Version 6.2.8

Enhancements:

• #7845 Be able to restrict delete if not in the technical creators for members of a group
• #7836 In the user history overview, display also logs related to this user
• #7831 Remove too many entities resolved error
• #7385 add support language korean into i18n code
• #7290 In groups, have an option to avoid creators accumulation for the members
• #5929 Be able to schedule the trigger of a playbook instead of react on some criterias

Bug Fixes:

• #7838 Work cleanup is not working anymore
• #7835 Organization segregation on System and Individual is not synced with other platforms
• #7834 Search keyword is omitted by automated refresh in user history / log
• #7833 Region map is not displaying anymore
• #7811 Selecting all indicators in the search deletes all indicators on the platform
• #7799 Applying marking definitions to entities in workbench remove the other entities
• #7659 [rss] rss feed issues
• #7541 In dashboard list widget, when displaying creators, it is clickable and leads to nowhere
• #7533 Bad performances to display members of a group with more than 20 members
• #7351 [Workbench] Existing AttackPattern appear as 'no' in 'already in platform' in the workbench
• #6947 When mandatory attributes are enabled in Report, importing data from CSV fails
• #6929 [RBAC - User] Information not updated after modification of Groups
• #6652 [Workbench] imported observables appear as 'no' in 'already in platform' in the workbench.

Pull Requests:

• [frontend] Narratives Lines views refacto (#6741) by @Gwendoline-FAVRE-FELIX in #7608
• [frontend] [RBAC - User] Information not updated after modification of Groups (#6929) by @SarahBocognano in #7782
• [frontend] add useOverviewLayoutCustomization hook (#6724) by @Goumies in #7732
• [CI] Add pip install requirement on client python (#7809) by @aHenryJard in #7810
• Replaced Creation Floating Action Buttons for Locations by @Bonsai8863 in #7261
• Replaced Creation Floating Action Buttons for Entities by @Bonsai8863 in #7260
• [backend] Add missing ordering by @lndrtrbn in #7816
• Replaced Creation Floating Action Buttons for Techniques by @Bonsai8863 in #7259
• Replaced Creation Floating Action Buttons for Arsenals by @Bonsai8863 in #7739
• Replaced Edit Floating Action Buttons for Cases by @Bonsai8863 in #7713
• Replaced Edit Floating Action Buttons for Locations by @Bonsai8863 in #7751
• [frontend] Applying marking definitions to entities in workbench fixes (#7799) by @Archidoit in #7807
• [frontend] add Korean translations (#7385) by @Fhwang0926 in #7803
• Bump ws from 7.5.9 to 7.5.10 in /opencti-platform/opencti-front by @dependabot in #7829
• [frontend] entities default value for existence checks in workbench (#7351) by @Archidoit in #7792
• [backend] get all report's properties when using csv mapper (#6947) by @frapuks in #7824
• [frontend] Fix miniMap (#7833) by @Kedae in #7841
• [backend] fix query to cleanup old work in connector manager (#7838) by @aHenryJard in #7840
• [backend/frontend] improve group and users display performance (#7533) by @SouadHadjiat in #7826

New Contributors:

• @Fhwang0926 made their first contribution in #7803

Full Changelog: 6.2.7...6.2.8

Version 6.2.7

Bug Fixes:

• #7771 The “select all” function does not take into account the search
• #7765 For software observables, in graphs, display the version in addition to the names in parenthesis to avoid wired behaviour
• #7754 Search not retaining data in GUI
• #7747 Duplicated channel type in Channel Line display
• #7727 Need to refresh to display new relations added to an indicator
• #7726 In Threats => Intrusion sets, when emptying the search it should come back to default sorting
• #7724 Error at vulnerabilities export when order by CVSS3 Severity
• #7723 Share button instead of Unshare in Bulk unshare pop-up
• #7718 Frontend crashes on organizations display as author graph view
• #7717 When displaying an organization or an individual as "author", right padding is not correct in knowledge
• #7709 Align the UX of the "Incident type" field in an incident
• #7693 Connectors list columns are not aligned correctly with headers
• #7647 Clickable mouse on filters in retention rules lines
• #7038 Upgrade Failure to 6.1.2 | Engine Unhandled Rejection

