Some of the highlights of this release:
IPQualityScore
New TI provider submitted by petebryan - provides a lot of interesting stats on IPs.
Defender Advanced Hunting API
Thanks to d3vzer0 our MS Defender client is now able to use the support Graph-based API rather than the legacy
APIs. To use this, for the moment use the DataEnvironment name `M365DGraph` when you create
query provider. In the next 0.x release we will switch the other aliases for M365D, MDE, MDATP to use this
new interface and deprecate the existing ones.
Startup errors when running in unexpected environments.
`init_notebook` made some (incorrect) assumptions about when it would be running in a Synapse environment.
Azure Machine Learning have recently changed their default compute to be a Synapse environment.
Fixes here will correct failures due to faulty detection of environment type.
Startup fixes and perf improvements
We've optimized some of the imports done within the package at startup so msticpy should be quicker to
load.
Azure env credentials fix
Although we previously supported the Azure EnvironmentCredential credential type, our implementation allowed
you to use only with ClientID + ClientSecret. The changes allow it to be used with other supported
credential formats - notably username + password and certificate authentication using a certificate file.
Improvements to Entities
Although these are not visible to most people, we try to keep our Entity definitions in sync with the official
Microsoft "V3" entity definitions. We've added a few entity types and updated some of the attributes
to bring this in line, while still allowing backwards compatible attributes to be used.
What's Changed
* Ianhelle/entity updates 2023 09 01 by ianhelle in https://github.com/microsoft/msticpy/pull/718
* Ianhelle/lazy-import-init-2023-09-26 by ianhelle in https://github.com/microsoft/msticpy/pull/717
* Fix Azure env credential authentication by ianhelle in https://github.com/microsoft/msticpy/pull/722
* Update documentation for installing in isolated env by ccianelli22 in https://github.com/microsoft/msticpy/pull/724
* Bump isort to 5.12.0 in pre-commit config by 2xyo in https://github.com/microsoft/msticpy/pull/723
* Remove stack trace from logging by FlorianBracq in https://github.com/microsoft/msticpy/pull/729
* fix: init_notebook and entities by ianhelle in https://github.com/microsoft/msticpy/pull/730
* Fix time span values by FlorianBracq in https://github.com/microsoft/msticpy/pull/728
* Added additional DataProvider for Advanced Hunting via Graph by d3vzer0 in https://github.com/microsoft/msticpy/pull/725
* Allow POST HTTP method by 2xyo in https://github.com/microsoft/msticpy/pull/726
* Bump readthedocs-sphinx-ext from 2.2.2 to 2.2.3 by dependabot in https://github.com/microsoft/msticpy/pull/716
* Added new TI Provider - IPQualityScore by petebryan in https://github.com/microsoft/msticpy/pull/733
New Contributors
* 2xyo made their first contribution in https://github.com/microsoft/msticpy/pull/723
**Full Changelog**: https://github.com/microsoft/msticpy/compare/v2.8.0...v2.9.0