Synapse

Latest version: v2.171.0

Safety actively analyzes 638437 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 14 of 53

2.102.0

=====================

Features and Enhancements
-------------------------
- Updates to the ``crypto``, ``geo``, ``inet``, ``mat``, ``media``, ``ou``,
``pol``, and ``proj`` models.
(`2757 <https://github.com/vertexproject/synapse/pull/2757>`_)
(`2771 <https://github.com/vertexproject/synapse/pull/2771>`_)

``crypto:key``
Add ``public:md5``, ``public:sha1``, and ``public:sha256`` secondary
properties to record those hashes for the public key.
Add ``private:md5``, ``private:sha1``, and ``private:sha256`` secondary
properties to record those hashes for the public key.

``geo:nloc``
The ``geo:nloc`` form has been deprecated.

``geo:telem``
Add a new form to record a the location of a given node at a given time.
This replaces the use of ``geo:nloc``.

``it:sec:c2:config``
Add a ``proxies`` secondary property to record proxy URLS used to
communicate to a C2 server.
Add a ``listens`` secondary property to record urls the software should
bind.
Add a ``dns:resolvers`` secondary property to record DNS servers the
software should use.
Add a ``http:headers`` secondary property to record HTTP headers the
software should use.

``it:exec:query``
Add a new form to record an instance of a query executed on a host.

``it:query``
Add a new form to record query strings.

``mat:type``
Add a taxonomy type to record taxonomies of material specifications or
items.

``mat:item``
Add a ``type`` secondary property to record the item type.

``mat:spec``
Add a ``type`` secondary property to record the item type.

``media:news``
Add a ``publisher`` secondary property to record the org that published
the news.
Add a ``publisher:name`` secondary property to record the name of the org.
Deprecate the ``org`` secondary property.

``ou:campaign``
Add a ``conflict`` secondary property to record the primary conflict
associated the campaign.

``ou:conflict``
Add a new form to record a conflict between two or more campaigns which
have mutually exclusive goals.

``ou:contribution``
Add a new form to represent contributing material support to a campaign.

``pol:election``
Add a new form to record an election.

``pol:race``
Add a new form to record indivdual races in an election.

``pol:office``
Add a new form to record an appointed or elected office.

``pol:term``
Add a new form to record the term in office for an individual.

``pol:candidate``
Add a form to record a candidate for a given race.

``pol:pollingplace``
Add a form to record the polling locations for a given election.

``proj:ticket``
Add a ``ext:creator`` secondary form to record contact information from
and external system.

- Annotate the following light edges.
(`2757 <https://github.com/vertexproject/synapse/pull/2757>`_)

``about``
A light edge created by the Storm ``note.add`` command, which records
the relationship between a ``meta:note`` node and the target node.

``includes``
When used with a ``ou:contribution`` node, the edge indicates the target
node was the contribution made.

``has``
When used with a ``meta:ruleset`` and ``meta:rule`` node, indicates
the ruleset contains the rule.

``matches``
When used with a ``meta:rule`` node, the edge indicates the target
node matches the rule.

``refs``
A light edge where the source node refers to the target node.

``seenat``
When used with a ``geo:telem`` target node, the edge indicates the source
node was seen a given location.

``uses``
When used with a ``ou:org`` node, the edge indicates the target node
is used by the organization.

- Commonly used light edges are now being annotated in the model, and are
available through Cortex APIs which expose the data model.
(`2757 <https://github.com/vertexproject/synapse/pull/2757>`_)
- Make Storm command argument parsing errors into exceptions. Previously the
argument parsing would cause the Storm runtime to be torn down with
``print`` messages, which could be missed. This now means that automations
which have a invalid Storm command invocation will fail loudly.
(`2769 <https://github.com/vertexproject/synapse/pull/2769>`_)
- Allow a Storm API caller to set the task identifier by setting the ``task``
value in the Storm ``opts`` dictionary.
(`2768 <https://github.com/vertexproject/synapse/pull/2768>`_)
(`2774 <https://github.com/vertexproject/synapse/pull/2774>`_)
- Add support for registering and exporting custom STIX objects with the
``$lib.stix`` Storm APIS.
(`2773 <https://github.com/vertexproject/synapse/pull/2773>`_)
- Add APIS and Storm APIs for enumerating mirrors that have been registered
with AHA.
(`2760 <https://github.com/vertexproject/synapse/pull/2760>`_)

