Skip to content

Synapse v2.156.0
Compare
Choose a tag to compare
@vtx-machine vtx-machine released this 08 Dec 19:05
· 511 commits to master since this release
v2.156.0
918a46d

Model Changes

  • Updates to the infotech, ou, and risk models.
    (#3436 <https://github.com/vertexproject/synapse/pull/3436>)
    (#3438 <https://github.com/vertexproject/synapse/pull/3438>    )
    (#3446 <https://github.com/vertexproject/synapse/pull/3447>)
    (#3447 <https://github.com/vertexproject/synapse/pull/3447>    )

    New Properties

    it:av:scan:result
    The form had the following properties added to it:

    ``target:ipv4``
  The IPv4 address that was scanned to produce the result.

``target:ipv6``
  The IPv6 address that was scanned to produce the result.

    ou:campaign
    The form had the following property added to it:

    mitre:attack:campaign
    A mapping to a Mitre ATT&CK campaign if applicable.

    risk:vuln
    The form had the following property added to it:

    id
    An identifier for the vulnerability.

    New Forms

    it:mitre:attack:campaign
    A Mitre ATT&CK Campaign ID.

    risk:technique:masquerade
    Represents the assessment that a node is designed to resemble another
    in order to mislead.

    Updated Types

    it:os:windows:sid
    The regular expression used to validate the SID has been updated
    to allow modeling well-known SID values.

Features and Enhancements

  • Add an empty keyword to Storm to conditionally execute queries when
    there are no nodes in the pipeline.
    (#3434 <https://github.com/vertexproject/synapse/pull/3434>_)
  • Add Storm APIs for getting property counts for a given layer or
    view.. These APIs are getPropCount(), getPropArrayCount(),
    getTagPropCount().
    (#3435 <https://github.com/vertexproject/synapse/pull/3435>_)
  • Add a new permission, view.fork, which can be used to control access
    for forking a view. This permission defaults to being allowed.
    (#3437 <https://github.com/vertexproject/synapse/pull/3437>_)
  • Add Storm operators to allow pivoting and joining across light edges. The
    following examples show pivoting across refs edges and joining the
    destination nodes with the inbound nodes: -(refs)+> and <+(refs)-.
    (#3441 <https://github.com/vertexproject/synapse/pull/3441>_)
  • Add Storm operators to do pivot out and join ( --+> ) and pivot in
    and join ( <+--) operations across light edges.
    (#3441 <https://github.com/vertexproject/synapse/pull/3441>)
    (#3442 <https://github.com/vertexproject/synapse/pull/3442>    )
  • Storm subqueries used to assign a value now always run.
    (#3445 <https://github.com/vertexproject/synapse/pull/3445>_)
  • Non-runtsafe try...catch blocks in Storm now run when there are no
    inbound nodes.
    (#3445 <https://github.com/vertexproject/synapse/pull/3445>_)
  • The Storm API $lib.storm.eval() now logs its text argument to the
    synapse.storm logger.
    (#3448 <https://github.com/vertexproject/synapse/pull/3448>_)
  • Add a --by-name argument to the Storm stats.countby command. This
    can be used to sort the results by name instead of count.
    (#3450 <https://github.com/vertexproject/synapse/pull/3450>_)
  • Add a new Storm API $lib.gis.bbox() to allow computing geospatial
    bounding boxes.
    (#3455 <https://github.com/vertexproject/synapse/pull/3455>_)

Bugfixes

  • Prevent recursion errors in inet:fqdn onset handlers.
    (#3433 <https://github.com/vertexproject/synapse/pull/3433>_)
  • When dereferencing a list or dictionary object off of a Node in Storm, the
    returned value is now a copy of the value. This avoids the situation where
    modifying the deferenced value appeared to alter the node but did not
    actually result in any edits to the underlying data.
    (#3439 <https://github.com/vertexproject/synapse/pull/3439>_)
  • Add a missing sub-query example to Storm for loop documentation.
    (#3451 <https://github.com/vertexproject/synapse/pull/3451>_)
  • Fix an issue where attempting to norm an IPv4 with an invalid netmask
    would raise a Python error.
    (#3459 <https://github.com/vertexproject/synapse/pull/3459>_)

Deprecations

  • Deprecated Cortex and splice related APIs which were marked for removal
    after 2023-10-01 have been removed. The list of these APIs can be found
    at :ref:changelog-depr-20231001. These additional splice related changes
    have also been made:

    The HTTP API /api/v1/storm now sets the default editformat opt
    value to nodeedits. Previously this API produced splice changes by
    default.

    The synapse.tools.cmdr storm command no longer displays splices.

    The synapse.tools.cmdr log command no longer records splices.

    The synapse.tools.csvtool tool no longer records or displays splices.

    The synapse.tools.feed tool no longer supports splices or nodeedits as
    input and the splice documentation example has been removed.

    (#3449 <https://github.com/vertexproject/synapse/pull/3449>_)

  • The deprecated function synapse.common.aclosing() has been removed.
    (#3449 <https://github.com/vertexproject/synapse/pull/3449>_)

  • Provisioning a Synapse service with AHA now always updates the local CA
    certificate and generates new host and user certificates for the service.
    Previously these would not be regenerated if the CA or service names did
    not change.
    (#3457 <https://github.com/vertexproject/synapse/pull/3457>_)

For complete changelog entries, see the following https://synapse.docs.vertex.link/en/latest/synapse/changelog.html

Assets 2
Loading