Key Improvements

• Computer-assisted report generated from all information available in a case

• Case history can be downloaded in Markdown format

• Multiple improvements to Dockerfile and Docker Compose

• Fixed pagination issues when large amounts of data are present in the database

• Expanded and improved documentation for ELSA workflows, providing clear guidance and reference material on using FlowIntel’s ELSA integration and related workflows.

computer assisted report1685×1038 193 KB

Important

A new migration script is available for the computer-assisted report. Don’t forget to apply it to your database.

Release Notes – 2.3.0 (2025-12-15)

New

• [feature] download history as markdown. [David Cruciani]
• [feature] computer assistate report for cases. [David Cruciani]
• [api] create a from with a misp event in json format. [David Cruciani]

Changes

• [version] 2.3.0. [David Cruciani]
• [misp] update flowintel object to misp with new field. [David
  Cruciani]
• [docker] move bin. [David Cruciani]
• [docker] entrypoint and ubuntu 24.04 + python 3.12. [David Cruciani]
• [docker] compose with postgres and valkey. [David Cruciani]
• [templating] description handling for add_task_case. [David Cruciani]
• [template] markdown editor for description in add_task_case. [David
  Cruciani]
• [module] add galaxies and tags on event. [David Cruciani]
• [launch] kill tail and killscript different. [David Cruciani]
• [description] markdown editor for creation and edition. [David
  Cruciani]
• [case] button for open/finished, new filter for cases. [David
  Cruciani]

Fix

• [pagination] limit number of element. [David Cruciani]
• [launch] config file missing. [David Cruciani]
• [test] org and user. [David Cruciani]
• [admin] org and user creation. [David Cruciani]
• [connector] case from misp with global_api and uuid usage. [David
  Cruciani]

Other

• Merge pull request #60 from vx3r/fix/task-creation-from-template.
  [David Cruciani]

  Fix Task creation from template

• Add notes and urls_tools from template to the task, default history
  directory, remove obsolete attribute. [antomer]

• Merge pull request #58 from flowintel/docker-dev. [David Cruciani]

  Docker fix and working

• Merge remote-tracking branch ‘origin/main’ into docker-dev. [David
  Cruciani]

• Merge pull request #56 from cudeso/new/vulnerability-disclosure-
  policy. [Alexandre Dulaunoy]

  Add SECURITY.md with vulnerability disclosure policy

• Add SECURITY.md with vulnerability disclosure policy. [Koen Van Impe]

  SECURITY.md file for reporting security vulnerabilities, responsible disclosure guidelines, and contact information.

• Merge pull request #55 from cudeso/new/ELSA. [Alexandre Dulaunoy]

  Add ELSA compliance and governance documentation - R-NF-ELSA-0001

• Fix minor typos. [Koen Van Impe]

• Add ELSA compliance and governance documentation - R-NF-ELSA-0001.
  [Koen Van Impe]

  Introduced a set of documentation templates and guidance for Flowintel deployments, including DPIA screening (controller and developer), GDPR guidance, NIS2 compliance considerations, ROPA templates, retention and purpose limitation mapping, law enforcement annex, and a security breach response procedure.

  These documents support controllers in meeting legal, regulatory, and operational requirements for data protection and incident management.

Contributions

Special thanks to @cudeso for his valuable contributions to this release.

Funding

Flowintel is co-funded by CIRCL and by the European Union under FETTA (Federated European Team for Threat Analysis) project.

EU logo1100×231 104 KB