Skip to content

Releases: OpenBAS-Platform/openbas

Version 1.8.2

07 Nov 16:46
0fa4c12
Compare
Choose a tag to compare

Enhancements:

  • #1453 Ability to support IAM roles for Amazon S3 / MinIO configuration

Full Changelog: 1.8.1...1.8.2

Version 1.8.1

05 Nov 07:57
037db6d
Compare
Choose a tag to compare

Bug Fixes:

  • #1778 Non-admin user granted for a simulation not able to access it
  • #1751 Add Kosovo country
  • #1347 Error 500 when updating Groups

Full Changelog: 1.8.0...1.8.1

Version 1.8.0

25 Oct 13:18
aafab6d
Compare
Choose a tag to compare

The OpenBAS 1.8.0 is out ! Hope you will enjoy it! 🚀

📒 Customizable Debrief
Feeling like sharing the results of your simulation to enhance collaboration ? You can now generate a customizable report page and export it into nicely formatted and shareable PDFs, along with an overall summary to receive insights in a clear and accessible format.

⛓️ Conditional Inject Chaining
Building on version 1.7, seamlessly condition injects launch based on the expectations of previous ones, creating more dynamic simulations with multiple inject paths.

🏗️ Payload Categorization by Architecture
In need of precision regarding your architecture for your payloads ? We organized and categorized your payloads by binary architecture to facilitate the selection of your injects.

👓 Advanced Player and Asset Filtering
We added filters on the players and asset groups pages to streamline your analysis and focus on the most relevant data.

And we also solved a lot of bugs, made some UI improvements and updated our documentation.

Enhancements:

  • #1582 Improve latency on page: admin/scenarios/:id
  • #1580 Improve latency on page: admin/scenarios/:id/injects
  • #1555 Add filters to Players page
  • #1554 Add filters to Asset group page
  • #1487 [ Unit testing - simulation scope ] - lessons learned surveys
  • #1485 [ Unit testing - simulation scope ] - inject creation/update
  • #1385 Conditional inject chaining
  • #1189 Categorize payload by architecture
  • #1080 Create customizable debrief page - generate a report page with a global note

Bug Fixes:

  • #1704 Message "internal error" + Error 500 occurring when creating a technical scenario
  • #1701 Scenario & Simulation full reload when refetching
  • #1699 Remove double fetch organizations in Groups
  • #1682 Remove duplicate requests for pagination & filters
  • #1678 Fix deprecated local method to start frontend
  • #1670 MITRE ATT&CK matrix dashboard results is not working
  • #1668 When deleting an endpoint in an inject, line is not removed but becomes empty
  • #1666 Default value of payload argument is not taken into account when creating an atomic testing
  • #1660 Images (logos) of security systems uploaded by collectors should not be deletable
  • #1658 Mouse cursor is disappearing when mouse is going to the result by target in inject
  • #1655 Putting expectation with the security platform is broken
  • #1633 Import injects: Pagination hides injects over 100 + action only works if the user refreshes
  • #1632 Labels in select inputs look broken
  • #1610 Tags are not displayed in simulation overview
  • #1603 Score max value on the scalebar is not coherent with default value or set value
  • #1600 Can't update an inject without filling all mandatory fields
  • #1586 Simulations never ends if no inject / disabled injects / deleted injects
  • #1521 Removing a team from the context doesn't work
  • #1473 [ UI improvement ] to display uri of a media pressure in an email inject

Pull Requests:

Read more

Version 1.7.3

15 Oct 13:06
90d8f85
Compare
Choose a tag to compare

Bug Fixes:

  • #1629 Documents are not duplicated when an inject is duplicated
  • #1608 Results of OpenBAS scenarios are not displayed anymore in OpenCTI

Full Changelog: 1.7.2...1.7.3

Version 1.7.2

14 Oct 15:43
b536a03
Compare
Choose a tag to compare

Bug Fixes:

  • #1627 Adding / replacing / removing inject teams in bulk also remove all attached document

Full Changelog: 1.7.1...1.7.2

Version 1.7.1

07 Oct 10:22
d75c13a
Compare
Choose a tag to compare

Bug Fixes:

  • #1618 Settings not populating when RabbitMQ is using SSL

Full Changelog: 1.7.0...1.7.1

Version 1.7.0

02 Oct 09:20
01bd4a9
Compare
Choose a tag to compare

Hello dear community! The OpenBAS 1.7.0 is out ! Hope you will enjoy it! 🚀

In this release, we’ve focused on addressing key community pains and squashing bugs to enhance your overall experience.

