Skip to main content

Breach Remediation 3.6.2 Release Notes

Updated: 

Breach Remediation 3.6.2 and Forensic Timeliner 3.6.2 released on 21 February 2019. 

Features added in Breach Remediation 3.6.2

  • Supports UDP protocol in Breach Remediation for sending syslog events - User can change protocol to UDP for submitting events to SIEM server.
  • Supports Static IP’s –  Breach Remediation has a static IP for key MB services like (Register,Update,Shuriken). Implemented for specific customer requirements where their outgoing connections were restricted due to security reasons.
  • Breach Remediation now lists out exclusions from exclusion list in the MBBR-ERROUT log file when debug logging is turned on.
  • Supports adding Exclusions by Vendor name - Use Exclude List to allow user to add Vendor exclusions within Breach Remediation. Vendor is the name used to identify threats.
  • Breach Remediation can pull down an exclusion list from a URL (Hosted on a web server)
  • Breach Remediation to Report syslog errors – Display error message both in the console and in the log file when the syslog server is unavailable or unreachable.
  • Breach Remediation can create backup of Scan Results on subsequent scans instead of overwriting with a new file and losing the existing file.

Features added in Forensic Timeliner 3.6.2

  • Support UDP protocol in Timeliner for sending syslog events – User can change protocol to UDP for submitting events to SIEM server.
  • Report syslog errors – Display error message both in the console and in the log file when the syslog server is unavailable or unreachable.
  • V3 USN records for Windows 10 – Timeliner can collect information for USN records version 3 on Windows 10 Operating systems.
  • V4 USN records for Windows Server 2012 – Timeliner can collect information for USN records version 4 on Windows Server 2012 Operating systems.
  • Telemetry for Timeliner – Forensic Timeliner 3.6.2 has Telemetry enabled for the following streams (Client, Malware and Error)
  • Timeliner log events to SysLog server – Timeliner events can now be logged into the SysLog server.
  • Reset all Event settings to Default (On) – User can reset all filtering event types to Default (On) using a Timeliner flag.
  • Reset all Timeliner settings to Default – User can reset all Custom settings to default using a Timeliner flag.

Still have questions?

Support is available via chat, phone or by creating a ticket. You can also use our virtual assistant for guided assistance.

Learn more