Warning: You are viewing an older version of this documentation. Most recent is here: 40.0.1
Releases Notes¶
U38.0.0 (2022-05-05)¶
Changelog:
Beacon detection over TLS for complex command and control architectures
Sightings detection of newly discovered metadata
Ruleset version management with revert and freeze
Saving and sharing custom threat hunting filters
Convenient tenant filtering and pagination
New dashboards and hunting filter sets and dashboards
Automatic host role identification
Suspicious file capture and extraction
Attack timeline augmented with evidence from Host Insights
Organizational context from the network definitions for native Suricata sensors
Streamlined interface
Extended data display time range
Quick start ET Pro setup from license page
Configure ruleset updates at the time a ruleset is created
Customizable Suricata start command line when operating in expert mode
Live profiling of rule performance
New expert mode for advanced Logstash configuration
“User actions” in activity log now includes the user’s IP address
Upgrade of the embedded ELK stack to 7.10.2
Added protocol support for TFTP, SNMP, RDP, SIP, HTTP2, RFB, GENEVE, MQTT, DCERPC, vxlan, vntag
Eliminate support for Elasticsearch 5
New options to log Ethernet headers and dump all HTTP headers
Exclusive Suricata features including new keywords for SMB, SMTP URL extraction over multiple URL schemes
Operating system upgrade with security patches
Embedded tcpdump tool has been added
U37.1.0 (2021-10-02)¶
Changlog:
MITRE ATT&CK framework: add information in threat hunting and threat radar
Host ID REST API improvement: new end points to detect change in the network
Hostname & IPs lookups to VirusTotal
Misc bug fixes and improvements
Operating system upgrade with security patches