Version 6.3.9

Bug Fixes:

• #8837 Bug may lead to deletion of all entities in OpenCTI
• #8800 Finding report duplicates does not work properly
• #8767 Having a large number of Organizations slows down the playbooks
• #8642 Extremely high CPU usage in workers
• #8575 Report export to STIX2 brings start_time == stop_time for relations
• #8282 Useless vertical scrollbar in custom dashboard + hidden by the header

Pull Requests:

• [frontend] UI fix scrollbar useless in custom dashboard (#8282) by @CelineSebe in #8823
• [frontend] Fix global search toolbar (#8837) by @SouadHadjiat in #8845
• [backend/frontend] Fix playbook organization sharing schema (#8767) by @SouadHadjiat in #8811

Full Changelog: 6.3.8...6.3.9

Version 6.3.8

Bug Fixes:

• #8825 Enrichment panel do not open for SCOs
• #8720 Improve info log level for task manager to help troubleshoot issues
• #8682 Reset of the "display as" settings
• #8656 [CI] multi-repository PR should default as PR target branch and not master
• #7720 Extension is not always set to ".json" in dashboard export, which lead to not be able to re-import without renaming the file
• #7697 [filters] 'lower than / equals' operator for date filters doesn't take 'equals' into account

Pull Requests:

• [frontend] Fix enrichment button (#8825) by @Kedae in #8828
• [frontend] Add defaultStartTime and stopTime for StixCoreRelationship creation (#8575) by @marieflorescontact in #8782
• [frontend] filters: lte and gt operators with dates (#7697) by @Archidoit in #7942

Full Changelog: 6.3.7...6.3.8

Version 6.3.7

Enhancements:

• #8636 Avoid breaking UI when too many labels are associated to an entity
• #8151 Upgrade CKeditor to latest version
• #6643 Leaked Tokens are not revokable

Bug Fixes:

• #8742 Retro-compatibility mappings mode for reindexing broke the SSO login
• #8740 Data is not deduplicated when an entity under restriction (marking) is updated
• #8726 [Dashboard] Two "name" filter
• #8712 Missing author column in the home dashboard reports list
• #8683 No error when updating an indicator with incorrectly formatted pattern
• #8681 Not possible to view the list of reports authored by an organization
• #8649 cannot create a public dashboard from the dashboard list
• #8630 [Dashboard] Counter in knowledge perspective no longer takes into account time filter
• #8599 Observables distribution graph is not respecting the height of the box
• #8557 Creation Date display error after node edit in Investigation graph
• #8506 open a new tab from listing
• #8501 Not possible to CTRL+click directly on the left menu (first level)
• #8483 Sightings tabs in observables are broken
• #8442 English grammar errors in the titles of the default dashboard widgets
• #8333 Missing entites in shared report
• #8291 OpenCTI failed to validate YARA rules containing "\r" escape sequence in text strings.
• #8288 The 'entities overview' loader is not the one used in the rest of the application
• #8225 Bad icon used in connector overview
• #8180 Inconsistency in potential duplicate warning messages
• #8175 Layout issue when loading cases
• #8101 Organisation Admins: multiple issues
• #8058 Multiple issues in opinions
• #7992 CSV import is buggy
• #7797 [Workbench] Sightings default value displayed as Unknown
• #7796 Error at relationships export in json
• #7719 N subscribers is not correctly vertically centered within the button
• #6361 Creating a lot of relationships at once causes a timeout error

Pull Requests:

