Skip to content

Releases: carbonblack/cb-yara-connector

2.2.0-1

12 Aug 19:20
@zacharyestep zacharyestep
v2.2.0
c3684d3
Compare
Choose a tag to compare
2.2.0-1 Latest
Latest

VMware Carbon Black EDR Yara Integration Changelog

v2.2.0

Bug Fixes / Changes

  • Optimization, refactoring of codebase
  • Standalone mode no longer requires a celery broker
  • Improved EDR Modulestore Scanning
Assets 2
Loading

VMware Carbon Black EDR Yara Connector 2.1.2

09 Oct 12:33
@dseidel-b9 dseidel-b9
v2.1.2
0695348
Compare
Choose a tag to compare
VMware Carbon Black EDR Yara Connector 2.1.2

Changelog

  • In yara-connector configuration files, for the "mode" setting, the terms "master" and "worker" have been deprecated in favor of "primary" and "minion", respectively. The deprecated terms still work, to preserve backward compatibility for customer with existing installations, but are no longer documented.
  • Product name, copyright statements, and so on have been updated to reflect VMware.
  • Packages are now available for EL6, EL7, and EL8 systems.
Assets 2
Loading

Cb Yara Connector 2.1.1-2

02 Mar 22:57
@jcapolino jcapolino
2.1.1-2
01fb41f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Cb Yara Connector 2.1.1-2

Changelog

v2.1.1-2 is a re-release of the Yara 2.1.1 connector.

  • It has been re-packaged with an updated service script for el6.
  • The build environment for el6 has been stabilized.
  • The service is now stopped on yum removal.
Assets 4
Loading

Cb Yara Connector 2.1.1

27 Feb 18:38
@jcapolino jcapolino
2.1.1
37effa1
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Cb Yara Connector 2.1.1

Changelog

v2.1.1 of the CB Yara Connector is a re-write of the Cb Yara Connector with vast improvements.

  • Better handling of yara rules.
    • Rules are only compiled on change of rules on disk.
    • Clean up of rules on worker side.
  • Connector is more robust and handles issues gracefully.
    • Tolerates missing metadata like missing logo file.
  • Vast reduction of CbR db usage.
  • Vast reduction of CbR API usage.
  • Performance improvements.
  • Proper rpm installers are built and added to the CbOpenSource repo.
    • Builds exist for both EL6 and EL7.
Assets 4
Loading

Yara Connector 2.0.2 BETA

08 Oct 19:20
@askthedragon askthedragon
2.0.2
470d48e
Compare
Choose a tag to compare
Yara Connector 2.0.2 BETA Pre-release
Pre-release

New Features

  • Improved Postgres performance with named cursors
  • Added ability to disable rescanning for binaries previously scanned by ANY rule
  • Configuration option to limit binaries by timestamp measured by days.
Assets 4
Loading

Yara Connector 2.0.1 BETA

06 Mar 19:50
@askthedragon askthedragon
2.0.1
763a9a1
Compare
Choose a tag to compare
Yara Connector 2.0.1 BETA Pre-release
Pre-release

BugFixes

  • Fixed threat feed titles
  • fixed yara rules location on remote workers

Changes

  • yara rules can now end with .yara
  • number of concurrent hashes sent to workers is now configurable
Assets 4
Loading

Yara Connector 2.0.0 BETA

18 Jan 20:30
@askthedragon askthedragon
2.0.0
fbb91be
Compare
Choose a tag to compare
Yara Connector 2.0.0 BETA Pre-release
Pre-release

Yara Connector has been completed redesigned. This connector will no longer be published as an RPM. It will be published with executables.

New Features

  • Yara Connector pulls directly from Cb Response Database for binaries. This allows for faster binary enumeration.

  • We have decided to go with an "agent" model with the ability to add remote workers for even faster scanning.

Assets 4
Loading

Cb Yara Connector 1.3.5

18 Sep 20:39
@smultani smultani
1.3.5
c86a7a7
Compare
Choose a tag to compare
Cb Yara Connector 1.3.5

Changelog

  • Improved logging
  • Updated version of flask
  • Improvements to imphash rules processing
Assets 3
Loading

Cb Yara Connector 1.3.4

06 Apr 14:28
@smultani smultani
1.3.4
749c262
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Cb Yara Connector 1.3.4

Changelog

  • Added support for imphash rules
Assets 3
Loading

Cb Yara Connector 1.3.3

29 Nov 06:22
@askthedragon askthedragon
1.3.3
bf145ba
Compare
Choose a tag to compare
Cb Yara Connector 1.3.3 Pre-release
Pre-release

Changelog

  • Fixed issue with yara-python pe module functions not working properly
Assets 3
Loading