The update is related to the Countercept Agent’s Sensor component. The Sensor component gathers data to be analyzed in the WithSecure backend to identify any malicious activity.
Product Name: Countercept Agent for Linux – Sensor Component
Version: 2025.1.198
Pilot Availability: 29/04/2025
General Availability: 06/05/2025
Predecessor: 2024.2.132
Release Purpose:
- New Features and Enhancements
- Generic Maintenance
Customer Action Required:
Name Changes:
- No changes to file, process, or service names.
Files Updated:
New Features and Enhancements:
- Performance improvements to file event gathering in Kernel 5.10 and newer.
- Detection improvements.
- Changes to firewall rules are now monitored.
- Shared library loadings are now monitored.
- Shebang script information is now included in process details.
- SELinux file context is now handled by sensor’s installer.
Generic Maintenance:
- Fixes for issues identified during 2025.1.186 Pilot.
- Changes to sensor event handling and data storage to improve disk I/O, CPU and memory usage on high load systems.
OS Support:
- AMD64
- AlmaLinux 8.4 – 9.x
- Amazon Linux 2
- CentOS 7, 8
- Debian 10, 11, 12
- Oracle Linux 7, 8, 9 (RHCK and UEK)
- RHEL 7, 8, 9
- Rocky Linux 8, 9
- SUSE Linux Enterprise Server 12 SP3 – SP5
- SUSE Linux Enterprise Server 15 SP1 – SP3
- Ubuntu 18.04, 20.04, 22.04, 24.04
- ARMv8/AArch64
- Debian 11, 12
- Rocky 9
- Ubuntu 22.04, 24.04
Please note that CentOS 6 and RHEL 6 are not supported. The Countercept Agent will break with this update, on endpoints where these operating systems are in use. WithSecure recommends upgrading these endpoints to the supported versions of the operating system, or switching clients to managed updates in collaboration with the WithSecure Engagement team.