Pull Requests:

• [frontend] Apply bulk creation on other entities than Channels (#4352) by @lndrtrbn in #7711
• [frontend] improve content mapping and suggested mapping views (#7566) by @JeremyCloarec in #7664
• [frontend] Share button instead of Unshare in Bulk unshare pop-up (#7723) by @ValentinBouzinFiligran in #7757
• [backend] Add log on intialization to better understand failures (#7038) by @aHenryJard in #7707
• [frontend] Full refactor of overview to prepare future work (#6724) by @Kedae in #7758
• [frontend]fix list columns not aligned correctly(#7693) by @CelineSebe in #7769
• [frontend] The “select all” function does not take into account the search (#7771) by @ValentinBouzinFiligran in #7772
• [CI] On multi-repository build, client python version is not taken during api-tests (#7763) by @aHenryJard in #7768
• [frontend] Retain Search in UI for Indicator > Knowledge/Sightings (#7754) by @Archidoit in #7770
• [frontend] Need to refresh to display new relations added to an indicator (#7727) by @ValentinBouzinFiligran in #7759
• [frontend] reset order after search in lists (#7726) by @Archidoit in #7760
• [backend] For Software display the version in addition to the names i… by @ValentinBouzinFiligran in #7776

Full Changelog: 6.2.6...6.2.7

Version 6.2.6

Enhancements:

• #6600 Add option in deployment to disable the user interface

Bug Fixes:

• #7731 Not possible anymore to copy/paste an observable
• #7716 No count on observables in the right bar
• #7715 When removing an alias, the internal alias ID is removed but the same ID can be in the other STIX IDs (need to be purged)
• #7712 Inferred relationships are no longer considered “inferred” after the restoration of a deleted entity
• #7703 [Trigger filters] Modify the status of reports after validation of a worbench
• #7695 [Organization sharing] No button to share certain entities
• #7694 Sessions not correctly refreshed when a group is automatically granted to a new marking
• #7620 Domain observable with underscore is incorrectly rejected
• #7597 Blank space on the right for some relationships overviews
• #7586 [CSV ingester] credentials not taken into account when Basic auth
• #7561 Duplicate relations in Diamond model
• #7540 When using a list in dashboard widgets that is not clickable, pointer / behavior not correct
• #7521 Distribution list widget, number is not viewable
• #7391 Newly created marking definitions are not propagated to access control checks
• #7372 Need to refresh to take into account user max shareable markings after update
• #6408 [CSV Mapper] Missing "contains" relation in the representation

Pull Requests:

