Releases: dfir-iris/iris-web
Releases · dfir-iris/iris-web
v2.2.2
What's Changed
Added
- Possibility to pivot on assets and IOCs from the alerts graph
Fixed
- Delete character escaping for passwords by @juadde in #253
- Case template of tasks without tags
- Shortening of case names during updates
- Bad handling of certain requests without CID
- Deletion of assets related to alerts once merge into a case
Full Changelog: v2.2.1...v2.2.2
Contributors
juadde
Assets 2
v2.2.1
What's Changed
Note 1: This version contains a security fix for iris-web.
Note 2: on_postload_case_info_update hook has been renamed to on_postload_case_update
Added
Fixed
- Security fix of CVE-2023-30615 - GHSA-gc6j-6276-2m49 impacting iris-web < v2.2.1
- Deletion of cases with assigned tasks
- Merge of multiple alerts
- Import of IOCs and Assets in case multiple alerts are merged
Full Changelog: v2.2.0...v2.2.1
Contributors
c8y3
Assets 2
v2.2.0
What's Changed
Added
- Basic csv events file import (with default options) by @realsec in #240
- New endpoints to search for manageable objects such as assets types etc,
- New search by asset IDs, IOC IDs and events IDs in the timeline
Fixes
- Some configuration checks when LDAP and automatic user creation are set by @c8y3 in #246
- Ensure database connectivity before trying to create tables by @weslambert in #248
- Merge of multiple alerts in one case not merging the IOCs and assets
- Bug allowing to add an asset to a timeline not belonging to the same case
- UI bug fixes
New Contributors
- @realsec made their first contribution in #240
- @weslambert made their first contribution in #248
Full Changelog: v2.1.0...v2.2.0
Contributors
weslambert, c8y3, and realsec
Assets 2
v2.1.0
Introduction of alerts and case templates 🎉
If you are using custom SSL certificates, please read the upgrade instructions when upgrading from previous versions.
What's Changed
Added
- Full support of alerts
- Case templates
- Provisioning of users
- Service accounts
- New permissions
Fixed
- Variable LDAP_AUTHENTICATION_TYPE in .env.model by @c8y3 in #217
- Automatic creation of users with ldap authentication by @c8y3 in #227
- Update nginx.conf for Security HTTP headers to work. by @oikuda in #216
- Columns in manage cases #205
- Customer contact deletion #239
- Search permissions #237
- Customer permissions #235
- Toast split #226
- Assets exporting #224
- Assets IOC filtering #223
- ADM username not enforced #218
- JIT provisioning of users in LDAP #203
New Contributors
Full Changelog: v2.0.2...v2.1.0
Contributors
oikuda and c8y3
Assets 2
v2.0.2
What's Changed
Fixed
- Update case_notes_db.py for bug fix #200 by @LoneWolf-96 in #208
- Do not escape_filter_chars for NTLM username by @juadde in #212
- docker-compose cleanup by @juadde in #213
- Listening port not being propagated in nginx docker
New Contributors
- @LoneWolf-96 made their first contribution in #208
- @juadde made their first contribution in #212
Full Changelog: v2.0.1...v2.0.2
Contributors
LoneWolf-96 and juadde
Assets 2
v2.0.1
What's Changed
- [FIX] Additional table header in case management breaking proper loading of data in #206
Full Changelog: v2.0.0...v2.0.1
v2.0.0
New version with major changes and improvements 🎉
Please carefully read the upgrade instructions when upgrading from previous versions.
What's Changed
Added
- Groups management
- Case access control and basic permissions
- Comments support on a call objects
- Markdown editors in all case objects
- Customers dedicated pages with additional information and cases statistics
- LDAP authentication
- Markdown reporting
- Case owners, classifications, outcome and tags
- Possibility to update case basic information
- Case overview page
- Unique UUID on all case objects
- Multiple assignee support in case tasks
- Deletion confirmation prompt on all case objects as an option
- IOC in events plus optional synchronization with assets
- Events flagging in the timeline
- MD links on every case objects
- Make Celery host configurable by @Matthijsy in #128
- Add value validation for iocs by @Matthijsy in #130
- Docx report enhancements by @LukyLuke in #127
- Integrating new report formats by @DoctorSauerkraut in #177
- Add Azure Key Vault and standardize configuration variables by @Matthijsy in #137
- Add IocAssetLink upon event update by @sprungknoedl in #186
Fixed
- Notes in Reports broken: recursive empty list instead notes list by @LukyLuke in #146
- #151 Asset unknown compromise in #156
- #193
- #188
- #184
- #181
- #171
- #169
- #168
- #167
- #166
- #164
- #162
- #161
- #160
- #153
- #152
- #151
- #150
- #140
- #134
- #132
- #126
- #124
- #121
- #120
- #106
- #66
- #62
- #61
- #49
New Contributors
- @Matthijsy made their first contribution in #128
- @LukyLuke made their first contribution in #127
- @DoctorSauerkraut made their first contribution in #177
- @sprungknoedl made their first contribution in #186
Full Changelog: v1.4.5...v2.0.0
Contributors
sprungknoedl, LukyLuke, and 2 other contributors
Assets 2
v1.4.5
What's Changed
- Added a datastore in #115, fixes #30 :
- Upload and store any files on IRIS
- Password protect them as an option
- Download
- Add to IOC and/or evidences automatically
- Reference to files in notes, summary or any textual input
- Copy/paste of images directly in notes and summary
- Virtual folders to arrange files
- Ability to configure password policy in #117, fixes #116
- Dark mode improved, flickering removed
- Multiples bugs fixes
- Security fixes
Full Changelog: v1.4.4...v1.4.5
Notes: Changes are made to the Nginx docker to allow upload of big files, hence specific upgrades are needed and auto-updates is not yet supported for this version. Please see the upgrades instruction for more details.
v1.4.4
What's Changed
- Implementation of bulk events editing by @sebastiandemmer in #110
- Fixes context switch button doesn't load cases by @DevJoost in #112
- Fixes multiple minor bugs
New Contributors
Full Changelog: v1.4.3...v1.4.4
Contributors
sebastiandemmer and DevJoost
Assets 2
v1.4.3
What's Changed
- Managed IRIS updates from itself
- Custom icons for assets - fixes #44 by @sebastiandemmer
- IOCs link in timeline and graph - fixes #50
- History of modifications in timeline
- User id in timeline export as an option - fixes #65
- Backup of database from the interface
- Minimisation of modals in cases
- New UI improvements in timeline
- New minimal notifications for almost all activities
- Improved overall responsiveness and speed
- Improved error feedbacks to users
- Improved load of tasks results by x10
- Code cleaning
- Multiple bug fixes
Full Changelog: v1.4.2...v1.4.3
Important note: If you are coming from < v1.4.0 please see upgrades instructions.
Contributors
sebastiandemmer