Release Notes for Snare macOS Agent v5.7.0
- Svetlana Sheptiy
- Andrew Madge
Owned by Svetlana Sheptiy
Snare macOS Agent v5.7.0 was released on 27th January 2023.
Security Updates
- 3rd party libraries upgraded:
- OpenSSL upgraded to version 3.0.7
- Boost upgraded to version 1.79.0
- macOS certificate handling was updated to use more secure certificate keys handling method
- Event Checksum, appended to events if enabled, was changed from MD5 to SHA3-512 hash
Customers, who have event checksum enabled, may need to adjust their event integrity validation tools to use SHA3-512 instead of MD5.
New Features and Enhancements
- Snare Enterprise Agent for macOS 12 (Monterey) on Intel hardware is now available
- Improved LEEF output format for macOS audit events (added cat, devTimeFormat, devTime and usrname fields)
- Self-signed certificates generated by Snare Agent on demand will now be named "Snare Agent"
- More detailed debug logging for when Snare Service receives a signal from OS
User Guide
The following is an offline version of the User Guide related to this release.
For an up-to-date version refer to the online version here.