• [frontend] Bad icons replaced in connector overview(#8225) by @CelineSebe in #8669
• [frontend] Fix the height of the Observables distribution graph(#8599) by @CelineSebe in #8670
• [frontend] Fix time filters in relationships counters (#8630) by @Archidoit in #8668
• [frontend] In Investigation graph fix date display after node modification (#8557) by @Gwendoline-FAVRE-FELIX in #8678
• [frontend] use new loader in report overview (#8288) by @frapuks in #8385
• Initial Changes to support dynamic configurable required fields via settings --> customization by @ParamConstructor in #6972
• [backend] Fix missing entites in shared report (#8333) by @marieflorescontact in #8587
• [backend/frontend] fix multiple issues for Organisation Admins (#8101) by @marieflorescontact in #8459
• [frontend] Containers list in Analysis tab of Organization display as Author (#8681) by @Archidoit in #8690
• [frontend] redirect link updated for observables (#8483) by @ValentinBouzinFiligran in #8695
• [backend/frontend] Allow security admin to renew users token (#6643) by @aHenryJard in #8667
• [frontend] Missing author column in the home dashboard reports list (#8712) by @ValentinBouzinFiligran in #8719
• [frontend] Danger zone: rule engine, EE deactivation, marking lists and file indexing (#8284) by @marieflorescontact in #8699
• Popover Removal - Locations by @daimyo007 in #8199
• [backend] check indicator pattern syntax when update (#8683) by @marieflorescontact in #8717
• [backend] replace plyara with yara-python for yara indicator check (#8291) by @JeremyCloarec in #8731
• Bump http-proxy-middleware from 3.0.2 to 3.0.3 in /opencti-platform/opencti-front by @dependabot in #8744
• [backend] update cookie from 0.6.0 to 0.7.0 by @labo-flg in #8775
• Update dependency @xmldom/xmldom to v0.9.4 by @renovate in #8773
• Update dependency @playwright/test to v1.48.1 by @renovate in #8772
• [frontend] Migrate CK Editor to 9.3 (#8151) by @labo-flg in #8787
• Update dependency convert to v5.5.1 by @renovate in #8774
• Update dependency filigran-ui to v0.20.3 by @renovate in #8780
• [backend] Revert "Update dependency @xmldom/xmldom to v0.9.4" by @Kedae in #8791
• Popover Removal - Cases by @daimyo007 in #8121
• Update dependency i18n-auto-translation to v1.8.2 by @renovate in #8781
• [backend] deduplication check is now done with SYSTEM user (#8740) by @JeremyCloarec in #8786
• Update aws-sdk-js-v3 monorepo to v3.679.0 by @renovate in #8770
• Update Node.js to v20.18.0 by @renovate in #8769
• Update dependency file-type to v19.6.0 by @renovate in #8779
• Update dependency eslint-plugin-react to v7.37.2 by @renovate in #8778
• Update dependency @escape.tech/graphql-armor to v3.1.1 by @renovate in #8771
• Update dependency eslint-plugin-import to v2.31.0 by @renovate in #8776
• [front] Fix potential duplicate warning messages (#8180) by @CelineSebe in #8765
• Popover Removal - Analyses (Updated) by @daimyo007 in #8106
• [backend] Adding info logs to task manager (#8720) by @aHenryJard in #8725
• [CI] Update scripts to use PR target branch instead of hardcoded master (#8656) by @aHenryJard in #8732
• [frontend] filter utils tests by @Archidoit in #8718
• [backend] Attributes can't have same label and different names in schema (#8726) by @Archidoit in #8738
• [frontend] Extension is not always set to .json (#7720) by @ValentinBouzinFiligran in #8746
• [frontend] Fix delete button behaviour by @marieflorescontact in #8802

New Contributors:

• @daimyo007 made their first contribution in #8199

Full Changelog: 6.3.6...6.3.7

Version 6.3.6

Enhancements:

• #8498 Add "Vulnerabilities" view in the knowledge tab of a System entity
• #8453 Support of "has" relationship between a System and a Vulnerability

Bug Fixes:

• #8665 Ingestion performance issue on related-to from obserable to entities
• #8650 objects (labels, kill chain phases) are clickable resulting in an empty page
• #8647 Editing some objects titles from the view list is broken - edition drawer is not responsive
• #8642 Extremely high CPU usage in workers
• #8641 [Kill chain phase ordering] We can't modify the order
• #8635 [Regression] IP location flag no longer appears
• #8626 Results of OpenBAS scenarios are not displayed anymore in OpenCTI
• #8624 Bulk search is not working properly anymore
• #8579 Knowledge graph is not displaying all entities
• #8576 Relationship " authored by " not properly displayed in Knowledge tab
• #8547 Internal document identifier are case sensitive
• #8545 [live stream] external references are not synced
• #8533 Narrative list wrong icon + alignment issue
• #8495 In some old instances, we have objectOrganization indexed, which causes an issue when deleting entity
• #8310 Playbook "log data in standard output" warning option should use "warn" level instead of "warning"
• #8223 External reference overview panels not aligned
• #7962 The derived-from relationship is not supported for all STIX domain objects and cyber observables
• #6657 When having a trigger covering URLs or an Indicator genreated from an URL Observable, URL is clickable in the notification or the description

