Saltar a contenido

Release 25.01

Release notes for 25.01.5

  • Release date: 18/January/2024
  • Type: Standard
  • Main changes: redborder manager.

This is the release notes for the patch 25.01.5 of redBorder NDR version 25.01.

In this update, our primary objective continued to be the resolution of existing bugs, with a special emphasis on enhancing the functionality of webui adding the dark theme.

What's new

  • #19652 [redborder-webui] Show uptime in sensor tree on sensors of type ips and proxy
  • #19621 [redborder-webui] Add Observables Related, Assets Related, Events Related in Asset sidebar on Incident View. Unify related assets and observables in one GRAFO table. Adapt sidebar to new way of getting incident druid data
  • #19588 [redborder-manager] Integrate external reputation list for: ip, domains, url, sha-1 and sha-2
  • #19360 [redborder-webui] Add dark mode theme for web interface

Improvements

  • #19749 [redborder-webui] Add more logs on UpdateThreatIntelJob output, validation of input and expiration of memcached keys (like 1h.), change dimension translation name "wan ip is malicious" -> "wan ip malicious"
  • #19528 [redborder-webui] Add all the info of linked incidents in Incident Detail view
  • #19523 [redborder-webui] Rework notifications to show the number of pending notifications on the top menu

Resolved Issues

  • #19858 [cookbook-keepalived] Add notify master/backup script for sfacctd virtual ip (similar to the webui one)
  • #19853 [redborder-manager] create splittraffic & splitintrusion false by default during installation
  • #19848 [redborder-webui] dark theme doesn't work when you try to edit a user you are not logged in
  • #19831 [cookbook-rb-manager] s3 host should be taken from s3_secrets
  • #19825 [redborder-webui] glpi can enqueue more than one jobs at the same time
  • #19808 [redborder-manager] s3 access key not correctly loaded when external s3
  • #19797 [redborder-manager] postgres_TAG not defined in rb_bootstrap_common
  • #19789 [redborder-webui] theme is switching with user preference when login out
  • #19783 [redborder-webui] Tool -> Object Types showing a table sorter header element empty
  • #19775 [redborder-webui] Translation missing - playbook assignment rule
  • #19770 [redborder-webui] missing error logo in dark theme
  • #19765 [redborder-webui] Priority is always using the ID of database instead an specific column
  • #19757 [redborder-webui] Alarms compute the value bad
  • #19721 [redborder-manager] OutlierIncidentJob enqueue without checking if exists
  • #19718 [redborder-webui] Default alarms not filtering by node
  • #19704 [redborder-webui] Check if the object type of an object is nil before getting the object image. If doesnt have type, put "MacObject" in type in assets list
  • #19696 [redborder-webui] RbVulnerabilitiesUpdateDBJob give massive message in Last error column
  • #19498 [redborder-webui] Vertical bars widgets gives error when dashboard updates
  • #19390 [redborder-webui] Error when editting playbook while having 26 playbooks (max number of playbooks). Also limit the playbook count to 25
  • #19366 [redborder-webui] Error when ordering by priority
  • #19186 [redborder-webui] Mitre rule assignation: subtechnique direct assignation
  • #19134 [redborder webui] Widgets duplicated column
  • #19057 [redborder-webui] Intrusion help when there's no IPS shows old installation
  • #18698 [redborder-webui] Pagination for event rules limits also affects the suppress list
  • #17929 [redborder-webui] In Objects and Object Types, pagination is not updated