Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Malware global kill chain doesn't display correct info #4155

Closed
Archidoit opened this issue Aug 24, 2023 · 2 comments · Fixed by #4158
Closed

Malware global kill chain doesn't display correct info #4155

Archidoit opened this issue Aug 24, 2023 · 2 comments · Fixed by #4158
Assignees
@Archidoit
Labels
bug use for describing something not working as expected solved use to identify issue that has been solved (must be linked to the solving PR)
Milestone
Release 5.10.0

Comments

@Archidoit
Copy link
Member

Archidoit commented Aug 24, 2023
edited

Description

Malware global kill chain lines always display the entity in the 'to' of the relationship.

Environment

  1. OS (where OpenCTI server runs): { e.g. Mac OS 10, Windows 10, Ubuntu 16.4, etc. }
  2. OpenCTI version: { e.g. OpenCTI 1.0.2 }
  3. OpenCTI client: { e.g. frontend or python }
  4. Other environment details:

Reproducible Steps

  • Go to the Knowledge tab of a malware
  • Add a relationship with several threat actor group/individual
  • At the bottom of the Knowledge tab, go on 'Global kill chain'
  • The relationship appears but we have no info on which entity is linked to the malware. If we want to edit a relation there, we don't know which relation we edit, etc.

Explanation: The entity displayed in the line is always the 'to' of the relationship

image
@Archidoit Archidoit added the bug use for describing something not working as expected label Aug 24, 2023
@Archidoit Archidoit self-assigned this Aug 24, 2023
@Archidoit
Copy link
Member Author

Archidoit commented Aug 24, 2023
edited

2 solutions:

  • display the 'from' of the relationship when the 'to' is the entity itself
  • don't display relationships when the 'to' it the entity itself

@SamuelHassine
Copy link
Member

@Archidoit please use the first solution.

Archidoit added a commit that referenced this issue Aug 24, 2023
@Archidoit
[frontend] global kill chain phase display adaptation (#4155)
6b79c5a
@Archidoit Archidoit mentioned this issue Aug 24, 2023
Merged
@Archidoit Archidoit linked a pull request Aug 24, 2023 that will close this issue
[frontend] global kill chain phase display adaptation (#4155) #4158
Merged
SamuelHassine pushed a commit that referenced this issue Aug 24, 2023
@Archidoit
[frontend] global kill chain phase display adaptation (#4155)
569ae12
@SamuelHassine SamuelHassine added the solved use to identify issue that has been solved (must be linked to the solving PR) label Aug 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Archidoit Archidoit

Labels
bug use for describing something not working as expected solved use to identify issue that has been solved (must be linked to the solving PR)
Projects
None yet
Milestone
Release 5.10.0
Development

Successfully merging a pull request may close this issue.

[frontend] global kill chain phase display adaptation (#4155) OpenCTI-Platform/opencti
2 participants
@SamuelHassine @Archidoit