Malwarebytes Breach Remediation 3.6.2 Release Notes

Document created by jgolomb Employee on Feb 22, 2019Last modified by jgolomb Employee on Feb 22, 2019
Version 2Show Document
  • View in full screen mode

Malwarebytes Breach Remediation 3.6.2 and Malwarebytes Forensic Timeliner 3.6.2 released on 21 February 2019.

 

New features in Malwarebytes Breach Remediation 3.6.2

  • Supports UDP protocol in Malwarebytes Breach Remediation for sending syslog events - User can change protocol to UDP for submitting events to SIEM server.
  • Supports Static IP’s  Malwarebytes Breach Remediation has a static IP for key MB services like (Register,Update,Shuriken). Implemented for specific customer requirements where their outgoing connections were restricted due to security reasons.
  • Malwarebytes Breach Remediation now lists out exclusions from exclusion list in the MBBR-ERROUT log file when debug logging is turned on.
  • Supports adding Exclusions by Vendor name - Use Exclude List to allow user to add Vendor exclusions within Breach Remediation. Vendor is the name Malwarebytes uses to identify threats.
  • Malwarebytes Breach Remediation can pull down an exclusion list from a URL (Hosted on a web server)
  • Malwarebytes Breach Remediation to Report syslog errors – Display error message both in the console and in the log file when the syslog server is unavailable or unreachable.
  • Malwarebytes Breach Remediation can create backup of Scan Results on subsequent scans instead of overwriting with a new file and losing the existing file.

 

New features in Malwarebytes Forensic Timeliner 3.6.2

  • Support UDP protocol in Timeliner for sending syslog events  User can change protocol to UDP for submitting events to SIEM server.
  • Report syslog errors – Display error message both in the console and in the log file when the syslog server is unavailable or unreachable.
  • V3 USN records for Windows 10 – Timeliner can collect information for USN records version 3 on Windows 10 Operating systems.
  • V4 USN records for Windows Server 2012 – Timeliner can collect information for USN records version 4 on Windows Server 2012 Operating systems.
  • Telemetry for Timeliner – Malwarebytes Forensic Timeliner 3.6.2 has Telemetry enabled for the following streams (Client, Malware and Error)
  • Timeliner log events to SysLog server – Timeliner events can now be logged into the SysLog server.
  • Reset all Event settings to Default (On) – User can reset all filtering event types to Default (On) using a Timeliner flag.
  • Reset all Timeliner settings to Default – User can reset all Custom settings to default using a Timeliner flag.

Attachments

    Outcomes