Gremlin Release Notes

Below you’ll find notes describing what’s new with the Gremlin suite of products.

2018-12-20

Host (daemon) & Client (CLI) [2.8.21]

  • Resolved an issue when running syscheck on RHEL 6.7, which no longer relies on using top to minimize dependencies

Control Plane API [1.4.38]

  • When using containers with Datadog integration, container labels are now available

Web App

  • When configuring a memory attack, provide the amount of memory to consume in either MB or GB, but not both
  • Resolved an issue where at times the number of users within a company was reported incorrectly
  • Resolved an issue with re-running time trial attacks, where the time to advance the clock was not always accurate
  • Drop downs in the create attack view are now searchable
  • The Choose a Gremlin section of the create attack view has been updated to show the categories and attack types more clearly

2018-11-15

Host (daemon) & Client (CLI) [2.8.17]

  • While a Time Travel Attack is underway, if an NTP server futher updates the clock, the attack will not make subsequent changes and when complete the clock will be reset to the accurate value
  • Installing with RPM no longer requires sudo

Control Plane API [1.3.25]

  • Registering client tags now clears existing tags instead of appending to existing tags
  • The use of TLS 1.0 for API access is no longer allowed, TLS 1.1/1.2 are fully supported
  • Increased the allowed skew between control plane and daemon clocks from 15 seconds to 1 minute

Web App

  • Client list now includes a tab for registered ALFI clients
  • Execution errors are now available in the Attack Details view

2018-10-23

Host (daemon) & Client (CLI) [2.8.14]

  • Resolved an issue where syscheck on a container would hang if the NET_ADMIN capability wasn’t present, a relevant error message is now returned

ALFI Java Client Library [0.5.1]

  • The GREMLIN_ALFI_IDENTIFIER is required (previously was optional) when authenticating your application with Gremlin

Control Plane API [1.3.21]

  • Creating an ALFI attack that overlaps with an existing attack will fail
  • Datadog integration now supports ALFI

Web App

  • Resolved an issue where hostnames and IP addresses were shown incorrectly when cloning an attack
  • When creating an ALFI attack, previously used Application Type values will be available and searchable
  • To simplify attack creation, advanced fields will be initially hidden

2018-10-11

Host (daemon) & Client (CLI) [2.8.13]

  • Signature-based auth using certificates is the expected authentication method, supported for hosts and containers
  • Syscheck now works with Docker containers

ALFI Java Client Library [0.5.0]

  • Install with Maven now available
  • Client library modules available individually
    • alfi-core Core library required for all ALFI functionality
    • alfi-aws [Optional] AWS integration, providing coordinate discovery for AwsLambda and AwsEc2
    • alfi-apache-http-client [Optional] ALFI injection points for Apache HTTP Client
    • alfi-aws-dynamodb-client [Optional] ALFI injection points for DynamoDB
  • AWS Parameter Store can be used for configuration

Control Plane API [1.3.6]

  • Slack integration issue resolved which was causing a timeout on registration
  • ALFI issue resolved where adding a key to ApplicationCoordinates prevented registeration

Web App

  • Resolved an issue where an attack end time was not displayed accurately
  • Certificates available for download on the team settings page for signature-based auth
  • The ALFI attack details will auto refresh until the attack is complete