mirror of https://github.com/MISP/misp-website
Update 2017-12-22-MISP.2.4.85.released.md
parent
d8b695301c
commit
3af83c5241
|
@ -4,30 +4,30 @@ layout: post
|
||||||
featured: /assets/images/misp-small.png
|
featured: /assets/images/misp-small.png
|
||||||
---
|
---
|
||||||
|
|
||||||
A new version of MISP [2.4.85](https://github.com/MISP/MISP/tree/v2.4.85) has been released including improvements in feed ingestion performance, warning-lists handling and many bug fixes.
|
A new version of MISP [2.4.85](https://github.com/MISP/MISP/tree/v2.4.85) has been released including improvements to the feed ingestion performance, warning-list handling and many bug fixes.
|
||||||
|
|
||||||
Warning-lists can now be used for filtering out import when using the API via /attributes/add either pass the url param `/enforceWarninglist:1` or set the `"enforceWarninglist":1` key on individual attributes to be checked.
|
Warning-lists can now be used for filtering out import when using the API via /attributes/add either pass the url param `/enforceWarninglist:1` or set the `"enforceWarninglist":1` key on individual attributes to be checked.
|
||||||
|
|
||||||
Warning-lists performance is improved especially on the ingestion, the deletion of the warning-lists can be done from the UI and very large warning-lists are now properly to avoid MySQL packet issue.
|
Warning-lists performance is improved especially on the ingestion, the deletion of the warning-lists can be done from the UI and very large warning-lists are now properly updated even on MySQL instances configured with conservative maximum packet sizes.
|
||||||
|
|
||||||
Feed quick sync is now part of MISP allowing to import attributes using the precalculated cache without parsing the complete feed. We strongly recommend
|
Feed quick sync is now part of MISP allowing the calling of attributes using the precalculated hashes without having to parse the complete feed. We strongly recommend
|
||||||
feed provider to use the [latest feed generator](https://github.com/MISP/PyMISP/commit/195cd6d7fc305ac6628ed8f2ff762b3f69a9b6ca) in PyMISP to benefit from the feed quick sync.
|
feed providers to use the [latest feed generator](https://github.com/MISP/PyMISP/commit/195cd6d7fc305ac6628ed8f2ff762b3f69a9b6ca) in PyMISP to benefit from the quick sync.
|
||||||
|
|
||||||
Tags can now be restricted to a single user (in addition to the existing restriction per user). This can help to
|
Tags can now be restricted to a single user (in addition to the existing restrictions per organisation). This can help to
|
||||||
support analyst workflow process where a certain type of users can tag or classify in an organisation.
|
support analyst workflows where a certain type of user can tag or classify in an organisation.
|
||||||
|
|
||||||
Auth keys of user can now be reset from the command line by using `/var/www/MISP/app/Console/cake Authkey [email@of.user]`.
|
Auth keys of users can now be reset from the command line by using `/var/www/MISP/app/Console/cake Authkey [email@of.user]`.
|
||||||
|
|
||||||
Improvement and cleanup in the event index:
|
Improvement and cleanup in the event index:
|
||||||
|
|
||||||
- removed threat level and analysis from the index as they're eclipsed by the taxonomies for most use-cases
|
- removed threat level and analysis from the index as they're eclipsed by the taxonomies for most use-cases
|
||||||
- hanged the behaviour when users click on org logoes (redirect to filtered index)
|
- changed the behaviour when users click on org logoes (redirect to filtered index)
|
||||||
|
|
||||||
Various UI improvement to clear out the interface for the analysts like the collapse of attributes with highly correlating events:
|
Various UI improvements to clean up the interface for the analysts, including changes such as the collapse of attributes with highly correlating events:
|
||||||
|
|
||||||
![collapse of correlation](/assets/images/misp/blog/collapse.png){:class="img-responsive"}
|
![collapse of correlation](/assets/images/misp/blog/collapse.png){:class="img-responsive"}
|
||||||
|
|
||||||
Or sighting view in the object is now properly working.
