Threat Detection Content Update - June 2017

Document created by RSA Product Team Employee on Jul 7, 2017Last modified by RSA Product Team Employee on Jul 7, 2017
Version 2Show Document
  • View in full screen mode

Summary

Several changes have been made to the Threat Detection Content in Live.
 

Additions

Detection

  • Known Threats Pack - This Live bundle allows you to keep track of all identified (known/labeled) threats. This is a quick way to deploy all content that deals with malware signatures and malware behavior as well as supporting content (reports, etc...). As we discover and add more signatures and behaviors for known malicious code this pack will get updated with the content. If you'd like to read more about the pack and how to deploy it check out this blog post: Know About Knowns With Known Threats Pack.

 

Changes

Other bug fixes and changes

  • 'Featured Content' widget now displays more recent/relevant content.
 

Retired

We strive to provide timely and accurate detection of threats as well as traits that can help analysts hunt through network and log data. Occasionally this means retiring content that provides little-to-no value.
  • Adware Client application rule - This rule was retired due to it not representing current threats and the amount of noise it contributed to the analyst experience.

Attachments

    Outcomes