v2.1

v2.1

This release focuses on a major transformation of the notification system, introducing new integrations with TheHive, Citadel, and Slack, alongside an enhancement to email notifications. Users can now automate alert creation in TheHive, send notifications via Citadel's APIs, and streamline team communication through Slack. Additionally, email notifications have been upgraded to SMTPS for improved security. These updates aim to enhance communication, security, and collaboration across multiple platforms.

Update Procedure

[MANDATORY] Update Watcher:
This version includes significant changes to the notification system. It is essential to follow these steps:

1. Pull the latest Docker image from the repository.
2. Update your docker-compose.yml file as per the latest version on GitHub.
3. Apply migrations for the newly created module:

   python manage.py migrate

4. Update configurations in the .env file to include credentials and endpoints for the new notification channels. Refer to the updated documentation for details: Update Watcher.

New Features

• Common Module Implementation:
  A new Django app has been introduced to centralize generic functions shared by multiple modules. This update simplifies the codebase and enhances maintainability.

• Notification System Creation:

  • Email Notifications via SMTPS:
    Transitioned from SMTP to SMTPS for enhanced security. More details and information about this: Configure your Email notifications by @ygalnezri.
  • TheHive Integration:
    Automatic alert creation in TheHive via APIs. More details and information about this: Configure your TheHive notifications by @ygalnezri.
  • Citadel Integration:
    Notifications are now supported through the enterprise application Citadel via APIs. More details and information about this: Configure your Citadel notifications by @ygalnezri.
  • Slack Notifications:
    Notifications can now be delivered directly through Slack via APIs for better team collaboration. More details and information about this: Configure your Slack notifications by @ygalnezri.

What’s Changed

• Redesigned email templates for improved clarity and user experience by @ygalnezri.
• Refactored the docker-compose.yml file to use env_file for better readability and reduced redundancy by @ygalnezri.
• Updated the Dockerfile to align with the latest best practices for Django applications by @ygalnezri.
• Revised documentation to provide detailed setup instructions for the new notification system and its integrations by @ygalnezri
• v2.1 by @ygalnezri in #166

Full Changelog: v2.0.2...v2.1

v2.0.2

What's Changed

• Bump path-to-regexp and react-router-dom in /Watcher by @dependabot in #156
• Bump django from 5.0.8 to 5.0.9 in /Watcher by @dependabot in #158

Full Changelog: v2.0.1...v2.0.2

v2.0.1

What's Changed

• Bump django from 5.0.7 to 5.0.8 in /Watcher by @dependabot in #149
• Bump webpack from 5.76.0 to 5.94.0 in /Watcher by @dependabot in #153
• Bump axios from 1.7.2 to 1.7.4 in /Watcher by @dependabot in #154

Full Changelog: v2.0...v2.0.1

v2.0

This release aims to make the existing API easily usable, in order to facilitate communication with Watcher for other software. It also aims to correct several existing anomalies.

Update Procedure

[MANDATORY] Please follow this process:
This version includes breaking changes, so it is mandatory to follow this process: Update Watcher

[WARNING] RSS-Bridge Removal:
RSS-Bridge is not needed anymore. We used it to obtain RSS flow from X (Twitter). Due to changes in the pricing of the X API, this is no longer functional.
Therefore, we have removed the RSS-Bridge container and replaced it with 200+ new RSS sources related to cybersecurity. Make sure to populate the new RSS sources with the following command:

python manage.py populate_db

Please remove the RSS-Bridge container from your docker-compose.yml file with the latest version available on GitHub.
You can also delete all RSS sources associated with the old RSS-Bridge (They are not needed anymore). Here is an example of the formatting: http://10.10.10.7/?action=display&bridge=Twitter&context=By+username&u...

[WARNING] MySQL Update:
If you have a version of MySQL >= 8.1.X, please keep your version as it is.
For new installations, please use MySQL version 8.0.39 as specified in the latest version of the docker-compose.yml file. This version is compatible, maintained, and stable.
MySQL does not authorize downgrades (MySQL 8.1.X -> MySQL 8.0.39).
All versions >= 8.2.X are not compatible with Watcher and may impair its functionality.

