# 4.5.3.2

# Features

- FortressAI
    
    
    - None
- Cyber Crucible Core
    
    
    - Kernel Buffer Operation Enhancement
        
        
        - The driver leverages buffers to temporarily store telemetry that is ultimately sent to the customer dashboard. This activity is distinct from behavioral model population or operations.
        - If a kernel buffer overloads, system CPU load increases.
            
            
            - This would only happen due to a large OS bug or an attack on the systems.
            - Automated customer notification of very high buffer usage available 1 JUN 2026.
        - Almost all of the kernel buffer operations for CC are with three primary buffers.
        - All three primary buffers' usage percentage is now transmitted to the CC infrastructure for metrics gathering and identification of buffer usage on a per-agent basis.
        - All three primary buffers are able to be adjusted in size remotely, and their status tracked by users.

# Fixes

- A recent update involving DotNet and MSVC Redistributable libraries overwhelmed Cyber Crucible buffers with sustained very high (500%+) process and DLL operations events, affecting some customers. Though buffer usage is back down to the normal 1-5% usage, including the impacted customers, all buffers were doubled in size to account for any future issues. This is in addition to the configuration capabilities listed above.

# Sha-256 Hashes

```
service.exe  = 2f46657af8809339d16546f1e6f2b58975bbf4d5c10fde3510363d628b129492
fai-alert.exe  = 890ccca7e0ce14a0e2ff7f90bae75a7ef12ad6c8cd43ffb52093c8431e65770b
CCRRSecMon.sys   = d0e941bc25d31e38cbebbe9ce3918f82d0b9c7b433efed318cb34e36a50acf94
CCRRSecMon.inf   = db54d8077afdfef81286868f7bda1e8df17dbd812178ddac989127550a904a8c
ccrrsecmon.cat   = a01c31db7231fed3852c9e559eb2c3f7496a016982207c102b88d8b36dcb0486
```