All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Each event type have his own object to represent the information. See the section objects by event type in our wiki page.
- New script created to validate the schema of our threat sightings.
- Some fields of the schema were updated.
- Wiki updated with the new content and typo fixed.
- Multiple instances of the same behavior can be represented using an array of items. See this issue for examples.
- Contributors can be listed in the header of the sighting with a new field 'contributor'.
- Added 'keyValueType' field in docs
- All Threat Sightings have been modified to adhere to the v1.6.0 of the schema.
- Hunting queries on Threat Sighting for Cobalt Strike were updated.
- Some typo fixed in the Wiki.