Skip to content

Version 4.2.0

Compare
Choose a tag to compare
@SamuelHassine SamuelHassine released this 11 Feb 14:37
· 5488 commits to master since this release

🎀 Dear community, we are thrilled to announce the release of OpenCTI version 4.2.0 πŸ’! This release introduces major new features and you may have noted that we have closed the Github issue #2 πŸ˜‚

Foremost, we have reached a new very important milestone in our strategic roadmap 🎯, which was the implementation of what we call the "data segregation" πŸ’‘. OpenCTI is now one of the few knowledge and intelligence products which implement proper isolation of accesses to entities and relationships πŸ€”: you can assign specific marking definitions to a group. The users of this group will only see things that are not above the defined marking(s)πŸ”₯.

⚠️ If you have non-administrator accounts in your current platform, you have to create a group, then add all users in it and adjust marking definitions to give access to the data.

Then, we are very happy to release the first intelligent background processing in the platform 🧠, with the automatic management of the indicators life-cycle. Indeed, all expired indicators (valid_until < now) are now automatically revoked. This allows future integrations with SIEMs and EDRs to benefit from out-of-the-box life-cycle management πŸŽ€.

Last but not least, advanced search and logical operators in all filters have been implemented to allow for instance users to display entities based on several tags (tag1 OR tag2 OR ...) πŸ”Ž.

Our main focus in the next coming weeks is to build new integrations, connectors and use cases to let everyone to familiarize with these new features 🦸.

Enhancements:

  • #1069 File Observables with no Hash Create their own Hash
  • #1059 Issue : The platform does not accept derived from relation between 2 indicators
  • #1043 Do not index indicates relationships in entities
  • #955 Management of indicators lifecycle
  • #733 Search Attributes
  • #543 Implement tag cumulation
  • #438 Enhance global and local search
  • #2 Integrate the MarkingDefinition restriction to domains queries (aka data segregation)

Bug Fixes:

  • #1070 Indicator Toggle when Creating File Observable doesn't Generate an Indicator
  • #1057 Error importing a new entitie "Location" via pycti on versions 4.1.0/4.1.1
  • #1056 Custom colors of marking definitions not displayed everywhere
  • #1055 Display of images fails.