Version 5.11.8

Enhancements:

• #4707 Improve CSV mapper to handle empty lines and boolean

Bug Fixes:

• #4706 Improve RabbitMQ consume to prevent error on none classic queue type

Full Changelog: 5.11.7...5.11.8

Version 5.11.7

Bug Fixes:

• #4701 Frontend stop working after a minute
• #4700 Built-in CSV RabbitMQ consumer can lead to latencies in the overall ingestion process
• #4698 Adding a marking to an entity in a workbench crash
• #4697 Stream filter on score is not working on indicators

Pull Requests:

• [backend] Fix the built RabbitMQ consumer for CSV import by @SamuelHassine in #4699

Full Changelog: 5.11.6...5.11.7

Version 5.11.6

Bug Fixes:

• #4687 In some cases, charts are not filling the parent container
• #4671 No relation available between Tool -> Vulnerability

Pull Requests:

• Update dependency react-force-graph-2d to v1.25.2 by @renovate in #4675
• Update dependency react-pdf to v7.5.1 by @renovate in #4676
• Update dependency reactflow to v11.9.4 by @renovate in #4677
• Update material-ui monorepo by @renovate in #4678
• Update redis Docker tag to v7.2.2 by @renovate in #4679
• Update aws-sdk-js-v3 monorepo to v3.431.0 by @renovate in #4680
• Update dependency react-force-graph-3d to v1.24.0 by @renovate in #4682
• Update dependency apexcharts to v3.44.0 by @renovate in #4584
• Update dependency react-intl to v6.5.0 by @renovate in #4683
• Update dependency react-router-dom-v5-compat to v6.17.0 by @renovate in #4684
• Update dependency esbuild to v0.19.5 by @renovate in #4685

Full Changelog: 5.11.5...5.11.6

Version 5.11.5

Enhancements:

• #4644 Improve dictionary upsert management

Bug Fixes:

• #4670 Can't export knowledge entities
• #4662 Correlation view in reports is broken
• #4658 Data export to file hangs and fails
• #4654 Improv error handling in import csv connector
• #4652 Form freezes when adding references to a "uses" relationship between Incident and Narratives
• #4648 Platform shutdown / crash on RabbitMQ exception (not catched)
• #4647 Due date are not displayed correctly in case tasks
• #4646 Filters layout is incorrect in feeds
• #4641 Sessions not refreshed lead to undefined references when starting a connector

Pull Requests:

• Update docker.elastic.co/elasticsearch/elasticsearch Docker tag to v8.10.4 by @renovate in #4642
• Update docker.elastic.co/kibana/kibana Docker tag to v8.10.4 by @renovate in #4643
• Update dependency react-pdf to v7.5.0 by @renovate in #4512
• [frontend] Fix filters layout is incorrect in feeds (#4646) by @SouadHadjiat in #4651
• [backend] Improve RabbitMQ error handling moving to callback native api (#4648) by @richard-julien in #4656
• [frontend] due date display in Tasks list (#4647) by @Archidoit in #4659
• [backend] Improv error handling in import csv connector by @RomuDeuxfois in #4655
• [backend] Improve dictionary upsert management (#4644) by @richard-julien in #4645
• [frontend] Fix filters layout in retention creation / edition (#4646) by @SouadHadjiat in #4672
• [frontend] fix drawer in object export (#4670) by @labo-flg in #4673
• [frontend] Add has and targets relationships between Tool and Vulnerability by @yassine-ouaamou in #4674

New Contributors:

• @labo-flg made their first contribution in #4673

Full Changelog: 5.11.4...5.11.5

Version 5.11.4

Bug Fixes:

• #4641 Sessions not refreshed lead to undefined references when starting a connector
• #4640 Relationship export with filter toId not working
• #4638 Memory footprint issue when having multiple errors in a work
• #4637 Error unknown when creating observable in analyst workbench

Full Changelog: 5.11.3...5.11.4

Version 5.11.3

Bug Fixes:

• #4633 Creation of sightings in an entity is broken
• #4630 Vulnerabilities are not imported (wrong type for x_opencti_base_score)

Pull Requests:

• Update dependency remark-gfm to v4 by @renovate in #4444

Full Changelog: 5.11.2...5.11.3

Version 5.11.2

Bug Fixes:

