Static Analysis

• Sources Section enrichment with Top Level Containers and Network References, improving the triage process with additional metadata. Additionally, Sources section is further optimized with tabular view, decreasing the navigation time and improving overview of the data

Dynamic and Network Analysis

• RL Cloud Sandbox:
  • Download Report extracts all data from analysis and exports it in PDF or HTML format, enabling the shareability of dynamic reports to other internal and external parties that don’t have access to the A1000
  • Screenshots, PCAP and MemStrings download option, offering an advanced look into the behavior, network traffic and memory strings extracted during dynamic analysis

Workflows

• Search Workflow enhancements: Users can more efficiently search for samples and interesting data within the RL data corpus using dropdown filters and newly introduced local-only keywords. With an improved user interface and performance, Search is positioned as a central page for any investigation on A1000
• User roles and Permissions: Provides administrators more granularity for user access, offering customizable User Roles with permissions to access Submissions, YARA and YARA Publish sections. Additional permissions will be added with upcoming releases
• Sample Summary enhanced with a header containing most important data on top of each subsection of the analysis report, providing a better overview regardless of page location
• “Unknown (No Threats Found)” Classification renamed to a more streamlined term for samples that didn’t receive a classification

Maintenance & Operations

• Security compliance updates in v7.0 include a number of updates for backend services.
• Quality improvements through a number of prioritized defect fixes, including notifications if storage is running out of space