forked from jtmelton/appsensor
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathchangelog.txt
176 lines (121 loc) · 6.18 KB
/
changelog.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
AppSensor CHANGELOG
=====================
https://www.owasp.org/index.php/Projects/OWASP_AppSensor_Project
http://appsensor.org/
https://github.com/jtmelton/appsensor
Changes in version 2.4 (???)
--------------------------------------
* Added rules analysis engine
Changes in version 2.3.2 (2017/04/05)
--------------------------------------
* Resolved spring security integration issue found by customer
(https://github.com/jtmelton/appsensor/issues/74)
Changes in version 2.3.1 (2017/01/05)
--------------------------------------
* Added basic docker-compose starter for getting started example
* Fixed customer issue where logback.xml needed to be moved from src/ to test/ (https://github.com/jtmelton/appsensor/issues/63)
Changes in version 2.3 (2016/09/29)
--------------------------------------
* Added activemq as execution mode
(https://github.com/jtmelton/appsensor/commit/a9065a43cee7fd31a95b7bc52f2979efccaf8e84) (thanks sidewalker!)
* Added elasticsearch as storage provider (https://github.com/jtmelton/appsensor/issues/37) (thanks MaikJaek!)
* Added riak as storage provider (https://github.com/jtmelton/appsensor/commit/9991043c7ae08992f08ad139d8a3bb3c529d014b)
(thanks wylly!)
* Added influxdb as storage provider
* Added prometheus integration (https://github.com/jtmelton/appsensor/commit/c8556dcf42baa7e835a7f4700962984aff7e5615)
(thanks sidewalker!)
* Added Docker support for spring boot apps (https://github.com/jtmelton/appsensor/issues/26) (thanks ProZachJ!)
* Added support for per-client-application configurations (ie. not global)
(https://github.com/jtmelton/appsensor/issues/34) (thanks shreyasdn!)
* Added Java and Python client libraries generated by swagger (https://github.com/jtmelton/appsensor/pull/59)
(thanks mahmoodm2!)
* Added new sub-project (https://github.com/jtmelton/appsensor-reverse-proxy/) to function as reverse proxy
option with out of the box support for handling a number of detection points
* Updated mongo storage provider for better performance and bumped version support
(https://github.com/jtmelton/appsensor/issues/41)
* Updated influxdb integration after version deployed to maven central
* Fixed test issue running on Windows machines (https://github.com/jtmelton/appsensor/pull/49) (thanks mahmoodm2!)
* Fix async websocket issue for spring boot client (https://github.com/jtmelton/appsensor/issues/30)
* Fix timezone offset issue in dashboard UI (https://github.com/jtmelton/appsensor/issues/31)
* Fix several minor bugs
* Completed CI setup (Travis-CI - thank you!)
* Added code of conduct and contribution guidelines to documentation
* Updated documentation for ELK and Grafana options (thanks sims143!)
* Updated Kafka documentation (thanks rtmorgan!)
* Updated documentation for Rest API in appsensor.org website (https://github.com/jtmelton/appsensor/issues/27)
* Improved query performance of JPA *Store implementations
* Minor refactoring of ResponseStore implementation for code de-duplication
Changes in version 2.2 (2015/09/18)
--------------------------------------
* First version of appsensor-ui
* Improved query performance of JPA *Store implementations
* Minor refactoring of ResponseStore implementation for code de-duplication
Changes in version 2.1 (2015/06/09)
--------------------------------------
* Geolocation of end users now possible (optional configuration)
* Added support for RabbitMQ execution mode
* Added support for Kafka execution mode
* Added support for JMX Notification emitter
* Added support for CEF (over syslog) emitter
* Documentation updates to cover new features
and generally enhance end/user developer documentation
* Update maven configurations to upgrade dependency
versions and correct configuration for generating
javadocs and maven "site"
* Added spring security integration that covers:
- events emitted by spring security added to appsensor
- a custom appsensor user manager
- a custom appsensor security context repository
* Added example app to show usage in local mode with
spring security integration
* Added example app to show the use of appsensor for
something other than application layer IDS. In this case,
it is being used as an exception tracker. As exceptions
are generated, they are logged with appsensor, then a simple
custom UI shows them in a grouped list. While the example
is simple and contrived, a more sophisticated UI could
allow for grouping, searching, sorting and analysis.
Changes in version 2.0.1 (2015/02/26)
--------------------------------------
* Support multiple detection point configurations per detection
point label (https://github.com/jtmelton/appsensor/issues/18)
Changes in version 2.0 (2015/01/27)
--------------------------------------
* AppSensor has gone through a complete re-write,
and the current feature set is listed below.
* Client-server architecture supporting multiple
execution "modes" including:
- REST
- SOAP
- Thrift
- local (shared JVM, java-only)
* Any language can be used on the client application.
The only requirement is that the language selected
must support the communication protocol of the execution
mode that is configured (ie. if using REST as the
execution mode, the language must be capable of making
HTTP requests.)
The server-side components are Java, but this places
no restriction on the client applications themselves.
* There is no longer a dependency on ESAPI. AppSensor
is a standalone project, though it can be used to
integrate with projects that also use ESAPI if
desired.
* The major subsystems are all modular and extensible,
including:
- access control
- analysis engine
- configuration
- reporting
- storage
* While extensible, all major subsystems have at least
one reference implementation.
* The core components of the system have been renamed
and now follow the appsensor v2 book naming conventions,
which is based on standard IDS terminology for clarity.
* Basic user correlation is supported so that client
applications that share a user base can share attack information.
* A website for the project has been built (appsensor.org).
Changes in version 0.1.x (Legacy)
--------------------------------------
* changelog not maintained