News > Secutec News

McAfee – ATD 4.6 is now available

McAfee Advanced Threat Defense 4.6.0 is now available. This release enhances capabilities for enterprise customers using email connector with multiple domains, improves troubleshooting, it includes new CLI commands, and the report includes a dedicated section to highlight MITRE ATT&CK.

Release details

Enhancements to Email Connector

  • Support for multiple domains — You can now add multiple relay hosts. This allows you to assign individual domains to each relay host.
  • Improved troubleshooting — In Email Reports, you can now view the conversation log for each email report.

 

Enhanced CLI Commands and Hardware logs

  • CLI Commands This release includes these new CLI Commands:
    archive-submission-status
    show hardware ldtlog
  • run ldt tool
    show hardware
    service status/stop/start/restart (All|amas|dxl|MA|lbservice|nginx|mysql|network)
    tcpdump (cOeDn_OLstfiOes_sDve_stDrt_stDtus_stop_vLew)
    uploadSupportBundle

For more information these commands, see McAfee Advanced Threat Defense 4.6.0 CLI Reference Guide.

 

These commands are deprecated in this release:

  • amas restart
  • restart network
  • restart dxlservice
  • set tcpdump

 

Hardware logs
This release includes the option to download Hardware LDT logs from the Troubleshooting section of the McAfee Advanced Threat Defense web UI.

Other enhancements

 

Pre-filter enhancements
Improved pre-filtering now enhances McAfee Advanced Threat Defense performance for filetypes such as .pdf and .docx. This reduces the overall load on the sandboxing engine.

 

Script detection improvements
With better hooking capabilities in the sandbox, McAfee Advanced Threat Defense is now more effective against script-based filetypes such as Visual Basic Script (.vbs) and Javascript (.js). This also improves detection for samples with embedded script-based content.

 

URL shortcut enhancements
McAfee advanced threat defense now supports URL shortcut (.url) filetype for dynamic analysis.

 

Report enhancements
The McAfee Advanced Threat Defense HTML report now includes a dedicated section to highlight MITRE ATT&CK tactics and techniques used by the sample. Samples also have an independent report for a detailed view of the ATT&CK Matrix to aid analysis of its behavior.

McAfee Advanced Threat Defense Report now also includes an ‘X-Mode’ flag to highlight the configuration of sample submission.

Machine learning remodeling
Enhancements to Machine Learning Predictions which displays the verdict and probability factor of the analysis through machine learning.

Release notes. 

Newsletter

Get all the new tech-updates in your mailbox.

  • This field is for validation purposes and should be left unchanged.