Beginning on July 17, 2023, Skyhigh Security will conduct a phased rollout of an update to Gateway Anti-Malware (GAM) 2023.1 (build 7001.2023.4070) for Secure Web Gateway.
The rollout will start on Monday, July 17, 2023, with 20% of nodes per week and will be finished within the week of August 14, 2023. The normal update process is used, and no additional action is required.
Affected products:
- Secure Web Gateway versions equal to or greater than 10.2.4
Release dates:
- Phase 1: 2023-07-17 (MON) ~20% of nodes
- Phase 2: 2023-07-24 (MON) ~20% of nodes
- Phase 3: 2023-07-31 (MON) ~20% of nodes
- Phase 4: 2023-08-07 (MON) ~20% of nodes
- Phase 5: 2023-08-14 (MON) ~20% of nodes
Improvements in the v2023.1 update:
- Now supports behavioral analysis of Windows PowerShell scripts. PowerShell has evolved into a regularly used technique to download second-stage binaries, and now our protection can go beyond manual heuristic rules and apply the same depth of Machine-Learning generated intelligence that we already use on the more well-known mobile code languages like JavaScript and Windows PE/x86. This helps, for example, with the growing use of obfuscation on PowerShell.
- Our patented, Random Forest-derived, Machine-Learning classification model is getting augmented by a secondary Neural Network classifier model. The goal here is to improve in the “suspicious” probability range of detections below 90% (those that would get offloaded to RBI, XDR, ATD and the likes). JavaScript will be the first area of the threat landscape where we’re applying this new secondary model.
- General Threat Detection enhancements – for example, detection of Website Infections (to block redirection campaigns at an earlier stage) have been improved.
- General Bugfixes and Improvements.