Version 5.9.3

Enhancements:

• #3765 TAXII filter: "spec_version", Unsupported parameters provided
• #3022 Add global trimming string when preparing data for ingestion

Bug Fixes:

• #3788 Rendering TA / IS / malware cards can lead to huge Elastic / OpenSearch memory consumption
• #3787 Number of containers leads to list display delays (search, entities in container, etc.)
• #3778 obserables show only 25 realtions
• #3776 Relationships break negative filtering in a stream

Pull Requests:

• Update dependency formik to v2.4.2 by @renovate in #3684
• Update dependency @opensearch-project/opensearch to v2.3.0 by @renovate in #3768
• Update dependency eslint-config-airbnb-typescript to v17.1.0 by @renovate in #3769
• [backend] Add global trimming string when preparing data for ingestion (#3022) by @richard-julien in #3767
• Update dependency jsonpatch to v1.33 by @renovate in #3770
• [backend] Remove key testing to includes not-eq resolution (#3776) by @SamuelHassine in #3786

Full Changelog: 5.9.2...5.9.3

Version 5.9.2

Bug Fixes:

• #3760 Radar loading is breaking display
• #3759 Graph view is broken in containers

Pull Requests:

• [frontend] Add missing import by @RomuDeuxfois in #3756
• Update dependency semver to v7.5.4 by @renovate in #3755
• Update dependency graphql-scalars to v1.22.2 by @renovate in #3754
• [backend] Fix relationship of threat actors (#issue/3730) by @SarahBocognano in #3758
• Update dependency esbuild to v0.18.12 by @renovate in #3761
• Update dependency tap to v16.3.7 by @renovate in #3762
• Update dependency tough-cookie to v4.1.3 by @renovate in #3763

Full Changelog: 5.9.1...5.9.2

Version 5.9.1

Enhancements:

• #3598 Bulk search does not return values from "x_opencti_additional_names" field
• #3194 Add a new relationship "Domain-Name" belongs-to "Identity" (WHOIS)

Bug Fixes:

• #3730 No relations possible between Group-Group, neither between Individual-Individual
• #3716 Knowledge graph filters alignment for containers
• #3714 In Container => Observables, when shift + select, copy / paste not working
• #3713 Shift + check a box is not working anymore in lists of entities / observables in containers

Pull Requests:

• Update dependency @ckeditor/ckeditor5-dev-translations to v38.1.1 by @renovate in #3709
• Update opentelemetry-js monorepo by @renovate in #3711
• Update typescript-eslint monorepo to v5.62.0 by @renovate in #3712
• [backend] Fix unusable filters by @Kedae in #3717
• Update dependency fast-glob to v3.3.0 by @renovate in #3708
• Update dependency @ckeditor/ckeditor5-dev-utils to v38.1.1 by @renovate in #3710
• Update redis Docker tag to v7.0.12 by @renovate in #3728
• Update dependency @ckeditor/ckeditor5-alignment to v38.1.1 by @renovate in #3726
• [backend/frontend] Add relations between entities by @yassine-ouaamou in #3715
• Update dependency @ckeditor/ckeditor5-autoformat to v38.1.1 by @renovate in #3727
• Update aws-sdk-js-v3 monorepo to v3.369.0 by @renovate in #3725
• Update dependency @ckeditor/ckeditor5-basic-styles to v38.1.1 by @renovate in #3731
• Update dependency @ckeditor/ckeditor5-block-quote to v38.1.1 by @renovate in #3732
• Update dependency @ckeditor/ckeditor5-code-block to v38.1.1 by @renovate in #3733
• Update dependency @ckeditor/ckeditor5-editor-classic to v38.1.1 by @renovate in #3734
• Update dependency @ckeditor/ckeditor5-essentials to v38.1.1 by @renovate in #3735
• Update dependency @ckeditor/ckeditor5-source-editing to v38.1.1 by @renovate in #3736
• Update dependency @ckeditor/ckeditor5-special-characters to v38.1.1 by @renovate in #3737
• Update dependency @ckeditor/ckeditor5-table to v38.1.1 by @renovate in #3738
• Update dependency @ckeditor/ckeditor5-upload to v38.1.1 by @renovate in #3740
• Update dependency @ckeditor/ckeditor5-theme-lark to v38.1.1 by @renovate in #3739
• Update dependency @ckeditor/ckeditor5-remove-format to v38.1.1 by @renovate in #3753
• Update dependency @ckeditor/ckeditor5-font to v38.1.1 by @renovate in #3741
• Update dependency @ckeditor/ckeditor5-heading to v38.1.1 by @renovate in #3742
• Update dependency @ckeditor/ckeditor5-highlight to v38.1.1 by @renovate in #3743
• Update dependency @ckeditor/ckeditor5-horizontal-line to v38.1.1 by @renovate in #3744
• Update dependency @ckeditor/ckeditor5-image to v38.1.1 by @renovate in #3745
• Update dependency @ckeditor/ckeditor5-indent to v38.1.1 by @renovate in #3746
• Update dependency @ckeditor/ckeditor5-link to v38.1.1 by @renovate in #3747
• Update dependency @ckeditor/ckeditor5-list to v38.1.1 by @renovate in #3748
• Update dependency @ckeditor/ckeditor5-media-embed to v38.1.1 by @renovate in #3749
• Update dependency @ckeditor/ckeditor5-mention to v38.1.1 - autoclosed by @renovate in #3750
• Update dependency @ckeditor/ckeditor5-paragraph to v38.1.1 by @renovate in #3751
• Update dependency @ckeditor/ckeditor5-paste-from-office to v38.1.1 by @renovate in #3752

