ce-9.7.0

VECTR 9.7 is a minor update focused on bug fixes and application stability and improvements, including accessibility enhancements to keyboard navigation and defense tool product management.

Important

We have unified VECTR services versioning to be in step with the product version. Affected services include the RTA server and builder. If you are manually managing your compose file or VECTR deployment, be sure to update the image version used by the vectr-rta-webserver and vectr-rta-builder services to 9.7.0.

👀 New Features

• Defense Tool Product library. You can now manage defense tool products through the UI.
• Ability to export library campaigns to VEX file format.

🐛 Bug Fixes

• Numerous bug fixes.

🔒 Security Maintenance

• Dependency updates.

ce-9.6.5

VECTR 9.6 brings major changes to the application, including a redesigned reporting filter and... per-tool outcome!

👀 New Features

• Tool Performance. It's here! You can now report on outcomes at a defense tool level, providing better visibility into how your different defense controls are functioning individually but also together as a whole. Learn more about using per-tool outcomes on our docs site: https://docs.vectr.io/user/recording-outcomes/
• Redesigned reporting filter. We made the reporting filter a bit easier to use by placing all available filtering options in one place.

🚀 Improvements

• Added additional test case filtering options when creating a campaign template.

🐛 Bug Fixes

• Fixed a bug where when updating a test case timeline event, the UI would not display the updated data. #290
• Fixed an issue where ATTiRe logs generated by Invoke-AtomicRedTeam could not be imported into VECTR.

🔒 Security Maintenance

• Dependency updates.

ce-9.5.3

🐛 Bug Fixes

• Fixed an issue where ATTiRe logs could not be imported into an empty campaign.

ce-9.5.2

VECTR 9.5 is a minor update focused on under-the-hood application improvements and reintroducing content library export. Be sure to star and watch this repo and/or join us on Discord to be notified when new VECTR releases drop. We will be introducing a highly requested feature in our next major release, so stay tuned!

🚀 Improvements

• Content library export is back! You can now export full content library data, including automation artifacts, to share or import into another VECTR instance.
• We're continuing to chip away at the frontend framework migration to Vue.js. In this release, we've redesigned and migrated the campaign library page.

🐛 Bug Fixes and Maintenance

• Bug fixes and application performance improvements.
• Dependency updates.

ce-9.4.0

🐛 Bug Fixes

• Fixed issue in GraphQL test case mutations where test case automation arguments were not saving.
• Fixed issue when importing a defense tool from the content library did not copy over associated defense layer information.
• On Resilience Trending report page, fixed issue where configuration buttons on heatmap sub-chart were invisible.

🔒 Security Maintenance

• Addressed application vulnerabilities reported by @ameerpornillos.

ce-9.3.3

🚀 VECTR Enterprise

• VECTR 9.3 marks the launch of our premium offering "VECTR Enterprise". VECTR Enterprise introduces premium reporting features and integrated benchmark data to help you tell the story of your adversary management / purple teams program. Learn more about VECTR Enterprise. Community edition will continue to be available and receive updates.

👀 UI Updates

• 🌒Dark mode is here! This is still in beta, but you can preview it from your profile menu. We're looking forward to releasing tweaks and fine tuning of the color theme in future versions.
• Continued transition of our frontend stack to Vue.js with a redesigned Assessment Library page.

🔒 Security Maintenance

• Dependency updates to address CVE's

ce-9.2.1

🚀 Improvements

• VECTR 9.2 represents a significant update to the backend stack and system architecture. We've migrated to a Spring Boot API layer and have added a gateway and static UI containers to offload some responsibilities from the "tomcat" container, including TLS termination and the frontend SPA application, respectfully. Please see our upgrade guide to update your existing deployment.

🐞 Bug Fixes

• A lot of bug fixes, including addressing the following issues: #262, #263, #267, #268, #269, #270

🔒 Security Maintenance

• Dependency updates to address CVE's.

ce-9.0.2

🚀 VECTR 9.0

• We are pleased to announce the next generation of the VECTR Purple Team platform! VECTR 9.0 brings an entirely new relational (SQL) data model with backend services completely rewritten for this. The shift to SQL has laid the ground work to enable us to bring new features and capabilities into the platform that will further enhance your Purple Team experience in VECTR.

⚒ SQL Migration Tool

• To transition your data from 8.9.x to 9.0, we have created a migration tool that converts the MongoDB based data to SQL based data. If you have existing data you MUST run this tool to upgrade to 9.0. Please be sure to read the directions and notes in the README carefully. https://github.com/SecurityRiskAdvisors/vectr-sql-migration
• For any issues migrating data please open an issue on the migration tool GitHub Page.
• For issues importing data or with the 9.0 Release please open them on the VECTR GitHub Page.

GraphQL API Changes

• With the 9.0 Release we have made some changes to the API. See our documentation page for this here.
• We've also updated out VECTR-Tools project to reflect these changes to see updated working examples here.

ce-8.9.4

🔒 Security Maintenance

• Dependency updates to address multiple CVEs.

🚀 Next Release

• Starting with VECTR 9.0, VECTR's data and service layers have been completely reworked to support a new relational data model and will no longer use MongoDB. VECTR ce-8.9.4 will likely be the last MongoDB-based release. Future 8.9.x MongoDB-based releases will be determined based on criticality of future CVEs and the adoption rate of VECTR 9.0. Please note that no new features will be released on the 8.9.x branch. If you want to continue receiving new features and updates, upgrade to VECTR 9.0 when it is released.

⚒ SQL Migration Tool

• To transition your data from 8.9.x to 9.0, we have created a migration tool that converts the MongoDB based data to SQL based data. We recommend running the migration tool prior to the official VECTR 9.0 release, as you will be able to report any issues you encounter so we can address them prior to the launch. Please be sure to read the directions and notes in the README carefully. https://github.com/SecurityRiskAdvisors/vectr-sql-migration

ce-8.9.3

🔒 Security Maintenance

• Dependency updates to address CVE-2023-46589