Added a new interface for default permissions. Default permissions for each type of object may now be set globally and for each user individually under their user settings.
Added flair chips to the entities tab and made a new dialog that shows the entities from each entry individually
There is a now a new, more powerful filtering syntax for searches. This can be used on any of the search endpoints in the API, and also when filtering at the tops of columns in the GUI.
Users can now export SCOT objects (events, intels, etc.) in a variety of formats from the GUI. You can also export object tables to a CSV.
The remote flair plugin returns, allowing you to experience the joy of SCOT flairing while browsing the web.
SCOT title pages now use shorter titles so that you now have a chance to tell which tab is which when you have 200 of them open.
Users now have the option to promote alerts and dispatches while copying their tags and sources to the promoted item.
Users can now request a reflair of a promoted entry.
Edit histories have been enhanced to include an object’s entries.
Added “open all alerts” and “close all alerts” buttons to alertgroups.
Several UI elements have been touched up.
Several backend optimizations have been made that should improve scalability and performance.
Arrow keys speed navigation within Alertgroup table.
Clicking on Sentinel entities now opens Sentinel in new tab.
Columns with an Alert table are now resizable.
A “Hunter” role has been added to the Incident Handler Calendar
Users can now delete Pivots if necessary.
The search engine is now indexing Subjects as well as entries.
Column filters can be negated by prefixing ‘!’, e.g. ‘!Foo’ would exclude rows containing ‘Foo’ in that column.
Wrapping text with either or will prevent the Flair engine from operating on that block.