Full Changelog: 5.9.0...5.9.1

Version 5.9.0

Dear community, OpenCTI 5.9.0 has been released 🥳! This new major version is full of new features and enhancements 🎉. First of all, it is now possible to customize the experience of groups, defining default dashboards and default notifications triggers for each of them 🎨. Also, users with the proper permissions are able to create custom widgets and custom statistics based on the audit log and activity monitoring as well as create notifications triggers based on this activity in the settings of the platform 📊.

A new icon has been added in the overview of entities to be able to quickly subscribe to any new activity regarding this entity (new reports, relationships, etc.) 📡. Furthermore, the opinion custom vocabulary is now supported in all opinion radars and threat actors have been divided into two sub entities: groups and individuals 🔥. Investigations can now be downloaded as a STIX report and re-imported anywhere. In the future, it will be possible to turn an investigation into a report (and vice-versa) 📥.

Last but not least, it is now possible to create platform announcements, add custom headers / footers but also create analyst workbenches directly in the entity data tab 💬. Moreover, if you start a new OpenCTI platform from 5.9.0, the ElasticSearch / OpenSearch rollover policies to optimize indices size is now automatically created and enabled 🪄.

Enhancements:

• #3622 Create rollover / ILM ElasticSearch policies by default at init
• #3605 Added Customizable Header/Footer banner and Idle Time Screen Masking
• #3595 Add a search field in the members' list of an Organization/Group Overview in Settings
• #3587 Users should not be able to express multiple opinions on the same Entity, only update it
• #3520 In Settings, be able to display and manage triggers & digests for groups / organizations
• #3504 Added Customizable Header/Footer banner and Idle Time Screen Masking then Logout
• #3188 Be able to create an analyst workbench from an entity
• #3180 Add participants in addition to assignees everywhere
• #3166 Split threat actors into 2 sub types
• #3163 Be able to define default dashboards in groups / organizations
• #3162 For administrators, be able to create triggers and digests on user activity
• #3159 Collect reader feedbacks
• #3003 Make the platform supports opinion custom vocab / scale
• #2853 Add "quick subscription" icon on top right of somes entities
• #2564 Clickable column "number of reports"
• #2551 Events/Incidents/Knowledge/Observables. Add a label filter.
• #2514 Advanced statistics and grouping on user analytics
• #2508 Be able to create platform announcement (with dissmiss feature)
• #1374 Export investigation in JSON or CSV format

Bug Fixes:

• #3635 Error at creation of a threat actor in a knowledge section
• #3628 Error at attack pattern creation
• #3620 Vocab management does not work as expect
• #3613 Sorting by type in the Analysis tab of Threat Actor display an error
• #3611 In settings, when clicking the first time on the "hidden entities", re-render and force to reclick
• #3610 External reference no longer accept file upload
• #3609 Entering a case template triggers a full render
• #3607 Webpage reloaded when clicking on the update icon of an Observable of type File
• #3606 References appear Unknown in Malware->Knowledge->Timeline
• #3604 New cards layout is slow to display and can lead to Elastic errors
• #3596 When listing reports, only 200 objects appear in the results

Pull Requests:

