8.17.10 release notes

Author: natasha-moore-elastic

docs/release-notes.asciidoc

@@ -9,6 +9,7 @@ This section summarizes the changes in each release.
 * <<release-notes-8.18.2, {elastic-sec} version 8.18.2>>
 * <<release-notes-8.18.1, {elastic-sec} version 8.18.1>>
 * <<release-notes-8.18.0, {elastic-sec} version 8.18.0>>
+* <<release-notes-8.17.10, {elastic-sec} version 8.17.10>>
 * <<release-notes-8.17.9, {elastic-sec} version 8.17.9>>
 * <<release-notes-8.17.8, {elastic-sec} version 8.17.8>>
 * <<release-notes-8.17.7, {elastic-sec} version 8.17.7>>

docs/release-notes/8.17.asciidoc

@@ -1,6 +1,23 @@
 [[release-notes-header-8.17.0]]
 == 8.17
 
+[discrete]
+[[release-notes-8.17.10]]
+=== 8.17.10
+
+[discrete]
+[[enhancements-8.17.10]]
+==== Enhancements
+* Due to an issue in macOS, {elastic-defend} would sometimes send network events without `user.name` populated. {elastic-defend} now identifies these events and populates `user.name` if necessary.
+* Reduces {elastic-defend} CPU when processing events from the System process.
+
+[discrete]
+[[bug-fixes-8.17.10]]
+==== Fixes
+* Fixes a race condition in {elastic-defend} on Windows that occasionally resulted in corrupted process command lines. This could cause incorrect values for `process.command_line`, `process.args_count`, and `process.args`, leading to false positives.
+* Improves the efficiency of the {elastic-defend} malware scan queue by not blocking scan requests when an oplock for the file being scanned cannot be acquired.
+* Fixes an issue in {elastic-defend} performance metrics that resulted in `endpoint_uptime_percent` always being 0 for behavioral rules.
+
 [discrete]
 [[release-notes-8.17.9]]
 === 8.17.9