github OpenCTI-Platform/opencti 5.11.0
Version 5.11.0
on GitHub

latest releases: 6.3.1, 6.3.0, filigran-beta-denorm8...
11 months ago

Dear community, we're thrilled to announce the release of OpenCTI version 5.11.0 ๐Ÿฅณ! In this version, we've focused on enhancing the platform with major new features and squashing pesky bugs to ensure the platform continues to meet your evolving needs ๐Ÿ’ก.

First of all, we have finally implemented a built-in CSV import, with very flexible mapping configuration, allowing teams to import almost any format including relationships in columns. This mapper also supports to have multiple entities and/or relationship in a single column such as a list of sectors ๐Ÿš€.

Within OpenCTI Entreprise Edition, the automation engine is now generally available. Administrators are able to create powerful playbooks and scenarios to manipulate, enrich, duplicate and process the data in the platform, based on any type of events. For instance, it is now possible to trigger the hygiene connector and, depending on the result, send the indicator to detection ๐Ÿช„.

It is now possible to make all types of feeds (CSV, TAXII, etc.) public and not only OpenCTI streams. The platform will kept only one type of marking (the highest) instead of cumulating marking definitions of the same type ๐Ÿงผ. From an investigation, an analyst can now quickly create a container such as a report or a grouping. Also in investigations, the number of available entities to be extended in displayed on the graph ๐Ÿงฌ.

Thank you for your continued support and valuable feedback. Stay tuned for more exciting updates from the Filigran team as we continue to evolve OpenCTI to meet your threat intelligence requirements ๐ŸŽ‰.

Enhancements:

  • #4606 Added biographic/demographic capabilities to ThreatActorIndividuals
  • #4589 [SSO] Improve configuration to allow remote system disconnect
  • #4560 Add option to use session Cookie
  • #4510 Do not add internal users in creators
  • #4495 RSS Feed elements without date should use FROM_START
  • #4420 Threat Actors and Intrusion Set goals as Taxonomy
  • #4349 Add Rolling time base attribute time selection (created_at, updated_at)
  • #4298 Improve data sharing security, add public access on all types
  • #4175 Correctly handle declassification in stream-based synchronization
  • #3799 Quick button to turn an Investigation into a Report/Case
  • #3637 Be able to have an administrator for an organization who is able to manage users inside its organization
  • #3324 [EPIC] Automation and workflows capabilities
  • #3229 Restrict marking definition to only one marking by type and keep the highest level
  • #3170 Be able to customize the pagination window in the native TAXII server
  • #3121 Be able to automate the sharing to organizations based on some criterias
  • #2782 CSV Import with columns mapping
  • #2768 [SSO] SAML SSO login overrides path to /dashboard
  • #2513 Be able to add Analystics pixels tracking systems for demographics
  • #2505 Automatic first_seen computing on most of compatible entities
  • #2203 Enrich before extracting / creating indicators / observables
  • #1865 Number of entities to be extended
  • #1544 Allow comparing activity by Connector.

Bug Fixes:

  • #4554 Note are displayed as Unknown in list widget
  • #4553 Some reports are inaccessible
  • #4548 Added Entities to a Container are not displayed in the Knowledge Graph (generates some filters)
  • #4540 KillChain view of Attack Pattern Knowledge : error occurs
  • #4537 Taxii 2.1 ingestion client is not paginating through collection
  • #4529 Wrong location for new dashboard widgets
  • #4528 Can't export relationships
  • #4525 Available statuses are not displayed in the live trigger creation/modification window
  • #4509 Restrict organization access capability check failing
  • #4504 Deleting labels using checkboxes is not working
  • #4502 Stream security prevent access to authorized users
  • #4474 Cannot expand a relation in Investigation Graph
  • #4470 The cyber threat activity map on the dashboard breaks down
  • #4469 Failed to build OpenCTI-5.10.3 due to the failure of npm install
  • #4466 Background tasks on Cases don't take filtering into account
  • #4461 Notifications not working with filter Assignee
  • #4459 Can't do mass operations on Sightings
  • #4456 Sightings filtering bug for qualification=malicious
  • #4451 Can't edit DataSource or navigate to relationship. Dashboard crashes
  • #4450 Report names are not displaying in the list widget in custom dashboards
  • #4425 Failed to create a new stream through a proxy
  • #4421 Relationship suggestion feature in "Knowledge" does not always work
  • #4350 Knowledge screen in Incidents-->Knowledge does not show all relations. Seems observables are not counted
  • #4345 Content field in workbench note is not correct (html instead of md), and TLP marking is not handled correctly
  • #4315 JSON export of attack patterns of an intrusion set is broken
  • #4282 STIX Sighting Object Not Imported from JSON Bundle

Pull Requests:

New Contributors:

Full Changelog: 5.10.3...5.11.0

Check out latest releases or
releases around OpenCTI-Platform/opencti 5.11.0

Don't miss a new opencti release

NewReleases is sending notifications on new releases.

Get notifications