Improve the readability in our platform logs for more efficient debugging

For better readability, efficiency in troubleshooting and allowing compatibility with an observability platform such as Grafana (filtering, graphs), we changed our logs from Java to JSON.🔍

Command Details in execution traces

Need to see your command information to follow what will be executed? It’s now possible to see what command lines have been executed in your inject details or atomic testing page. 📖

Self-signed certificate

Great news! Following a request from our community, our HTTP client now supports self-signed certificates, making it easier to authorize and connect securely in custom environments. 🚘

Customizable expiration time settings

Introducing customizable expiration settings! Now, you can manage the expiration time of your expectations in their setting and at platform level through your config file. Take full control and fine-tune your workflow like never before! 💥

Clearer insights for expectation score and validation

Say hello to clearer insights! We’ve refined our UI to clarify expectation scores settings and validation screens giving you instant clarity at a glance! 🧹

And we also solved a lot of bugs and made some UI improvements.

Enhancements:

  • #1418 Better readability for platform logs: from java default stack traces to JSON
  • #1218 Authorized platform self-signed ssl certificate
  • #1171 For expectations, add the ability to customize the expiration time used by the expiration manager
  • #1232 Command Details in execution traces
  • #1198 Improve UI of score settings/validation

Bug Fixes:

  • #1550 Error message of Caldera executor not responding when there is no Caldera config
  • #1516 Delete a team from simulation works but generates an error in the interface
  • #1508 open agent windows 10 invalid peer certificate unknown issuer
  • #1503 in animation page, selecting a tag doesn't impact the graphs
  • #1496 obas a gent on win11 arm
  • #1482 Notify success & error from network requests are not translated
  • #1476 When adding a team with multiple players, it can lead to duplicate inserted in database which generate an error
  • #1471 bulk deletion of inject only delete the first one of the list
  • #1456 Sorting on "executor" in "Endpoints" section triggers "Internal error"
  • #1452 UI inconsistency: space separators in simulation list + height of the lines
  • #1435 Mitre Attack Coverage is partially hidden on firefox
  • #1371 Scenario result should not be interactive and show clearly that they have no data when no simulation has been played
  • #1028 In some cases, IMAP store of sent message can fail
  • #1425 Inject expectation is missing on atomic testing
  • #1431 Consistent wording for UI in asset groups: Dynamic asset filter or rule

Pull Requests:

Read more

Version 1.6.1

18 Sep 15:51
14819c9
Compare
Choose a tag to compare

Bug Fixes:

  • #1466 Creating challenges or media pressure inject does not work
  • #1465 Broken variable in media pressure inject
  • #1464 Add teams in a scenario for multiple injects not working

Full Changelog: 1.6.0...1.6.1

Version 1.6.0

16 Sep 13:00
744cc39
Compare
Choose a tag to compare

Hello dear community! The OpenBAS 1.6.0 is out ! Hope you will enjoy it! 🚀

Interactive Timeline Display for injects
Our brand-new timeline is getting fancier ! On top of being able to create and modify your injects more intuitively, you can now chain your injects, opening the way to our future exciting feature: conditional inject launch ! 🛤️

Filters implementation
Find More, Faster: unleash the Power of Filters for a Seamless Experience! You can now leverage filtering on the most important lists of OpenBAS to better understand various kinds of situation for your scenarios, simulations, atomic testing etc. 👀

Test emails and SMS related injects
Not sure if your email or SMS was sent ? You can replay a test for a single inject or do it in bulk. 📬

Launch a scenario now as we do in simulation
No time to waste ? Feeling like launching your scenario right away without scheduling ? It’s now possible with the start now button on the scenario level. ⛷️

Caldera is removed from the default OpenBAS stack
Caldera was complicated to use for the community. We’ve heard you! OpenBAS has reached a good level of maturity by integrating atomic red team so we decided to remove it from our default stack. 👏

Enhancements:

  • #1421 Remove Caldera from default stack
  • #1368 Ability to launch a scenario - same as we do for simulations - with a start now
  • #1336 Be able to replay test for sms and email injects
  • #1294 Implement filters on atomic testing, inject and payload lists
  • #1194 Chaining injects logically
  • #124 Implement filters on injector contract, scenario & simulation lists

Bug Fixes:

  • #1400 In scenario tab, anormal spaces between overlay and separators
  • #1397 Lessons learned survey are never received
  • #1361 Avoid deadlocks during Flyway migrations (>9.0.)
  • #1350 When updating an expectation score, the expectation status doesn't change
  • #859 Login UI should be iso with OCTI
  • #844 404 errors are not correctly handles, leading to spinning forever

Pull Requests:

Full Changelog: 1.5.1...1.6.0

Version 1.5.1

10 Sep 08:53
19aa9f8
Compare
Choose a tag to compare

Bug Fixes:

  • #1398 Teams creation does not work
  • #1392 Moving an inject deletes it's content
  • #1388 Launching payload with Atomic Testing on Linux is not working

Full Changelog: 1.5.0...1.5.1