Deep Discovery Analyzer (DDAN) 6.1 has been released and is now available in the Download Center.
The following are some of the new features and enhancements in this version:
- Central IOC exchange via DDD 3.0.
- New HW model (DDAn 1200) based on Dell 14th Generation platform.
-
Enhanced Virtual Analyzer:
- Suspicious Object generation based on URL sample.
- Coin miner malware detection & visibility.
- Smart feedback for Sandcastle.
- Predictive Machine Learning support for VBS file type.
- New file type support: SLK and IQY.
- New VA image support: Windows Server 2016 and Windows 10 RS3.
- Enhanced syslog integration to support multiple syslog servers.
-
Enhanced alert rules:
- Check Interval and Check Duration settings for High CPU Usage alerts.
- Check Interval and Check Duration settings for High Memory Usage alerts.
- Check Interval setting for High Disk Usage alerts.
- Configurable Monitored services for Connection Issue alerts.
- New Long Virtual Analyzer Processing Time alert type to check if the processing time it takes to analyze samples has exceeded the threshold
-
Other minor enhancements:
- Appliance power off & restart via web console.
- Debug log collection for passive primary cluster node.
- Sample downloading on Unsuccessful tab.
-
Backward compatible:
- Web Service API v1.6 & TM products integration.
- Direct inline migration for v5.8 & v6.0.
For the complete list of new features and enhancements, refer to the DDAN 6.1 Online Help section: What's New.
Upgrading from Previous Versions
DDAN 6.1 upgrade package supports migration from the following product versions:
- DDAN 5.8
- DDAN 6.0