Released on : 04 March 2020
Applies to Version : 9.3 (Build 5)
Download

Summary
EDR enhancement in monitoring suspicious processes

Enhancements

  • Added the reason field to Event description for events 3524 and 3519.
  • Generate event when hash is auto approved.
  • Based on the configuration, send/forward the safe and unsafe list to sensors.
  • Based on the configuration, move the Pending Analyst Review data to research process.
  • Generate unique event 3524 per new process observed at sensor level.
  • Changes in Configuration synchronization from Manager to Agent is based on registry key.

Bug Fix

  • Event computer detail is missing for dormant generated events 2074, 2075 and 2076.

Who should read this document
Customers who use 9.3 Build 5

Severity
Medium

Affected software
EventTracker Agent,EventTracker Alerter

Non-affected software
EventTracker Reports,EventTracker Web,EventTracker Remote Installer,EventTracker EventVault,EventTracker Scheduler,EventTracker Receiver,Enterprise Activity,Event Correlator,EventTracker Elasticsearch Indexer,EventTracker Daemon

Process to apply Update Pre-Condition: Please apply all previously released updates before applying the below update.

  1. Download Update
  2. Place the Update ET93U20-010.exe in the destination computer.
  3. Execute the exe.