What's new in Deep Security Agent?

For release notes from previous years, see Archived Deep Security Agent release notes.

For release notes from the long-term support LTS release, Deep Security Agent - Linux 10.0 readme.

Deep Security Agent - 10.0 update 28

Release date: September 17, 2020

Build number: 10.0.3879

Enhancements

  • You can choose not to send packet data back to the Deep Security Manager by going to Administration > Agents > Data Privacy and selecting No. SF03237033/DSSEG-6019

Resolved issues

  • Real-time Anti-Malware with file system hooking enabled did not work on older kernel versions. SEG-82411/SF03471236/DSSEG-5989
  • A previous upgrade to SQLite impacted the performance of Integrity Monitoring. The original performance of this feature has now been restored. SEG-80876/DSSEG-5943

Deep Security Agent- 10.0 update 27

Release date: August 7, 2020

Build number: 10.0.0-3864

Resolved issues

  • Real-time Anti-Malware with filesystem hooking enabled did not work on older kernel versions. SEG-82411/SF03471236/DSSEG-5946
  • Kernel Panic occurred when Web Reputation, Firewall, or Intrusion Prevention were enabled. SEG-80201/SF03332691/DSSEG-5868
  • When a re-transmission packet with new packets was sent, it sometimes produced an "Unsupported SSL Version" Intrusion Prevention event. SEG-73893/03100673/DSSEG-5866
  • Ceph is now excluded from file system kernel hooking to prevent kernel panic. SEG-75664/SF03131718/DSSEG-5585

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. SEG-78524/SF03321021/DSSEG-5751

Highest CVSS score: 5.3

Highest severity: Medium

  • Updated Nginx to 1.18.0.

Deep Security Agent - 10.0 update 26

Release date: May 13, 2020

Build number: 10.0.0-3833

Enhancements

  • Increased the scan engine's URI path length limitation. SEG-61309/DSSEG-5247

Resolved issues

  • Application Control didn't work correctly if CloudLinux 7 64-bit was used as the Deep Security Agent platform. (DSSEG-5235)
  • Anti-Malware sometimes couldn't be applied successfully when an Anti-Malware engine update was performed. DSSEG-5472
  • Anti-Malware directory exclusion with wildcards didn't match subdirectories correctly. SEG-74892/SF03131855/DSSEG-5577

Security Updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses.

  • Updated SQLite to 3.30.1

Deep Security Agent - 10.0 update 25

Release date: February 21, 2020

Build number: 10.0.0-3761

Resolved issues

  • Anti-Malware on-demand scans did not work properly when the root directory was set to "/" in the scan directory inclusion lists. (SEG-66679/02756807/DSSEG-5054)
  • Memory leaks occurred in Anti-Malware if file attributes couldn't be retrieved.(SEG-67374/SF02753356/DSSEG-5064)

For release notes from the long-term support LTS release, Deep Security Agent - Windows 10.0 readme.

Deep Security Agent - 10.0 update 28

Release date: September 17, 2020

Build number: 10.0.3879

Enhancements

  • You can choose not to send packet data back to the Deep Security Manager by going to Administration > Agents > Data Privacy and selecting No. SF03237033/DSSEG-6019

Resolved issues

  • A previous upgrade to SQLite impacted the performance of Integrity Monitoring. The original performance of this feature has now been restored. SEG-80876/DSSEG-5943

Deep Security Agent - 10.0 update 27

Release date: August 10, 2020

Build number: 10.0.0-3864

Resolved issues

  • When Integrity Monitoring was enabled, the owner of a file was incorrectly changed to a user that did not exist. SEG-77290/03251273/DSSEG-5720
  • When a re-transmission packet with new packets was sent, it sometimes produced an "Unsupported SSL Version" Intrusion Prevention event. SEG-73893/03100673/DSSEG-5866

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. SEG-78524/SF03321021/DSSEG-5751

Highest CVSS score: 5.3

Highest severity: Medium

  • Updated Nginx to 1.18.0.

Deep Security Agent 10.0 update 26

Release date: May 13, 2020

Build number: 10.0.0-3833

Enhancements

  • Increased the scan engine's URI path length limitation. SEG-61309/DSSEG-5247

Resolved issues

  • Deep Security Agent restarted unexpectedly because of the way Log Inspection was accessing the SQLite database. SEG-70313/02588698/DSSEG-5456

Security Updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses.

  • Updated SQLite to 3.30.1

Known issues

This release does not support the installation or upgrade of Deep Security Agent on Windows 2003 or Windows XP. Support for these platforms will be re-introduced in a subsequent update. For more information, see Deep Security Agent version 10 update 26 cannot be used for installation or upgrade on Windows XP/2003. DSSEG-5603

Deep Security Agent - 10.0 update 25

Release date: February 21, 2020

Build number: 10.0.0-3761

Resolved issues

  • (A high-memory issue occurred when collecting the diagnostic package for Deep Security Agent. (SEG-59668/DSSEG-4966)

Deep Security Agent - 10.0 update 28

Release date: September 17, 2020

Build number: 10.0.3879

Enhancements

  • You can choose not to send packet data back to the Deep Security Manager by going to Administration > Agents > Data Privacy and selecting No. SF03237033/DSSEG-6019

Resolved issues

  • A previous upgrade to SQLite impacted the performance of Integrity Monitoring. The original performance of this feature has now been restored. SEG-80876/DSSEG-5943
  • When using Deep Security Agent on Solaris, the port scanning feature of Integrity Monitoring did not work because the agent did not have access to information on the user ID under which a given port was opened. This prevented storage of any listening port information. The port scanning feature on Solaris agents has now been modified to store the string as "n/a" for the userid. This allows the remaining port information to be stored and used in the port scanning function. However, exclusions and inclusions based on User ID still do not function correctly because this information is not available. DSSEG-2775

Deep Security Agent - 10.0 update 27

Release date: August 7, 2020

Build number: 10.0.0-3864

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. SEG-78524/SF03321021/DSSEG-5751

Highest CVSS score: 5.3

Highest severity: Medium

  • Updated Nginx to 1.18.0.

Deep Security Agent - 10.0 update 26

Release date: May 13, 2020

Build number: 10.0.0-3833

Enhancements

  • Increased the scan engine's URI path length limitation. SEG-61309/DSSEG-5247

Resolved issues

  • Anti-Malware directory exclusion with wildcards didn't match subdirectories correctly. SEG-74892/SF03131855/DSSEG-5577

Security Updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses.

  • Updated SQLite to 3.30.1

Deep Security Agent - 10.0 update 25

Release date: February 21, 2020

Build number: 10.0.0-3761

Resolved issues

  • Memory leaks occurred in Anti-Malware if file attributes couldn't be retrieved. (SEG-67374/SF02753356/DSSEG-5064)