Enhancements:
- #5174 [Microsoft Sentinel Intel] Batch processing of stream events and batch uploading
- #5248 [vx-vault] Migrate connector to connector manager supported
- #5922 [Google TI] Map "alt_names_details" to Campaign aliases
- #6103 [Google TI] Import Vulnerability summary/analysis into description
- #6105 [Google TI] Map Vulnerability source references to external_references
- #6107 [team-cymru-scout-search] Support Scout pattern enrichment for TEXT indicators
- #6212 [USTA] New External Import connector for USTA PRODAFT platform
- #6220 [Accenture-CTI] Convert threat actors to intrusion sets
- #6230 [ci] Auto-add "solved" label and correct milestone when PR is merged
Bug Fixes:
- #5749 [Recorded Future] Create Threat Actor instead of Intrusion Set
- #5762 [Google TI] Remove improper MITRE ATT&CK external reference generation
- #6099 [Google TI] Malware first_seen/last_seen always null due to field name mismatch
- #6183 [microsoft-sentinel-incidents] TypeError in detect_ip_version
- #6194 [Tenable Vuln Management] Missing device_type and invalid NetBIOS hostname cause findings to be dropped
- #6226 [s3/connectors-sdk] Note.generate_id does not include abstract, causing duplicate errors
- #6228 [Luminar] Fix auth token issue
Pull Requests:
- [VXVault] Migrate connector to manager-supported mode by @jabesq in #6175
- [google-dtm]: Create a connector for Google Digital Threat Monitoring by @romain-filigran in #5677
- [tool] chore(deps): Update dependency requests to ~=2.33.0 [SECURITY] by @renovate[bot] in #6196
- [Recorded Future] Create Threat Actor instead of Intrusion Set #5749 by @Kakudou in #6111
- [ESET] Update manifest by @maximerafaillac in #6187
- [microsoft-sentinel-incidents] Skip ip when no address by @throuxel in #6185
- [tenable-vuln-management] Fix pydantic models by @Powlinett in #6203
- [USTA] New External Import Connector by @p-osman in #6043
- [accenture-cti] Convert TA to IS (#6220) by @SamuelHassine in #6221
- [team-cymru-scout-search] Support Scout pattern enrichment for TEXT indicators by @mitchm101 in #5686
- [VX Vault] Update manifest descriptions by @romain-filigran in #6224
- [tool] chore(deps): Update dependency pytest to v9 [SECURITY] by @renovate[bot] in #6213
- [Google TI] Remove MITRE ATT&CK external reference generation by @romain-filigran in #6216
- [Google TI] Map alt_names_details field to Campaign aliases by @romain-filigran in #6214
- [Google TI] Bug: Malware first_seen/last_seen always null due to field name mismatch by @romain-filigran in #6197
- [Luminar] Auth fixes by @moin-loginsoft in #6227
- [onyphe] add support for ASM use-case & general performance improvements by @jimbobnet in #6066
- [ci] Add
solvedand correct milestone to issue when PR is merged by @throuxel in #6231 - [tool] chore(deps): Update dependency pytest to v9 [SECURITY] by @renovate[bot] in #6232
- [s3/connectors-sdk] Pass abstract to Note.generate_id for dedup alignment (opencti#15493) by @SamuelHassine in #6225
- [microsoft-sentinel] add batch mode by @Renizmy in #5957
- [Google TI] Map Vulnerability source references to external_references by @romain-filigran in #6217
- [Google TI] Models the 'executive_summary' and 'analysis' fields of a vulnerabili… by @romain-filigran in #6215
New Contributors
- @p-osman made their first contribution in #6043
- @jimbobnet made their first contribution in #6066
Full Changelog: 7.260409.0...7.260416.0