Deep Discovery Analyzer (DDAN) 7.1 GM Build 1146 has officially been released and the firmware upgrade package is now available in the Download Center.
The following are some of the new features and enhancements in this version:
Trend Micro Vision One integration
- DDAN integrates with Trend Micro Vision One through Service Gateway to enable collaborative security analytics in a hybrid environment.
- With the email submission feature, DDAN can receive and analyze email messages from permitted sender domains and SMTP servers.
Enhanced Virtual Analyzer
The internal Virtual Analyzer has been enhanced. This release adds the following features:
- Windows 10 20H2 image support
- SHA-256 object exception type
- TLSH information in analysis reports
Audit log enhancement
DDAN generates audit logs when users:
- View or download an investigation package or analysis report
- Delete a submission entry
System log enhancement
- DDAN provides the option to send ICAP pre-scan logs to syslog servers.
Operational report enhancement
- The operational report has been enhanced to include ICAP pre-scan logs.
Enhanced interface management
- The interface management feature has been enhanced to include the interface MAC address information for easy troubleshooting.
Sample submission filters and deletion
The Submissions screens include the following:
- Option to delete selected samples and related analysis data on the Completed and Unsuccessful tabs.
The following advanced search filters on the Completed tab:
- MITRE ATT&CK™ Tactics
- MITRE ATT&CK™ Techniques
- Notable Characteristics
Enhanced SNMP query
- The SNMP query feature has been enhanced to include real-time application events or events within a specified time range.
Enhanced YARA rule feature
- The enhanced YARA rule feature supports 4.1.0 of the official specifications.
For details of the new features and enhancements, refer to the DDAN 7.1 Online Help topic: What's New.