Dear community, OpenCTI 4.1.0 has been released 🎁! This release introduces a lot of new features and bugfixes in visualization, automatic merging, massing deleting, performances, etc 💎.
First of all, we have reached a new milestone in our strategic roadmap with the implementation of custom dashboards and visualization widgets 📊. Users can now build dashboards to follow threats, victims, entities and overall knowledge in their OpenCTI platforms 🖥️.
Also, we have solved potential consistency issues by implementing more automatic merging of entities when a connector try to inject trusted data in the platform (MITRE, OpenCTI datasets, etc.) 🪄. If any errors occurred in the latest runs of some connectors, it should now be solved.
Finally, for advanced users who would like to have a better management of their ElasticSearch indexes (roll-over, freeze, sharding, etc..), OpenCTI is now working well with rolled/cold indexes.
Let's now focus on graph investigation and SIEM integrations 🚀!
Enhancements:
- #1027 Automatically merge entities resolved when update parameter is true
- #1026 Change the Attack Pattern / Courses Of Action standard IDs
- #1019 Generic entities "Location" are not correctly handled
- #1016 From a tools page, the user can't add an attack pattern
- #1015 The field DESCRIPTION of a vulnerability is not displayed.
- #1014 Allow a tool to be associated to a vulnerability
- #1013 Not possible to associate a sighting to a vulnerability
- #1012 Not possible to associate an observable to a vulnerability
- #1011 When on an ATTACK Pattern, is not possible to associate with a TOOL since the relation ship is missing
- #1010 The organizations listing should contain a filter on TYPE, to easily filter the organisations.
- #1009 Attack patterns & Tools should be associated with Organisations
- #1008 Countries entities should contain intrusion sets originating from the country
- #1003 Give more control in elastic index configuration
- #997 Improve hashed observable managment
- #993 Top Actor Widget
- #992 Most Active Malware Widget
- #986 Top CVE Widget
- #974 Change pagination system to use search_after instead of from
- #892 [import file stix] Improve Error logging
- #890 Full CSV export fails
- #738 Date Management
- #688 Improve the import of reports
- #667 Adding a tooltip to the menu items icons
- #655 Pin/Docking Navigation in WebUI
- #588 Heat map for victimology
- #532 have the same presentation in the frontend for countries and regions than for sectors/subsectors
- #505 Create a threat activity dashboard
- #307 Full refactor of workspaces and custom dashboards
- #271 Most active malware