tomchopNov 14, 2023

This has been years in the making, literally.
@sebdraven
and I are happy to announce the release of #Yeti 2.0 ✨ 🍰 (after we promised an EOM release at
@hack_lu
last month 😅)

Website: https://yeti-platform.io
Release: https://github.com/yeti-platform/yeti/releases/tag/2.0

#DFIR #CTI #infosec #cybersec

mini-🧵👇🏼

Welcome to the Yeti documentation site!

Show threadtomchop
This version marks the start of a focus shift away from classic CTI and towards a platform for DFIR teams wishing to integrate CTI in their pipelines for incident response, threat hunting, and detection, and to be able to collate "forensics intelligence" to share with other teams.
Nov 14, 2023 at 11:39amWeb
Show threadtomchopNov 14, 2023
The changes in the codebase have been massive (remember, it's only 2 people working on this): 480 commits to the API server
Show threadtomchopNov 14, 2023
139 commits to the frontend SPA
Show threadtomchopNov 14, 2023

Please feel free to use (and tell us when you do! we love hearing about people's use-cases), file lots of bugs, and feel free to contribute: guides, documentation, even cool screenshots, everything is welcome.

We are looking forward to integrating formats such as https://dfiq.org, shipping tighter integrations with DFIR platform tools like
@TimesketchProj,
@TurbiniaProj and CTI platforms like @MISPProject
(and hopefully many more!)

Home - DFIQ (Digital Forensics Investigative Questions)

Show threadBen MontourNov 22, 2023
@tomchop absolutely loving exploring Yeti so far. I did have a question though. Not sure if it's a bug or I'm missing the syntax. I added the new CISA KEV feed from the latest version, but I can't seem to figure out how to search against the Title field for those entities that it creates. I can search by the name which is the CVE ID, and Severity seems to work as well, just not title=Something.
Show threadtomchopNov 22, 2023
@benmontour hey, thanks a lot! This sounds like a bug indeed, you’re supposed to be able to do exactly that (attribute=blah). It’s probably because we do a 1:1 match and not really a substring search. Do you mind opening an issue in the repo so we can track it? https://github.com/yeti-platform/yeti/issues otherwise I’ll get to it tomorrow. Thanks!!
GitHub - yeti-platform/yeti: Your Everyday Threat Intelligence

Your Everyday Threat Intelligence. Contribute to yeti-platform/yeti development by creating an account on GitHub.

GitHub
Show threadBen MontourNov 22, 2023
@tomchop Will do. Wasn't sure if it was just me being dumb or not. Thanks for the reply!
Show threadtomchopNov 22, 2023
@benmontour sure thing! Thanks for bringing it up :)
Show threadBen MontourNov 23, 2023
@tomchop thank you for the amazingly quick fix!