Pull Requests:

• [frontend] Narrative list wrong icon + alignment issue (#8533) by @SarahBocognano in #8594
• Update dependency react-router-dom to v6.26.2 by @renovate in #8565
• Update dependency react-force-graph-3d to v1.24.4 by @renovate in #8564
• Update dependency qrcode to v1.5.4 by @renovate in #8562
• [backend] change file upload to be case insensitive (#8547) by @JeremyCloarec in #8554
• [Backend] External reference fail creation as checked attribute is not the good one (#8545) by @richard-julien in #8548
• [Backend] Get all objects pagination can stop for invalid global count (#8579) by @richard-julien in #8592
• [frontend] Fix english grammar errors in the titles of the default dashboard widgets (#8442) by @CelineSebe in #8605
• [backend/frontend] Use ID instead of label when resolving expectation from OpenBAS by @RomuDeuxfois in #8589
• Update dependency react-force-graph-2d to v1.25.6 by @renovate in #8563
• [backend] use component name in traces and fix warn issue.(#8352)(#8310) by @aHenryJard in #8625
• Update dependency apexcharts to v3.54.0 by @renovate in #8618
• Update dependency filigran-ui to v0.19.4 by @renovate in #8622
• Update dependency file-type to v19.5.0 by @renovate in #8620
• [frontend] Remove links from Notifications (#6657) by @Kedae in #8591
• [frontend] External reference overview panels not aligned (#8223) by @SarahBocognano in #8628
• [frontend] Display fixes (#8284) by @Kedae in #8632
• [backend] Add feed queue control. Only add jobs if current queue is empty by @richard-julien in #8617
• [frontend] Fix flag display for observables (#8635) by @Kedae in #8637
• [frontend] Fix bulk search by @Kedae in #8633
• Update dependency esbuild to v0.24.0 by @renovate in #8619
• Update dependency filigran-icon to v0.9.0 by @renovate in #8621
• Update quay.io/keycloak/keycloak Docker tag to v25.0.6 by @renovate in #8544
• [frontend] fix ui after apexcharts update 3.54.0 by @labo-flg in #8645
• Update dependency helmet to v7.2.0 by @renovate in #8623
• [backend/frontend] Add derived-from relationship in SDO & SCO of same type (#7962) by @SarahBocognano in #8220
• Update dependency vite-plugin-static-copy to v1.0.6 by @renovate in #8541
• Update dependency @types/nconf to v0.10.7 by @renovate in #8530
• Update dependency openai to v4.67.3 by @renovate in #8500
• [frontend + backend] added vulnerabilitties tab and 'has' relationship by @stefan1anuby in #8458
• Additional Threat Actor Relationship Types by @Bonsai8863 in #8341
• [backend] Do not impact entities targeted by related to relations from observables (#8665) by @SamuelHassine in #8666
• [frontend] Rollback on unclear code and fix navigation (#8647) by @Kedae in #8662
• [backend] Ensure that all connectors queues are initialized at platform start (#8642) by @richard-julien in #8664
• [frontend] Update relationship creation and display (#8576) by @Kedae in #8634
• [backend] ignore objectOrganization in reindexing (#8495) by @JeremyCloarec in #8496

Full Changelog: 6.3.5...6.3.6

Version 6.3.5

Enhancements:

• #8536 [Backend] Add SAML option to get email from attribute
• #7255 [Investigation]: Change the "representation" key used in an investigation for an observable of type "File"
• #4864 Enhance retention policy deletion performances / speed

Bug Fixes:

