Skip to content

Releases: sandialabs/scot4-inbox

4.4 Release

28 Jul 21:05
@toddbruner toddbruner
v4.4.6
a9353cf
Compare
Choose a tag to compare
4.4 Release Latest
Latest

Features

  • Tag and Source UI Editor

    • Search for any number of Tags or Sources

      • OR – will find all items that have at least one of the Tag or Source Names

      • AND – will find all items that have all the Tag or Source Names

    • Update a Tag or Source Name or Description

    • Delete all Tags or Sources (will also remove them from the target type)

    • Replace a Tag or Source with a different Tag or Source

    • Add or Remove Tags or Sources for a target type (i.e., Alertgroup, Entity, Intel)

    • Word Cloud shows the top 100 Tags or Sources by count. Selecting a word will also search for it.

  • Stats Dashboard

    • Dynamic data visualization with selectable time ranges and various chart types.

    • Metric types:

      • alerts closed

      • alerts create

      • entries created

      • events created

      • entries updated

      • intel created

      • Mean Time To Contain

      • Mean Time to Remediate

  • Entity Pane Tag Improvements

    • Add or Remove Entity Class or Tag for multiple Entities

    • Add Comments to the Add or Remove action that will populate the Entity’s Entry Journal.

  • Dispatch Promotion to Existing Intel Item

  • New API endpoints to enable operations on multiple items

    • For many target types there is a new API endpoint for example:

      
/api/v1/alertgroup/many

/api/v1/intel/many

/api/v1/dispatch/many

Etc…

    • Create Many - POST an array of objects to create

    • Update Many – PUT with an array of IDs and a single object to update all items with the same object

    • Delete Many – DELETE with an array of IDs to delete all objects

  • Filtering and Ordering Options for Search

  • Filter by entity class when searching for entities

  • Entity Replay Enrichment button.

  • Entity enrichment example documentation.

  • Entity Timeline view within Entity Modal.

  • Download files as password protected zip.

Fixes

  • OpenAPI documentation example improvements and fixes.

  • API instability bug fixes.

  • Improved firehose update concurrency.

  • Initial index creation fixes.

  • Improvements to Splunk stats table.

  • Display bug fixes in vulnerability feeds.

  • Entity Flair display bugs fixed.

  • Fixes to user defined flair detection.

  • Improved error handling in Flair Engine's download of external images.

  • Fixes to Inbox processors usage of Microsoft Graph API.

  • Self hosting static resources for API documentation.

  • Helm chart improvements.

  • File upload to Vulnerability sections now possible.

Assets 2
Loading

v4.3.2 - additional MSGraph fixes

22 Apr 15:28
@jddicki2 jddicki2
v4.3.2
097e9a4
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.3.2 - additional MSGraph fixes

More fixes and improvements to using MSGraph to receive email

Loading

MS Graph Improvements

13 Feb 21:39
@toddbruner toddbruner
v4.3.1
a310f6b
Compare
Choose a tag to compare
MS Graph Improvements

Fixes and improvements to using MSGraph to receive email

Loading

Initial Open Source Release

29 Oct 22:02
@jddicki2 jddicki2
v4.2.0
fd44d38
Compare
Choose a tag to compare
Initial Open Source Release

Initial Open Source Release

Loading

Test release

17 Oct 20:35
@jddicki2 jddicki2
v4.0.1
7050aeb
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Test release

test

Loading

Test Release: 4.0.0

17 Oct 20:02
@jddicki2 jddicki2
4.0.0
f1cb3db
Compare
Choose a tag to compare
Test Release: 4.0.0

Test

Loading