Arc v2.0.0

The release notes for Arc version v2.0.0.

New features

A list of new features that have been introduced in this release.

  • Arc-786: The Windows edition (based on build number) is now shown in the operating system (OS) field of Windows machines using Arc.
  • Arc-822: Arc-enabled assets now also show the firmware version for computers.
  • Arc-957: Local Arc malware detections now use Structured Threat Information Expression (STIX) indicators in addition to YARA rules. STIX currently target local files.
  • Arc-1011: From this release, Arc features Threat Prevention, which enables it to not just detect threats, but also to stop them. The first implementation includes malware management, including the ability to quarantine or delete local malicious files.
  • Arc-1013: Arc now has a new local user interface (UI). The new version improves the status summary and makes troubleshooting easier.
  • Arc-1018: The second implementation of Arc Embedded is now available. Arc can now be installed on Schneider Electric SCADAPack 47xi Smart remote terminal unit (RTU)s. On top of standard detections inherited from Arc on Linux, this implementation supports these detections:
    • RTU identification
    • Process variables information
    • Insertion of universal serial bus (USB) drive through SIGN:USB-DEVICE
    • Insertion of secure digital (SD) card through: SIGN:SD-CARD
    • Removal of SD card through: SIGN:SD-CARD
    • Operation on device mechanical switch through SIGN:DEV-STATE-CHANGE
    • Device time change through SIGN:SUSP-TIME
    • Firmware change through SIGN:FIRMWARE-CHANGE
    • A low power supply input through SIGN:DEV-STATE-CHANGE
    • A program change through SIGN:PROGRAM-CHANGE
  • Arc-1042:
    • Discovery: Added new server message block (SMB) strategy for discovering Windows devices
    • Smart Polling:
      • Added new Smart Polling strategies for:
        • Moxa HTTP targeting NAT-102 (router, authenticated)
        • NPort (serial gateway, unauthenticated)
        • MGate (serial gateway, unauthenticated) devices
      • Improved data extraction from nested devices in the BACnet strategy

Resolved issues

A list of all the issues that have been resolved in this release.

  • Arc-1031: Addressed an issue that prevented Arc from completing the extraction of installed software.