• #8568 Not enough margin top in entity => history (search bar hidden)
• #8520 Indicator valid_until field is not displayed in list view
• #8514 Different font styles in correlated reports list
• #8445 English grammar errors in the toggle labels for the "Update a group" panel
• #8433 [Dashboards] Can't modify dashboards settings even in admin (bypass all cap)
• #8316 Infinite load is broken in container add entity
• #8273 Right menu in security is not correctly highlighted when entering roles / users / groups
• #8249 Update Observable header has wrong color
• #8174 Multiple issues in markdown content files
• #8050 Group members are inconsistent and can lead to mistakes on managing RBAC
• #7634 Cannot search by hashes in knowledge graph
• #7043 User can merge entities without the full visibility of entities merged
• #6656 Autocomplete in filters return odd results

Pull Requests:

• Update docker.elastic.co/kibana/kibana Docker tag to v8.15.2 by @renovate in #8543
• Update docker.elastic.co/elasticsearch/elasticsearch Docker tag to v8.15.2 by @renovate in #8542
• [backend] store enum filters values in constants by @Archidoit in #8436
• Update dependency @types/ramda to v0.30.2 by @renovate in #8532
• Update dependency @types/node to v20.16.10 by @renovate in #8531
• Update dependency http-proxy-middleware to v3.0.2 by @renovate in #8526
• Update dependency jsdom to v24.1.3 by @renovate in #8527
• Update dependency vite to v5.4.8 by @renovate in #8540
• Update dependency express to v4.21.0 by @renovate in #8476
• [frontend] Allow middle-mouse button to click on DataTable (#8394) by @Kedae in #8464
• [frontend] remove valid_until column in indicators list (#8520) by @labo-flg in #8521
• [frontend] correlated reports policies size (#8514) by @Archidoit in #8555
• [frontend] Fix right menu in security not being correctly highlighted when entering roles, users, or groups. (#8273) by @CelineSebe in #8567
• Update dependency html-to-pdfmake to v2.5.13 by @renovate in #8525
• [frontend] Group members are inconsistent and can lead to mistakes on managing RBAC (#8050) by @SarahBocognano in #8098
• [frontend] Fix margin (#8568) by @Kedae in #8573
• [frontend] Change the "representation" key used in an investigation for an observable of type "File" (#7634) by @Gwendoline-FAVRE-FELIX in #8504
• [Backend] Add SAML option to get email from attribute (#8536) by @richard-julien in #8537
• [frontend] fixed header colors (#8249) by @stefan1anuby in #8277
• [frontend] Add pop up warning when activate organization segregation (#8284) by @marieflorescontact in #8586
• [frontend] English grammar errors in the toggle labels for the "Update a group" panel (#8445) by @SarahBocognano in #8595
• [backend/frontend] Dashboard selection fix + some widget alignment (#8433) by @Kedae in #8590
• [backend/frontend] Implementation of sensitive configuration protection (#8284) by @aHenryJard in #8509
• [frontend] Improve PDF handling in Content (#8174) by @Kedae in #8593
• [frontend] Trial for color in DangerZone (#8284) by @Kedae in #8603
• [Backend] Enhance retention policy deletion performances / speed (#4864) by @richard-julien in #8569
• [frontend] fix danger zone display in capabilities (#8284) by @labo-flg in #8609

Full Changelog: 6.3.4...6.3.5

Version 6.3.4

Bug Fixes:

• #7477 OpenCTI fails to detect successfully authenticated OpenID Connect SSO via ADFS
• #8512 [livestream] update and removal are not done anymore on destination
• #7925 OIDC logout remote not working
• #8451 [Export] Inconsistency in the number of exported entities
• #8515 [RSS feed] Author set in ingester not applied
• #8265 Worbench creation pop-up freezes if workbench of same name already exists
• #8440 Can't remove latitude and longitude of locations in UI

Pull Requests:

