Product Release Notes

Updated 4 months ago by Beatriz Datangel

You may see some gaps in release notes. We will post releases that impact users here. At times we have minor releases that don't have any bells and whistles and will pass on publishing the notes publicly.

Release Notes: v3.9.8

Minor release station that includes bugs fixes and additions of new integration tiles to the TruSTAR marketplace

  • Static tiles for Slack and JIRA cloud  - Added in new marketplace tiles for TruSTARs newest integrations
  • Dark Mode bugs 
    RH-ISAC reported a scrolling bug when using dark mode 
    Fixed indicator highlighting on graph in dark mode bug
  • Fixed the Zoned Date Time Range Handler Argument Resolver 

What is this ?

The static tiles for Slack and Jira adds new marketplace tiles for TruSTARs newest integrations.

Zoned Date Time Range Handler Argument Resolver:  This handler applies a default time range queries for 4 of TruSTARs API endpoints. The logic was flawed in that it would select huge intervals of time if a user defined only "from" or "to" times. This impacted any user scripts or integrations with no fully defined "from" or "to" time parameters. This fix enforces a default interval for all queries that do not specify either "from" or "to" times.

Release Notes: v3.9.7

Minor release that included feature enhancements:

  • IOC highlight on constellation

What is this ?

We have added a way for you identify the IOCs from your report that have correlations on the graph visualization quicker. Simply select an IOC from the list and we will highlight it on the graph. Read more here

Release Notes: v3.9.6

Minor release that included performance enhancements and:

  • Filter parameters that persist throughout your session. Learn more here:
  • Integration deeplinking fix

Release Notes: v3.9.5

Minor release that included performance enhancements and:

  • Ironing out tag colors
  • Easier scrolling for enclave filters on the Reports and IOC pages

Release notes - Engineering - Version v3.8.1 

This was a minor release with major impact. This will be the first of many new UI changes to the TruSTAR platform. In this release, you’ll see the changes represented in our login screen.

Hope you like our new look! Some of the changes made may affect your initial experience with the platform and we recommend clearing your cookies to mitigate any issues.

Release notes - Engineering - Version v3.6.0 

This was a major release (v.3.6.0) with a new look to Enclave Inbox, bug fixes and two tasks that will help us help our users.

Enclave Inbox

We have more ways to edit and configure enclave inboxes. This is available for both users and admins who have submission and full access on enclaves.

Why did we do this?

  • This is the first feature that implements new features of the revamped UI (check out the right hand sidebar with edit and delete functions)
    • Cool design, dude: The tagging is different, instead of just stacked input fields they are removable tags.
    • Yes, this is also available in dark mode
  • In-field editing of existing enclave inboxes
    • This previously required a delete and create again


  • Extraction issues
    • The Issues:
      • Certain customers have noticed that string values consisting on 40 zeroes in sequence were identified as SHA1 values
    • Customers have noticed that certain URL extractions (particularly URLs that contain emails in their query path) ignore the email in the query path
  • The problem:
    • Our extraction engine doesn't validate that SHA1 values aren't all zeroes
      • Our extraction engine incorrectly identifies URL with this specific pattern
    • The solution: We modified the extraction engine to ignore this value
    • Next steps: We plan on to taking a deeper look into redesigning the extraction model rather than band-aiding the current model with RegExs (regular expressions)


  • Spring Boot 2
    • As part of our technical roadmap, we identified several components that required library upgrades so they can benefit from the latest advancements. Many libraries are incompatible with previous versions so this process has to be done carefully in order to uncover edge cases that could arise in production
    • A big benefit of our migration (Spring Boot 1.5.x to Spring Boot 2.x) is the ability to introduce cloud enablement functions that weren't possible before. Other benefits include performance improvements, vulnerabilities patching, code simplification, etc.

Release notes - Engineering - Version v3.5.6 - 9/25/18 

This was a minor release that packed in major impact. We delivered two sought after customer requests, a huge enclave refactor, password resilience, API issues affecting customers, and a few bugs.

Customer requests

  • Dark mode is back
  • Report tags are now exposed on the graph
    • Users were able to see IOC tags on the graph visualization. We have now brought the same capability to Report tags. Visualizing tags on the graph can help users quickly see all reports that share the same tag. This helps bring more enrichment right to users’ fingertips.


  • Company filter
    • When credentialing users, all admins are experiencing an issue where after 'adding' user, send confirmation, or any action - the page goes black till user refreshes page or reselect the filter.
    • This was a simple bug fix where we weren’t considering the ‘company filter’ on the users list after updating a user. This has now been fixed.
  • Users mentioning others in Notes
    • Some users mentioning teammates and enclave members saw Undefined rather than the expected names.
    • This was a bug fix where we fixed the caching issue to fetch usernames. This has now been fixed.
  • API Parity
    • During a call, we noticed there’s no feature parity between API and Web version of the IOCs functionality. first seen date is not exposed via the API, therefore is not available on the SDK either.
    • Solution: We made the field available in the API (the SDK picks it up on its own)
  • “Ajax 400” when submitting reports
    • A temp folder was deleted that caused files being uploaded for submission to be rejected.

Release notes - Engineering - Version v3.5  


  • EN-695 - FEATURE: Timeline Slider
    • Problem: Users aimlessly scrolled the timeline in the constellation until they saw more correlations show on the graph. 
    • Fix: Users can now navigate the graph with confidence with a histogram feature on the timeline. The histogram will indicate the frequency of correlations for a given period along the timeline. 
  • EN-647 - FEATURE: IOC Expansion
    • Problem: When searching on the constellation, users are unable to learn more and show additional correlations. 
    • Fix: Users can now double-click on an IOC to bring in more information to the graph. 
  • EN-796 - FEATURE - Show High Priority Clicked
    • Problem: A user may does not any guidance when searching or exploring the graph, especially when there are high priority indicators present. 
    • Fix: High Priority Indicator metadata are now viewable when in: a) Search IOC, b) IOC Panel in Explore, and c) IOC Node in graph.


Release notes - Engineering - Version v3.4.8 - 7/6/18
  • [EN-696] - Account activation reminder email
  • [EN-716] - FE Email Ingest Updates
  • [EN-745] - `High Priority` Calibration
Release notes - Engineering - Version v3.4.3 - 6/16/18
  • [EN-621] - Report search performance improvements
  • [EN-674] - Provide direct links to Tour Sections
  • [EN-678] - Aptrinsic messages
  • [EN-698] - Bugfixes
  • [EN-661] - 2MB size limit on API report upload
Release notes - Engineering - Version v3.4.0 - 6/7/18
  • [EN-558] - IOC summaries using recommendation engine
  • [EN-559] - Recommendation engine processing: Indicators of Compromise
  • [EN-644] - Table Caching optimization

Release notes - Engineering - Version v3.3.9  - 6/6/18

  • [EN-582] - Add event when Activation email is sent
  • [EN-583] - Include accurate company name to each events record 
  • [EN-591] - Add extra columns for Group Names, Enclave Types, Customer Type
  • [EN-638] - Update Marketplace Request Fields
  • [EN-623] - Improve Indicator Metadata call performance
  • [EN-618] - Increase performance of Annotation Adding operation
  • [EN-560] - New Email Ingest using SES
  • [EN-552] - Custom extraction of indicators for enclaves

Release notes - Engineering - Version v3.2.3 - 5/18/18  


  • [En-537] - Add notes from structured upload to IOC notes
  • [En-550] - Status of reports that haven't been fully processed
  • [En-573] - Implement container basic resiliency mechanism


  • [En-549] - Process notifications and send emails
  • [En-549] - Process notifications

Release notes - Engineering - Version v3.2.2 - 5/10/18  

New Feature

  • [EN-371] - Sharing group for companies: We can now specify which sharing group a company belongs to.


  • [EN-373] - Add action on dashboards for on-demand refresh: Users can now refresh dashboards in case they want to get the latest updated data
  • [EN-514] - API Rate limits per user (resilience)
  • [EN-571] - Upgrade Spring Boot to 1.5.13: Security update


  • [EN-533] - Clarify FS-ISAC Submission Form fields

Release notes - Engineering - Version v3.2.0.2 - 4/26/18  

New Features
  • [EN-326] [EN-355]  - API Rate Limiting & Company Quota. This feature ensures quality of service for TruSTAR users who use the API regularly. 
  • [EN-388] [EN-447] - Timezones on Station. This feature enables the use of the browser timezone to display times and dates in the user's local timezone. 
  • [EN-384] - Indicator Management - General availability of Indicator Management feature. This feature enable users to manage Indicators of Compromise in their enclaves, without having to submit them using an incident report.
  • [EN-317] - Enable HTTP Strict Transport Security (HSTS) policy for all Station HTTPS requests
  • [EN-459] - Refactor level of detail on log
Bug Fixes
  • [EN-199] - Dashboard counts for report submission on API / Email / Personal fixed to remove duplication
  • [EN-438] - Trim tag names (unify duplicate tags with same name but extra spaces)
  • [EN-440] - Include Enclave name on submission confirmation panel
  • [EN-441] - Wrap line on indicator panel to access whitelist icon
  • [EN-457] - User Credentialing: after changing settings for user the list of users reset
  • [EN-513] - Invalid JSON returned from FE export and API

Release notes - Engineering - Version v3.2.0.2 - 4/6/18  


  • [EN-304] - Admin panel pagination 


  • [EN-376] - Add Message on login when Password or email fails authentication

Release notes - Engineering - Version v3.2.0 - 4/5/18


  • [EN-322] - Implement IOC Management
  • [EN-370] - Create missing APM Events 


  • [EN-410] - Update TOU 
  • [EN-417] - Caches are kept indefinitely - allow invalidation per company + custom time periods 


  • [EN-375] - Fix Redis Deserialization Errors On Changed Classes 
  • [EN-392] - Stash Config Automation Traceback When Saving 
  • [EN-394] - BUG: Unsubscribe text doesn't scale with zoom (Source Scoring) 
  • [EN-416] - Company Update marks all pending subscriptions as Active

Release notes - Engineering - Version V3.0.8 - 3/26/18


  • [EN-258] - API resilience changes (1.3 and 1.2) 
  • [EN-273] - Update API docs 
  • [EN-327] - Indicator priority API 

Release notes - Engineering - Version v3.0.7


  • [EN-191] - Add Integrations Tab to Marketplace
  • [EN-269] - Record of all station user creation dates


  • [EN-192] - Default dashboard setting should be set to your private enclave (s). 
  • [EN-290] - BUG - Community Tags Send Users to White Screen
  • [EN-299] - IoC count on Explore View doesn't take Auto Whitelist weight into account
  • [EN-313] - BUG - Users cannot select community only enclave
  • [EN-341] - Displaying only Community Enclave

Release notes - Engineering - Version v3.0.6.1 

  • [EN-268] - IE 11 - Updated incident reports don't update their contents when visited 
  • [EN-307] - Cache issue

Release notes - Engineering - Version 3.0.6 

  • [EN-176] - Manage Tags (Analysis View) - only show private enclaves in the list 
  • [EN-190] - TruStash + Marketplace - MISP 
  • [EN-240] - Save scroll position when user navigates back to report list 
  • [EN-242] - Close chat modal when clicking outside of it 
  • [EN-254] - Create URL and API Key Credential Template For MISP Marketplace App 
  • [EN-196] - Bad Extractions 
  • [EN-197] - Extraction bug in URL extraction 
  • [EN-198] - Insights Dashboard - It's based on original submission time, not updated time 
  • [EN-241] - timeline slider 
  • [EN-245] - Changing report tags - can't navigate to next on list 
  • [EN-248] - Metadata is not populated on subsequent calls to fetch reports

