MSV 4.14.4.1 Product Release - October 30, 2025

The Mandiant Security Validation (MSV) team is pleased to announce version 4.14.4.1 of the MSV platform.

Enhancements

• Upgraded Director appliances to PostgreSQL 16.
• Upgraded Redis from 7.2.9 to 7.2.11.
• Added additional control over whether matched events count as "detections" or "alerts."

Bug fixes

• Fixed an issue where Cloud Validation Evaluations would not display Cloud Logs when running multiple Cloud Actions.
• Fixed an issue where the Clone and Edit button was missing for all Cloud Validation Actions, preventing users from cloning existing Cloud Actions.
• Fixed an issue where the gauge within a data-looped Template Section behaved inconsistently, changing its appearance after the report date range was modified.
• Fixed an issue where Integration Event Filter Rules were not consistently suppressing or dropping events, particularly for MDE events that were correlated.
• Fixed an issue with Actor log rotation by reducing the rotation size to 25MB to prevent excessive disk space consumption.
• Fixed an issue where the toast notification for pausing or unpausing a Scheduled Report showed a numeric ID instead of the report name, making it difficult to identify the report.
• Fixed an issue with the ExtraHop Reveal 360 Default Query.
• Fixed an issue where newly created Validation tags were not immediately cached and available for selection on other Actions, and tags persisted incorrectly after deleting all content.
• Fixed an issue where custom group names in an Action queue were not propagated to the job results view and JSON output when the Evaluation was run.
• Fixed an issue where the Software Installer shipped with an outdated version of a RAR binary.
• Fixed an issue where IMAP Email services could send email, but checks would fail authentication, resulting in an Actions Error.
• Fixed an issue where downgrading a system admin user's privileges caused a UI error.
• Fixed an issue where, when restoring a backup, if the Director was using an external database with a name that contains dashes, the backup restore would fail and the Director would not be operational.
• Fixed an issue where sending a test email with an empty required field redirects to a 500 error page.
• Fixed an issue where an NTLM proxy failed to pull content.

Known issues

• Local Event Filtering works as expected but is limited to Match Action, Match Integration, and Match Events (when the latter involves Raw Events). If a rule has a Match Event condition for any field other than Raw Event, the rule does not apply to Local Events. It only applies to events from standard local integrations in MSV.
• Network configuration may reset unexpectedly. To resolve the issue, run vsetnet after the upgrade with static IP addresses for one or more interfaces.

Appliance OS Security Update

The latest platform security update can always be found on the Validation Section of the Docs Portal. This security update applies to all versions of the product and is cumulative.

Important Installation Notes

Minimum Director version 4.14.0.0 or higher is required to upgrade to version 4.14.4.1.

To download documentation and software (appliance images, installers, and update packages) visit the Validation Section of the Docs Portal. For full details on how to upgrade, see Updating Security Validation Components.