groups issue
  • Added scroll to Active Directory groups
21 Nov 2019

Version 1.3


  • Major architectural improvements
  • Major security enhancements (credits: Mehmet İNCE & https://invictuseurope.com)
  • Improved NATS real-time messaging
  • Improved email template
  • Added Custom Content Collection
  • Added administrator manifest to installers
  • Added logging for prerequisities
  • Added LDAP / Proxy test buttons to settings
  • Added support for SSL
  • Added 404 Not Found pages
  • Fixed an issue with forgot password dialog
  • Fixed an issue with Console updater
  • Fixed an issue with client IP handling
  • Fixed an issue with environment variables
  • Other minor bug fixes and improvements
19 Nov 2019

Version 1.2.1


  • First public BETA release.
21 Oct 2019

Bug Reports & Feature Requests