• Bump rollup from 4.21.3 to 4.22.4 in /opencti-platform/opencti-graphql by @dependabot in #8461
• Bump rollup from 4.21.0 to 4.22.4 in /opencti-platform/opencti-front by @dependabot in #8462
• [frontend] enable latitude and longitude removing from UI (#8440) by @Archidoit in #8450
• Left Nav Menu Changes by @Bonsai8863 in #8137
• [frontend] fixed workbench creation pop-up in case of error (#8265) by @stefan1anuby in #8285
• [frontend] Need to refresh the page to see the new attack patterns added in Techniques / Attack Patterns (#8516) by @Gwendoline-FAVRE-FELIX in #8517
• Update dependency react-intl to v6.7.0 by @renovate in #8503
• Update dependency pdfmake to v0.2.13 by @renovate in #8474
• Update aws-sdk-js-v3 monorepo to v3.658.1 by @renovate in #8475
• Update dependency nodemailer to v6.9.15 by @renovate in #8473
• Update dependency axios to v1.7.7 by @renovate in #8471
• Update dependency antlr4 to v4.13.2 by @renovate in #8470
• Update dependency @playwright/test to v1.47.2 by @renovate in #8355
• [backend] Add remote logout_remote value to openId options (#7766) by @aHenryJard in #8466
• [dev] Add a profile to run opensearch locally by @aHenryJard in #8397
• [backend] Fix the detection and usage of dedicated headers by @richard-julien in #8528
• [Backend] Add OpenID Connect SSO support for Microsoft ADFS to get user claims from the id_token by @animedbz16 in #7478

New Contributors:

• @animedbz16 made their first contribution in #7478

Full Changelog: 6.3.3...6.3.4

Version 6.2.19

Bug Fixes:

• #8512 [livestream] update and removal are not done anymore on destination

Full Changelog: 6.2.18...6.2.19

Version 6.3.3

Bug Fixes:

• #8451 In global search, the "local" search field should not be displayed (and is not working currently)
• #8443 Breadcrumb is too high / spacing incorrect
• #8435 Search bar too high in Customization
• #8424 MITRE ATT&CK ordering is not applied in the matrix view
• #8421 Export button is missing in the global search
• #8419 Playbook position is raising errors float versus int
• #8414 [Activity log - Filter] Missing value in Activity log filters
• #8407 User unable to export filtered indicators
• #8401 Double scrollbars in custom dashboards
• #8396 Table pagination counter should be rounded to first digit
• #8394 CTRL-Click is no longer possible on entity tables
• #8393 Bug/Regression - Bulk edition of status not possible
• #8280 Loader in knowledge graph should be position at center vertically, not at the top
• #8274 Missing breadcrumb in multiple entities/objects overview
• #8241 There are 'Exports lists' in another report (OBSERVABLES in report)
• #8240 Settings panels not aligned
• #8162 Search in "Correlation view" is not working
• #7921 [Dashboard] Date displayed as non-human readable format (timestamp)
• #7226 Created field not present but required for CSV Mapper

Pull Requests:

• [frontend] Fix ctrl+click on DataTable (#8394) by @Kedae in #8402
• [backend] Fix orga sharing tests (#4538) by @marieflorescontact in #8404
• [frontend] Fix number of elements (#8396) by @Kedae in #8406
• Bump vite from 5.4.1 to 5.4.6 in /opencti-platform/opencti-graphql by @dependabot in #8392
• Bump vite from 5.2.8 to 5.2.14 in /opencti-platform/opencti-front by @dependabot in #8390
• Update dependency vite to v5.4.6 [SECURITY] by @renovate in #8391
• [frontend] Fix search in Containers Correlation view (#8162) by @Archidoit in #8382
• [frontend] Observables exports list of containers should be independant (#8241) by @Archidoit in #8309
• [backend] display created field for csv mapper (#7226) by @frapuks in #7966
• [front] add missing breadcrumb in multiple entites (#8274) by @CelineSebe in #8377
• [platform] Prepare new branch pre-release by @Kedae in #8412
• [front] add missing breadcrumbs in customization+ fix(#8274) by @CelineSebe in #8420
• [frontend] added missing exportContext in global search (#8421) by @JeremyCloarec in #8423
• Update body-parser to 1.20.3 for transitive dependencies by @aHenryJard in #8331
• [frontend] deleted 2nd scrollbar from dashboard-details-page (#8401) by @stefan1anuby in #8408
• [frontend] center loader (#8280) by @frapuks in #8386
• [front] fix date format (timestamp) in horizontal bars widget (#7921) by @CelineSebe in #8032
• [frontend] Bulk edition of status regression fix (#8393) by @Archidoit in #8400
• [frontend] Fix attack patterns matrix columns sorting by score (#8424) by @SouadHadjiat in #8431
• [backend] add 'unauthorized' in event scope filter values (#8414) by @Archidoit in #8417
• [frontend] enhancing the settings panels layout (#8240) by @CelineSebe in #8437
• [backend] change the way restricted entities are built (#8407) by @JeremyCloarec in #8441
• [frontend] Alignment fixes (#8443) (#8435) by @Kedae in #8444

