Skip to content

v1.1.0

Latest
Latest
Compare
Choose a tag to compare
@seansica seansica released this 17 Nov 22:36
· 1 commit to main since this release
1.1.0
ff6d4ef

Version 1.1.0 - Workbench-Driven State Management

This release introduces a fundamental shift in how the TAXII server manages state synchronization with ATT&CK Workbench, alongside improvements to collection versioning, data relationships, and system health monitoring.

Changes:

  • Workbench-Driven State Management:

    • The TAXII server now strictly mirrors Workbench's state regardless of version numbers, ensuring perfect synchronization.
    • Supports seamless version transitions in all directions (upgrades, downgrades to new versions, downgrades to previously seen versions).
    • Collections and objects maintain history through active/inactive states rather than updates or deletions.

  • Enhanced Data Relationship Management:

    • Replaced MongoDB document references with embedded collection metadata for improved data consistency and query performance.
    • Implemented TAXII-compliant sorting through optimized MongoDB indexes on _meta.createdAt.
    • Added proper tracking of collection-object relationships through embedded metadata.
    • Removed redundant object serialization to preserve STIX data integrity.

  • System Health Monitoring:

    • Added /health/ping endpoint returning 204 No Content.
    • Bypass TAXII 2.1 content negotiation requirements for basic health checks.
    • Enhanced logging throughout the hydration process for better observability.

  • Architecture Consolidation:

    • Merged collection and object management into a single HydrateService.
    • Simplified system configuration and setup.
    • Optimized database indexes for TAXII specification compliance.
    • Improved error handling and documentation.

Endpoint Validation:

All TAXII endpoints have been validated with the new state management system:

  • Server Discovery
  • Get API Root Information
  • Get Collections (now with version history support)
  • Get A Collection (with proper version state handling)
  • Get Objects (with TAXII-compliant sorting)
  • Get An Object (with collection relationship integrity)
  • Get Object Manifests
  • Get Object Versions

Impact Notice: While this release includes significant internal changes to state management and data relationships, it maintains backward compatibility with existing APIs. The system now provides more reliable synchronization with Workbench and better handles version transitions.

We strongly recommend upgrading to this version to benefit from the improved state management, enhanced version handling, and optimized data relationships.

For more information on TAXII and STIX structures, please refer to the TAXII 2.1 Specification.

Assets 2
Loading