From e7cc2530d4e7bdb2fb0c7ea890c1e85466b9ee1e Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 25 Apr 2018 11:04:05 +0200 Subject: [PATCH] MISP 2.4.90 release blog post --- _posts/2018-04-20-MISP.2.4.90.released.md | 41 +++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100755 _posts/2018-04-20-MISP.2.4.90.released.md diff --git a/_posts/2018-04-20-MISP.2.4.90.released.md b/_posts/2018-04-20-MISP.2.4.90.released.md new file mode 100755 index 0000000..0f9fc27 --- /dev/null +++ b/_posts/2018-04-20-MISP.2.4.90.released.md @@ -0,0 +1,41 @@ +--- +title: MISP 2.4.90 released (aka Extended Events release) +layout: post +featured: /assets/images/misp-small.png +--- + +A new version of MISP [2.4.90](https://github.com/MISP/MISP/tree/v2.4.90) has been released including the new extended events feature along with many updates in improvements in the API, user-interface (including many improvement in the graph editor) and many bug fixes. + +The extended event feature has been added in MISP to allow users to extend events without modifying original events. For more information about the extended event feature, the blog post [Introducing The New Extended Events Feature in MISP](/2018/04/19/Extended-Events-Feature.html) include many details and use-cases where it can support organisations in their management of threat information. + +Graph editor has been significantly improved including filtering on tag/type of attributes, physic of the graph is now configurable, extended MISP events are now supportedin the graph. + +A new functionality has been added to control the server setting via the command line directly. + +- /var/www/MISP/app/Console/cake Admin getSetting [setting] + - setting is optional, if none set "all" is assumed + - returns all or a specific setting's current value and metadata + +- /var/www/MISP/app/Console/cake Admin setSetting [setting] [value] + - set a given server setting by full setting name + - for example the following will enable the import services: + - /var/www/MISP/app/Console/cake Admin setSetting "Plugin.Import_services_enable" 1 + +Task from MISP can be triggered from command line and an example of cron entry has been added in the UI. + +Some improvement in the [Cortex integration](https://github.com/TheHive-Project/Cortex) and settings, to allow the configuration of TLS options and ensuring Cortex 2 compatibility. + +A clarification has been introduced in the UI to clearly separate the caching of feeds and enable feeds for full import. + +Roles feature has been improved to allow to set the maximum memory usage and execution time per role (e.g. useful to limit some specific API role). + +STIX 2 export has been refactored and supports more features from the MISP standard format and performance was improved too. + +To ensure data portability of users (GDPR), a new export button has been added to allow users to get their information in addition to the existing API for user management.Regarding GDPR compliance, MISP project [released a document about GDPR and information sharing](/compliance/gdpr/) on the topic which can help operators and users of MISP communities what are the exact impact of the regulation along why information sharing is critical in information security. + +MISP default feeds updated including the (URLhaus)[http://urlhaus.abuse.ch] feed. + +We would like to thank all the contributors who have been fixing bugs, contributed new features or supported us for this release. + +MISP [galaxy](/galaxy.pdf), [objects](/objects.pdf) and [taxonomies](/taxonomies.pdf) were notably extended by many contributors. These are also included by default in MIS +P. Don't forget to do a `git submodule update` and update galaxies, objects and taxonomies via the UI.