Releases: mozilla/MozDef
v1.11 MozDef: The Mozilla Defense Platform
This is the July 2015 release of the Mozilla Defense Platform. Most notable change is an update to the cymon API to match the current interface.
v1.10 MozDef: The Mozilla Defense Platform
This is the June 2015 release of MozDef: The Mozilla Defense Platform.
Changelog:
https://github.com/jeffbryner/MozDef/issues?q=milestone%3A%22Release+v1.10%22+is%3Aclosed
Most notable is the inclusion of the facebook threat exchange platform as a destination for threat data.
v1.9 MozDef: The Mozilla Defense Platform
It's the May 2015 release of the platform. Change log is here:
https://github.com/jeffbryner/MozDef/issues?q=milestone%3A%22+Release+v1.9%22+is%3Aclosed
Most notable changes are the inclusion of Google Activity logs for login/logout/etc from Google Drive/Docs and fledgling support for the Myo armband! (certain ssl issues notwithstanding).
v1.8 MozDef: The Mozilla Defense Platform
This is the April release of the Mozilla Defense Platform. Change log: https://github.com/jeffbryner/MozDef/milestones/Release%20v1.8
v1.7 MozDef: The Mozilla Defense Platform
The March 2015 release of the Mozilla Defense Platform
Changelog: https://github.com/jeffbryner/MozDef/issues?q=milestone%3A%22Release+v1.7%22+is%3Aclosed
Lots of fixes, additions and changes in this release. Notable:
- Alerts/Attackers charts are now realtime and use mongo rather than crossfilter
- VERIS stats are now visualized via a pivot table making them much more useful
- Introduced a deadman alert to monitor for a loss of expected events
- Alerts get a similar plugin system to events, write a couple lines of python to do stuff like the included plugin for pagerduty notifications
v1.6 MozDef: The Mozilla Defense Platform
The Feb 2015 release of the Mozilla Defense Platform.
Changelog:
https://github.com/jeffbryner/MozDef/issues?q=milestone%3A%22Release+v1.6%22+is%3Aclosed
Most significant is the inclusion of the plugin architecture in the REST API which allows you to write your own handlers for endpoints. For example you can hook the /blockip endpoint with whatever engine(s) you use in your environment to block/rate limit an IP or CIDR mask.
This release also introduced the 'investigation' entity as a place to organize the work that goes on in a security group to determine whether an event/alert should be raised to an incident. Investigations also use the VERIS framework for classification and metrics.
v1.5 MozDef: The Mozilla Defense Platform
January 2015 release of the Mozilla Defense Platform.
Change log: https://github.com/jeffbryner/MozDef/issues?q=milestone%3A%22Release+v1.5%22+is%3Aclosed most of which is an update to bootstrap v3.
v1.4 MozDef: The Mozilla Defense Platform
Alert Development ipython notebook, closes #213
v1.3 MozDef: The Mozilla Defense Platform
Includes updated Heka examples, JunOS parsing.
v1.2 MozDef: The Mozilla Defense Platform
The Oct 2014 release of MozDef with:
- Timestamps tab in the incidents form
- Escalate to incident option in the alert details screen
- Initial visualization for veris tags that have been assigned to incidents