Release Notes 3.4.1
July 5, 2023
We are excited to introduce you to the latest version of Cyware Threat Intelligence eXchange (CTIX) v3.4.1. This release includes new features, enhancements, and minor bug fixes.
System Email Notifications New
CTIX now adds support for configured user groups and individual users to receive email notifications prior to the expiration of their OpenAPI credentials. This allows users to promptly extend the validity of their API credentials, thereby preventing any interruptions to integration services.
For more information, see Configure System Notifications.
Bulk Enrichment New
The Enrichment Management in CTIX is now enhanced to support bulk enrichment of threat data objects. With this enhancement, the platform allows the enrichment of multiple threat data objects at once, thereby consuming minimal quota using enrichment policies.
Currently, users can leverage Zscaler's integration with CTIX to utilize bulk enrichment capabilities.
For more information, see Bulk Enrichment.
Integrations
CTIX adds support for the following new integrations:
Cyberint (API Feed Source): CTIX integrates with Cyberint to provide security analysts access to contextual threat intelligence. This empowers them to enhance threat-hunting capabilities, conduct more comprehensive threat research, and effectively assess potential attacks. For more information, see CyberInt.
FortiRecon (API Feed Source): CTIX integrates with FortiRecon to provide security analysts with easy-to-understand and high-value threat intelligence. This integration allows them to take proactive steps to remediate and execute necessary actions to minimize risk. For more information, see FortiRecon.
Censys (Enrichment Tool): CTIX integrates with Censys to enable security analysts to scan IP addresses and domains on the Censys database and retrieve valuable insights for threat investigation. This integration allows them to defend against attacks and investigate threats with added context. For more information, see Censys.
Other Enhancements
Following are a few enhancements introduced with this release:
Cyware CSV: While importing a CSV (Cyware) file format to create intel, CTIX now supports additional fields, such as TLP, description, source confidence, external references, and tags, in addition to the existing details.
Tags: CTIX now provides support for analysts to create internal tags, allowing them to effectively filter and categorize threat intel.
Bulk Discard: In Detailed Submission, CTIX adds support to discard the draft intel records in bulk.
File Export: CTIX adds support to export threat data in the JSON file format.
Rules: While defining the Deprecate action in Rules, analysts can now choose a deprecation period ranging from 1 to 180 days for the object.
Date Range Selector: The date range selector in CTIX is now enhanced to support predefined date ranges of 7, 30, 60, 90, and 180 days. This enables users to conveniently choose the commonly used intervals for fetching and filtering data in the platform.
For example, in Detailed Submission, analysts can now directly choose from the predefined date ranges of 7, 30, 60, 90, or 180 days while defining start and end dates.
Bug Fixes
Following are a few bug fixes provided with this release:
In Threat Data, the issue with ingesting aliases from the CrowdStrike integration and searching them in the platform is now resolved.