Skip to main content
Skip table of contents

20240314

  

What’s New in HYAS Insight!

Host Posture C2 Verdict Evidence  IMPROVEMENT

Applies to: Packages with Advanced Infrastructure Intelligence

We are extracting better data from our Host Posture data set by identifying C2 and using this in our verdict engine.  You will now see Host Posture C2 as a value in the evidence that justifies the HYAS verdict.

  

Benefits:

  • Improved verdicts and visibility on the evidence driving the verdicts

 

Host Posture C2 Tags IMPROVEMENT

Applies to: Packages with Advanced Infrastructure Intelligence

New system tags appear when an IOC has been identified to have been linked to Host Posture C2.  IOCs with these tags will also show additional aggregated C2 data when pivoting on (clicking on) such tags.

 

Benefits:

  • Improved context on an IOC

  • Visibility of other IOCs with the same C2 tag, helping you connect the dots and characterize a threat actor and its infrastructure

 

ASN Chart for the Malware Infrastructure Dashboard  NEW

Applies to: Packages with Malware Intelligence

A 3rd chart has been added to the Malware Infrastructure Dashboard that summarizes the Top C2 ASNs for the malware displayed.  

 

Benefits:

  • Get a new view on the malware infrastructure being identified by HYAS

  • Understand C2 ASN prevelance as well as Top ASN countries

  • Click to drill down into the table data

 

Quick Filters on Malware Infrastructure DashboardIMPROVEMENT

Applies to: Packages with Malware Intelligence

Click the labels in the summary panels of the dashboard and the table of data beneath the panel will open and filter down directly the data clicked.

 

Benefits:

  • More rapidly connect with data of interest

  • Pivot more easily across multiple data sets to better understand the latest malware infrastructure

 

Specify Search Object in Search BarIMPROVEMENT

When doing a search, you can specify the object type in which you are interested receiving search results.  Useful when you are interested in searching, for example nameservers and dont want the domains returned in the search results.

 

Benefits:

  • Reduce overall search results, focusing on specific object types of interest

  • Find data of interest more rapidly

 

Remove Defanging Brackets on Infrastructure Analysis Ingests IMPROVEMENT

Applies to: Packages with Advanced Infrastructure Intelligence

Brackets used for defanging your IOCs are now programmatically identified and removed during ingest, normalizing the IOCs for further analysis in HYAS Insight.  

 

Benefits:

  • Convenience of ingesting defanged IOCs without needing to manually remove brackets

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close