Releases: OpenCTI-Platform/connectors
Releases · OpenCTI-Platform/connectors
Version 5.7.1
No changelog for this release.
Full Changelog: 5.7.0...5.7.1
Version 5.7.0
Enhancements:
- #1095 [Virustotal Downloader] Increase Confidence Level to High
- #1086 Modularization of relation refs
- #1080 [Sentinel] Stream connector to use a stream ID
- #1079 Add CaseRfi and CaseRft to export files
- #1024 [TAXII2 Client] Use Pagination
- #1014 [misp] Add an option to enforce warning lists when searching events / attributes
- #932 [misp] Guess threats using tags
- #756 [YARA search] Create the enrichment connector for artifacts
- #736 [Mandiant] Mscore is not taken into account
Bug Fixes:
- #1082 [Sentinel] Stream connectors needs a try and catch processing the message
- #1058 [connector-cape] fail to parse json when analysis report found clamAV signature
Pull Requests:
- Update Dockerfile by @lamtn1 in #1061
- Update flake8 line length to 120 by @SYNchroACK in #1077
- Update .env.dist by @lamtn1 in #1062
- Connector cape fix clamav json structure by @aakloul in #1057
- IPQS Fraud and Risk Scoring Connector by @RamboV in #1065
- [connectors] remove Case in export files and Add feedback and Case Incident by @SarahBocognano in #1097
- [taxii2] Added pagination to taxii connector by @annoyingapt in #1091
- [mandiant] Added mscore to mandiant connector by @annoyingapt in #1090
- [Sentinel] adding a try to avoid crashing the container whenever it c… by @RaulSokolova in #1093
- [ivre/shodan] Migrate Stix Cyber Observable Relationship to Stix Ref Relationship by @RomuDeuxfois in #1087
- [connectors] Add CaseRfi and CaseRft to export files (#issue/1079) by @SarahBocognano in #1098
- [internal-enrichment][LastInfoSec] We are now able to contextualize url also by @remydewa in #1089
- [Virustotal Downloader] Increase Default Confidence Level to 100, resolves #1095 by @YungBinary in #1096
- Introduce the YARA connector by @mattreduce in #1094
New Contributors:
- @lamtn1 made their first contribution in #1061
- @RamboV made their first contribution in #1065
- @annoyingapt made their first contribution in #1091
Full Changelog: 5.6.2...5.7.0
Version 5.6.2
Pull Requests:
Full Changelog: 5.6.1...5.6.2
Version 5.6.1
No changelog for this release.
Full Changelog: 5.6.0...5.6.1
Version 5.6.0
Enhancements:
- #935 [MWDB] Disabling SSL Verification
Bug Fixes:
- #1047 [MISP] Fix text observable values
- #1040 MISP connector crashing with "TypeError"
- #1045 MISP connector crashing with "TypeError"
- #1037 [misp-connector] current_page type None
- #1051 Errors when importing Stix
- #1023 [sentinel] STREAM connector issues
- #1020 [mandiant] Error in connector
- #983 Elastic Connector - passing a wildcard () to the get API (e.g. GET /metricbeat-/_doc/1) which is not allowed
- #978 [virustotal-livehunt-rules] Fails to display error message.
- #965 [VirusTotal Enrichment] Errors out when enriching Domains, IPs and URLs
- #960 [URLScan] Connector errors out with: 'NoneType' object has no attribute 'split'
- #941 STIX Connector not importing all data / breaking import page on 5.5.3
- #931 [ExportReportPDF] Cannot export PDF file because StixCoreObject class does not have a read method
- #859 [cisa-known-exploited-vulnerabilities] - Nothing created from connector
Pull Requests:
- Update build dependencies for shodan-internetdb, import-file-stix by @ckane in #1025
- Improve OpenCTI Datasets connector by @SYNchroACK in #988
- Improve MITRE Datasets connector by @SYNchroACK in #987
- Connector-Elastic - shifted _alias print statement to valid position by @sommerda in #1027
- Optimize SDO .read() operations in [hygiene] and [shodan-internetdb] enrichment connectors by @ckane in #1028
- [urlhaus] & [malwarebazaar] Minimize data from SDO read() operation by @ckane in #1031
- Update Sentinel connector by @The-Stuke in #1041
- Connector-Elastic -- implemented URL-stix2-parsing and checks by @sommerda in #1029
- Connector-Mandiant -- reduced errors due to 'redacted' content by @sommerda in #1030
- [import-document] [import-file-stix] Update version of dependencies by @ckane in #1033
- Set user agent for crowdsec connector to crowdsec-opencti/v1.0.0 by @sbs2001 in #1034
- version 1.0.1 of RF Notes connector by @Jonah-RF in #1043
- Socprime connector fix by @vu-socprime in #1053
Full Changelog: 5.5.4...5.6.0
Version 5.5.4
Bug Fixes:
- #1018 [mitre] CAPEC STIX data doesn't get ingested
- #944 CISA crashes when a null createdBy is present
Pull Requests:
- [Mitre] Fix CAPEC URL for STIX data by @akshaysth in #1019