• #4627 Missing some STIX core relationships for threat actor individuals
• #4626 Delete user is not protected from organization administrators
• #4625 Session is no longer auto extended
• #4623 Indicator creation is unavailable
• #4622 Unable to delete the last filter in a TAXII collection
• #4621 The filters used for TAXII collections seem to be ignored
• #4620 Some "observable type" value are missing in the sharing mechanisms' filters
• #4619 Fix icon style on light themes for the side right bar
• #4616 ERROR:pycti.api:Invalid field dst_port when creating a Network-Traffic object

Pull Requests:

• [front] Fix for indicators by @Kedae in #4618
• Be able to have an administrator for an organization (#issue/3637) by @yassine-ouaamou in #4612

Full Changelog: 5.11.1...5.11.2

Version 5.11.1

Enhancements:

• #4608 Allow filtering by main_observable_type from Taxii server
• #4555 Problem with filter feeds CSV
• #4551 For TAXII collection Ingestions, allow me to reset/clear the state

Bug Fixes:

• #4609 Error on marking restriction in specific conditions

Pull Requests:

• [front] Refactor for drawer by @Kedae in #4607
• [front] Fix by @Kedae in #4614

Full Changelog: 5.11.0...5.11.1

Version 5.11.0

Dear community, we're thrilled to announce the release of OpenCTI version 5.11.0 🥳! In this version, we've focused on enhancing the platform with major new features and squashing pesky bugs to ensure the platform continues to meet your evolving needs 💡.

First of all, we have finally implemented a built-in CSV import, with very flexible mapping configuration, allowing teams to import almost any format including relationships in columns. This mapper also supports to have multiple entities and/or relationship in a single column such as a list of sectors 🚀.

Within OpenCTI Entreprise Edition, the automation engine is now generally available. Administrators are able to create powerful playbooks and scenarios to manipulate, enrich, duplicate and process the data in the platform, based on any type of events. For instance, it is now possible to trigger the hygiene connector and, depending on the result, send the indicator to detection 🪄.

It is now possible to make all types of feeds (CSV, TAXII, etc.) public and not only OpenCTI streams. The platform will kept only one type of marking (the highest) instead of cumulating marking definitions of the same type 🧼. From an investigation, an analyst can now quickly create a container such as a report or a grouping. Also in investigations, the number of available entities to be extended in displayed on the graph 🧬.

Thank you for your continued support and valuable feedback. Stay tuned for more exciting updates from the Filigran team as we continue to evolve OpenCTI to meet your threat intelligence requirements 🎉.

Enhancements:

• #4606 Added biographic/demographic capabilities to ThreatActorIndividuals
• #4589 [SSO] Improve configuration to allow remote system disconnect
• #4560 Add option to use session Cookie
• #4510 Do not add internal users in creators
• #4495 RSS Feed elements without date should use FROM_START
• #4420 Threat Actors and Intrusion Set goals as Taxonomy
• #4349 Add Rolling time base attribute time selection (created_at, updated_at)
• #4298 Improve data sharing security, add public access on all types
• #4175 Correctly handle declassification in stream-based synchronization
• #3799 Quick button to turn an Investigation into a Report/Case
• #3637 Be able to have an administrator for an organization who is able to manage users inside its organization
• #3324 [EPIC] Automation and workflows capabilities
• #3229 Restrict marking definition to only one marking by type and keep the highest level
• #3170 Be able to customize the pagination window in the native TAXII server
• #3121 Be able to automate the sharing to organizations based on some criterias
• #2782 CSV Import with columns mapping
• #2768 [SSO] SAML SSO login overrides path to /dashboard
• #2513 Be able to add Analystics pixels tracking systems for demographics
• #2505 Automatic first_seen computing on most of compatible entities
• #2203 Enrich before extracting / creating indicators / observables
• #1865 Number of entities to be extended
• #1544 Allow comparing activity by Connector.

