Documentation Updates

Below are the latest additions and improvements as of March 19, 2026.

Spectra Analyze​

• Released Spectra Analyze 9.7.1 documentation and changelog.
  • Added Network Threat Intelligence page enhancements with IP address data from Spectra Intelligence, including geolocation, ASN, network range, and WHOIS information.
  • URLs extracted from Auxiliary Analysis now appear in the Network References section with pivot links.
  • Added risk tolerance indicator to the top navigation bar.
  • Fixed YARA import limits, increased to 40 MB file size with rules limit removed.
  • Fixed third-party networking reputation sources display in the UI.
  • Fixed sample names being properly sent to IDA in TCA-0207 API calls.
  • Fixed encrypted file uploads handling passwords with special characters.
  • Fixed YARA sync status to accurately reflect synchronization state.
  • Fixed Network Threat Intelligence page infinite loading state when Spectra Intelligence is misconfigured.

Spectra Detect​

• Released Spectra Detect 5.7.2 documentation and changelog.
  • Added Central SDM support for managing both OVA and Kubernetes deployments from a single interface.
  • Added SDM redundancy support for disabling TLS certificate sharing.
  • Increased the SDM NFS connector share limit.
  • Increased the default maximum upload size for YARA rulesets to 45 MiB.
  • Improved performance for the Analytics dashboard.
  • Adjusted dispatcher API concurrency limits to reduce load on core services.
  • Fixed Deep Cloud Analysis usage tracking for accurate usage metrics.
  • Fixed multiple clustering, SDM redundancy, and S3 egress issues.
• Released Spectra Detect 5.7.1 documentation and changelog.
  • Added machine learning model configuration options in Central Configuration for fine-tuning model behavior during static analysis.
  • Spectra Core updated to 5.5.0.
• Released Spectra Detect 5.6.4 documentation (Worker & Hub) and changelog.
  • Fixed upgrade path issues on Spectra Detect Workers and Hubs.
• Released Spectra Detect 5.6.4 documentation (Manager) and changelog.
  • Added option to disable TLS certificate sharing during clustering for enhanced security.
  • Fixed distributed tables cleanup when clustering is disabled.
  • Fixed cluster creation API premature failures.
  • Improved cluster API timeout values and error handling.

File Inspection Engine​

• Released File Inspection Engine 3.2.1 documentation and changelog.
  • Fixed high security vulnerabilities.
• Released File Inspection Engine 3.2.0 documentation and changelog.
  • Enhanced file classification to reduce false positives by adding support for classification overrides combining analyst overrides with user overrides.
  • Fixed high vulnerabilities.
• Released File Inspection Engine 3.1.4 documentation and changelog.
  • Fixed high, medium, and low security vulnerabilities.
• Released File Inspection Engine 3.1.3 documentation and changelog.
  • Fixed high security vulnerabilities.

Integrations​

• New Spectra Analyze MISP Enrichment Module integration documentation.
  • Enriches MISP indicators of compromise (IOCs) with ReversingLabs threat intelligence data.
  • Supports file hash, domain, IP address, and URL enrichment.
  • Provides automatic relationship mapping between file objects, domains, IPs, and reports.
  • Includes enterprise features such as proxy support, custom SSL certificates, and configurable timeouts.
  • Features declarative JSON-based mapping configuration for customization.
• New Corelight integration documentation.
  • Combines Corelight's network detection and response (NDR) platform with ReversingLabs file analysis.
  • Corelight Sensors extract files from network traffic and forward them to ReversingLabs for automated malware classification and threat analysis.
  • Analysis results are returned as logs that integrate with SIEM and SOAR environments for analyst response.
• New ReversingLabs Amplify integration documentation.
  • Embeddable widget that brings ReversingLabs Spectra Intelligence threat intelligence directly into web applications.
  • Allows users to analyze indicators of compromise (file hashes, URLs, domains, IP addresses) without leaving your site.
  • Backend service securely communicates with ReversingLabs APIs and provides pre-fetched data for fast, seamless integration.

Spectra Intelligence​

• Updated TCA-0403 - URL Report with new dynamic analysis fields.
  • Added geolocation field providing geographic location associated with the URL's network activity, reflecting the configured country from which the network traffic was egressed during dynamic analysis.
  • Added locale field reflecting the configured OS language, region, and keyboard layout used during dynamic analysis.
• Updated TCA-0303 - YARA Ruleset Matches and TCA-0319 - YARA Ruleset Matches Feed with extended parameter support.
  • Added extended parameter that when set to true includes additional enrichment fields in response entries: md5 hash, sha256 hash, and first_seen timestamp.

Below are the latest additions and improvements as of January 26, 2026.

Spectra Intelligence​

• Added two new search keywords (tlsh and ssdeep) to TCA-0320 - Advanced Search.
• Added new Licensing and Management endpoints to TCA-9999 - Customer Usage for company, user, license, and limit management.
• Deprecated TCA-0305.

Below are the latest additions and improvements as of January 23, 2026.

General​

• New Security Grades and Codes reference documentation explaining Spectra Core security grades (A-F) and detailed grade codes (RC, WC, SC) assigned during static analysis.

Spectra Analyze​

• Released Spectra Analyze 9.7.0 documentation and changelog.

Spectra Detect​

• Released Spectra Detect 5.7.0 documentation and changelog.
  • Added AWS EKS Micro Deployment guide for Kubernetes-based high-volume file processing.
  • Improved report filtering documentation with clarified limitations for list filtering and primitive field behavior in custom report types.
• Released Spectra Detect 5.6.4 documentation and changelog.

File Inspection Engine​

• Released File Inspection Engine 3.1.2 documentation and changelog.
• Released File Inspection Engine 3.1.1 documentation and changelog.

Spectra Intelligence​

• Added new fileless analysis type to TCA-0404 - Analyze URL endpoint, enabling URL reputation and infrastructure analysis without downloading content.
• New TCF-0701 - Supply Chain IoC feed service for accessing structured threat intelligence data on malicious Open Source Software (OSS) packages with historical data since 2011.
• Added START and PULL query endpoints to TCF-0301 - Network IOCs feed for improved feed session management and incremental data consumption.

Below are the latest additions and improvements as of December 11, 2025.

General​

• New Cloud Deployment Options article with cloud deployment support information.
• Spectra Core reference updates (tags, unpacking, certificate trust store, indicators).

Spectra Analyze​

• Released Spectra Analyze 9.6.2 documentation and changelog.
• Updated Connectors with additional CrowdStrike connector information.

Spectra Detect​

• Released Spectra Detect 5.6.3 documentation and changelog.

File Inspection Engine​

• Released File Inspection Engine 3.0.3 documentation and changelog.

Spectra Intelligence​

• Added GeoIP documentation to TCA-0406 - IP Threat Intelligence.
• Fixes and improvements to TCA-0403 - URL Report.
• Updated last_seen parameter definitions across multiple API endpoints (TCA-0101, TCA-0104, TCA-0301, TCA-0321, TCA-0403, TCA-0405, TCA-0406, TCA-0501).
• Improved clarity in TCA-0206 - Rescan documentation.
• Updated TCA-0207 - Dynamic Analysis documentation.
• Reduced JSON response examples across API documentation for improved performance.

Below are the latest additions and improvements as of November 14, 2025.

General​

• Expanded Privacy & Data Sharing article with networking information.

Spectra Detect​

• Released Spectra Detect 5.6.2 documentation and changelog.
• Improved Spectra Detect Manager Redundancy documentation.

File Inspection Engine​

• Released File Inspection Engine 3.0.0 documentation and changelog.
• Restored File Inspection Engine 1.5.2 documentation.

Spectra Intelligence​

• Enhanced TCA-0404 - Analyze URL with rewritten introduction.
• Updated networking API documentation with cross-links and privacy information: TCA-0403, TCA-0405, TCA-0406, and TCA-0407.

• Fixed sample_available parameter type in TCA-0303 - YARA Hunting.
• OpenAPI Documentation: Migrated to Scalar to improve API reference performance.

Integrations​

• Updated Anomali ThreatStream Ransomware Feed Activation integration documentation.

Below are the latest additions and improvements as of October 30, 2025.

General​

• New Concepts & Reference article: Installing Spectra Core on Debian-based Linux distributions.

Spectra Detect​

• Minor release: Spectra Detect 5.5.3 changelog.

• Improved Spectra Detect Manager Redundancy documentation.

File Inspection Engine​

• Minor release: File Inspection Engine 2.1.0 changelog.

Spectra Intelligence​

• New extended parameter added to TCA-0102 - File Reputation Override documentation.

• Published TCA-0701 - Spectra Assure Community API documentation.

Below are the latest additions and improvements as of October 14, 2025.

General​

• Minor fixes to the SAML and OpenID Connect documentation.

Spectra Analyze​

• Released Spectra Analyze 9.6.0 documentation and changelog.

• Rewrote and improved the Spectra Analyze dashboard documentation.

• Fixed minor issues in the Spectra Analyze YARA documentation.

Spectra Detect​

• Minor release: Spectra Detect 5.6.1 changelog.

• Released Spectra Detect 5.6.0 documentation and changelog.

• Minor release: Spectra Detect 5.5.2 changelog.

Integrations​

• Released the F5 BIG-IP LTM integration documentation.

• Updated the RL Browser Extension documentation with additional information on allow/block lists.

Below are the latest additions and improvements as of September 29, 2025.

General​

• Updated Classification article for clarity.
• Published Certificate Revocation article.
• Made general improvements across the documentation, including minor corrections and cleanup.

Spectra Intelligence​

• Published TCA-0330 Indicators of Compromise documentation.

File Inspection Engine​

• Released File Inspection Engine 2.0.0 documentation and changelog.

Integrations​

• RL Browser Extension 1.0 documentation and changelog.

Below are the latest additions and improvements as of September 5, 2025.

General​

• Quality-of-life improvements and fixes across the entire portal, including improved layout and navigation in the Spectra Core reference section.

Spectra Detect​

• Updates and fixes to the Spectra Detect AWS EKS Deployment Guide.

Spectra Analyze​

• Released Spectra Analyze 9.5.2 documentation and changelog.

Spectra Intelligence​

• Updated the TCTF-0003 Flexible Intel Feed API documentation to include the standard STIX/TAXII query parameters.

File Inspection Engine​

• Released File Inspection Engine 1.5.2 documentation and changelog.

Here are the latest additions and improvements as of August 19, 2025.

T1000​

• Published the initial release of the T1000 documentation.

Spectra Detect​

• Published the Spectra Detect AWS EKS Deployment Guide.

• Expanded guidance on uploading SSL certificates to appliances.

Spectra Intelligence​

• Updated File Upload (TCA-0202-0203) with additional details on metadata uploads.