Enhancements:
- #2947 [QRadar] Forward offenses from QRadar into OpenCTI as incidents
- #2923 [Connectors] Add linter check for no generation id stix, no value parameter and unused import in Circle CI
- #2298 Split logics for Microsoft Sentinel / Tanium Threat Response / HarfangLabs between Stream & Import
Bug Fixes:
- #2958 [Crowdstrike] Ingestion take too much time: state is not updated properly
- #2879 [splunk] Entrypoint refers to qradar directory
- #2867 [Flashpoint] Error occurs after some time running the connector
- #2816 [Mandiant]: Map Mandiant score to our score attribute on indicator
- #2803 [Flashpoint] Errors while adding the connector
- #2765 [Crowdstrike] Observable entities in reports are not imported
- #2811 Enrichment connectors called too early for artifacts
- #2700 [YARA] The YARA connector attempts to scan an artifact before the malwarebazaar-recent-additions connector finishes uploading the file
- #2546 [Yara Scan] Several problem
Pull Requests:
- Update dependency google-auth to v2.36.0 by @renovate in #2922
- [Template] Fixed condition and work id by @annoyingapt in #2935
- Update dependency PyGithub to v2.5.0 by @renovate in #2921
- Update dependency regex to v2024.11.6 by @renovate in #2934
- Update dependency packaging to v24.2 by @renovate in #2942
- Update dependency wheel to v0.45.0 by @renovate in #2943
- [Connectors] Add linter check for no generation id stix, no value parameter and unused import in Circle CI by @helene-nguyen in #2948
- [Mandiant] Add Mandiant score to IOC instead of confidence by @helene-nguyen in #2944
- Update dependency google-api-core to v2.23.0 by @renovate in #2950
- Update dependency Titan-Client to v1.20.0.4 by @renovate in #2951
- [Connectors] Revert docker_layer_caching by @helene-nguyen in #2937
- [Harfanglab Incidents] Create an external import connector by @Powlinett in #2877
- [FLASHPOINT] Deprecate malware and APT mport options by @flavienSindou in #2874
- [Flashpoint] Fix KeyError "site_source_uri" by @Powlinett in #2919
- Update dependency googleapis-common-protos to v1.66.0 by @renovate in #2955
- Update dependency boto3 to v1.35.59 by @renovate in #2954
- [Crowdstrike] Decrease limit max to retrieve IOCs + update documentation by @helene-nguyen in #2959
- Update dependency google-api-python-client to v2.153.0 by @renovate in #2961
- Update dependency pycti to v6.3.11 by @renovate in #2962
- Update dependency boto3 to v1.35.62 by @renovate in #2963
- [Connectors] Re add base linter to Circle CI by @helene-nguyen in #2970
- [Crowdstrike] Handle IOCs to be added in the report while importing the report by @helene-nguyen in #2969
- [Yara] Quick Fix for artefact recovery by @Megafredo in #2876
Full Changelog: 6.3.11...6.3.12