# 4.4.5.2

# Features

- New kernel level access telemetry for network-based behaviors, to better identify possible client-side networking bugs, or opportunities to optimize
- Outbound telemetry is now bundled and sent together, just like inbound settings
    
    
    - Transmitted with a 25% timing variance, so that every machine will not be sending packets simultaneously across a client network
- HTTP/2 is now fully utilized end to end

# Fixes

- Reduced minimum threads in use in userspace
- Reduced CPU usage for userspace service
- Agent-Server authentication is now performed more efficiently
- Replaced previous service sleep &lt;&gt; restart algorithm when licenses were not available.
    
    
    - Previous algorithm caused a "service exited unexpectedly" in event manager every 15 minutes.
    - Allowing the Operating System to tell the service to shut off (something abused by criminals and other security tools) would have allowed a “clean” service restart without event manager logs. Instead of creating that vulnerability, Cyber Crucible’s service restarted itself without Windows involvement, causing the event log.

# MD5 Hashes

```
service.exe  = b17a2a528a4424771fdeca8559b9f56b
CCRRSecMon.sys (Windows7)        = c2b051b1001474419e7572fd23625d84
CCRRSecMon.sys (Windows8)        = 335d355bbd492c390e67ac615c5252b0
CCRRSecMon.sys (Windows10)       = 0d1fc32fba2cb878ce8cb0f549b8d167
```