Bugfixes
--------
- Ensure that auto-adds are created when merging part of a View when using
the Storm ``merge --apply`` command.
(`2770 <https://github.com/vertexproject/synapse/pull/2770>`_)
- Add missing support for handling timezone offsets without colon separators
when normalizing ``time`` values. ``time`` values which contain timezone
offsets and not enough data to resolve minute level resolution will now fail
to parse.
(`2772 <https://github.com/vertexproject/synapse/pull/2772>`_)
- Fix an issue when normalizing ``inet:url`` values when the host value was
the IPv4 address ``0.0.0.0``.
(`2771 <https://github.com/vertexproject/synapse/pull/2771>`_)
- Fix an issue with the Storm ``cron.list`` command, where the command failed
to run when a user had been deleted.
(`2776 <https://github.com/vertexproject/synapse/pull/2776>`_)

Improved Documentation
----------------------
- Update the Storm user documentation to include the Embedded Property syntax,
which is a shorthand (``::``) that can be used to reference properties on
adjacent nodes.
(`2767 <https://github.com/vertexproject/synapse/pull/2767>`_)
- Update the Synapse Glossary.
(`2767 <https://github.com/vertexproject/synapse/pull/2767>`_)
- Update Devops documentation to clarify the Aha URLs which end with``...``
are intentional.
(`2775 <https://github.com/vertexproject/synapse/pull/2775>`_)

2.101.1

=====================

Bugfixes
--------
- Fix an issue where the Storm ``scrape`` command could fail to run with
inbound nodes.
(`2761 <https://github.com/vertexproject/synapse/pull/2761>`_)
- Fix broken links in documentation.
(`2763 <https://github.com/vertexproject/synapse/pull/2763>`_)
- Fix an issue with the Axon ``AxonHttpBySha256V1`` API handler related to
detecting ``Range`` support in the Axon.
(`2764 <https://github.com/vertexproject/synapse/pull/2764>`_)

2.101.0

=====================

Automatic Migrations
--------------------
- Create nodes in the Cortex for the updated properties noted in the data
model updates listed below.
- Axon indices are migrated to account for storing offset information to
support the new offset and size API options.
- See :ref:`datamigration` for more information about automatic migrations.

Features and Enhancements
-------------------------
- Updates to the ``crypto``, ``infotech``, ``ps``, and ``transport`` models.
(`2720 <https://github.com/vertexproject/synapse/pull/2720>`_)
(`2738 <https://github.com/vertexproject/synapse/pull/2738>`_)
(`2739 <https://github.com/vertexproject/synapse/pull/2739>`_)
(`2747 <https://github.com/vertexproject/synapse/pull/2747>`_)

``crypto:smart:effect:minttoken``
Add a new form to model smart contract effects which create
non-fungible tokens.

``crypto:smart:effect:burntoken
Add a new form to model smart contract effects which destroy
non-fungible tokens.

``crypto:smart:effect:proxytoken``
Add a new form that tracks grants for a non-owner address the ability to
manipulate a specific non-fungible token.

``crypto:smart:effect:proxytokenall``
Add a new form that tracks grants for a non-owner address the ability to
manipulate all of the non-fungible tokens.

``crypto:smart:effect:proxytokens``
Add a new form that tracks grants for a non-owner address to manipulate
fungible tokens.

``it:av:signame``
Add a new form to track AV signature names. Migrate
``it:av:filehit:sig:name`` and ``it:av:sig:name`` to use the new form.

``it:exec:proc``
Add a ``name`` secondary property to track the display name of a process.
Add a ``path:base`` secondary property to track the basename of the
executable for the process.

``ps:contact``
Add an ``orgnames`` secondary property to track an array of orgnames
associated with a contact.

``transport:sea:vessel``
Add ``make`` and ``model`` secondary properties to track information
about the vessel.

- Add a new Storm command, ``movenodes``, that can be used to move a node
entirely from one layer to another.
(`2714 <https://github.com/vertexproject/synapse/pull/2714>`_)
- Add a new Storm library, ``$lib.gen``, to assist with creating nodes based
on secondary property based deconfliction.
(`2754 <https://github.com/vertexproject/synapse/pull/2754>`_)
- Add a ``sorted()`` method to the ``stat:tally`` object, to simplify
handling of tallied data.
(`2748 <https://github.com/vertexproject/synapse/pull/2748>`_)
- Add a new Storm function, ``$lib.mime.html.totext()``, to extract inner tag
text from HTML strings.
(`2744 <https://github.com/vertexproject/synapse/pull/2744>`_)
- Add Storm functions ``$lib.crypto.hashes.md5()``,
``$lib.crypto.hashes.sha1()``, ``$lib.crypto.hashes.sha256()`` and
``$lib.crypto.hashes.sha512()`` to allow hashing bytes directly in Storm.
(`2743 <https://github.com/vertexproject/synapse/pull/2743>`_)
- Add an ``Axon.csvrows()`` API for streaming CSV rows from an Axon, and a
corresponding ``$lib.axon.csvrows()`` Storm API.
(`2719 <https://github.com/vertexproject/synapse/pull/2719>`_)
- Expand Synapse requirements to include updated versions of the
``pycryptome``, ``pygments``, and ``scalecodec`` modules.
(`2752 <https://github.com/vertexproject/synapse/pull/2752>`_)
- Add range support to ``Axon.get()`` to read bytes from a given offset and
size. The ``/api/v1/axon/files/by/sha256/<SHA-256>`` HTTP API has been
updated to support a ``Range`` header that accepts a ``bytes`` value to read
a subset of bytes that way as well.
(`2731 <https://github.com/vertexproject/synapse/pull/2731>`_)
(`2755 <https://github.com/vertexproject/synapse/pull/2755>`_)
(`2758 <https://github.com/vertexproject/synapse/pull/2758>`_)