New Feature

• Added the ability for users to create one or more API keys (admin). (265e73d)
  • Added the ability for administrators to create one or more API keys per user to better manage access to API features. This update will allow for more granular permission management and enhance system security. More details and information about this: API Key Creation & Management by @ygalnezri in #113

What’s Changed

• Added new relevant RSS sources, removed obsolete ones, and improved the "banned words" filters for optimized detection of cyber trends by @ygalnezri in #107

• Fixed a bug related to creating or modifying a ticket with a free format, allowing for smoother integration and precise traceability by @ygalnezri in #129

• Fixed an issue generating false positives in the "Website monitoring" module by @ygalnezri in #137

• Removed the RSS-Bridge container and its related dependencies such as react-twitter-widgets by @ygalnezri in #115

• Fixed an issue allowing duplicate sources to be added in the "threats_watcher" section.

• Updated the docker-compose.yml file to accommodate the new versions by @ygalnezri in #112

• Updated the Dockerfile, bump python-nodejs:python3.9-nodejs18 to python-nodejs:python3.11-nodejs18 by @ygalnezri.

• Revise documentation to include Docker setup instructions, add explanatory notes for the API Key section in the admin section, update the Update Watcher tab, and address other minor corrections by @ygalnezri in #138

• v2.0 by @ygalnezri in #144

• Bump django from 4.1.4 to 4.1.7 in /Watcher by @dependabot in #93

• Bump webpack from 5.75.0 to 5.76.0 in /Watcher by @dependabot in #94

• Bump django from 4.1.7 to 4.1.10 in /Watcher by @dependabot in #98

• Bump semver from 6.3.0 to 6.3.1 in /Watcher by @dependabot in #99

New Contributors

• @ygalnezri made their first contribution in #106
• @PoloOctopus made their first contribution in #105

Full Changelog: v1.2.13...v2.0

v1.2.13

Update procedure

Please follow this process.

• If you want to update your RSS sources -> https://thalesgroup-cert.github.io/Watcher/README.html#populate-your-database

What's Changed

• Fix bug in threats watcher core algorithm & Upgrade and replace obsolete dependencies & Rebuild documentation & Upgrade RSS Sources (2c5c195)

Full Changelog: v1.2.12...v1.2.13

v1.2.12

Update procedure

Please follow this process.

• If you want to change the subject tag of the email for notifications from the monitoring part of Watcher, get the latest version of .env and docker-compose.yml files and fill EMAIL_SUBJECT_TAG_SITE_MONITORING with your subject tag.

What's Changed

• Simplify Website Monitoring Code & Fix #25 (3587246)

Full Changelog: v1.2.11...v1.2.12

v1.2.11

What's Changed

• Add timeout to feed fetch request by @eciavatta in #89

New Contributors

• @eciavatta made their first contribution in #89

Full Changelog: v1.2.10...v1.2.11

v1.2.10

What's Changed

• Bump terser from 5.14.1 to 5.14.2 in /Watcher by @dependabot in #82
• Bump moment from 2.29.3 to 2.29.4 in /Watcher by @dependabot in #83
• Bump django from 4.0.6 to 4.0.7 in /Watcher by @dependabot in #84
• Bump loader-utils from 2.0.2 to 2.0.4 in /Watcher by @dependabot in #86
• Bump django from 4.0.7 to 4.0.8 in /Watcher by @dependabot in #87

Full Changelog: v1.2.9...v1.2.10

v1.2.9

Fix Django vulnerabilities 1bd8d08

Full Changelog: v1.2.8...v1.2.9

v1.2.8

Fix Ticket ID undefined BUG

• Fixed an undefined ticket ID BUG when monitoring a new website when the ticket ID field and the list of monitored websites are empty.

Full Changelog: v1.2.7...v1.2.8