Bug Fixes:

• #4554 Note are displayed as Unknown in list widget
• #4553 Some reports are inaccessible
• #4548 Added Entities to a Container are not displayed in the Knowledge Graph (generates some filters)
• #4540 KillChain view of Attack Pattern Knowledge : error occurs
• #4537 Taxii 2.1 ingestion client is not paginating through collection
• #4529 Wrong location for new dashboard widgets
• #4528 Can't export relationships
• #4525 Available statuses are not displayed in the live trigger creation/modification window
• #4509 Restrict organization access capability check failing
• #4504 Deleting labels using checkboxes is not working
• #4502 Stream security prevent access to authorized users
• #4474 Cannot expand a relation in Investigation Graph
• #4470 The cyber threat activity map on the dashboard breaks down
• #4469 Failed to build OpenCTI-5.10.3 due to the failure of npm install
• #4466 Background tasks on Cases don't take filtering into account
• #4461 Notifications not working with filter Assignee
• #4459 Can't do mass operations on Sightings
• #4456 Sightings filtering bug for qualification=malicious
• #4451 Can't edit DataSource or navigate to relationship. Dashboard crashes
• #4450 Report names are not displaying in the list widget in custom dashboards
• #4425 Failed to create a new stream through a proxy
• #4421 Relationship suggestion feature in "Knowledge" does not always work
• #4350 Knowledge screen in Incidents-->Knowledge does not show all relations. Seems observables are not counted
• #4345 Content field in workbench note is not correct (html instead of md), and TLP marking is not handled correctly
• #4315 JSON export of attack patterns of an intrusion set is broken
• #4282 STIX Sighting Object Not Imported from JSON Bundle

Pull Requests:

• [backend/frontend] fix knowledge relations count and distribution (#4350) by @SouadHadjiat in #4428
• [frontend] Fix True positive qualification filtering on stixSightingRelationships by @marieflorescontact in #4472
• [frontend] Fix edit datasource error when platforms are null (#4451) by @SouadHadjiat in #4458
• [frontend] Fix expand relationship in investigation graph by @helene-nguyen in #4475
• [frontend] Cases background tasks: take filters into account (#4466) by @Archidoit in #4467
• [frontend] fix dashboard date reference settings update (#4470) by @SouadHadjiat in #4473
• [backend/frontend] Improve upsert to rely on attribute update / Add full synchronization capability by @richard-julien in #4445
• [backend/frontend] Improve data sharing security, add public access on all types (#4298) by @richard-julien in #4301
• [front] fix docker build by @Kedae in #4480
• [backend] fix background tasks on Labels (#issue/4504) by @lndrtrbn in #4508
• Update typescript-eslint monorepo to v6.7.4 by @renovate in #4433
• [backend/frontend] Introduce playbook and automation (#3324) by @SamuelHassine in #4503
• Update dependency reactflow to v11.9.2 by @renovate in #4513
• Update dependency @elastic/elasticsearch to v8.10.0 by @renovate in #4514
• Update dependency @opensearch-project/opensearch to v2.4.0 by @renovate in #4515
• Update dependency express-rate-limit to v7.1.0 by @renovate in #4517
• Update dependency apexcharts to v3.43.0 b...

Version 5.10.3

Enhancements:

• #4393 Add modified and updated_at fields for ReportsFilter
• #4342 Add option to choose the maximum number of elements to push on CSV feeds
• #4339 Improve RSS feed converter to support AtomV1 and complex categories/description
• #3488 Custom Dashboard Headline Widget
• #3457 Change style of input file upload

Bug Fixes:

• #4429 Fix feed charset
• #4410 When adding the targets filter on malware list got an error
• #4409 Malware edition overview is broken
• #4408 Invalid IDs specified
• #4407 GraphQL queries for Export/Import have no response
• #4401 Overlap in confidence level scale when editing entity
• #4398 Background task on Artifacts delete Reports
• #4395 Global Search with keyword doesn't work
• #4346 In the list of entity types (in settings => Customization), icon of workflow is not working
• #4340 In the users list, search keyword persists and never cleared
• #4336 Software name displayed as unknown
• #4330 Error in logs: GraphQLError: Expected Iterable, but did not find one for field "StixObjectOrStixRelationshipRefEdge.types\
• #4328 Only 25 items available in report--> observables and report --> entities
• #4325 Update Latitude/longitude values loose precision
• #4324 Knowledge UI crash when direct and inference are cumulated inside node
• #4317 Cant terminate user sessions
• #4310 Digest trigger doesn't send the digest for the right timezone
• #4299 Mail digest x4 instead of 1
• #4296 Limit the Based on display count
• #4255 Killchain is Unknown is list widget in dashboards
• #4236 Malware Analysis is unknown in an investigation graph

Pull Requests:

• Update docker.elastic.co/elasticsearch/elasticsearch Docker tag to v8.10.0 by @renovate in #4319
• Update aws-sdk-js-v3 monorepo to v3.410.0 by @renovate in #4318
• Update docker.elastic.co/kibana/kibana Docker tag to v8.10.0 by @renovate in #4320
• Update opentelemetry-js monorepo by @renovate in #4321
• Update dependency https-proxy-agent to v7 by @renovate in #3879
• [frontend] fix unknown entities in investigationGraph (#issue/4236) by @SarahBocognano in #4241
• [backend] Update Latitude/longitude values loose precision (#4325) by @richard-julien in #4326
• [backend] Fix redis session prefix by @Kedae in #4331
• [frontend] Limit based on to 25 by @RomuDeuxfois in #4332
• [backend/frontend] Improv representative management (#4255) by @RomuDeuxfois in #4289
• [backend] Add option to choose the maximum number of elements to push on CSV feeds (#4342) by @richard-julien in #4343
• [frontend] workflow icon in Customization (#4346) by @Archidoit in #4348
• [frontend] Entities migration to tsx to prepare filters format refacto by @Archidoit in #4322
• [frontend] Stateful Session management across browser tabs by @ParamConstructor in #4273
• Update aws-sdk-js-v3 monorepo to v3.414.0 by @renovate in #4354
• Update dependency @types/node to v20.6.2 by @renovate in #4355
• Update dependency eslint to v8.49.0 by @renovate in #4356
• Update dependency openid-client to v5.5.0 by @renovate in #4357
• Update dependency react-router-dom-v5-compat to v6.16.0 by @renovate in #4359
• Update rjsf monorepo to v5.13.0 by @renovate in #4360
• Update typescript-eslint monorepo to v6.7.2 by @renovate in #4361
• Update dependency @types/react to v18.2.22 by @renovate in #4365
• Update dependency @types/bluebird to v3.5.39 by @renovate in #4363
• Update dependency esbuild to v0.19.3 by @renovate in #4370
• Update dependency @types/turndown to v5.0.2 by @renovate in #4368
• Update dependency formik to v2.4.5 by @renovate in #4372
• Update dependency express-rate-limit to v6.11.2 by @renovate in #4371
• Update dependency eql to v0.9.18 by @renovate in #4369
• Update docker.elastic.co/elasticsearch/elasticsearch Docker tag to v8.10.1 by @renovate in #4383
• Update dependency react-cookie to v6.1.1 by @renovate in #4377
• Update dependency react-intl to v6.4.7 by @renovate in #4380
• Update dependency react-force-graph-2d to v1.25.1 by @renovate in #4378
• Update material-ui monorepo by @renovate in #4385
• Update dependency @ckeditor/ckeditor5-dev-utils to v39 by @renovate in #4388
• Update dependency unified to v11.0.3 by @renovate in #4381
• Update dependency react-grid-layout to v1.4.1 by @renovate in #4358
• Update dependency @types/bcryptjs to v2.4.4 by @renovate in #4362
• Update dependency @types/react-test-renderer to v18.0.2 by @renovate in #4366
• Update dependency nodemailer to v6.9.5 by @renovate in #4374
• Update dependency jose to v4.14.6 by @renovate in #4373
• Update dependency @types/ramda to v0.29.4 by @renovate in #4364
• Update dependency postcss to v8.4.30 by @renovate in #4375
• Update dependency uuid to v9.0.1 by @renovate in #4382
• Update vitest monorepo to v0.34.4 by @renovate in #4386
• Update dependency react-force-graph-3d to v1.23.1 by @renovate in #4379
• Update dependency prettier to v3.0.3 by @renovate in #4376
• Update dependency @ckeditor/ckeditor5-dev-translations to v39 by @renovate in #4387
• Update dependency @types/tough-cookie to v4.0.3 by @renovate in #4367
• Update docker.elastic.co/kibana/kibana Docker tag to v8.10.1 by @renovate in #4384
• [backend] fix notification digest concurrent execution (#4299) by @SouadHadjiat in #4309
• [frontend] fix trigger digest time with right timezone (#4310) by @SouadHadjiat in #4311
• Update dependency remark-parse to v11 by @renovate in #4391
• Update dependency tap to v18 by @renovate in #4392
• Update dependency express-rate-limit to v7 by @renovate in #4389
• Update dependency remark-gfm to v4 by @renovate in #4390
• [frontend] Fix local storage key for user (#4340) by @marieflorescontact in #4394
• [backend] Fix Unknown ...