New Contributors:

• @stefan1anuby made their first contribution in #8408

Full Changelog: 6.3.1...6.3.3

Version 6.3.1

Bug Fixes:

• #8395 In some very rare cases when a bundle is too large, sending to the queue can end up with "Blocked connection timeout expired.".

Full Changelog: 6.3.0...6.3.1

Version 6.3.0

Dear community, we're excited to announce the launch of OpenCTI 6.3! 🥳

This released has been focused on solving well known pains 🎯 :

• providing more control & clarity to admins related to the ingestion process
• improve application usability by making it easier to ingest
• manipulate data and initiating work toward vulnerability management.

Clarity & control over the ingestion process is a must. Hence the introduction of our feature Integrated feeds Ingestion 🧠*.* More and more of you are ingesting data via “integrated” feeds (TAXII, RSS, CSV), and we've worked to give you greater visibility over the data ingestion flow by representing these feeds in the form of a dedicated connector and by allocating dedicated RabbitMQ queues per ingestion configurations in place of common queues (see our depreciation announcements).

Thanks to this enhancement, you'll be able to identify bottlenecks more quickly and gain real-time insights into your data ingestion flow. 💡

Following up on this pain of providing more control to admins over the ingestion, we have introduced a new capability: bypass custom mandatory fields.

The problem is that your connectors providing you data do no always have a a specific field that you want your analyst to provide, which results in failing the creation of entity. ❌ As a result, thanks to this new capability, you will be able to enforce this custom mandatory attribute only for specific groups of users (your analysts), while allowing others (your connectors) to be able to create data without a specific field. 🔥

As mentioned in introduction, we focused on usability. This is why we introduced a new feature: bulk creation 🥇

1. Bulk Creation of Entities: For entities that only require a single field, you can now copy and paste a list directly into the platform. This allows for the instant creation of multiple entities at once, eliminating the need for repetitive, step-by-step creation processes.
2. Bulk Creation of Relations: In addition, we’ve added the ability to create relationships in bulk, even for entities that don’t yet exist in the platform. This powerful feature, adapted from our Analyst Workbench’s "add context" functionality, streamlines the process of building connections between entities.

Together, these features are designed to save you time and enhance your productivity, enabling you to focus on more critical tasks.

Improving app usability means better identification of the data that matters to you 💡

Every organization has unique data needs, even within different entities of the same company. To meet this, we introduce the new Custom Overview per Entity Type feature.

This allows users to customize each entity’s layout, selecting key information "blocks" to prioritize and adjust their size. It makes it easier to quickly spot and focus on critical data.

Usability also comes from having similar functionalities in similar screens across the app.

First of all, we have introduced List views for Threat Actors, Intrusion Sets, Campaigns & Malware, on the top of the existing card view 🪪. This will tremendously help the management of these entities without the need to go in data/entities to manage them.

Massive operations have also been added to all Arsenal entities (Malware, Channels, Tools, Vulnerability), Narratives and Attack Patterns! In this way, the consistency of operations across the application is greatly enhanced.

Last but not least, you will notice one last update that has been heavily worked in order to improve our application usability: New data tables 🎉

When upgrading to our new version, you’ll notice that data table look different: we have upgraded them. As a result, you’ll notice that:

• the table will introduce proper pagination (size of each page can be defined) in order to improve loading.
• another long awaited improvement is the ability to resize each columns in order to view long names or values. This would make the usability of our app way better. 🚀
• Additionally, when clicking on one of the columns title, you’ll enable a quick filter: efficiency is key when dealing with loads of data. ❤️‍🩹
• Behind the scenes, this new technology reduce our technical debt and enable future use cases that we can’t wait to develop!

