Version 7.8
New features
- Time-range selection and filtering in Analysis History UI
- Support for custom Yara rules
- Bug fixes and improvements
Time-range selection and filtering in Analysis History UI
The Analysis History page of the Lastline Portal now supports selecting the time range of submissions to display, as well as a number of filters:
- Submission type: File or URL
- MD5 hash of submitted file
- SHA1 hash of submitted file
- File name: this searches for this substring in submitted file names
- Analyst UUID: search for submissions with this unique identifier
- URL: search for submissions of this URL
Support for custom Yara rules
The Lastline Custom Intelligence API now allows uploading Yara rules (in version 1.7 compatible format) to be matched during the analysis of artifacts.
Bug fixes and improvements
-
New option in appliance configuration, "Install daily OS security updates automatically". Disabling automated installation of OS security updates is only recommended in environments where a custom process is in place for keeping appliance up to date with security updates.
-
Improved display in report UI of processes spawned during analysis of a URL.
-
Support for searching by SHA-256 hash in Intelligence tab.
-
Fix to an issue that was leading to unexpectedly high impact scores for blacklist hits on certain compromised domains.
Deprecation of API methods
No additional methods of the legacy API (/ll_api/ll_api) are being deprecated or removed in this version.
The Lastline API documentation includes a deprecation schedule for methods in the legacy API, as well as information on how to replace usage of these deprecated methods with supported methods.
Released appliance versions
As part of this release, we are making available the following versions of Lastline appliances for use with Lastline Enterprise On Premise:
- Lastline Analyst version 712