IBM Security QRadar

 View Only

A innovative new Linux agent and password protected uninstallation for Windows agents as part of the latest 3.10 release of IBM Security ReaQta

By PATEL MILAN posted Mon October 31, 2022 11:57 AM


IBM Security ReaQta announces a innovative new Linux agent and a password protected uninstallation security upgrade for Windows agents as part of the latest 3.10 release 

  • New Linux agent, for deeper introspection of Linux endpoints, Version 0.60
  • Password protected uninstallation upgrade for Windows agent 
    Announcement Banner

IBM Security ReaQta is pleased to announce the introduction of its innovative new Linux agent with enhanced instrumentation, as part of the latest 3.10 release, as well as an important security upgrade for Windows agents. With this release, ReaQta again shows its commitment to building a best-in-class Endpoint Detection and Response (EDR) platform by adopting the latest technologies for better detection and response and continuously looking at ways to make ReaQta more secure and robust. 


New Linux agent 

With the introduction of a new innovative Linux agent, ReaQta customers using Linux-based operating systems will greatly benefit from the latest agent that leverages eBPF technology. The new Linux agent marks an important step forward as eBPF is becoming the standard technology in Linux monitoring and will enable ReaQta to provide customers with many improvements for years to come.  

The new Linux agent incorporates SysFlow, which enhances ReaQta with a lightweight runtime observability layer to enable deep introspection of Linux endpoints.  Sysflow also enables ReaQta Linux agent to expose a set of configurable collection modes that gives the endpoint security agent the flexibility to customize the types of collected system events related to how processes interact with their environment, including the network, filesystem, and other processes.

The Linux agent incident detection and response user experience has been improved with enhancements to process command line information and process correlation. Furthermore, the known endpoint connectivity issues have been resolved. 


Along with the new Linux agent, ReaQta is also pleased to announce that with version 0.60, installation coverage has been expanded to support a wider set of Linux-based operating systems, including:  

  • Centos 7, 8
  • Red Hat Linux 7, 8, 9 
  • Ubuntu LTS 18, 20, 22 
  • Debian 8, 9, 10, 11 
  • Amazon Linux 2 


Lastly, thanks to the partnership between IBM Research and ReaQta, we were able to capitalize on SysFlow to enable a rapid development cycle and advanced visibility capabilities into Linux endpoints.   SysFlow is an open-source system telemetry framework. 


Password protected uninstallation security upgrade for Windows agent 


Password protected uninstallation is a new security feature that hardens the agent against uninstallation attempt from privileged users. With the enablement of this new security upgrade, uninstallation is only possible when an analyst with ReaQta Hive dashboard access provides the right uninstallation token. 




For more information on IBM Security ReaQta, please visit our website.