• [frontend] Fix contains field options in CSV mapper form (#6408) by @Goumies in #7689
• [frontend] When using a list in dashboard widgets that is not clickable, pointer / behavior not correct (#7540) by @SarahBocognano in #7686
• [frontend] Blank space on the right for some relationships overviews (#7597) by @SarahBocognano in #7690
• [frontend] Root file updated from JS to TS (#7500) by @ValentinBouzinFiligran in #7557
• Add option in deployment to disable the user interface (#6600) by @richard-julien in #7599
• [frontend] Distribution list widget, number is not viewable (#7521) by @SarahBocognano in #7699
• [frontend] Progress bar displayed when submitting Channels creation in bulk (#4352) by @lndrtrbn in #7675
• [backend] Domain observable with underscore is incorrectly rejected (#7620) by @SarahBocognano in #7701
• [frontend/backend] Manage authentication for csv feed (#7586) by @aHenryJard in #7710
• [frontend/backend] Refresh user cache when marking update (#7694) by @Kedae in #7714
• [frontend/backend] Support of "KEV" field for vulnerability entity (#7390) by @ValentinBouzinFiligran in #7646
• [frontend] Massive operations / checkboxes in Arsenal (Channels / Tools / Vulnerabilities) (#4234) by @Gwendoline-FAVRE-FELIX in #7633
• [frontend] Fix analyses graph view on entity displayed as author (#7718) by @Archidoit in #7721
• [frontend] incident type chip UX in incident overview (#7709) by @Archidoit in #7730
• [frontend] no pointer mouse on non editable filters (#7647) by @Archidoit in #7722
• [frontend] Fix useCopy (#7731) by @Kedae in #7734
• Replaced Creation Floating Action Buttons for Events by @Bonsai8863 in #7256
• FAB Replacement on container knowledge, entities, and observables tabs by @Bonsai8863 in #7274
• Replaced Creation Floating Action Buttons for Threats by @Bonsai8863 in #7258
• [backend] fixed inferred relations restoration when an entity is restored from trash (#7712) by @JeremyCloarec in #7733
• Replaced Creation Floating Action Buttons for Cases by @Bonsai8863 in #7157
• Replaced Creation Floating Action Buttons for Observations by @Bonsai8863 in #7257
• [backend] Add a graphql api to send stix bundle in the ingestion process (#7696) by @richard-julien in #7705
• [frontend] When displaying an organization or an individual as "author", right padding is not correct in knowledge (#7717) by @SarahBocognano in #7736
• [backend] fix export of vulnerabilities ordered by CVSS3 Severity (#7724) by @Archidoit in #7745
• [frontend/backend] Possibility to update workbench entity before validate it (#7703) by @lndrtrbn in #7735
• [frontend] channel types display in channel lines (#7747) by @Archidoit in #7750

Full Changelog: 6.2.5...6.2.6

Version 6.2.5

Enhancements:

• #7676 Remove TAXII 2.0 and 1.0 options from the UI
• #7654 Expand organizations segregation to System and Individual
• #7624 [Segragation by Org] User cannot share with other organizations under certain condition

Bug Fixes:

• #7645 Bottom toolbar content is not vertically centered
• #7630 Task dates are not correctly filled when navigating on a task
• #7523 Incorrect loader / placeholder in knowledge lists
• #7311 Domain name values should be case insensitive

Pull Requests:

• [backend] Domain name values should be case insensitive (#7311) by @SarahBocognano in #7677
• [frontend] Remove TAXII 2.0 and 1.0 options from the UI (#7676) by @ValentinBouzinFiligran in #7680
• [frontend] Bulk creation for Channel entity (#4352) by @lndrtrbn in #7655
• [backend/frontend] Expand organizations segregation to System and Individuals (#7654) by @SamuelHassine in #7684
• [frontend] Task dates are not correctly filled when navigating on a task (#7630) by @SarahBocognano in #7683
• [backend/frontend] Adapt platform to allow organization restriction only with capability (#7624) by @SamuelHassine in #7685
• Replaced Edit Floating Action Buttons for Analyses by @Bonsai8863 in #7032
• [frontend] Incorrect loader / placeholder in knowledge lists (#7523) by @SarahBocognano in #7687
• [frontend] Bottom toolbar content is not vertically centered (#7645) by @ValentinBouzinFiligran in #7673

Full Changelog: 6.2.4...6.2.5

Version 6.2.4

Enhancements:

• #7672 Add support for AWS Signature Version 4 for the OpenSearch client

Bug Fixes:

• #7670 Redefine best practices in our Docker images and fix errors when setting a user
• #7649 Missing translation in AI menu in content tab
• #7537 Clicking on a sighting in "origin of the case" in an IR case goes to the wrong place
• #7532 Bad alignement in knowledge graph loader
• #7528 Placeholders not aligned in status templates
• #7527 Placeholders not aligned in case templates (taxonomies)
• #7526 Placeholders not aligned in the roles list
• #7524 Placeholder not aligned in the groups loading
• #7445 Not editable filter in Knowledge tab of an entity
• #7403 Taxii current_state_cursor Bug
• #7401 Form Validation Behavior Discrepancy
• #7276 The year cannot be typed in a date filter
• #7036 [CSV Import] Failing import with kill chain phases and labels

