Released on : 04 March 2020
Applies to Version : 9.3 (Build 5)
Download
Summary
EDR enhancement in monitoring suspicious processes
Enhancements
- Added the reason field to Event description for events 3524 and 3519.
- Generate event when hash is auto approved.
- Based on the configuration, send/forward the safe and unsafe list to sensors.
- Based on the configuration, move the Pending Analyst Review data to research process.
- Generate unique event 3524 per new process observed at sensor level.
- Changes in Configuration synchronization from Manager to Agent is based on registry key.
Bug Fix
- Event computer detail is missing for dormant generated events 2074, 2075 and 2076.
Who should read this document
Customers who use 9.3 Build 5
Severity
Medium
Affected software
EventTracker Agent,EventTracker Alerter
Non-affected software
EventTracker Reports,EventTracker Web,EventTracker Remote Installer,EventTracker EventVault,EventTracker Scheduler,EventTracker Receiver,Enterprise Activity,Event Correlator,EventTracker Elasticsearch Indexer,EventTracker Daemon
Process to apply Update Pre-Condition: Please apply all previously released updates before applying the below update.
- Download Update
- Place the Update ET93U20-010.exe in the destination computer.
- Execute the exe.