As some of you may be aware, we would like to make easier the vulnerability management process in OpenCTI.

The first step to achieve this goal was to extend our Vulnerability model to support EPSS and CISA KEV attributes. Support of these two information were highly requested by the community🔥. Regarding EPSS, an enrichment connector to fill the data has been created too, see below.

Having these fields was not enough, we also added the ability to use them (like other vulnerability fields) in playbook components to help you build your own vulnerability decision tree 🪄.

While files and workbenches are essential, they can contribute to performance issues over time, since documents are piling up in the platform. ❌

Retention Rules for Files and Workbenches: We’ve added configurable retention rules, which are not set by default but can be easily customized. For example, you can implement a one-year policy to automatically delete any file or workbench created over a year ago. This helps prevent outdated data from accumulating and improves overall platform performance. 💯

Administrators have also been heard with an additional feature, or rather a UX improvement. To ease management of dashboard we have also introduce a new tab in the dashboard menu, to be able to view only the public dashboards as list without needing to enter in each dashboard to view the corresponding dashboards.

In terms of integrations, lots of effort has been put to deliver new connectors & improvements of existing connectors.

We already announced it on slack, but during this release, we delivered a new Splunk app 🔥, aiming to:

• seamlessly ingest indicators through an OpenCTI live stream.
• Instantly trigger actions in response to alerts and investigate them directly within OpenCTI.

With the OpenCTI Add-on for Splunk, you can leverage comprehensive threat information, improving your ability to detect and respond to security incidents more effectively. More info can be found on : https://splunkbase.splunk.com/app/7485.

To provide more support to our community, we completely refactored the Qradar connector to become an official Filigran support connector. This means that we will be able to provide support on this connector if a bug arise. The refactor has also fixed some known bugs, which are listed in the below list of issues.

Being open source also means ensuring that everybody has the capacity to contribute to our codebase. However, in the past, our readmes & guidelines to contribute in our connector repository were not up to date. We’ve made some effort to update it so that all the documentation is up to date, allowing everybody to bring their own contribution more easily 💪!

As mentioned earlier, we have worked towards helping analysts to perform vulnerability management with OpenCTI. To cater this need, we built an enrichment connector to provide values for EPSS 🤘This connector integrates with the organisation “FIRST” API, aiming to retrieve EPSS values about a specific vulnerability. This enrichment connector is of course playbook compatible 🚀

Some connectors have also been reworked (namely Sekoia, Crowdstrike, Mandiant, AlienVault, Recorded Future, CISA KEV) to support our new scheduling and auto-pausing feature that will pause your connector when its queue gets full.
You’ll see in these connectors new variables "duration_period" & "queue_threshold" that you need to define to enable these features. More details can be found in the respective connector pages.

We also improved the Mandiant connector by providing an option to import aliases of malwares & improve campaigns import. Campaigns import improvement provide more details regarding TTPs (labels, relation with intrusion sets, start & stop time & addition of description). In essence, we’ve made sure that we import as much data as we can.

To list them all, here are all the new connectors delivered in the milestone: Jira, Infloblox, Cisco SMA, Group IB, Cofense. The detailed list of connectors & improvement is available here: ****https://github.com/OpenCTI-Platform/connectors/releases?page=1

On a finish note, we would like to thank you for your contributions 🙏 to our product, that helps making our product better: shmztk, Bonsai8863, Fhwang0926, ParamConstructor, VerboseCat, WolfByttner, brett-fitz, mmolenda, Mathieu4141, annoyingapt, DNRRomero, DinkoReversingLabs, pietrocapece, sari3l, bradchiappetta, debelyoo, uTomasAnderson, leitosama, XGREENi3, sudesh0sudesh, cert-orangecyberdefense, cmandich, obideuce, sda06407, Obdam, piolug93, daemitus, polakovicp, julienloizelet, khalidelborai, Renizmy, curiouspython1!

Of course, a huge thank you to all for your contributions 🥇

We hope this release will please you! Feel free to drop us a note about anything. We’re always happy to get feedback about our product usage, whether it’s to hear that everything works perfectly or to get some improvement ideas to.

Depreciation announcements

The RabbitMQ “push_sync...