You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have created a relationship "authored by" between a malware and a threat actor individual. Now, when I open the knowledge tab of the malware, I can see "Threat actors (1)" in the list on the right. However, when I click on "Threat actors", the displayed list is empty.
Environment
OS (where OpenCTI server runs): -
OpenCTI version: OpenCTI 6.3.1
OpenCTI client: -
Other environment details: -
Reproducible Steps
Create a malware, threat actor individual and report.
In the report, add the malware and threat actor entities
Create a "authored by" relationship for the malware and threat actor entities
Open the knowledge tab of the malware or open the knowledge tab of the threat actor individual
Look at the menu on the right. On the malware page, it should say "Threat Actors (1)", but the corresponding list does not contain any items. On the threat actor individual page, it should say "Malware (1)", but the corresponding list does not contain any items. This is true for both, the "entities view" and the "relationships view".
Expected Output
I would expect the lists to contain items that describe the "authored by" relationship.
Actual Output
No list items
Additional information
Screenshots (optional)
The text was updated successfully, but these errors were encountered:
ups1decyber
added
bug
use for describing something not working as expected
needs triage
use to identify issue needing triage from Filigran Product team
labels
Oct 2, 2024
The problem is generic to Intrusion Sets, Threat Actor individual & Threat Actor group.
The fix is to:
for any relation malware -> authored by -> threat actor/intrusion set, display:
in the malware knowledge views, in "all threats view" & in the "intrusion set" view, the threat actors and/or the intrusion set. Also, when switching to relation view, the authored by must be displayed.
in the threat actors/intrusion knowledges views, in "malware" view, have the malware. And when switching to relation view, be able to display the authored by.
Description
I have created a relationship "authored by" between a malware and a threat actor individual. Now, when I open the knowledge tab of the malware, I can see "Threat actors (1)" in the list on the right. However, when I click on "Threat actors", the displayed list is empty.
Environment
Reproducible Steps
Expected Output
I would expect the lists to contain items that describe the "authored by" relationship.
Actual Output
No list items
Additional information
Screenshots (optional)
The text was updated successfully, but these errors were encountered: