Yeti 2.1.3

Major changes

• DFIQ objects support
• Bunch of new analytics (Shodan, Censys) and feeds (Wiz Threat Landscape, mining pools)
• New import system from MISP JSON (still WIP)

What's Changed

Enhancements 📈

• Feat: Support DFIQ objects by @tomchop in #987
• Switch between config file and envvar precedence by @udgover in #978
• Feat: add patch endpoint to observables by @tomchop in #981
• Feat: Wallet improvements by @udgover in #982
• Support IBAN & BIC observables by @p-l- in #985

Bug fixes 🐛

• Fix: exports path by @udgover in #976
• Fix: Change endpoints to avoid redirect by @tomchop in #983
• Feat: Reintroduce Expire Tags analytics by @tomchop in #1000
• Bug fix in Shodan config + add a test for it by @itsmvd in #1004

New feeds

• Feat: Add support for running Censys queries via analytics by @itsmvd in #988
• Add Wiz Threat Landscape feed by @udgover in #996
• Add support for running Shodan queries via analytics by @itsmvd in #994
• Import Misp Json format by @sebdraven in #990
• Add feed which imports domains and ipv4 mining pools from mining pool… by @udgover in #995

Other Changes

• Bump jinja2 from 3.1.2 to 3.1.3 by @dependabot in #977
• Update deps by @tomchop in #973
• Update yeti.conf.sample to include censys API config by @itsmvd in #993
• Add ruff + codebase pass by @tomchop in #998

New Contributors

• @itsmvd made their first contribution in #988

Full Changelog: 2.1.1...2.1.3

YETI API 2.1.2

What's Changed

Enhancements 📈

• Switch between config file and envvar precedence by @udgover in #978
• Feat: add patch endpoint to observables by @tomchop in #981
• Feat: Wallet improvements by @udgover in #982

Bug fixes 🐛

• Fix: exports path by @udgover in #976
• Fix: Change endpoints to avoid redirect by @tomchop in #983

Other Changes

• Bump jinja2 from 3.1.2 to 3.1.3 by @dependabot in #977
• Update deps by @tomchop in #973

Full Changelog: 2.1.1...2.1.2

2.1.1

What's Changed

Bug fixes 🐛

• Fix: pydantic warning by replacing gte/lte with ge/le by @udgover in #972
• Fix: API key save when creating new user by @wajihyassine in #974

New Contributors

• @wajihyassine made their first contribution in #974

Full Changelog: 2.1.0...2.1.1

Yeti 2.1.0

What's Changed

Enhancements 📈

• Feat: Auditability (Closes #916) by @udgover in #960
• Feat: More structured response when calling bulk_add by @tomchop in #962

Bug fixes 🐛

• Fix: Add netloc to redirect after OIDC auth by @tomchop in #958
• Fix: issue when creating TagRelationship in filter method by @udgover in #966
• Fix: error when forcing type to "guess" by @tomchop in #971
• Fix: Adjust unicity indexes in Observables collection by @sebdraven in #970

feeds

• add reporter in context in context entry of Malware Bazaaar by @sebdraven in #959

Other Changes

• Compute field model by @udgover in #953
• Implement user account observable by @udgover in #957
• Disable logging when running tests by @udgover in #964
• Replace created field with timestamp by @udgover in #965
• Connect to yeti_test database when running tests by @udgover in #967

Full Changelog: 2.0.5...2.1.0

Yeti 2.0.5

What's Changed

Enhancements 📈

• Feat: Adds the ability to authenticate with a third-party OIDC provider by @tomchop in #925
• Feat: Extended observables API to accept extended attributes by @udgover in #949

Bug fixes 🐛

• Fix: calling save() doesn't overwrite all the object's contents (fixes #947) by @tomchop in #954

Full Changelog: 2.0.4...2.0.5

Yeti 2.0.4

What's Changed

Enhancements 📈

• Enable entity search by tags (fixes #901) by @tomchop in #929

Bug fixes 🐛

• Ignore revoked ATT&CK entities (fixes #912) by @tomchop in #931
• fixes #933 #934 by @sebdraven in #941
• Fetch tags for known observables (fixes #932) by @tomchop in #944
• Feed bugs by @sebdraven in #942

Other Changes

• Fix: Poetry install with --no-root by @tomchop in #926
• Add cron GitHub action to grab feeds (fixes #921) by @tomchop in #930

Full Changelog: 2.0.3...2.0.4

Yeti API 2.0.3

What's Changed

New feeds

• Fix: Fixes some errors in various feeds by @sebdraven in #909

Other Changes

• Bump cryptography from 41.0.4 to 41.0.6 by @dependabot in #913
• cleanup: Checks that tags are the right type before attempting to add them by @udgover in #918
• Added source context to feeds where it was missing by @benmontour in #914
• Remove doc/ directory (fixes #911) by @tomchop in #917
• Add optional parameter to reset API key functions by @tomchop in #923

New Contributors

• @benmontour made their first contribution in #914

Full Changelog: 2.0.2...2.0.3

Yeti API 2.0.2

What's Changed

Enhancements 📈

• Feat: Implement plugins loader to automagically add new ones by @udgover in #906
• Feat: Add regex search for all terms by @tomchop in #905
• Feat: Add ability to search by date by @tomchop in #908

Bug fixes 🐛

• Fix: sort only if there is something to sort by @tomchop in #899
• fix: add_type is optional by @tomchop in #900

New analytics

• Dockerhub analytics by @udgover in #904

Other Changes

• Fix: Update docker documentation with pointers to official docs by @tomchop in #898
• Fix: Nicer error message when attempting to tag unsaved items by @tomchop in #897

Full Changelog: 2.0.1...2.0.2

Yeti API 2.0.1

What's Changed

Enhancements 📈

• Add docker image observable, fixes #867 by @udgover in #881
• Add user agent observable type, closes #869 by @udgover in #882
• Feat: Take type parameter into account when matching observables, closes #880, closes #885 by @tomchop in #884
• Update vulnerability schema with base_score and severity by @udgover in #891
• Add title field to vulnerability entity by @udgover in #894

Bug fixes 🐛

• Feeds fixes by @sebdraven in #890

New feeds

• Adds CISA KEV feed with NIST NVD details by @udgover in #892

Other Changes

• Automated Changelog generation by @tomchop in #883

Full Changelog: 2.0...2.0.1

Yeti API 2.0

This release introduces Yeti v2.0. 🎉

Most changes are breaking from the previous release, but we will provide a migration script very soon.
Notable changes:

• Switch database engines from MongoDB to ArangoDB (full graph database);
• Switch API server from Flask to FastAPI / Pydantic;
• New SPA using VueJS;
• Easy deployment through Docker images and docker compose scripts.

Most features from v1 (observables, entities, indicators, feeds, analytics, exports) have been retained, with an additional focus on DFIR-related entities (New indicator types: Queries, Sigma rules).

Head to https://github.com/yeti-platform/yeti-docker to try it out!

Full Changelog: 1.8.5...2.0