Release notes - Engineering - Version v3.0.5.3 

  • [EN-232] - Use Cached dashboard queries 
  • [EN-231] - Enclave filter errors on 
  • [EN-239] - Sector issue while editing company 

Release notes - Engineering - Version v3.0.5.2 

  • [EN-216] - Make "Explore view" the default view after logging into station 
  • [EN-212] - Add 'indicators' collection to API call  
  • [EN-213] - CVE call is failing on Prod

Release notes - Engineering - Version v3.0.5.1 

  • [EN-170] - Store color of enclave   
  • [EN-171] - Create groupings of enclaves in the filter.  
  • [EN-188] - TruStash + Marketplace - DHS CISCP 
  • [EN-173] - Excluded IoCs should be treated like Whitelists

Release notes - Engineering - Version v3.0.4 

  • [EN-155] - Persistent Search flow-- unable to clear 
  • [EN-160] - API 1.2 call for 'latest indicators' is pulling from all open enclaves - it should pull from private enclaves only 
  • [EN-162] - Allow editing of notes 
  • [EN-163] - Include enclave name in Explore view 
  • [EN-157] - Give access to all OSINT data feeds to all existing users. When a new company is created provide all users of that company with access to all OSINT sources. 
  • [EN-156] - Incident report saving doesn't check that externalTrackingId is duplicated 
  • [EN-158] - Deleting Users on Station Fails #bug #analyst-workbench  
  • [EN-159] - Search Lag 
  • [EN-161] - Can't click out of panes without going back to menu header. 
  • [EN-164] - Bug with updating tags in reports list

Release notes - Engineering - Version v3.0.3 

  • [EN-139] - Remove V3-Release Announcement in UI 
  • [EN-143] - Add clickable links in Report Body for JSON reports
  • [EN-144] - In Explore View provide a more user friendly message when Search has null results
  • [EN-148] - Fix "Notify Me" UX for IOCs and uncorrelated reports 
  • [EN-149] - Next/Prev Report Controls in Analysis View  
  • [EN-150] - Multi tag filter 
  • [EN-135] - In notes allow for tagging another company member using @ 
  • [EN-140] - In search filters, 'COMMUNITY' being selected or not is ignored and results always include it
  • [EN-145] - Export Report IOC's Functionality Not Working (TXT,STIX,FIREEYE,JSON) 
  • [EN-146] - Tags Overflow Causing Report Body To Disappear 
  • [EN-147] - Error saving user if X'ing an enclave field 
  • [EN-151] - Some Trending IOCs from Dashboard result in empty graphs 

Release notes - Engineering - Version v3.0.2.2 

  • [EN-127] - Remove clickable links in Report Body for JSON reports 
  • [EN-126] - Increased permission restrictions on Trustar API broke admin access from Data Science 
  • [EN-128] - IOC/Correlation Count not visible in Explore View  
  • [EN-129] - Correlation Count Set to Zero after visiting a report 
  • [EN-130] - FBTX and IBM X-Force are requesting the wrong popup key types 
  • [EN-131] - API indicators call is not ignoring blank / null strings

Release notes - Engineering - Version v3.0.1 

  • [EN-113] - Company Whitelist fix wrapping of long IOC names 
  • [EN-114] - Deprecate "Phantomed Node" Status 
  • [EN-115] - Filter by Enclave and Role in Users View 
  • [EN-106] - Apply company whitelist to all API calls that return IOC's in the response.
  • [EN-107] - Browser search does not scroll through report content.
  • [EN-108] - In Analysis view do not remove report details if user clicks anywhere else in graph 
  • [EN-109] - Investigate root cause -RE: Remember to Activate your TruSTAR Account 
  • [EN-111] - Email Settings: Send Config Details Button Grayed Out  
  • [EN-116] - "No Access" enclaves, 403 if I try to use them 
  • [EN-120] - Chat Channels for New Enclaves 
  • [EN-121] - Issues w/ Undo/Redo/Refresh Actions on Graph

How Did We Do?