Skip to the main content.

1 min read

Binalyze AIR Release Notes 1.7.40

Featured Image

Version 1.7.40

  • New feature: AIR-QRadar integration. Now, an acquisition can be started by triggering AIR via QRadar (credits: Esra Kulüp)

  • New feature: Added Roles and Privileges. Starting from this version AIR contains 70+ user privileges for more fine-grained control

  • New feature: Added backup support for case reports and config files. (Database backup is already available beginning from v1.7.16)

  • New feature: Added AES encryption option for backups

  • New feature: Added SFTP support to store backups on the remote server

  • New feature: Added performing bulk operations on the selected endpoints (adding/removing tags, deleting endpoints, starting acquisition triage, and much more. credits: Babak Mirzahosseiny)

  • New feature: Added triage support to Linux. Now, the file system and memory can be scanned using YARA rules. (credits: Hilko Bengen (https://github.com/hillu/) Author of go-yara (https://github.com/hillu/go-yara))

  • New feature: Added Custom Content collection from Linux distributions

  • Added progress update for compression and SFTP upload process on Linux

  • Added sending matched triage rules to Syslog

  • Added advance filter options to data grids

  • Added auto-generated shell script to facilitate Linux deb and rpm packages deployment

  • Added AIR integration guideline to documentation

  • Improved policy creation UI & UX

  • Improved setup process UI & UX

  • Improved custom SSL certificate information

  • Improved task completion status UX

  • Improved nats communication in agent

  • Implemented more secure cookie-based authentication

  • Optimized Audit logging performance

  • Optimized Syslog bulk processing performance

  • Fixed changing proxy settings when the license is lockdown

  • Fixed an issue in the agent installer

  • Fixed some security vulnerabilities

  • Minor changes and bug fixes