Skip to content

Malcolm v3.3.0
Compare
Choose a tag to compare
@mmguero mmguero released this 03 Sep 20:11
· 4088 commits to main since this release
v3.3.0
bf3da93
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

List of changes in Malcolm v3.3.0:

v3.2.1...v3.3.0

Version 3.3.0 is a feature release of Malcolm.

  • New features

    • Automatically create some broadly useful anomaly detectors when initializing Kibana
      • connection size
      • file transfer MIME type
      • action and result (by application protocol)
    • Configurable event severity scoring (idaholab#19) and new Severity dashboard

  • Other changes

    • vagrant-based ISO build can now work with either VirtualBox or libvirt providers
    • change wording of terms such as "master"/"slave" to "client"/"server" as instructed by DHS directive

  • Version updates

    • Update base image for Debian-based Docker images from 10 (buster) to 11 (bullseye)
    • Update Yara to 4.1.2
    • Update Capa to 2.0.0
    • Update Spicy to 1.2.1
    • Update remainder of python 2 code to python 3

Malcolm and Hedgehog Linux may be obtained by pulling or building the Docker images and/or building the ISO installer images as described in the documentation. Unofficial ISO installer images for Malcolm and Hedgehog Linux are not hosted on GitHub, but may be downloaded from https://malcolm.fyi/download/.

Assets 7
Loading