Dectar announces the release of version 7.2.0 of ACSIA SOS. This update brings several new features and enhancements designed to improve security and functionality.
New Features in v7.2.0
-
Integration with Zimbra for Brute Force Attack Detection
ACSIA SOS now offers enhanced security for Zimbra webmail through a new integration designed to detect and block brute force attacks. This feature automatically identifies and blocks IP addresses that attempt multiple failed login attempts within a 60-second timeframe, preventing account lockouts.
Note: To enable this integration, you need to configure Zimbra logs as monitored logs in ACSIA SOS. For detailed setup instructions, refer to the setup guide.
-
Support for Windows 2003/2008
-
For Windows 2003 (XP) 32-bit and 2008 (Vista) 32-bit and 64-bit machines: ACSIA SOS introduces a Tiny Agent that supports the Wazuh plugin. This allows older systems to benefit from enhanced security monitoring.
- For Windows 2008 R2 (Windows 7) 64-bit machines: Users can now deploy the ACSIA SOS "classic" agent, which supports Wazuh, Sysmon, Suricata, and Ipban plugins. Note that this requires the installation of specific Windows updates (KB2533623, KB3033929, KB3138612, KB2999226) and the installation of .NET Framework 4.8.
-
For Windows 2003 (XP) 32-bit and 2008 (Vista) 32-bit and 64-bit machines: ACSIA SOS introduces a Tiny Agent that supports the Wazuh plugin. This allows older systems to benefit from enhanced security monitoring.
Fixes in v7.2.0
-
ssh bruteforce detection improved: The brute force rule has been improved, enhancing security for critical accounts.
- False positive reduction for malware detection: The rule that detects executable files dropped in folders commonly used by malware has been refined to exclude certain legitimate Windows processes, such as cleanmgr and Edge update, reducing false positives and improving accuracy.
For any further assistance or detailed setup instructions, please refer to the official ACSIA SOS documentation or contact the Support Team.