The Flying Squirrel

This is the first Github release of the 3.0 branch. 3.0.0 was only released as part of SELKS.

This new release features a new threat hunting, alert exploration interface that is using a interactive drill down approach.

Changelog:

• New REST API for source, ruleset update
• New ReactJS interface for threat hunting
• IPrep usage to factorize "XXXX group NN" in one single signature
• New applications switcher
• Misc fixes

Silky Squirrel

This is the second release of the 2.0 branch. It adds more capabilities to the REST API, fixes a few issues and improve the documentation.

Changelog:

• Add transformations handling to REST API
• Improve source testing (fix for PTRresearch import)
• Improve documentation
• Fix some JS errors

Giant Flying Squirrel

This is the first release of the 2.0 branch that feature a brand new user interface and new features such as lateral movement and target transformations. Both modify signatures to improve them. Lateral movement uses an algorithm to enlarge the signature IP address filter to detect attacks in the internal networks. Target transformation implement an other algorithm to add target keyword to signatures thus helping to find and visualize attack paths.

Main changes:

• Rule transformation with lateral movement and target
• Support of OISF public sources for easier setup
• Convert documentation to sphinx and integrate it in interface
• Rework of interface with Patternfly components
• Link to Onyphe to get IP informations
• Rules parsing optimization
• More dashboards including pktcity webGL visuaiization
• Initial REST API to interact with Scirius from outside

A small step for a squirrel

Another release candidate for Scirius 2.0 with some bugfixes.

Lightning Squirrel

Reimplements flowbits to fix a performance issue with ruleset like ETPro. Also features various improvements and bugfix.

Like a squirrel on a branch

This second release candidate fixes a small issue with a link to evebox that was incorrect.

I believe I can fly

This is the first RC of Scirius 2.0. The interface has been completely updated and some new features such as public sources support and advanced rules transformation.

Main changes:

• Rule transformation with lateral movement and target
• Support of OISF public sources for easier setup
• Convert documentation to sphinx and integrate it in interface
• Rework of interface with Patternfly components
• Link to Onyphe to get IP informations
• More dashboards including and pktcity

Minifix is not a dog

This is a bugfix release that also contains a few minimizations in CSS and JS and text to make everything a bit faster to load.

I know your name

This release fixes #114 and include a new option to use the local hostname as suricata name. This last option should allow new user to not experiment the empty graphs problem.

Born a 1th July

This is bugfix release containing minor fixes and fixing interaction with some Kibana versions.