Skip to content

MISP 2.4.190 released with new feed improvement, workflows and a new benchmarking suite.
Compare
Choose a tag to compare
@adulau adulau released this 19 Apr 13:33
· 83 commits to 2.4 since this release
v2.4.190
This tag was signed with the committer’s verified signature.
iglocska Andras Iklody
GPG key ID: BEA224F1FEF113AC
Learn about vigilant mode.
471840c
This commit was signed with the committer’s verified signature.
iglocska Andras Iklody
GPG key ID: BEA224F1FEF113AC
Learn about vigilant mode.

We are excited to announce the release of MISP v2.4.190. This latest version introduces a slew of new features, improvements, and fixes designed to streamline operations and enhance security measures for our users.

What’s New in MISP v2.4.190?

Enhanced Tagging and Event Management

  • Advanced Tag Collection for Events: Users can now specify collections of tags to apply to events automatically when using the [feed:pullEvents] feature. This allows for more precise and organized tagging, leading to better event categorization and retrieval.

  • Conditional Execution Stopping in Workflows: The new [workflowModules:stop-execution] feature lets users provide a specific reason for stopping a workflow. This is crucial for auditing and maintaining records of why certain processes were halted.

Robust Data Handling and Performance

  • Unpublished Event Settings: The [feed] functionality now includes an option to keep all pulled events in an unpublished state, helping maintain privacy and control over event visibility until ready for disclosure.

  • Benchmarking Suite: A comprehensive new benchmarking suite has been added to continuously collect and analyze performance metrics such as memory usage and query counts for individual users, endpoints and user-agents. This data is crucial for optimising MISP's performance and reliability as well as identifying misbehaving tools/users/integrations.

Key Changes and Updates

  • Updated Components: Major components such as PyMISP, misp-galaxy, and various taxonomy lists have been updated to their latest versions to ensure users have access to the most current data and features.

  • Improved System Logging and Handling: Several changes have been made to improve how MISP logs and handles data. These include modifications to syslog outputs to avoid line breaks and ensure consistent field counts, enhancing the overall stability and readability of logs.

Fixes and Optimizations

  • Bug Fixes: This update addresses several bugs, including issues with tag collection permissions, HTML rendering in analyst data threads, and event report imports from URLs.

  • Performance Enhancements: Numerous tweaks have been made to reduce memory usage and improve performance across various functions, particularly those involving synchronization and event handling.

Other Noteworthy Changes

  • Accessibility Improvements: The update includes enhancements to the user interface's accessibility, such as enabling keyboard focus on certain elements to aid users who rely on keyboard navigation.

  • API Extensions: New OpenAPI functionalities have been exposed (it was present but not documented), such as allowing data encapsulation in requests and extending STIX export capabilities to attribute levels.

This version of MISP not only introduces new capabilities but also builds on the existing features to provide a more robust, efficient, and user-friendly platform for handling cybersecurity data and events. We encourage all users to upgrade to take full advantage of these improvements.

For a complete list of updates and detailed instructions on how to implement these new features, please visit our official MISP documentation and changelog pages.

Assets 2