These Release Notes document security content updates from content package c2105.2 to c2106.2.
The security content updates listed below include changes to the following areas:
In the lists below, each item represents a specific parser, model, or rule that has been added, updated, or deprecated. To facilitate finding every data source where the changed content items are referenced, a content library query has been created for each changed parser, model, or rule. To view the results of each query, click on the link for the relevant content item.
There are no deprecated parsers in this release.
There are no new models in this release.
-
A-FW-ProcessName-FileName – File creations for process
-
A-NETFLOW-OsH-Scanners – Assets that access multiple assets within seconds in the organization
-
UA-UC – Countries for user activity
There are no deprecated models in this release.
There are no new rules in this release.
There are no updated rules in this release.
-
A-Attrib-Hide-Files – com.exabeam.releasenotesgeneratortool.UseCase@7181ae3f
-
A-NETFLOW-OsH-PortScan-Slow-A – com.exabeam.releasenotesgeneratortool.UseCase@77a57272
-
A-NETFLOW-OsH-PortScan-Slow-F – com.exabeam.releasenotesgeneratortool.UseCase@33b37288
-
A-NETFLOW-OsH-PortSweep-Slow – com.exabeam.releasenotesgeneratortool.UseCase@276438c9
-
A-Sysprep-Appdata – com.exabeam.releasenotesgeneratortool.UseCase@70a9f84e
-
A-Userinit-Child-Process – com.exabeam.releasenotesgeneratortool.UseCase@130f889
-
A-WMI-Exec-Suspicious-Cmds – com.exabeam.releasenotesgeneratortool.UseCase@101df177
-
A-XSL-Script-Processing – com.exabeam.releasenotesgeneratortool.UseCase@74294adb
-
Attrib-Hide-Files – com.exabeam.releasenotesgeneratortool.UseCase@166fa74d
-
Sysprep-Appdata – com.exabeam.releasenotesgeneratortool.UseCase@2f490758
-
Userinit-Child-Process – com.exabeam.releasenotesgeneratortool.UseCase@40f08448
-
WMI-Exec-Suspicious-Cmds – com.exabeam.releasenotesgeneratortool.UseCase@588df31b
-
XSL-Script-Processing – com.exabeam.releasenotesgeneratortool.UseCase@1188e820