Serie v4.3.x

Serie v4.3.x

v4.3.1 (2025-11-04)

Improved lateral movement detection: Added a minimum peer/host guard to reduce noise in the lateral movement detection rule, improving signal quality in complex network environments.
Debian Trixie packaging: Added build support for Debian 13 (Trixie), ensuring continued compatibility with the latest stable distributions.
Sensor appliance generation: Introduced automated generation of a Sensor VM image, simplifying partner deployments and testing in virtualized environments.

Dependency upgrades for performance and security: Updated core libraries to their latest stable versions to improve runtime efficiency, maintain compatibility with modern systems, and include recent security patches.

Capture filtering and concurrency control: Users can now filter captures by resource, and the system enforces a one-capture-per-scope rule to prevent overlapping operations.

Automated captures in Response Engine: Added the ability to trigger network captures automatically as part of a response action when specific alerts occur, providing immediate network evidence for investigation.
Network captures visibility: Added capture size display and the associated resource IP to the UI for better context and analysis.
Storage usage tracking: Sensors now check available storage before and after network captures, improving reliability and preventing disk exhaustion during long-running operations.
Siemens integration fix: Adjusted Siemens device enrichment to align with the latest catalog image URL format.