Deep Discovery Analyzer (DDAN) 6.1 is now available

Deep Discovery Analyzer (DDAN) 6.1 has been released and is now available in the Download Center.

The following are some of the new features and enhancements in this version:

• Central IOC exchange via DDD 3.0.
• New HW model (DDAn 1200) based on Dell 14th Generation platform.

• Enhanced Virtual Analyzer:

  • Suspicious Object generation based on URL sample.
  • Coin miner malware detection & visibility.
  • Smart feedback for Sandcastle.
  • Predictive Machine Learning support for VBS file type.
  • New file type support: SLK and IQY.
  • New VA image support: Windows Server 2016 and Windows 10 RS3.
• Enhanced syslog integration to support multiple syslog servers.

• Enhanced alert rules:

  • Check Interval and Check Duration settings for High CPU Usage alerts.
  • Check Interval and Check Duration settings for High Memory Usage alerts.
  • Check Interval setting for High Disk Usage alerts.
  • Configurable Monitored services for Connection Issue alerts.
  • New Long Virtual Analyzer Processing Time alert type to check if the processing time it takes to analyze samples has exceeded the threshold

• Other minor enhancements:

  • Appliance power off & restart via web console.
  • Debug log collection for passive primary cluster node.
  • Sample downloading on Unsuccessful tab.

• Backward compatible:

  • Web Service API v1.6 & TM products integration.
  • Direct inline migration for v5.8 & v6.0.

For the complete list of new features and enhancements, refer to the DDAN 6.1 Online Help section: What's New.