Pull Requests:

• [frontend] Modifies autocomplete which causes form visual validation discrepancy by @ParamConstructor in #7437
• [backend] Next is not mandatory for taxii feed response (#7403) by @aHenryJard in #7619
• [backend] Test CSV bundler with Indicators with labels and kill chain phases by @Goumies in #7514
• [frontend] add missing translation to AI menu content tab(#7649) by @CelineSebe in #7667
• [frontend] Fix alignment of loader in knowledge graph(#7532) by @CelineSebe in #7663
• [frontend] The year cannot be typed in a date filter (#7276) by @SarahBocognano in #7668
• [frontend] fix sightings link in StixObjectsOrStixRelationships (#7537) by @JeremyCloarec in #7661
• [backend] Add support for AWS Signature Version 4 for OpenSearch by @Markus98 in #7636
• [frontend] contains filter in Knowledge > Related containers view (#7445) by @Archidoit in #7618
• [frontend] Placeholders not aligned in the roles list (#7526) by @SarahBocognano in #7575

New Contributors:

• @Markus98 made their first contribution in #7636

Full Changelog: 6.2.3...6.2.4

Version 6.2.3

Enhancements:

• #7631 Allow configuring Redis Sentinel options: failoverDetector, updateSentinels

Bug Fixes:

• #7638 Background task is also done on unselected entities
• #7625 [Export] Error when exporting "all selected" related entities of an entity
• #7577 UI problem : long name on linked entities
• #7565 [CSV Mapper] Not possible to add Kill chain phase to Uses relationships
• #7542 When editing a relationship from the overview of an entity, effect is not correct
• #7451 Unable to reset "Import from date" on a RSS Feed
• #7431 External reference URL are not properly validated during creation
• #7388 Mandatory External references are still on error when filled on creation form
• #7217 External reference not (re)created when using bundle and OpenCTIStix2.put_attribute_in_extension

Pull Requests:

• [backend] import from date not mandatory in Rss ingester (#7451) by @Archidoit in #7592
• [frontend] External reference URL are not properly validated during creation (#7431) by @SarahBocognano in #7593
• [backend] Ability to add relationship references in CSV mapper(#7565) by @CelineSebe in #7610
• [frontend] fix background task on unselected entities (#7638) by @Archidoit in #7639
• Revert "[backend/frontend] modify EntityStixCoreRelationshipsEntitiesComponent to list entities through relations (#6867)" by @SouadHadjiat in #7641
• [backend] allow configuring Redis Sentinel options: failoverDetector/updateSentinels (#7631) by @sbocahu in #7632
• [frontend] When editing a relationship from the overview of an entity, effect is not correct (#7542) by @ValentinBouzinFiligran in #7628

Full Changelog: 6.2.2...6.2.3

Version 6.2.2

Enhancements:

• #7581 Can't contextually create a malware analysis
• #7519 Marking chips are missing a tooltip for when text is truncated

Bug Fixes:

• #7603 Remove wrong label & tooltip in export popup
• #7600 Redis in single mode won't let user select DB
• #7591 The new loader should not be used at it is not ready
• #7587 [ExportFileCsv] Unable to choose user access filter for CSV feed when no English language is in use
• #7543 Inferred relationships cannot be shared with organization manually
• #7529 Incorrect space in the data / import section view between breadcrumb and content
• #7525 Incorrect placeholder in Security / Organizations list
• #7512 User not logged out when session is expires
• #7459 Invalid correlated cases when correlating an incident response with a request for information case
• #7447 In rules, panel is not correctly aligned
• #7383 Not possible to update a relation between a relation and an attack pattern
• #7346 Create Threat Actor Individual in workbench is converter to group

Pull Requests:

