Home
Projects
Resources
Alternatives
Blog
Sign In
MozDef Versions
Save
DEPRECATED - MozDef: Mozilla Enterprise Defense Platform
Overview
Versions
Reviews
Resources
v3.1.2
4 years ago
Added
Alerts can be turned on/off via web ui
GeoModel alert to compare locations and determine if travel is possible
New Query model (SubnetMatch) to match documents on ip and subnets
LDAP Bruteforce Alert
Make target (lint) for running pep8 checks against codebase
Uptycs alert event cron script
Fixed
Modified regex statements to be proper python3 statements
Auth0 script to consume new depnote events
Changed
Moved benchmark and examples directory into scripts directory with sample ingest scripts
v3.1.1
4 years ago
Added
Ability to get open indices in ElasticsearchClient
Documentation on installing dependencies on Mac OS X
Changed
AWS Managed Elasticsearch/Kibana version to 6.7
Fixed
Disk free/total in /about page shows at most 2 decimal places
Connections to SQS and S3 without access key and secret
Ability to block IPs and add to Watchlist
v3.1.0
4 years ago
Added
Captured the AWS CodeBuild CI/CD configuration in code with documentation
Support for HTTP Basic Auth in AWS deployment
Docker healthchecks to docker containers
Descriptions to all AWS Lambda functions
Support for alerts-* index in docker environment
Alert that detects excessive numbers of AWS API describe calls
Additional AWS infrastructure to support AWS re:Inforce 2019 workshop
Documentation specific to MozDef installation now that MozDef uses Python 3
Config setting for CloudTrail notification SQS queue polling time
Config setting for Slack bot welcome message
Changed
Kibana port from 9443 to 9090
AWS CloudFormation default values from "unset" to empty string
Simplify mozdef-mq logic determining AMQP endpoint URI
SQS to always use secure transport
CloudTrail alert unit tests
Incident summary placeholder text for greater clarity
Display of Veris data for easier viewing
All Dockerfiles to reduce image size, pin package signing keys and improve clarity
Fixed
Workers starting before GeoIP data is available
Mismatched MozDefACMCertArn parameter name in CloudFormation template
Duplicate mozdefvpcflowlogs object
Hard coded AWS Availability Zone
httplib2 by updating to version to 0.13.0 for python3
mozdef_util by modifying bulk queue to acquire lock before saving events
Dashboard Kibana URL
Unnecessary and conflicting package dependencies from MozDef and mozdef_util
get_indices to include closed indices
v3.0.0
4 years ago
Added
Support for Python3
Removed
Support for Python2
Usage of boto (boto3 now preferred)
v2.0.1
4 years ago
Fixed
Ensure all print statements use parenthesis
Improved broFixup plugin to handle new zeek format
v2.0.0
4 years ago
Added
Source IP and Destination IP GeoPoints
Elasticsearch 6.8 Support
Kibana 6.8 Support
All doc_types have been set to _doc to support Elasticsearch >= 6
Removed
Elasticsearch <= 5 Support
Kibana <= 5 Support
Specifying AWS keys in S3 backup script, moved to Elasticsearch Secrets
v1.40.0
4 years ago
Added
Alertplugin for ip source enrichment
Alertplugin for port scan enrichment
Fixed
Bulk message support in loginput
Removed
Vidyo2Mozdef cron script to
https://github.com/mozilla/mozdef-deprecated/blob/master/cron/vidyo2MozDef.py
v1.39.0
4 years ago
Added
Pagination of Web UI tables
Added support for SQS in replacement of Rabbitmq for alerts
Support for no_auth for watchlist
Cron script for closing indexes
Documentation on AlertActions
Additional side nav theme
Changed
Removed dependency on '_type' field in Elasticsearch
Fixed
Slackbot reconnects successfully during network errors
Relative Kibana URLs now work correctly with protocol
v1.38.5
5 years ago
Added
Support for CSS themes
Changed
The CI/CD order to now build docker images in CodeBuild, upload them to DockerHub and then pull them down in the packer instance. Updated docs.
Assert TravisCI Python version in advance of change of Travis default to 3.6
Fixed
Dashboard error on docker spinup
v1.38.4
5 years ago
Fixed
Docker image tagging for git version tag builds
Correctly propagate the source ip address to the details.sourceipaddress in Duo logpull
Invalid literal in squidFixup.py destionationport field
Lowercase TAGS in squidFixup.py
Adding check for None type object in date fields to address GuardDuty null date
Added
Documentation on the CI/CD process
A summary to squidFixup.py
Tags assertions to tests
« Previous
Next »
Home
Projects
Resources
Alternatives
Blog
Sign In
Sign In to OSA
I agree with
Terms of Service
and
Privacy Policy
Sign In with Github