Product Update 4.14.0.0 - April 15, 2024

The Mandiant Security Validation (MSV) team is pleased to announce version 4.14.0.0 of the MSV platform.

General Enhancements

  • Added Rocky Linux 8 support for Director and Actor appliances. See the upgrade documentation for more information.
    • Note that the minimum hardware and OS requirements have changed for MSV Director Appliances, starting at 4.14.0.0. The requirements are as follows for Directors:
      • CPU: 64-bit x86
      • Minimum RAM: 16 GB
      • Minimum Disk Space: 500 GB (up from 160 GB)
      • Network Interfaces Required: 1
      • Static, Routable IPs: 1
      • Base Operating System for new installations: Rocky Linux 8 (formerly CentOS 7)
    • Note that the minimum hardware and OS requirements have changed for MSV Network Actor Appliances, starting at 4.14.0.0. The requirements are as follows for Actors:
      • CPU: 64-bit x86 CPU with at least 2 cores
      • Minimum RAM: 2 GB
      • Minimum Disk Space: 60 GB (up from 20 GB)
      • Two network interfaces; Static, routable IP addresses required.
    • Moving forward, changes to Actor Networking (IP Address, Netmask, Gateway, DNS, and so on) are done using the vsetnet CLI tool on the Actor OVA. SSH access is required to make changes to the Actor. The vsetnet tool is also used for selecting Interface Assignments (management, simulation, monitor). As of 4.14.0.0, this functionality is no longer available in the Director web interface.
    • Other Changes
      • Added the ability to define two DNS servers per Actor if a PX Proxy is used instead of CNTLM on Director for NTLM connections
      • SSL Protocol explicitly only allows TLSv1.2 and Cipher Suites

Bug Fixes

  • Fixed an issue where the MITRE Navigator Export only linked to MA-SV (SaaS).
  • Fixed an issue where Email Theater account verification was failing with no visible error.
  • Fixed an issue where the system-wide Kerberos configuration file was rewritten without permission.
  • Fixed an issue where multiple integrations were not returning events.

Known Issues

  • Local Event Filtering works as expected but is limited to Match Action, Match Integration, and Match Events (when the latter involves Raw Events). If a rule has a Match Event condition for any field other than Raw Event, the rule does not apply to Local Events. It only applies to events from standard local integrations in MSV.
  • When you add the first MSI integration on a Remote Integrations Actor, the integration does not get detected. To fix this, reboot the Actor after the first MSI integration is selected for that Actor.

Appliance OS Security Update

The latest platform security update can always be found on the security patch download page. This security update applies to all versions of the product and is cumulative.

Important Installation Notes

Minimum Director version 4.12.0.0 or higher is required to upgrade to version 4.14.0.0.

To access documentation and download software (appliance images, installers, and update packages) visit the Validation Section of the Docs Portal. For full details on how to upgrade, see Updating Security Validation Components.

© Copyright Mandiant. All rights reserved
  • First Published: April 15, 2024
  • Last updated: May 8, 2025
In This Article
Related Articles
  • None
Copyright © 2020 – 2021 Your Company, LLC. All rights reserved.