• [frontend] Incorrect space in the data / import section view between breadcrumb and content (#7529) by @SarahBocognano in #7585
• [frontend] correlated cases display in cases overview (#7459) by @Archidoit in #7579
• [frontend] In rules, panel is not correctly aligned (#7447) by @SarahBocognano in #7583
• Update dependency http-proxy-middleware to v3 by @renovate in #7140
• [frontend] Not possible to update a relation between a relation and an attack pattern (#7383) by @ValentinBouzinFiligran in #7578
• [frontend] add tooltips to marking chips (#7519) by @labo-flg in #7548
• [frontend] allow to create Malware-Analyses and Tasks from knowledge tab (#7581) by @labo-flg in #7590
• [frontend] remove wrong label & tooltip in export dialog (#7603) by @SouadHadjiat in #7604
• [frontend] Incorrect placeholder in Security / Organizations list (#7525) by @SarahBocognano in #7601
• [frontend] Fix toggle shift and Loader (#5405) by @Kedae in #7595
• [frontend] enable to share inferred relationships with organizations in ui (#7543) by @Archidoit in #7596
• [Frontend] Fix iddle logout (#7512) by @Kedae in #7550
• [frontend] Fix add threat actor individual in workbench (#7346) by @marieflorescontact in #7573
• [frontend] Fix Feed creation with authorized members (#7587) by @Kedae in #7613
• [ci] Fix e2e stix data and add extended error to CI (#7611) by @aHenryJard in #7612

Full Changelog: 6.2.1...6.2.2

Version 6.2.1

Enhancements:

• #7443 POC on Bulk creation of SDO/SCO with Copy/Pasting: bulk create relationship
• #6704 Test E2E of dashboards
• #6607 Change depending on the selected language
• #6606 Change page title when navigating across the platform

Bug Fixes:

• #7580 In light mode, history is not displayed correctly anymore
• #7562 Incorrect file name when exporting diamond model in PNG or PDF
• #7558 Issue on CI at e2e tests step
• #7545 Creating indicator from observable works, but the UI freezes and needs to be reloaded
• #7538 Add back unique colours to observables types in the observable view
• #7530 File indexing page is too slow to be production grade ready
• #7382 Artifact cannot be delete from trash if the referenced file is missing on S3
• #7344 Issue with public dashboard name and case sensitivity
• #7287 In Threat => Knowledge => Attack patterns: Still old style filters box
• #7215 [Bulk search] Sorting on the columns doesn't work
• #7214 [Bulk search] Odd behavior of the bulk search
• #7182 Sightings entity type column doesn't correspond to entity type filter
• #6922 Malware Analysis displayed as Unknown in relationship list widget
• #6870 Bulk update allow irrelevant actions
• #6865 Last created relationship with a relationship displayed as Unknown
• #6494 Labels display doesn't work
• #6074 The way to handle external ref is inconsistent

Pull Requests:

• Update opentelemetry-js monorepo by @renovate in #7466
• [frontend] E2E tests on Dashboard - chunk 2 (#6704) by @lndrtrbn in #7368
• [frontend] restore observable singular colors (#7538) by @labo-flg in #7551
• [Frontend] Fix labels list (#6494) by @Kedae in #7518
• [Frontend] Add new data tables & apply them in feature flag in addition to Cards views (#5405) by @Kedae in #7516
• [drone] remove python caching causing issue with playwright by @labo-flg in #7564
• [frontend] Fix [Bulk search] Sorting on the columns doesn't work (#7215) by @SarahBocognano in #7513
• [Frontend] Fix on columns (#5405) by @Kedae in #7560
• [frontend] New filters in Threat>Knowledge>Attack Patterns (#7287) by @Archidoit in #7492
• [frontend] score bulk update only authorized on entity types with score (#6870) by @Archidoit in #7549
• [frontend] fix duplicates in Bulk Search (#7214) by @Archidoit in #7552
• [backend/frontend] Issue with public dashboard name and case sensitivity (#7344) by @SarahBocognano in #7554
• [frontend] Creating indicator from observable works, but the UI freezes and needs to be reloaded (#7545) by @ValentinBouzinFiligran in #7567
• [frontend] Bulk create relationship in container context (#7443) by @ValentinBouzinFiligran in #7242
• [frontend] simple stix object relationship fragment update (#6865) by @ValentinBouzinFiligran in #7472
• [backend] improve file indexing metrics performance (#7530) by @SouadHadjiat in #7556
• [frontend] Initial approach to dynamic update of Title and Language for pages by @ParamConstructor in #7374
• [frontend/backend] source and target filters for sightings (#7182) by @Archidoit in #7563
• [backend/frontend] Update on data tables columns (#5405) by @Kedae in #7576
• [frontend] Malware Analysis displayed as Unknown in relationship list widget (#6922) by @ValentinBouzinFiligran in #7553
• [frontend] Fix colors (#7580) by @Kedae in #7584
• [frontend] fix handling of references enforcment in containers by @JeremyCloarec in #6727

