Trellix Extended Forensics Module v1.0 is now available for download from our Dynamic Threat Intelligence (DTI) cloud.
New features and changes
-
YARA-based detection and rule management
Trellix Extended Forensics Module v1.0 supports storing and managing multiple YARA rules for extended forensics support. This feature enables users to upload and delete files via the UI. API endpoints are included to facilitate programmatic YARA file management. -
Resolved issues
ENDPT-226701 - Fixed an issue where the Python execution failed due to PyDex failing to initialize the embedded Python interpreter correctly.
For details on the fixes included in this release, as well as for information on how to deploy and product compatibility, see the following documentation:
Module availability
These modules are available on the FireEye Market under Extended Forensics Module.
Additionally, all modules are available for download from our Dynamic Threat Intelligence (DTI) cloud.