OpenCTI 5.3.0 is here!
⚠️ Be careful, as mentioned in the main OpenCTI release note, the History Connector has been deprecated and replaced by a core component. This one must be removed from the stack before upgrading.
Enhancements:
- #687 [Splunk] Miltiple Splunk instances configuration and threads
- #686 OpenCTI - Connector for CISA "KNOWN EXPLOITED VULNERABILITIES CATALOG"
- #678 [Internal Import Document] Automatically add report to the data menu
- #589 New IOCs Connector to implement inside OpenCTI
- #332 [Github CyberMonitor] Create the connector
- #287 [Tanium] Implement reputation expiration
- #344 [MITRE] Common Attack Pattern Enumeration and Classification (CAPEC™) 3.2 connector
- #24 [VirusTotal Hunting] Create the connector
Bug Fixes:
- #685 OpenCTI Mandiant Connector
- #649 [Splunk] Connector failed TypeError: can only concatenate str (not "Event") to str
- #492 [AMITT] The web page for this connector doesn't show the "in progress works" bars correctly
- #435 [Splunk] The connector cannot import all the fields and intel automatically
Pull Requests:
- [kaspersky] switch some logs to debug to reduce verbosity by @axelfahy in #654
- [import-document] Performance improvement on graphql queries by @fscc-samiR in #659
- [import-document] Adding support for markdown documents. Fixes #669 by @fscc-samiR in #672
- [export-report-pdf] Handle IntrusionSet Entitities by @YungBinary in #668
- [external-import][lastinfosec] Add CVE feed and Tactic Feed by @remydewa in #666
- [external-import] Add SentinelOne Threats Connector by @YungBinary in #667
Full Changelog: 5.2.4...5.3.0