Enhancements:
- #798 [URLScan] Add the connector
- #790 [AbuseIPDB IP Blacklist] Create the connector
- #788 [Maltiverse] Create the connector
- #787 [mwdb] Create the connector
- #786 [Citalid] Create the connector
- #785 [Orange Cybedefense] Create the connector
- #784 [Splunk] Parse STIX patterns before sending
- #767 [ExportFileCSV] Can the connector use comma instead of semicolon as the column separator?
- #754 [ImportDocument] Modify default country resolution (no aliases)
- #751 [Alienvault] Filter indicator by created option
- #748 [Intel 471] Create the connector
- #749 [Splunk] Take into account the timestamp timezone
- #747 [TAXII2 Client] Be able to choose create observables / indicators
- #742 [TAXII Client] Be able to put client certificate
- #722 [Mandiant] The connector should use report endpoint with STIX and PDF accept headers
- #721 CISA Connector : Time Interval variable correction
- #793 Unable to import indicators in to an Incident
- #680 [MISP] MISP_REPORT_CLASS option should be MISP_REPORT_TYPE
- #655 [VirusTotal] Expand enrichment to IP, Domain, URL Indicators
- #650 [MITRE Datasets]Migrate to STIX 2.1
- #612 [MISP JSON Feeds] Create the connector
- #490 [Hatching Triage] Create the connector
Bug Fixes:
- #803 cyber-campaign-collection infinite looping the import
- #799 [mandiant] Running the connector for the first time results in wrong epoch when trying to get reports
- #794 [MISP] null state fills rabbitmq
- #771 [ExportFileTxt]Some entities cannot be exported by the "ExportFileTxt", but can be exported by the "ExportFileCsv" and "ExportFileStix"
- #740 [Mandiant] Receiving API HTTP 400 errors
- #731 [CrowdStrike] Update will produce only internal modifications
- #724 [Elastic Security] Update connector to use a valid state initialization
- #633 [Elastic Security] Connector fails to launch
Pull Requests:
- Update docker-compose.yml by @cvdsouza in #720
- SOC Prime external-import connector update by @vu-socprime in #729
- [virustotal] fix created_by and refactoring by @axelfahy in #730
- Adding variable Start Date for NVD CVE Feeds by @ReadyElbow in #726
- [virustotal] add external reference to virustotal website by @axelfahy in #732
- Add maltiverse connector by @jlopezzarza in #735
- Add Intel 471 connector by @mmolenda in #737
- Add CI to connector-maltiverse by @jlopezzarza in #741
- Fixes #752 - Update and correct import-external-reference readme by @mattseymour in #768
- Update sekoia.py by @cyrilyxe in #783
- [external-import] Break loop if run and terminate is enabled by @rlynch-ironnet in #762
- Updating Mandiant connector to collect reports by @TheImmigrant in #774
- [riskiq/malpedia] use logger of OpenCTIConnectorHelper for clients by @axelfahy in #761
- [Elastic-stream] Fixing some issue related to the index stream in Elastic stream connector [MWDB-external_import] added a new connector by @aaarghhh in #727
- Abuseipdb ipblacklist import by @eladent in #789
- [urlscan] Implement connector by @rlynch-ironnet in #764
- [MWDB-external_import] Added MWDB to CircleCI by @aaarghhh in #796
- [urlscan] remove corp internal hygiene by @rlynch-ironnet in #800
- [shodan-idb] Shodan InternetDB connector by @rlynch-ironnet in #797
- [alienvault] Filter indicators based on created date, logging by @rlynch-ironnet in #765
- CISA Known Exploited Vulnerabilities by @TechBurn0ut in #795
- Bug - looping the date by @symsal in #801
New Contributors:
- @cvdsouza made their first contribution in #720
- @ReadyElbow made their first contribution in #726
- @jlopezzarza made their first contribution in #735
- @mmolenda made their first contribution in #737
- @cyrilyxe made their first contribution in #783
- @rlynch-ironnet made their first contribution in #762
- @TheImmigrant made their first contribution in #774
- @aaarghhh made their first contribution in #727
- @eladent made their first contribution in #789
- @TechBurn0ut made their first contribution in #795
- @symsal made their first contribution in #801
Full Changelog: 5.3.7...5.3.8