• [frontend/backend] Add triggers management in Group overview settings (#3520) by @marieflorescontact in #3567
• [frontend] Create analyst workbench from an entity (#3188) by @helene-nguyen in #3563
• [frontend/backend] Added Customizable Header/Footer banner and Idle Time Screen Masking then Logout by @ParamConstructor in #3302
• [frontend/backend] Add "quick subscription" icon on top right of somes entities (#2853) by @Archidoit in #3144
• [frontend] avoid re-render when click in the settings hidden entity types list (#3611) by @Archidoit in #3612
• [backend/frontend] add organization management in the Security section (#3520) by @yassine-ouaamou in #3576
• [frontend] avoid re-render on case template (#3609) by @RomuDeuxfois in #3615
• [backend/frontend] Add a broadcast message in administration (#2508) by @RomuDeuxfois in #3569
• [frontend/backend] Dashboard persistance and update in server (#issue/3163) by @tommychat in #3577
• [backend/frontend] Export investigation in JSON as STIX report (#1374) by @SouadHadjiat in #3599
• Fix settings message banner display by @RomuDeuxfois in #3618
• [backend/frontend] Renaming Threat-Actor into Threat-Actor-Group (#issue/3166) by @SarahBocognano in #3583
• [backend] Implement rollover policies at initialization (#3622) by @SamuelHassine in #3623
• Introduce threat actor individual by @richard-julien in #3624
• [backend/frontend] Advanced statistics and grouping on user analytics (#2514) by @SamuelHassine in #3630
• [frontend] fix error at attack pattern creation (#3628) by @Archidoit in #3629
• [frontend/backend] Add triggers management in Organizations overview settings screen (#3520) by @marieflorescontact in #3601
• [frontend/backend] Allow color customization for banner messages (#2508) by @Kedae in #3621
• [backend/frontend] Add participants to cases and other entities(#3180) by @yassine-ouaamou in #3627
• Make the platform supports opinion custom vocab / scale (#3003) by @RomuDeuxfois in #3602
• [frontend/backend] Add default dashboards in group and organizations by @Kedae in #3638
• [backend] Adapt update to use element _index by @richard-julien in #3636
• [frontend/bug] Error at creation of a threat actor in a knowledge section (#issue/3635) by @SarahBocognano in #3639
• [frontend] Fix on trigger line (#3520) by @Kedae in #3640
• Members and triggers in Group/User/Orga overview should be sortable and searchable (#3595) by @Archidoit in #3626
• Update aws-sdk-js-v3 monorepo by @renovate in #3564
• Update dependency winston to v3.9.0 by @renovate in #3502
• Update dependency @ckeditor/ckeditor5-alignment to v38.1.0 by @renovate in #3644
• Update dependency @ckeditor/ckeditor5-autoformat to v38.1.0 by @renovate in #3645
• Update dependency @ckeditor/ckeditor5-block-quote to v38.1.0 by @renovate in #3647
• Update dependency @ckeditor/ckeditor5-basic-styles to v38.1.0 by @renovate in #3646
• Update dependency @ckeditor/ckeditor5-code-block to v38.1.0 by @renovate in #3648
• Update dependency @ckeditor/ckeditor5-editor-classic to v38.1.0 by @renovate in #3649
• Update d...

Version 5.8.7

Enhancements:

• #3592 Take into account the selected text in the creation of observables

Bug Fixes:

• #3593 Timeseries by day (widget) is displaying too many point on x-axis
• #3591 Mapping on entities does not work when creating an observable on the fly
• #3590 On-the-fly creation when adding entities to container is broken is some cases

Full Changelog: 5.8.6...5.8.7

Version 5.8.6

No changelog for this release.

Full Changelog: 5.8.5...5.8.6

Version 5.8.5

Bug Fixes:

• #3578 Listing with search criteria prevent pagination usage with cursor

Pull Requests:

• [backend] Listing with search criteria prevent pagination usage with cursor (#3578) by @richard-julien in #3579

Full Changelog: 5.8.4...5.8.5

Version 5.8.4

Enhancements:

• #3561 Add "Description" Field to Update Entities
• #3492 Prevent the deletion of entities by mistake from the "Entities" view of Containers
• #3481 Warning popup before browsing a link

Bug Fixes:

• #3572 External references and tasks not removed when delete in entities

Pull Requests:

• [frontend] Warning popup before browsing a link (3481) by @Archidoit in #3482

Full Changelog: 5.8.3...5.8.4

Version 5.8.3

Enhancements:

• #3565 Display T-number ID (or CAPEC ID) of Attack pattern in the "Add Entities" screen
• #3550 In widgets, when displaying timeseries by month, change the format of the X label (year / month / etc.)
• #3549 Be able to customize the top N (current 10) of distribution widgets

Bug Fixes:

• #3557 Notes appear Unknown in Reports-->Entities
• #3555 Notifications improvement
• #3553 Overview of knowledge is broken when assigning someone

Pull Requests:

• [frontend] display Notes abstract in Reports-->Entities (#3557) by @Archidoit in #3559
• [frontend] notifications improvement and bug fix (#3555) by @Archidoit in #3558
• Update dependency esbuild to v0.18.6 by @renovate in #3501

Full Changelog: 5.8.2...5.8.3

Version 5.8.2

Bug Fixes:

• #3552 Export of bulk search is broken

Full Changelog: 5.8.1...5.8.2