Threat Scout | Release Notes | 1.1.0#

Improvements#

TLP v2 support and full application#

Threat Scout v1.1.0 introduces TLP v2 support. TLP classifications are also now applied to all intelligence types, not just Report entities.

Temporary Scan saves#

Starting with v1.1.0, Threat Scout will temporarily save scans that it makes. This means that if you close and reopen it after making a scan, the scan result will reappear. This saves you from having to rerun the scan, which would incur extra AI token spend.

Case sensitivity#

We’ve improved the logic around case sensitivity, meaning Threat Scout will better recognize instances of the same intelligence objects occurring with and without capitals.

Fixes#

Confidence not sent to Intelligence Center#

Fixes an issue where assigning Confidence to Entities to be sent to Intelligence Center was configured, but the Confidence assignment would not happen.

UI typos and missing tooltips#

We’ve corrected some typos in the UI and added tooltips that were missing.

Ability to choose from large number of taxonomies#

An issue where users were unable to choose a taxonomy if the connected EclecticIQ Intelligence Center instance has more than 100 taxonomies has been fixed.

Entity count fixed#

The Entity count that would display inaccurate numbers of discovered Entities whas been fixed.

Unrelated data in CSV export#

Fixed an issue where the CSV export of sites scanned with RegEx would include unrelated characters.

Known issues#

Entity-associated Observables lack Maliciousness#

Observables that are created in relation to Entities are not assigned the configured Maliciousness.

Connection indication inaccurate#

When the API token you created to connect Threat Scout to Intelligence Center expires, Threat Scout still shows the connection to EclecticIQ as active.
If you are seeing an error in sending data when trying to export data to Intelligence Center, replace your API token with a newly generated one.

Characters display incorrectly#

There exists an issue where some characters (like single or double apostrophes) are displayed as strings of other characters in EclecticIQ Intelligence Center.

“Click to view details” inconsistencies#

Clickking the “Click to view details” button will not always work as intended. It occassionally jumps to an incorrect position on the webpage.

Product tour does not continue when Threat Scout window is minimized and reopened#