Skip to content

v2.1.1
Compare
Choose a tag to compare
@ygalnezri ygalnezri released this 12 Feb 10:07
· 8 commits to master since this release
v2.1.1
5bd1b80
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

v2.1.1

This release improves TheHive integration, refining TLP, PAP, Severity, and observable tags, while enhancing alert and case management. The system now verifies existing entries before updating them with new observables, preventing duplicates. Additionally, Dockerfile optimizations enhance container performance and security.

Watcher now has the ability to automatically feed cases and alerts by adding DNS Finder alerts linked to a monitored domain in Website Monitoring. Watcher will add subdomains to the case or alert of the parent domain and automatically update it.

Update Procedure

Please follow this process.

  • If you want, you can update the .env configuration to include credentials and endpoints for TheHive and other notification channels. Refer to the updated documentation for details: Update Watcher.

What’s Changed

  • This release enhances TheHive integration, ensuring alerts and cases are automatically updated with new observables for better incident tracking by @ygalnezri.
    • Watcher now automatically feeds cases and alerts by adding DNS Finder alerts linked to a monitored domain in Website Monitoring. Subdomains are added to the case or alert of the parent domain, ensuring they are automatically updated.
  • Refined TLP, PAP, Severity, and observable tags, improving classification and response accuracy by @ygalnezri.
  • Optimized the Dockerfile following best practices, improving performance and security by @0xlildoudou in #163
  • Bump django from 5.0.10 to 5.0.11 in /Watcher by @dependabot in #168

New Contributors

Full Changelog: v2.1...v2.1.1

Contributors

dependabot, 0xlildoudou, and ygalnezri
Assets 2
Loading