What’s Changed
This release improves security, reliability, and usability across the Assemblyline platform.
- Improved system logging and storage handling to make the platform more dependable.
- Updated parts of the interface to make sandbox results clearer and easier to use.
- Improved validation and error handling to reduce unexpected behavior.
- Fixed several issues affecting ingestion, result handling, and configuration.
- Strengthened protections around email handling, password reset flows, and exposure of sensitive submission information.
Added
- feat: add result POST timing and retry count logging
- feat: add readonly_storage support to FileStore (Python, Rust) @C-Oliver
- Add more email validation tests
- Add classification checks on service errors
- Added YARA signature for MSBuild script files. (Python, Rust)
Changed
- update the base documentation for apikeys endpoint
- Only allow http/s URI links in the URI section (service-base, UI)
- Sandbox results changes
- refactor(sandbox): redesign process tree item layout and add score-based border in process graph
- The sandbox section now filters processes and related information based on the showSafeResults parameter
- Memory dumps addition to sandbox section
Fixed
- Ensure type-specific ingestions don't leak over onto the _default validation intended for all ingestions
- Fixes to listing result alternates
- Missing comma in JSON_SECTIONS (Python, API)
- Fix typo in condition for handling models with a root-level classification field
- Pin to last working version of Kubernetes client
Security
- Validate user email input before executing it as a search
Protect against query injection when accepting email addresses - Prevent user's email enumeration through the reset link API
- Reduce submission information exposure