Arc 1.3.0

A list of all the issues that have been resolved in this release.

• Arc-314: Improved resilience for syntactically wrong Sigma rules.
• Arc-345: The presence of the Sysmon dependency is now checked in a more accurate way.

A list of new features that have been introduced in this release.

• Arc-265: Improved USB detection of malicious devices (scripted typing, power consumption).
• Arc-267: The Sysmon configuration is now taken and updated by the TI feed within provided by the update service.
• Arc-295: The local UI now tells the user when the USBpcap dependency is installed but still requires a reboot.
• Arc-297: Traffic monitoring can now be applied selectively per interfaces, also specifying a Berkeley Packet Filter (BPF) for each from the UI.
• Arc-304: The Local UI reports better feedback upon receiving invalid values.
• Arc-305: The Arc Local UI can now be opened and used in multiple tabs of the same browser.
• Arc-309: The default Sysmon configuration file has been embedded into the Arc executable.
• Arc-313: The endpoint's detected network interfaces used for traffic monitoring are now shown together with a new alias field that can be used to tag complex interface names.
• Arc-318: Arc UUID is now randomly generated instead of being tied to the machine ID.