mirror of https://github.com/MISP/misp-website
33 lines
3.3 KiB
Markdown
33 lines
3.3 KiB
Markdown
|
---
|
||
|
|
title: MISP 2.4.97 released (aka so many new features)
|
||
|
|
layout: post
|
||
|
|
featured: /assets/images/misp-small.png
|
||
|
|
---
|
||
|
|
|
||
|
|
A new version of MISP ([2.4.97](https://github.com/MISP/MISP/tree/v2.4.97)) has been released with new features such as related tags, sighting restSearch API, a new French localisation and many many improvements in the API or import/export capabilities such as an improved support for [DHS AIS](https://www.us-cert.gov/ais) STIX 1 files.
|
||
|
|
|
||
|
|
{:class="img-responsive"}
|
||
|
|
|
||
|
|
The new functionality related tags has been introduced allowing user to view what's the most commonly used tags on a specific attributes. This can help analyst to decide to use specific classification based on previous analysis to gain time in contextualisation of information.
|
||
|
|
|
||
|
|
{:class="img-responsive"}
|
||
|
|
|
||
|
|
A new API has been introduced to search [MISP sightings](https://www.misp.software/2017/02/16/Sighting-The-Next-Level.html) using a list of filter parameters and return the data in the JSON, CSV or XML format. The search is available on an event, attribute or instance level. You can easily search by time ranges (from, to or last) using the standard restSearch API.
|
||
|
|
|
||
|
|
At API level, many changes were introduced such as:
|
||
|
|
|
||
|
|
- [Galaxy](https://www.misp-project.org/galaxy.html) API is now exposed and can be browsed via API.
|
||
|
|
- Event index API can now be exported in CSV format in addition to standard JSON format.
|
||
|
|
- Logs entries are now exposed via the API. The API is completed documented via template page/REST client.
|
||
|
|
- Warning-list lookup is now exposed to the API. A value can be quickly tested against the warning-lists enabled on a MISP instance.
|
||
|
|
|
||
|
|
Many fixes were done in the STIX 1 and 2 at import and export including a better support of AIS marking and specific MISP objects.
|
||
|
|
|
||
|
|
The French localisation of the user-interface is now complete (thanks to all the contributors). French is now the second localisation after Japanese of the MISP user-interface. If you want to contribute and help for the translation project, don't hesitate to [join us on crowdin](https://crowdin.com/project/misp).
|
||
|
|
|
||
|
|
MISP [galaxy](/galaxy.pdf), [objects](/objects.pdf) and [taxonomies](/taxonomies.pdf) were notably extended by many contributors. New object templates were introduced to better support the description of forensic analysis cases and improve their sharing. These are also included by default in MISP. Don't forget to do a `git submodule update` and update galaxies, objects and taxonomies via the UI.
|
||
|
|
|
||
|
|
A detailed and [complete changelog is available](http://www.misp-project.org/Changelog.txt) with all the fixes, changes and improvements.
|
||
|
|
|
||
|
|
Don't hesitate to have a look at our [events page](http://www.misp-project.org/events/) to see our next activities to improve threat intelligence, analytics and automation. We have also two MISP trainings foreseen in Luxembourg Monday 17th December [MISP Training - Threat Intelligence Analyst and Administrators](https://en.xing-events.com/MURFIIQ) and Tuesday 18th December [MISP Training - Developers session - API and Extensions ](https://en.xing-events.com/QDBMTBT.html).
|