Closed briandelmsft closed 1 year ago
File hash for testing a5059f5a353d7fa5014c0584c7ec18b808c2a02c
Fixed in preview of STAT v2 which is now available to try
STAT v2 Preview is ready for you to try. This is a major move forward from previous versions of STAT, now using an Azure Functions backend and Logic Apps front end. The look and feel is the same as v1, but the improvements on the backend are substantial. This is also a complete rewrite of all of the backend functionality, so do be aware there may be some undiscovered bugs, though there are no known issues in this build. If you encounter any bugs, or even unexpected changes in functionality from previous version please open an issue no matter how small the issue may be.
This build includes the following new features:
The Preview deployment can be found only in the statv2_preview branch of this repo as well as supporting documentation. That includes documentation specific to multi-tenant/MSSP scenarios.
The main branch does not contain any information about v2 at this time, so ensure you select the correct branch.
Describe the bug The File module uses the FileProfile() function with a hunting query. Unfortunately this function seems to return inconsistent data for the ThreatName column. Taking a file hash that is a threat, it does not always return that threat info. Evaluate if the File API provides more consistent results
Module Name File-Module