What's New

Table 1. What's New in Deep Discovery Analyzer 7.1



Trend Micro Vision One integration

Deep Discovery Analyzer integrates with Trend Micro Vision One through Service Gateway to enable collaborative security analytics in a hybrid environment.

Email submission

With the email submission feature, Deep Discovery Analyzer can receive and analyze email messages from permitted sender domains and SMTP servers.

Enhanced Virtual Analyzer

The internal Virtual Analyzer has been enhanced. This release adds the following features:

  • Windows 10 20H2 image support

  • SHA-256 object exception type

  • TLSH information in analysis reports

Audit log enhancement

Deep Discovery Analyzerr generates audit logs when users:

  • View or download an investigation package or analysis report

  • Delete a submission entry

System log enhancement

Deep Discovery Analyzer provides the option to send ICAP pre-scan logs to syslog servers.

Operational report enhancement

The operational report has been enhanced to include ICAP pre-scan logs.

Enhanced interface management

The interface management feature has been enhanced to include the interface MAC address information for easy troubleshooting.

Sample submission filters and deletion

The Submissions screens include the following:

  • Option to delete selected samples and related analysis data on the Completed and Unsuccessful tabs

  • The following advanced search filters on the Completed tab:

    • MITRE ATT&CK™ Tactics

    • MITRE ATT&CK™ Techniques

    • Notable Characteristics

Enhanced SNMP query

The SNMP query feature has been enhanced to include real-time application events or events within a specified time range.

Enhanced YARA rule feature

The enhanced YARA rule feature supports 4.1.0 of the official specifications.

Inline migration from Deep Discovery Analyzer 6.9 and 7.0

On hardware models 1100 and 1200, Deep Discovery Analyzer can automatically migrate the settings of a Deep Discovery Analyzer 6.9 or 7.0 installation to 7.1.