forked from jtmelton/appsensor
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathchangelog.txt
95 lines (74 loc) · 3.16 KB
/
changelog.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
AppSensor CHANGELOG
=====================
https://www.owasp.org/index.php/Projects/OWASP_AppSensor_Project
http://appsensor.org/
https://github.com/jtmelton/appsensor
Changes in version 2.1 (2015/06/09)
--------------------------------------
* Geolocation of end users now possible (optional configuration)
* Added support for RabbitMQ execution mode
* Added support for Kafka execution mode
* Added support for JMX Notification emitter
* Added support for CEF (over syslog) emitter
* Documentation updates to cover new features
and generally enhance end/user developer documentation
* Update maven configurations to upgrade dependency
versions and correct configuration for generating
javadocs and maven "site"
* Added spring security integration that covers:
- events emitted by spring security added to appsensor
- a custom appsensor user manager
- a custom appsensor security context repository
* Added example app to show usage in local mode with
spring security integration
* Added example app to show the use of appsensor for
something other than application layer IDS. In this case,
it is being used as an exception tracker. As exceptions
are generated, they are logged with appsensor, then a simple
custom UI shows them in a grouped list. While the example
is simple and contrived, a more sophisticated UI could
allow for grouping, searching, sorting and analysis.
Changes in version 2.0.1 (2015/02/26)
--------------------------------------
* Support multiple detection point configurations per detection
point label (https://github.com/jtmelton/appsensor/issues/18)
Changes in version 2.0 (2015/01/27)
--------------------------------------
* AppSensor has gone through a complete re-write,
and the current feature set is listed below.
* Client-server architecture supporting multiple
execution "modes" including:
- REST
- SOAP
- Thrift
- local (shared JVM, java-only)
* Any language can be used on the client application.
The only requirement is that the language selected
must support the communication protocol of the execution
mode that is configured (ie. if using REST as the
execution mode, the language must be capable of making
HTTP requests.)
The server-side components are Java, but this places
no restriction on the client applications themselves.
* There is no longer a dependency on ESAPI. AppSensor
is a standalone project, though it can be used to
integrate with projects that also use ESAPI if
desired.
* The major subsystems are all modular and extensible,
including:
- access control
- analysis engine
- configuration
- reporting
- storage
* While extensible, all major subsystems have at least
one reference implementation.
* The core components of the system have been renamed
and now follow the appsensor v2 book naming conventions,
which is based on standard IDS terminology for clarity.
* Basic user correlation is supported so that client
applications that share a user base can share attack information.
* A website for the project has been built (appsensor.org).
Changes in version 0.1.x (Legacy)
--------------------------------------
* changelog not maintained