Full Changelog: 6.2.0...6.2.1

Version 6.2.0

Dear community, we're excited to announce the launch of OpenCTI 6.2! 🥳This update focuses on three main use cases: improving the platform usability to reduce analyst fatigue, aiding administrators in managing the application, and enhancing customization to cater to your needs.

In Cyber Threat Intelligence, there are a lot of ways to display and analyse characteristics of a threat, phase of attacks, and so on. Among them, the Diamond Model is a well known and useful analytic framework, but one that can be hard to harness and produce. OpenCTI 6.2 introduces an automatically generated Diamond Model for each Threats in the platform and each Incidents! 💎 This new view, accessible in the Knowledge tab of the entity, is based on all the knowle7dge accumulated around it. No manual work is required here and you can focus your precious time on analyzing the subject through the Diamond Model analytical framework! 🧠

Extracting structured knowledge from documents is a tedious and time-consuming task. Therefore, we've moved the content mapping to the content section for logical consistency and have improved the UX to be clearer and simpler to use. It is now available for all containers. 🤩 We've also added an auto-saving of the content, eliminating the need to manually save your work. 💾 Note that this auto-saving is not implemented for files you modify here, at the moment.
To further ease the process of mapping each entity within text content, we've introduced automatic mapping! This feature will recognize entities that already exist on your platform. Currently, there is no magic. Mapping suggestion are based on the current capability of the ImportDocument connector (used also when you generate an Analyst Workbench from the import of a file) and there is still noise created. This is our first step towards an AI-assisted (NLP) automatic mapping that will ensure smarter extraction and less noise! 🪄

In OpenCTI 6.2, we've also made it possible to automate the creation of Analyst Workbenches for External Reference coming from a specific source. For example, it can be used to automatically create an Analyst Workbench for Reports coming from an RSS feed, automating the ingestion process while ensuring data correctness. The RSS feed triggers the external ref connector, which triggers the import document, resulting in workbenches created for each new incoming report. 💯

For our Entreprise Edition users, we have also enhanced “Ask AI” functionality: it can now leverage files uploaded from External References! 💡

Talking about ingestion, we've enhanced the CSV feed ingestion with a feature that uses the default value set in your CSV mapper to populate the marking. This simplifies data classification control and ensures that only users with sufficient marking can access data imported from CSV feeds.

On the administrative side, the Role-Based Access Control (RBAC) capabilities have been reworked to allow administrators to manage access in a more granular way. This long awaited feature will help administrators to better control who has access to what. Each menus of the Settings are now linked to a specific Capability and now an administrator can grant management of labels to a user without granting them the ability to change the interface. 🔒
We've also introduced a new "Access security activity" capability that allows to see logs related to security related events. Without this capability, a user can only view events related to modification and access of Knowledge entities.

Some sources provide Reports containing Observables for characterizing potentially malicious events. Based on that, analyst can decide these technical elements are characteristic of an attack and want to send them for further security actions (detection for example). Best practice is to send Indicators, not Observables. With OpenCTI 6.2, it is now possible to easily add Indicators related to the contained Observables when you promote these Observables via massive operations’ toolbar! 🔥

Sharing has also been improved! Now, you can also decide whether relationships created from inference rules should be shared in the TAXII collection when creating a new one. Additionally, 6.2 introduces the ability to use Organization sharing through massive operations directly! Now, you can simply select all entities you want to share with a specific Organization and click on 'share' ! 🥰

In terms of integration, administrators can now clear the queue of a connector if it gets stuck, enhancing performance management.

