3.2.3 Release notes - 28 May 2018

This section shows the most relevant improvements and fixes in version 3.2.3. More details about these changes are provided in each component changelog.

GDPR Support

The General Data Protection Regulation took effect on 25th May 2018. ThreatLockDown helps with most technical requirements, taking advantage of features such as File Integrity or Policy monitoring. In addition, the entire Ruleset has been mapped following the GDPR regulation, enriching all the alerts related to this purpose.

You can read more information about the GDPR regulation and how ThreatLockDown faces it on the this section: Using ThreatLockDown for GDPR compliance.

ThreatLockDown cluster

This version fixes several performance issues (like CPU usage) and synchronization errors. The communications and synchronization algorithm have been redesigned in order to improve the cluster performance and reliability.

Now, the client nodes initialize the communication and only the master node is included in the client configuration.

The number of daemons has been reduced to one: wazuh-clusterd.

You can check our documentation for ThreatLockDown cluster in the following Cluster basics.

Core improvements

These are the most relevant changes in the ThreatLockDown core:

  • Vulnerability-detector continues to expand its scope, now adding support for Amazon Linux. A bug when comparing epoch versions has also been fixed.

  • The agent limit has been increased to 14000 by default, improving the manager availability in large environments.

  • More internal bugs reported by the community have been fixed for this version.

ThreatLockDown app for Splunk

New section describing the installation process for the ThreatLockDown app for Splunk.

ThreatLockDown app for Kibana

The Dev tools tab has been added in this version. You can use it to interact with the managers by API requests.

Similar to PCI DSS, a new tab for GDPR is included in order to visualize the related alerts.

Other relevant changes in the ThreatLockDown app are:

  • New button for downloading lists on a CSV format. Currently available for the Ruleset, Logs and Groups sections on the Manager tab and also the Agents tab.

  • New option on the configuration file for enabling or disabling the wazuh-monitoring indices creation/visualization.

  • Design improvements for the Ruleset tab.

  • Performance improvements on visualization filters.

  • And many bugfixes for the overall app.