||March 22nd, 2022
Fixed an issue where the agent was not catching certain exceptions. This led to the application crashing rather than the request being blocked.
||October 20th, 2021
Fixed an issue where the agent caused an application failure when the application was running in Spring Boot reactive configuration.
||September 23rd, 2021
The agent is now multi-region aware and can automatically detect which region to connect to.
You can now set the Advanced Threat Scan Engine (ATSE) aggressiveness level from the policy view.
The default ATSE aggressiveness level is changed from High to Medium.
Updated the anti-malware and malicious payload engines to resolve reported vulnerabilities with 3rd-party libraries: openssl, expat, and zlib.
Synchronized writing file to disk when updating the agent configuration cache.
The antivirus engine is re-initialized on first request when engine initialization failed.
Fixed an issue where the anti-malware engine returned an error when scanning after malicious file upload policy rules were changed.
Fixed method notifyHandlerException not found in class io.netty.channel.AbstractChannelHandlerContext for Netty versions 4.1.49 and above.
Fixed the agent not generating logs when failing to initialize at start up.
||February 17th, 2021
Upgraded advanced thread scan engine to version 12.500-1004
Wait until the engines rules blobs are written to cache before declaring the agent ready
Added Fail Closed configuration and agent behaviour
Fixed AV scan engine initiatilization failure
Fixed AV scan failure to read CA certificate
||December 14th, 2020
Updated crypto algorithm for agent cache
Set umask and sync on cache writes
Re-initialise antivirus engine on first request when engine initialization failed
||November 9, 2020
Added support for:
Validated the Liferay bootstrap with the Java Agent.
- Java 14 and 15.
- Spring Boot 2
- Spring 5
- Tomcat 9
||June 15, 2020
Automatically apply recommended settings when running the agent in AWS Lambda layer or runtime.
Introduced the ability for the agent to manage atomic configuration updates from the backend.
Wait on responses after agent authentication refresh.
Support for Java Spring 5 Framework, when used as a war file, not as part of SpringBoot 2
Fixed crashes caused by using libraries compiled with Musl while the JDK is compiled and linked with glibc and running on Alpine. The agent now detects the libC version of the library regardless of the Linux distribution.
Disabled providing the custom transaction ID via the header.
Fixed setting the defense logs configuration via environment variables.
Fixed the poller hanging after re-authentication.
Fixed the agent continuously and quickly re-attempting to authenticate following repeated authentication failures.
Fixed agent cleanup and activation of anti-malware pattern files upon updates.
Fixed some agent errors not being reported to the backend properly, for remote diagnostics.
||March 19, 2020
Added support for Netty 4
Added support for Spring Webflux
Added support for MySQL Connector/J 8.0
Policies for malicious file upload and malicious payloads are not fetched by the agent when the features are disabled
reduce logs on consecutive errors
fixed slow anti-malware scanning with archives
fixed delays in downloading algorithms policies on first agent boot
fixed encoding issues when reading request body
||January 24, 2020
||First release of Trend Micro Cloud One Application Security python agent
Remote Command Execution
Illegal File Access
Malicious File Upload