Bugfixes
--------
- Fix ``$lib.time.parse()`` when ``%z`` is used in the format specifier.
(`2749 <https://github.com/vertexproject/synapse/pull/2749>`_)
- Non-string form-data fields are now serialized as JSON when using the
``Axon.postfiles()`` API.
(`2751 <https://github.com/vertexproject/synapse/pull/2751>`_)
(`2759 <https://github.com/vertexproject/synapse/pull/2759>`_)
- Fix a byte-alignment issue in the ``Axon.readlines()`` API.
(`2719 <https://github.com/vertexproject/synapse/pull/2719>`_)

2.100.0

=====================

Features and Enhancements
-------------------------
- Support parsing CVSS version 3.1 prefix values.
(`2732 <https://github.com/vertexproject/synapse/pull/2732>`_)

Bugfixes
--------
- Normalize tag value lists in ``snap.addTag()`` to properly handle JSON
inputs from HTTP APIs.
(`2734 <https://github.com/vertexproject/synapse/pull/2734>`_)
- Fix an issue that allowed multiple concurrent streaming backups to occur.
(`2725 <https://github.com/vertexproject/synapse/pull/2725>`_)

Improved Documentation
----------------------
- Add an entry to the devops task documentation for trimming Nexus logs.
(`2730 <https://github.com/vertexproject/synapse/pull/2730>`_)
- Update the list of available Rapid Power-Ups.
(`2735 <https://github.com/vertexproject/synapse/pull/2735>`_)

2.99.0

====================

Features and Enhancements
-------------------------
- Add an extensible STIX 2.1 import library, ``$lib.stix.import``. The
function ``$lib.stix.import.ingest()`` can be used to STIX bundles into a
Cortex via Storm.
(`2727 <https://github.com/vertexproject/synapse/pull/2727>`_)
- Add a Storm ``uptime`` command to display the uptime of a Cortex or a Storm
Service configured on the Cortex.
(`2728 <https://github.com/vertexproject/synapse/pull/2728>`_)
- Add ``--view`` and ``--optsfile`` arguments to ``synapse.tools.csvtool``.
(`2726 <https://github.com/vertexproject/synapse/pull/2726>`_)

Bugfixes
--------
- Fix an issue getting the maximum available memory for a host running with
Linux cgroupsv2 apis.
(`2728 <https://github.com/vertexproject/synapse/pull/2728>`_)

2.98.0

====================

Features and Enhancements
-------------------------
- Updates to the ``econ`` model.
(`2717 <https://github.com/vertexproject/synapse/pull/2717>`_)

``econ:acct:balance``
Add ``total:received`` and ``total:sent`` properties to record total
currency sent and received by the account.

- Add additional debug logging for Aha provisioning.
(`2722 <https://github.com/vertexproject/synapse/pull/2722>`_)
- Adjust whitespace requirements on Storm grammar related to tags.
(`2721 <https://github.com/vertexproject/synapse/pull/2721>`_)
- Always run the function provided to the Storm ``divert`` command per node.
(`2718 <https://github.com/vertexproject/synapse/pull/2718>`_)

Bugfixes
--------
- Fix an issue that prevented function arguments named ``func`` in Storm
function calls.
(`2715 <https://github.com/vertexproject/synapse/pull/2715>`_)
- Ensure that active coroutines have been cancelled when changing a Cell from
active to passive status; before starting any passive coroutines.
(`2713 <https://github.com/vertexproject/synapse/pull/2713>`_)
- Fix an issue where ``Nexus._tellAhaReady`` was registering with the Aha
service when the Cell did not have a proper Aha service name set.
(`2723 <https://github.com/vertexproject/synapse/pull/2723>`_)

Page 14 of 53

Links

Releases

Has known vulnerabilities

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.