The Crowdstrike Feed connector has been improved to use FalconPy library when importing Threats, Reports, and also YARA and SNORT rules! Community members brought also a lot of value with the development of connectors for Red Flag Domains (external-import), ShadowServer foundation (external-import) and ReversingLabs (internal-enrichment). The Zerofox connector has also been improved! Thanks a lot! ♥️

We're eager for your feedback on these enhancements!

⚠️ Breaking changes

Since OpenCTI version 6.2 there is an upgrade of passport-saml library that implies that for platform using SAML provider:

• Document signatures are now required by default. Setting wantAuthenResponseSigned=false disables this feature and restores the prior, less secure behavior
• Require all assertions be signed; new option wantAssertionsSigned can be set to false to enabled the older, less secure behavior.

It means that if it’s not already done, you should generate certificates and configure the SAML identity provider in a secure way. Or else in OpenCTI configuration parameters want_authn_response_signed and/or want_assertions_signed can be set to false:

• PROVIDERS__SAML__CONFIG__WANT_AUTHN_RESPONSE_SIGNED=false
• PROVIDERS__SAML__CONFIG__WANT_ASSERTIONS_SIGNED=false

Please read the passport-saml detailed changelog for more details.

Enhancements:

• #6836 Ensure the valid_until date on Indicators is set to a greater value than valid_from when empty (compliance with STIX 2.1)
• #6171 Ability to add indicator generated from the observables of a container in the container
• #5550 Split capabilities to create labels / marking etc & update other capabilities to provide more clarity in RBAC
• #5651 Content tab: Refactor & Add content tab in multiple entities
• #6803 Content Tab: Auto Map content mapping & Create relation
• #6836 In CSV Feed Ingester, take into account Default Marking definition options from CSV Mapper
• #7467 Need more information at error level when a file cannot be download from S3
• #6506 Upgrade saml-passport version to major 4.0.0 (4.0.4)
• #7278 In the user overview, be able view all activities (read, etc.) in Operations / History
• #7333 Infer usage of parent techniques
• #5371 Have a workbench created automatically from RSS Feed
• #5304 Introduce diamond model view
• #7069 Share the result of inferrence rules in TAXII collections
• #3781 Add a button to clear the queue of a specific connector
• #6826 Leverage external ref's files with GenAI functions at entity level

Bug Fixes:

• #7419 [CSV Mapper] Not possible to add labels to URL representation
• #6887 [UI] light mode: csv mapper test result is hardly readable
• #7114 [Playbook] Manipulating knowledge by replacing status does not work on all entities
• #7494 First Seen seems to be auto populating with Dec/1969 on record creates via frontend
• #7430 In Content tab of containers, when selecting "main content", it is displayed "No file selected" on the bottom
• #7310 When merging 2 entities, the "result marking" displayed is always none
• #7488 Reject unauthorized is not taken into account in proxy configuration
• #7268 Unecessary error message at sighting edition
• #7265 [Bulk Update] Revoked field not set after bulk edit of score
• #7191 Lifecycle of an indicator is not updated when changing the score from a report "Entities" page
• #6287 [CSV Mapper] External reference creation
• #7174 Search keyword not taken into account for stix core relationships exports
• #7442 Knowledge entity list is not automatica...

Version 6.1.13

Bug Fixes:

• #7486 MIME type in uploaded artifacts is not correct and lead to multiple errors
• #7484 In some old instances, we have representative (main / secondary) indexed which leads to issues
• #7473 Reset clear queue has broken access to connectors that have vhost
• #7460 Connector cannot be displayed in production
• #7452 The search in the activity of a user does not work anymore
• #7434 Bad .docx file upload at artifact creation

Full Changelog: 6.1.12...6.1.13