What's New Parent topic

Deep Discovery Inspector 5.6 includes the following new features.

Deep Discovery Inspector 5.6 New Features

Key Feature
Description
MITRE ATT&CK™ Tactics and Techniques information
Deep Discovery Inspector detection details include MITRE ATT&CK™ Tactics and Techniques information
TLS fingerprinting
Deep Discovery Inspector detection details include the JA3 and JA3S hash values for TLS connection fingerprinting, the SNI host name, and certificate information
YARA enhancement
Deep Discovery Inspector provides YARA detection information and search capability
SHA-256 support for user-defined suspicious object
Deep Discovery Inspector supports the SHA-256 hash value for user-defined suspicious objects received from Deep Discovery Director
30 GB Virtual Analyzer image support
 Deep Discovery Inspector supports Virtual Analyzer images that are up to 30 GB in size
Enhanced Virtual Analyzer
The Virtual Analyzer has been enhanced to include the following features:
  • MHT and COM file type support
  • Support for the following operating systems and applications:
    • Windows 10 RS4
    • Windows 10 RS5
    • Office 2019
Threat Investigation Center file retrieval
Deep Discovery Inspector can allow Threat Investigation Center to retrieve files for investigation
Port scan and port sweep detection capability
Deep Discovery Inspector can detect port scans and port sweeps
Trend Micro ActiveUpdate security enhancements
ActiveUpdate integration supports the following enhancements:
  • HTTPS server authentication check for the global Trend Micro ActiveUpdate server
  • Package integrity check for the global Trend Micro ActiveUpdate server and Trend Micro Apex Central