- [connectors] Txt location export bug fix (#2821) by @Archidoit in #1017
- CrowdSec: Update the error message for quota exceed by @sbs2001 in #1015
- [connectors] selected StixSightingRelationships export (#2735) by @Archidoit in #1016
- Microsoft Sentinel Connector Creation by @The-Stuke in #1012
New Contributors:
- @The-Stuke made their first contribution in #1012
Full Changelog: 5.5.3...5.5.4
Version 5.5.3
Enhancements:
- #991 Async/High-throughput Connectors
Bug Fixes:
- #1008 [misp-feed] CIRCL feed ingestion fails due to missing 'Attribute' key
- #996 Connector-MISP: "IndexError: list index out of range Killed"
- #985 Connector export PDF throws error when exporting an intrusion set
- #981 [MWDB] ERROR:root:nothing to repeat at position 0
- #974 [VX Vault] Connector leaves a trailing \n character in the name and value of imported indicators and observables
- #973 [VXVault] Connector imports garbage data (HTML tags and blank events)
- #971 [VXVault] connector seems to be broken - failing to import threat intelligence
Pull Requests:
- [VXVault] - Fix #973 and #974 - connector imports garbage data by @GraemeMeyerGT in #975
- [virustotal-livehunt-rules] Fixing error message which doesn't displa… by @RaulSokolova in #979
- Fix method to take into account uppercase tags by @fscc-samiR in #984
- [MWDB] Selfsigned certificate support + various bug fixes by @aaarghhh in #989
- [ironnet] Fix IP indicator config option by @rlynch-ironnet in #994
- [VirusTotal] Connector async and added url upload by @sc0ttes in #995
- [VirusTotal] Made IP and Domain relationships optional by @sc0ttes in #998
- [VirusTotal] Ignore empty categories by @sc0ttes in #999
- Connector-Elastic - ECS 8.0.0 compatibility by @sommerda in #1002
- Connector-Elastic - index pattern is used wrongly by @sommerda in #1001
- Connector-Elastic - allowing self-termination by @sommerda in #1003
- Connector-Elastic - datemath requires arrow instead of datetime by @sommerda in #1006
- Connector Abuse-SSL - fixed STIX attribute string: ipv4 -> ipv4-addr by @sommerda in #1005
- setting Attribute key to empty array if not present by @akshaysth in #1009
- Export only selected entities (#1741) by @Archidoit in #1000
- Connector-Elastic - allowing less privileged Elasticsearch access by @sommerda in #1007
- Connector-Elastic - allow sightings-manager to restart the container by @sommerda in #1011
- List exports bug fixes for contained data (#2804) by @Archidoit in #1010
New Contributors
- @GraemeMeyerGT made their first contribution in #975
- @sommerda made their first contribution in #1002
- @akshaysth made their first contribution in #1009
- @Archidoit made their first contribution in #1000
Full Changelog: 5.5.2...5.5.3
Version 5.5.2
Enhancements:
- #910 [DomainTools] Create the connector
Bug Fixes:
- #958 [BUG][MISP] Connector creating a runaway task loop - Leading to Platform Stall
- #952 [Mandiant] News Analysis report creates duplicate notes
Pull Requests:
- Webhook connector by @sc0ttes in #966
- VirusTotal fixes by @sc0ttes in #967
- [urlscan] Fix blob urls by @rlynch-ironnet in #968
- Remove unused property in Readme by @RomuDeuxfois in #962
- [all] Release 5.5.2 by @SarahBocognano in #969
New Contributors:
- @RomuDeuxfois made their first contribution in #962
Full Changelog: 5.5.1...5.5.2
Version 5.5.1
Enhancements:
- #782 [Trickest] Create the connector
Pull Requests:
- [virustotal] "name" key enrichment fix by @sc0ttes in #956
- [virustotal] x_opencti_score of NoneType throws comparison error by @sc0ttes in #954
- [splunk] Use JWT for Splunk auth, sanitize kvstore keys, ignore some entity types by @guiguitodelperuu in #961
- [VirusTotal] Upload unseen artifacts option by @sc0ttes in #959
New Contributors:
- @guiguitodelperuu made their first contribution in #961
Full Changelog: 5.5.0...5.5.1
Version 5.5.0
Enhancements:
Bug Fixes:
- #934 [cybercrime-tracker] ERROR:root:'NoneType' object is not subscriptable
- #933 Mandiant connector not creating relationships
Pull Requests:
- Upgrading API client by @mmolenda in #937
- cybersixgill darkfeed connector by @Umamahesh-Loginsoft in #943
- Splunk stream to be able to recover from errors by @RaulSokolova in #950
- New enrichment connector: Tagger by @SYNchroACK in #946
- [domaintools] add enrichment connector by @axelfahy in #951
- [virustotal] Flag for option to keep higher score of VirusTotal or existing score by @sc0ttes in #953
New Contributors:
- @Umamahesh-Loginsoft made their first contribution in #943
- @sc0ttes made their first contribution in #953
Full Changelog: 5.4.1...5.5.0