OpenCTI 3.2.2 has been released! This version fixes a few minor bugs affecting the merging of entities and the LDAP authentication. We are committed to fix all bugs the community reported as fast as we can. But this version also introduces a very important feature for the integration of OpenCTI with the whole cybersecurity ecosystem.
The sightings (true positive and false positive) are now available for observables and indicators. As provided by the STIX 2 standard, sightings could originate from an organization, a person or from any location (region, country or city).
This version also introduce a lot of enhancements in the Python library: ingestion performances have been increased (you will be able to see that in our future performance monitoring infrastructure) and you are now able to use the API pagination directly in the *.list
methods.
Enhancements:
- #55 Observables / Indicators: Sighting