ce-9.5.3

🐛 Bug Fixes

• Fixed an issue where ATTiRe logs could not be imported into an empty campaign.

ce-9.5.2

VECTR 9.5 is a minor update focused on under-the-hood application improvements and reintroducing content library export. Be sure to star and watch this repo and/or join us on Discord to be notified when new VECTR releases drop. We will be introducing a highly requested feature in our next major release, so stay tuned!

🚀 Improvements

• Content library export is back! You can now export full content library data, including automation artifacts, to share or import into another VECTR instance.
• We're continuing to chip away at the frontend framework migration to Vue.js. In this release, we've redesigned and migrated the campaign library page.

🐛 Bug Fixes and Maintenance

• Bug fixes and application performance improvements.
• Dependency updates.

ce-9.4.0

🐛 Bug Fixes

• Fixed issue in GraphQL test case mutations where test case automation arguments were not saving.
• Fixed issue when importing a defense tool from the content library did not copy over associated defense layer information.
• On Resilience Trending report page, fixed issue where configuration buttons on heatmap sub-chart were invisible.

🔒 Security Maintenance

• Addressed application vulnerabilities reported by @ameerpornillos.

ce-9.3.3

🚀 VECTR Enterprise

• VECTR 9.3 marks the launch of our premium offering "VECTR Enterprise". VECTR Enterprise introduces premium reporting features and integrated benchmark data to help you tell the story of your adversary management / purple teams program. Learn more about VECTR Enterprise. Community edition will continue to be available and receive updates.

👀 UI Updates

• 🌒Dark mode is here! This is still in beta, but you can preview it from your profile menu. We're looking forward to releasing tweaks and fine tuning of the color theme in future versions.
• Continued transition of our frontend stack to Vue.js with a redesigned Assessment Library page.

🔒 Security Maintenance

• Dependency updates to address CVE's

ce-9.2.1

🚀 Improvements

• VECTR 9.2 represents a significant update to the backend stack and system architecture. We've migrated to a Spring Boot API layer and have added a gateway and static UI containers to offload some responsibilities from the "tomcat" container, including TLS termination and the frontend SPA application, respectfully. Please see our upgrade guide to update your existing deployment.

🐞 Bug Fixes

• A lot of bug fixes, including addressing the following issues: #262, #263, #267, #268, #269, #270

🔒 Security Maintenance

• Dependency updates to address CVE's.

ce-9.0.2

🚀 VECTR 9.0

• We are pleased to announce the next generation of the VECTR Purple Team platform! VECTR 9.0 brings an entirely new relational (SQL) data model with backend services completely rewritten for this. The shift to SQL has laid the ground work to enable us to bring new features and capabilities into the platform that will further enhance your Purple Team experience in VECTR.

⚒ SQL Migration Tool

• To transition your data from 8.9.x to 9.0, we have created a migration tool that converts the MongoDB based data to SQL based data. If you have existing data you MUST run this tool to upgrade to 9.0. Please be sure to read the directions and notes in the README carefully. https://github.com/SecurityRiskAdvisors/vectr-sql-migration
• For any issues migrating data please open an issue on the migration tool GitHub Page.
• For issues importing data or with the 9.0 Release please open them on the VECTR GitHub Page.

GraphQL API Changes

• With the 9.0 Release we have made some changes to the API. See our documentation page for this here.
• We've also updated out VECTR-Tools project to reflect these changes to see updated working examples here.

ce-8.9.4

🔒 Security Maintenance

• Dependency updates to address multiple CVEs.

🚀 Next Release

• Starting with VECTR 9.0, VECTR's data and service layers have been completely reworked to support a new relational data model and will no longer use MongoDB. VECTR ce-8.9.4 will likely be the last MongoDB-based release. Future 8.9.x MongoDB-based releases will be determined based on criticality of future CVEs and the adoption rate of VECTR 9.0. Please note that no new features will be released on the 8.9.x branch. If you want to continue receiving new features and updates, upgrade to VECTR 9.0 when it is released.

⚒ SQL Migration Tool

• To transition your data from 8.9.x to 9.0, we have created a migration tool that converts the MongoDB based data to SQL based data. We recommend running the migration tool prior to the official VECTR 9.0 release, as you will be able to report any issues you encounter so we can address them prior to the launch. Please be sure to read the directions and notes in the README carefully. https://github.com/SecurityRiskAdvisors/vectr-sql-migration

ce-8.9.3

🔒 Security Maintenance

• Dependency updates to address CVE-2023-46589

ce-8.9.2

✨ Enhancements

• MITRE ATT&CK v14 support

🔒 Security Maintenance

• Dependency updates to address CVE's

ce-8.9.1

ℹ NOTE: The RTA containers in addition to the Tomcat have been updated for this release. When upgrading change your container versions accordingly.

🚀 Improvements

• This release is another milestone in our transition from AngularJS to Vue.js. While these release notes are not exhaustive, note many smaller UI elements are being converted. If you experience any issues or have any feedback, feel free to open an issue or join our Discord to discuss.

👀 New Features

• New Assessments Screen: Groups together assessments from our Industry Indexes templates. It also included reporting shortcuts and additional data fields for ease of use.
• Resilience Trending: New report which should be a better fit for most Historical Trending use cases. The Resilience Trending screen is used to plot threat resiliency over time.

🔒 Security Maintenance

• Dependency updates to address CVE's