Skip to content

Version 0.7.2
Compare
Choose a tag to compare
@jshcodes jshcodes released this 15 Dec 16:48
· 40 commits to main since this release
v0.7.2
cd71be7
  • Moves duplicate handling to leverage the PyMISP native solution. Closes #129. Closes #67.
    • All indicator attributes have been moved to flat attributes as opposed to object attributes.
  • Removes sightings integration.
  • Aligns all adversary (actors) to the MISP Threat Actor galaxy. CrowdStrike only actors are created and imported to this galaxy as part of this process.
    • These actors are removed when performing a delete.
  • Refactors taxonomic tagging to reduce the number of updates performed per attribute (indicator).
  • Refines indicator type and malware family events and reduces the amount of time to import. Closes #118. Closes #102.
  • Refines and expands Galaxy searches in an attempt to properly tag malware family indicators to the appropriate galaxy. Closes #134.
  • Adds a new parameter to the configuration file to allow developers to limit the date range for Malware Family event lookups. Closes #136.

Important

Due to taxonomic tagging changes, developers wanting to completely reimport data should remove all CrowdStrike data from their MISP instance (--obliterate or -ci -cr -ca) using the previous version before upgrading to the latest version and running a new import.

Assets 2
Loading