In case you missed it, the Traps team has been busy with updates and enhancements for Traps agents. I will be catching you up on the features that have been released in the last month, which consists of Traps Agent versions 220.127.116.11, 5.0.1 and 5.0.2.
Features Introduced in Traps Agent 5.0.2
The following table describes the new features introduced in Traps agent 5.0.2 release.
Reverse Shell Protection for Linux
Traps can now block malicious behavior on Linux endpoints with Reverse Shell Protection. This capability enables Traps to monitor shell processes for activity where an attacker redirects standard input and output streams to network sockets, and if detected, terminate the malicious shell process.
Features Introduced in Traps Agent 5.0.1
The following table describes the new features introduced in Traps agent 5.0.1 release.
Shellcode Protection for Linux
Traps extends its exploit protection for Linux servers to include shellcode protection. This capability enables Traps to monitor processes that run code from unmapped locations and prevent processes from calling operating system functions that these processes shouldn't commonly use.
Extended Linux OS Support
Traps now supports Amazon Linux 2 LTS Candidate (2017.12) and Amazon Linux 2 LTS Candidate 2, Debian 8 and 9, and Oracle 6 and 7. For full OS compatibility, see thePalo Alto Networks Compatibility Matrix.
Features Introduced in Traps Agent 18.104.22.168
The following table describes the new features introduced in Traps agent 22.214.171.124 release.
Traps for Android Installation Enhancement
The Traps app for Android now allows end users to supply the installation URL or distribution ID during activation. This enhancement allows users to complete activation if the distribution ID was not supplied or if the user attempts to install directly from the Google Play Store. For more information, seeInstall Traps App for Androidin theTraps Agent 5.0 Administrator’s Guide.
For more information on Traps agent release info, please see the release notes page here: