Below are the latest additions and improvements as of March 19, 2026.
Spectra Analyze
- Released Spectra Analyze 9.7.1 documentation and changelog.
- Added Network Threat Intelligence page enhancements with IP address data from Spectra Intelligence, including geolocation, ASN, network range, and WHOIS information.
- URLs extracted from Auxiliary Analysis now appear in the Network References section with pivot links.
- Added risk tolerance indicator to the top navigation bar.
- Fixed YARA import limits, increased to 40 MB file size with rules limit removed.
- Fixed third-party networking reputation sources display in the UI.
- Fixed sample names being properly sent to IDA in TCA-0207 API calls.
- Fixed encrypted file uploads handling passwords with special characters.
- Fixed YARA sync status to accurately reflect synchronization state.
- Fixed Network Threat Intelligence page infinite loading state when Spectra Intelligence is misconfigured.
Spectra Detect
- Released Spectra Detect 5.7.2 documentation and changelog.
- Added Central SDM support for managing both OVA and Kubernetes deployments from a single interface.
- Added SDM redundancy support for disabling TLS certificate sharing.
- Increased the SDM NFS connector share limit.
- Increased the default maximum upload size for YARA rulesets to 45 MiB.
- Improved performance for the Analytics dashboard.
- Adjusted dispatcher API concurrency limits to reduce load on core services.
- Fixed Deep Cloud Analysis usage tracking for accurate usage metrics.
- Fixed multiple clustering, SDM redundancy, and S3 egress issues.
- Released Spectra Detect 5.7.1 documentation and changelog.
- Added machine learning model configuration options in Central Configuration for fine-tuning model behavior during static analysis.
- Spectra Core updated to 5.5.0.
- Released Spectra Detect 5.6.4 documentation (Worker & Hub) and changelog.
- Fixed upgrade path issues on Spectra Detect Workers and Hubs.
- Released Spectra Detect 5.6.4 documentation (Manager) and changelog.
- Added option to disable TLS certificate sharing during clustering for enhanced security.
- Fixed distributed tables cleanup when clustering is disabled.
- Fixed cluster creation API premature failures.
- Improved cluster API timeout values and error handling.
File Inspection Engine
- Released File Inspection Engine 3.2.1 documentation and changelog.
- Fixed high security vulnerabilities.
- Released File Inspection Engine 3.2.0 documentation and changelog.
- Enhanced file classification to reduce false positives by adding support for classification overrides combining analyst overrides with user overrides.
- Fixed high vulnerabilities.
- Released File Inspection Engine 3.1.4 documentation and changelog.
- Fixed high, medium, and low security vulnerabilities.
- Released File Inspection Engine 3.1.3 documentation and changelog.
- Fixed high security vulnerabilities.
Integrations
- New Spectra Analyze MISP Enrichment Module integration documentation.
- Enriches MISP indicators of compromise (IOCs) with ReversingLabs threat intelligence data.
- Supports file hash, domain, IP address, and URL enrichment.
- Provides automatic relationship mapping between file objects, domains, IPs, and reports.
- Includes enterprise features such as proxy support, custom SSL certificates, and configurable timeouts.
- Features declarative JSON-based mapping configuration for customization.
- New Corelight integration documentation.
- Combines Corelight's network detection and response (NDR) platform with ReversingLabs file analysis.
- Corelight Sensors extract files from network traffic and forward them to ReversingLabs for automated malware classification and threat analysis.
- Analysis results are returned as logs that integrate with SIEM and SOAR environments for analyst response.
- New ReversingLabs Amplify integration documentation.
- Embeddable widget that brings ReversingLabs Spectra Intelligence threat intelligence directly into web applications.
- Allows users to analyze indicators of compromise (file hashes, URLs, domains, IP addresses) without leaving your site.
- Backend service securely communicates with ReversingLabs APIs and provides pre-fetched data for fast, seamless integration.
Spectra Intelligence
- Updated TCA-0403 - URL Report with new dynamic analysis fields.
- Added
geolocation field providing geographic location associated with the URL's network activity, reflecting the configured country from which the network traffic was egressed during dynamic analysis.
- Added
locale field reflecting the configured OS language, region, and keyboard layout used during dynamic analysis.
- Updated TCA-0303 - YARA Ruleset Matches and TCA-0319 - YARA Ruleset Matches Feed with extended parameter support.
- Added
extended parameter that when set to true includes additional enrichment fields in response entries: md5 hash, sha256 hash, and first_seen timestamp.
