Syspeace 2.7.0 is a highly recommended update.
- It introduces improved support for detecting RDP login failures where the IP addresses are missing in the event log entries. For details, see the separate post A comprehensive approach to detecting RDP login failures.
- It includes a setting to mitigate repetitive “success” login entries on file servers caused by file server activity instead of authentication.
- It improves compatibility, including using TLS 1.2 when .NET Framework 4.5 or later is installed – a PCI requirement.
- It includes the ability to export entries out of and import entries into the local blacklist via copy and paste.
- Last but not least, it fixes several issues, including an issue that caused the Syspeace database to be larger than it needed to be.
Syspeace 2.7.0 runs on Windows Server 2003, 2008, 2008 R2, 2012, 2012 R2 and 2016.