|
The advanced sighting view on objects is now properly working.
|
||||||
|
|
||||||
New attribute types were introduced in MISP in order to improve the support of new or improved objects:
|
New attribute types were introduced in MISP in order to improve the support of new or improved objects:
|
||||||
|
|
||||||
|
@ -36,18 +36,18 @@ New attribute types were introduced in MISP in order to improve the support of n
|
||||||
- stix2-pattern - to a new [stix2-pattern object](https://www.misp-project.org/objects.html#_stix2_pattern)
|
- stix2-pattern - to a new [stix2-pattern object](https://www.misp-project.org/objects.html#_stix2_pattern)
|
||||||
- whois-registrant-org - to support the updated [whois object](https://www.misp-project.org/objects.html#_whois)
|
- whois-registrant-org - to support the updated [whois object](https://www.misp-project.org/objects.html#_whois)
|
||||||
|
|
||||||
The STIX 2.0 export significantly improved to support the full range of mapping between MISP standard and STIX 2.0 standard.
|
The STIX 2.0 export had undergone significant improvements to support the full mapping between the MISP and STIX 2.0 standards.
|
||||||
If a mapping is not supported in the STIX 2.0 standard, we also export custom objects to allow organisations to still get
|
If a mapping is not supported in the STIX 2.0 standard, we also export custom objects to allow organisations to still receive
|
||||||
MISP information in the STIX export. The basic logic for STIX 2.0 import has been implemented to make a first version in
|
These often crucial pieces of MISP information in the STIX export. The basic logic for STIX 2.0 import has been implemented for it to make it's debut in
|
||||||
the next release.
|
the next release.
|
||||||
|
|
||||||
Many bug fixes and improvement were introduced in this version.
|
Many bug fixes and improvement were introduced in this version.
|
||||||
|
|
||||||
The full change log is available [here](https://www.misp.software/Changelog.txt). [PyMISP change log](https://www.misp.software/PyMISP-Changelog.txt) is also available.
|
The full change log is available [here](https://www.misp.software/Changelog.txt). [PyMISP change log](https://www.misp.software/PyMISP-Changelog.txt) is also available.
|
||||||
|
|
||||||
PyMISP has been also updated on a cleverer approach to timestamp handling while updating MISP JSON file. The PyMISP documentation has been updated [PDF](https://media.readthedocs.org/pdf/pymisp/latest/pymisp.pdf).
|
PyMISP has been also updated, boasting a more clever approach to timestamp handling while updating MISP JSON files. The PyMISP documentation has been updated [PDF](https://media.readthedocs.org/pdf/pymisp/latest/pymisp.pdf).
|
||||||
|
|
||||||
MISP [galaxy](/galaxy.pdf), [objects](/objects.pdf) and [taxonomies](/taxonomies.pdf) were notably extended by many contributors. These are also included by default in MISP. Don't forget to do a `git submodule update` and update galaxies, objects and taxonomies via the UI.
|
MISP [galaxy](/galaxy.pdf), [objects](/objects.pdf) and [taxonomies](/taxonomies.pdf) were notably extended by many contributors. These are also included by default in MISP. Don't forget to do a `git submodule update` and update galaxies, objects and taxonomies via the UI.
|
||||||
|
|
||||||
New MISP trainings are foreseen the 17/01 and 18/01 in Luxembourg including a full-day API and extension hands-on. [For more information and registration](https://www.circl.lu/services/misp-training-materials/). We have also many other trainings and events foreseen in 2018, [for more information](/events/)
|
New MISP trainings are foreseen the 17/01 and 18/01 in Luxembourg including a full-day API and extension hands-on session. [For more information and registration](https://www.circl.lu/services/misp-training-materials/). We have also many other trainings and events foreseen in 2018, [for more information](/events/)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue