What's New in Version 6.17.0
The ThreatQuotient team is pleased to announce the availability of ThreatQ version 6.17.0. Below is a list of enhancements, important bugs that have been addressed, and upgrade instructions.
ThreatQ Platform
The following is a list of new features and bug fixes for the ThreatQ platform included when you upgrade to 6.17.0.
New/Updated Features
ThreatQ UI | Log Out Confirmation Message
You will now see a Your session has been successfully terminated confirmation message after logging out of your ThreatQ session.
Notable Bug Fixes
The following list of issues and bugs that have been resolved with ThreatQ v6.17.0.
- Resolved an issue where updated avatar images were not persisted unless the user manually selected Save in their profile after uploading a new image.
- Resolved an issue where File objects were intermittently missing contextual data and were not properly related to associated objects.
- Resolved an issue where the URL Normalization feature, despite being enabled, was not applied to indicators ingested by ThreatQ integrations.
- Resolved an issue where the ACE Parser incorrectly identified and linked threat objects when object names appeared as partial substrings within unrelated words in report descriptions, resulting in unintended relationship creation.
- Resolved an issue in the Activity Log feed dropdown where the search filter only returned results from a limited subset of 100 integrations, preventing discovery of integrations outside that range.
Upgrading
Perform the following steps to upgrade your ThreatQ v6 instance.
After you start the upgrade, do not cancel the installation. Doing so will leave your system in an unusable state.
- Perform a platform check to ensure adequate disk space and that your installed integrations are compatible with the new ThreatQ version. You will be unable to proceed with the upgrade until clearing this check. It is important to note that the command does not apply to integrations installed on third-party systems such as the ThreatQ App for QRadar.
Platform Check Against the Most Recent ThreatQ Version# sudo /usr/local/bin/tqadmin platform check
Platform Check Against a Specific ThreatQ Version# sudo /usr/local/bin/tqadmin platform check -v <version number> - Run the upgrade command:
Upgrade to the Latest ThreatQ Version# sudo /usr/local/bin/tqadmin platform upgrade
Upgrade to a Specific ThreatQ Version# sudo /usr/local/bin/tqadmin platform upgrade -v <version number>
New Installations
If you are installing ThreatQ version 6 for the first time, it is highly recommended that you review the ThreatQ 6x Installation section and guides before proceeding with installation. The guide provides useful information including:
- Required Firewall Ports
- Suggested Partitioning Scheme
- System Requirements (Hardware Specifications, Core CPUs, RAM etc.)
- Steps to pin your RHEL 9 and Ubuntu versions to prevent upgrades to unsupported environments
- Security Hardening Guides
Migrating ThreatQ v5 to v6
It is important that you use the correct ThreatQ version when migrating a ThreatQ v5 instance to ThreatQ v6.
- Migrating to ThreatQ v6.9.1 or greater requires a ThreatQ v5.29.5 backup file.
- Migrating to ThreatQ v6.9.0 and prior requires a ThreatQ v5.29.4 backup file.
Using a backup other than the ones listed above will result in a restore error.
Contact ThreatQ Support or your Technical Account Manager for additional information and to obtain the ThreatQ Migration Guide. The ThreatQuotient team highly recommends that you review the ThreatQ 6x Installation guide when planning your migration.
Support
Don't hesitate to get in touch with your Technical Account Manage to discuss planning your upgrade.
As always, contact our Customer Support Team if you encounter problems when upgrading or need assistance.
Thank you,
The ThreatQuotient Team
tq-support@securonix.com
ts.securonix.com
703.574.9893