The Intelligent Sandbox updated content package for versions 4.8, 4.10, 4.12, 4.14, 5.0, and 5.2 are now available.
This detection package adds detection updates to Intelligent Sandbox. This update includes the following changes:
- Coverage for Data Obfuscated found on the command line.
- Rules to detect BIGHEAD Ransomware.
- Rules to detect changes in Windows Defender settings to the lowest level.
For more details on changes and fixes, see the Release Notes.
This detection package is released using common detection package format. To install and apply a common detection package, either use Intelligent Sandbox 5.2.2 or later, or install a patch if your Intelligent Sandbox is 5.2.0 or older. See KB96550 - How to enable support for the Intelligent Sandbox and Advanced Threat Defense common detection package for the details about the common detection package format.
Package build number is: 5.2.2.230711
Customers can update to the detection packages using the following two options:
- Product UI: Access on the Intelligent Sandbox (ATD) UI at: Manage, Image & Software, Content Update, Detection Pkg.