We're excited to announce a new update for the Sekoia Agent with important enhancements and fixes.

Added:
Linux: Now tracking connect syscalls ending in EINPROGRESS.
Windows: Microsoft-Windows-Security-Auditing events 4656 and 4658 from third-party EDRs are now ignored for improved efficiency.

Fixed:
Windows: Resolved startup issues after upgrading to Windows 11 24H2.
Improved the enrichment of process-ended events with parent information.
Enhanced handling for starting ETW sessions.

Ensure your systems are up to date to benefit from these improvements!