What's New Parent topic

What's New in Deep Discovery Analyzer 6.8

Feature/Enhancement
Details
MITRE ATT&CK™ Framework Tactics and Techniques information
Deep Discovery Analyzer detection details and reports include MITRE ATT&CK™ Framework Tactics and Techniques information.
Enhanced Virtual Analyzer
The internal Virtual Analyzer has been enhanced. This release adds the following features:
  • New Windows file types (.mht and .com) for sandbox analysis
  • Image support for Windows 10 RS4/RS5, Windows 10 LTSC
  • Windows editions with support for UEFI
  • Microsoft Office 2019 application support in Virtual Analyzer images
  • URL extraction from RTF files for analysis by Web Reputation Services
This release also provides enhanced Virtual Analyzer management to allow you to:
  • Rename image groups
  • View actual Virtual Analyzer instance count on the Virtual Analyzer Status widget and the Sandbox Management screen
Enhanced detection capabilities
Deep Discovery Analyzer provides increased protection by improving its detection capabilities. This release includes the following features:
  • File password import and export
  • Support up to 100 file password entries
File SHA-256 support for user-defined suspicious objects
Deep Discovery Analyzer supports file SHA-256 user-defined suspicious object for the following:
  • Configuration through the management console or STIX file import
  • Synchronization from Deep Discovery Director
  • Sample analysis in ICAP pre-scan and Virtual Analyzer
  • Detection result display on the Submissions screen
Enhanced ICAP integration
The Predictive Machine Learning engine has been enhanced to support macro and Executable and Linkable Format (ELF) file types for ICAP integration.
System proxy for component updates
Deep Discovery Analyzer provides the option to bypass the system proxy setting to connect to other update sources for component updates.
Enhanced Deep Discovery Director integration
Deep Discovery Director integration has been enhanced to enable the following:
  • Server port configuration for Deep Discovery Director communication
  • Up to 80K entries for user-defined suspicious object synchronization
  • Support Deep Discovery Director 5.1 integration for user-defined suspicious object expiration and central management of file passwords and file SHA-256 user-defined suspicious objects
Enhanced YARA rule feature
The enhanced YARA rule feature includes the following:
  • Dropped file information in detection result display on the Submissions screens
  • Support 3.10.0 of the official specifications
New integrated Trend Micro product
Deep Discovery Analyzer supports integration with Deep Discovery Web Inspector 2.5.
Enhanced management console
The management console has been enhanced to include the following:
  • Save custom column settings on Submissions screens for each user account
  • Automatic screen data reload upon switching Submissions screens
Inline migration from Deep Discovery Analyzer 6.1 and 6.5
Deep Discovery Analyzer can automatically migrate the settings of a Deep Discovery Analyzer 6.1 Patch 1 and 6.5 Patch 1 installation to 6.8.