Release Notes 3.3.4
May 17, 2023
We are excited to introduce you to the latest version of Cyware Threat Intelligence eXchange (CTIX) v3.3.4.
Read-Only Groups New
We have introduced read-only groups for administrators to manage users who want to view data without making changes. This improves collaboration among threat intelligence teams and makes sure everyone has access to the same information. For example, you can use a read-only group and allow users to view threat data, create private saved searches, and view ATT&CK navigator.
CTIX provides a default Read Only group with read-only permissions applied for specific components which can be updated by administrators. In addition to this, administrators can also create custom read-only groups and assign read-only permissions as required.
To learn more about read-only groups and users, see Read-Only User Groups.
Just-In-Time (JIT) User Onboarding Enhanced
CTIX supports JIT user onboarding through SAML authentication method. New users are automatically added to the platform when they login for the first time, provided that they are present in an identity provider database. Users who are onboarded to CTIX through JIT are assigned to the out-of-the-box Read Only group. The administrator can later move read-only users to other groups.
ID Types for Publishing Indicators Enhanced
Administrators can now choose between two types of IDs for publishing threat data objects - the Threat Data ID or the Publishing ID. By default, CTIX uses Threat Data ID for publishing indicators.
You can choose an ID type that meets the requirements of your threat intel operations.
The Threat Data ID is assigned to a threat data object when it is first observed in the CTIX platform, and it remains the same throughout its lifespan for similar objects.
The Publishing ID is assigned to a threat data object when it is published to a collection, and changes with each publishing cycle.
To learn more about this configuration, see Configure TAXII Preferences.
Context Sensitive Help Enhanced
CTIX now offers context-sensitive help documentation for all its features. For example, when accessing the help documentation from the Threat Data module, the relevant help documentation regarding threat data will open automatically.