Malwarebytes Breach Remediation 3.6.2 and Malwarebytes Forensic Timeliner 3.6.2 released on 21 February 2019.
Features added in Malwarebytes Breach Remediation 3.6.2
- Supports UDP protocol in Malwarebytes Breach Remediation for sending syslog events - User can change protocol to UDP for submitting events to SIEM server.
- Supports Static IP’s – Malwarebytes Breach Remediation has a static IP for key MB services like (Register,Update,Shuriken). Implemented for specific customer requirements where their outgoing connections were restricted due to security reasons.
- Malwarebytes Breach Remediation now lists out exclusions from exclusion list in the MBBR-ERROUT log file when debug logging is turned on.
- Supports adding Exclusions by Vendor name - Use Exclude List to allow user to add Vendor exclusions within Breach Remediation. Vendor is the name Malwarebytes uses to identify threats.
- Malwarebytes Breach Remediation can pull down an exclusion list from a URL (Hosted on a web server)
- Malwarebytes Breach Remediation to Report syslog errors – Display error message both in the console and in the log file when the syslog server is unavailable or unreachable.
- Malwarebytes Breach Remediation can create backup of Scan Results on subsequent scans instead of overwriting with a new file and losing the existing file.
Features added in Malwarebytes Forensic Timeliner 3.6.2
- Support UDP protocol in Timeliner for sending syslog events – User can change protocol to UDP for submitting events to SIEM server.
- Report syslog errors – Display error message both in the console and in the log file when the syslog server is unavailable or unreachable.
- V3 USN records for Windows 10 – Timeliner can collect information for USN records version 3 on Windows 10 Operating systems.
- V4 USN records for Windows Server 2012 – Timeliner can collect information for USN records version 4 on Windows Server 2012 Operating systems.
- Telemetry for Timeliner – Malwarebytes Forensic Timeliner 3.6.2 has Telemetry enabled for the following streams (Client, Malware and Error)
- Timeliner log events to SysLog server – Timeliner events can now be logged into the SysLog server.
- Reset all Event settings to Default (On) – User can reset all filtering event types to Default (On) using a Timeliner flag.
- Reset all Timeliner settings to Default – User can reset all Custom settings to default using a Timeliner flag.