Releases: SecurityRiskAdvisors/VECTR
ce-9.9.1
ce-9.9.0
🔒 Security Maintenance
- Dependency updates
- RTA containers have upstream vuln CVE-2023-45853 related to zlib1g. This issue is still not patched in Debian upstream.
🐛 Bug Fixes
- Fix to heatmap not honoring the "allow repeats" toggle.
🚀 VECTR Enterprise
- Check out our Release Notes page on the VECTR.io site to see what's new with VECTR Enterprise, VECTR related tools and misc items VECTR Release Notes | VECTR.
ce-9.8.4
🐛 Bug Fixes
Fixed starting tomcat container as root user
ce-9.8.3
✨ Enhancements
MITRE ATT&CK v17.1 support
🐛 Bug Fixes
Heatmap technique in heatmap not clickable in some situations
🔒 Security Maintenance
Dependency updates
ce-9.8.1
VECTR 9.8 is a minor update focused on bug fixes.
🐛 Bug Fixes
A lot of bug fixes. Some note worthy ones:
- Fixed an issue where creating a new Defense Tool Product while also creating a new vendor in-line would fail
- Any user can now favorite a tag
- Improved tooltip positioning in the Resilience Trending report
- Fixed an issue where a user without library write permissions could still import data
🔒 Security Maintenance
- Dependency updates.
ce-9.7.0
VECTR 9.7 is a minor update focused on bug fixes and application stability and improvements, including accessibility enhancements to keyboard navigation and defense tool product management.
Important
We have unified VECTR services versioning to be in step with the product version. Affected services include the RTA server and builder. If you are manually managing your compose file or VECTR deployment, be sure to update the image version used by the vectr-rta-webserver and vectr-rta-builder services to 9.7.0.
👀 New Features
- Defense Tool Product library. You can now manage defense tool products through the UI.
- Ability to export library campaigns to VEX file format.
🐛 Bug Fixes
- Numerous bug fixes.
🔒 Security Maintenance
- Dependency updates.
ce-9.6.5
VECTR 9.6 brings major changes to the application, including a redesigned reporting filter and... per-tool outcome!
👀 New Features
- Tool Performance. It's here! You can now report on outcomes at a defense tool level, providing better visibility into how your different defense controls are functioning individually but also together as a whole. Learn more about using per-tool outcomes on our docs site: https://docs.vectr.io/user/recording-outcomes/
- Redesigned reporting filter. We made the reporting filter a bit easier to use by placing all available filtering options in one place.
🚀 Improvements
- Added additional test case filtering options when creating a campaign template.
🐛 Bug Fixes
- Fixed a bug where when updating a test case timeline event, the UI would not display the updated data. #290
- Fixed an issue where ATTiRe logs generated by Invoke-AtomicRedTeam could not be imported into VECTR.
🔒 Security Maintenance
- Dependency updates.
ce-9.5.3
🐛 Bug Fixes
- Fixed an issue where ATTiRe logs could not be imported into an empty campaign.
ce-9.5.2
VECTR 9.5 is a minor update focused on under-the-hood application improvements and reintroducing content library export. Be sure to star and watch this repo and/or join us on Discord to be notified when new VECTR releases drop. We will be introducing a highly requested feature in our next major release, so stay tuned!
🚀 Improvements
- Content library export is back! You can now export full content library data, including automation artifacts, to share or import into another VECTR instance.
- We're continuing to chip away at the frontend framework migration to Vue.js. In this release, we've redesigned and migrated the campaign library page.
🐛 Bug Fixes and Maintenance
- Bug fixes and application performance improvements.
- Dependency updates.
ce-9.4.0
🐛 Bug Fixes
- Fixed issue in GraphQL test case mutations where test case automation arguments were not saving.
- Fixed issue when importing a defense tool from the content library did not copy over associated defense layer information.
- On Resilience Trending report page, fixed issue where configuration buttons on heatmap sub-chart were invisible.
🔒 Security Maintenance
- Addressed application vulnerabilities reported by @ameerpornillos.