Current release: 5.7.1
Version 5.7 of Cequence Defender was released September 14, 2025.
Feature highlights
This release focuses on performance optimization, enhanced security controls, and improved system stability across the Defender platform.
Performance & scalability improvements
Processing speed receives a significant boost in this release through improved Defender filters performance and enhanced ceq-bridge receive throughput, delivering noticeably reduced latency across the platform.
Memory management has been comprehensively overhauled with the implementation of a dedicated memory manager for sensor-connector components, complete with configurable memory limits that allow administrators to fine-tune resource allocation based on their specific deployment needs.
Queue monitoring capabilities now include message size tracking for both reader and writer queues, providing operations teams with better visibility into resource utilization and potential bottlenecks.
Architecture-specific improvements include optimized zone memory allocation for x86 systems, ensuring stable operation and improved memory management under heavy load conditions.
Security & compliance enhancements
Application logs now automatically mask sensitive data, ensuring compliance with security policies and protecting confidential information from inadvertent exposure in log files.
The Boost library has been updated to the latest stable version, incorporating critical security patches and performance improvements from the upstream project.
IPv6 resolution is now disabled by default, improving compatibility in environments without IPv6 networking infrastructure while remaining easily configurable for IPv6-enabled deployments.
Protocol & content handling
Message body decompression now extends beyond gzip to support additional compression formats, including brotli, zstd, or compress. More content types are now available to the platform without manual intervention.
SOAP-XML content detection has been enhanced with improved recognition algorithms that more accurately identify and process SOAP-based web service communications.
NLP context processing now correctly handles case-insensitive mode, ensuring accurate text analysis results regardless of case sensitivity settings.
Custom discovery patterns have been enhanced to ensure that user-configured detection rules are properly applied during the discovery process, improving pattern-based endpoint identification accuracy.
Monitoring & observability
OpenTelemetry support enables export of specific logs in OTEL format from both defender and ceq-bridge components, facilitating integration with modern observability platforms and centralized logging systems.
Statistics calculation for multiple sensor-connectors has been enhanced to properly track metrics per individual connector, providing accurate performance data in distributed deployments.
Resolved Issues
Release 5.7.1
DEF-1923 Adds support for autosynchronization of expression policies across environments.
DEF-1898 and DEF-1719 Improved the nginx config-verifier mode.
DEF-1901 Fix vulnerability related to CVE remediation, cache cleanup, and image history removal.
DEF-1924 Enable app-monitor metrics by default.
Release 5.7.0
DEF-1871: Improved SOAP-XML content detection capabilities for better protocol recognition.
DEF-1862: Fixed NLP context processing to work correctly when case-insensitive mode is enabled.
DEF-1855: Added memory limit configuration support to the cequence-bridge component.
DEF-1853: Added support for decompressing non-gzip compressed message bodies including additional compression formats.
DEF-1840: Fixed custom discovery patterns to ensure discovery occurs correctly based on configured patterns.
DEF-1827: Implemented memory manager in defender for sensor-connector component to optimize memory usage.
DEF-1814: Improved defender filters performance for faster processing and reduced latency.
DEF-1797: Fixed sensor connector statistics to calculate correctly per connector when multiple sensor-connectors are present.
DEF-1790: Added message size tracking to reader queue and writer queue for better monitoring.
DEF-1764: Disabled IPv6 resolution by default to prevent issues in environments without IPv6 networking stack.
DEF-1734: Added source information support for the Broadcom plugin integration.
DEF-1726: Application logs scrub sensitive data for security compliance.
DEF-1697: Enabled export of specific logs in OpenTelemetry format for defender and ceq-bridge components.
DEF-1690: Improved ceq-bridge receive performance for higher throughput and reduced latency.
Image locations for on-premises deployments
Your Cequence team provides you with Gitlab credentials for the Cequence image registry. Before downloading Docker images, establish credentials by running the following commands:
export GITLAB_USER = <user provided by cequence>
export GITLAB_PASS = <token provided by cequence>
docker login registry.gitlab.com -u $GITLAB_USER -p $GITLAB_PASS
To pull an image from the registry, run the following Docker command.
docker pull <image repository URL>
| Package | Location | Version | State | MD5 Checksum |
| Defender Docker image x86 | s3://xangent-packages/build/cq-defender/releases/5.7.0/defender-docker/x86_64/defender-latest.tar | 5.7 | Released | |
| Defender Docker image arch64 | s3://xangent-packages/build/cq-defender/releases/5.7.0/defender-docker/aarch64/defender-latest.tar | 5.7 | Released | |
| Helm chart | https://cequence.gitlab.io/helm-charts/ | 5.7 | Released | |
| Image repository | registry.gitlab.com/cequence/releases/defender:5.7.0 | 5.7 | Released |
Compatibility
| Defender (ARM and X86) | Cequence UAP platform | Compatible |
| 5.7.1 | 6.x releases | No |
| 5.7.1 | 7.x releases prior to 7.5 | No |
| 5.7.1 | 7.5 and later releases | Yes |