Update CHANGELOG.md

CHANGELOG.md

@@ -1,8 +1,29 @@
 CHANGELOG
 ============
-# October 7th, 2021
 
-## Changes
+## September 26th, 2022
+
+### Changes
+
+- All APIs have been enabled.
+	- This allows for full CRUD operations on the Assessments/Scenarios/Events/Templates collections.
+- New Metrics API added to enable retrieving interesting data about ETM usage.
+- APIs require API Key Authentication and Authorization.
+	- Keys have permissions sets that restrict their privileges to only what is assigned to them.
+	- Key management added to the Admin Dashboard UI.
+- MITRE ATT&CK implementation has been refactored to make maintaining the project much easier.
+	- To update the ATT&CK data, just download the relevant ICS/Mobile/Enterprise JSON data files from the MITRE GitHub repository, delete the corresponding JSON files in ETM, and load the application.
+	- When the compiled data files are not found, they will be recompiled with the new MITRE provided data files.
+- MITRE ATT&CK selection has been refactored as well.
+	- Accordions were removed and have been replaced with a sliding sub-menu system.
+	- This should increase usability/productivity/accuracy when selecting a technique to associate with a given event.
+- Various bugs were identified and corrected.
+- Breadcrumbs have been introduced into the three major workflows
+- Event factor info helpers now include information regarding BLS methodologies for completing a threat scenario
+
+## October 7th, 2021
+
+### Changes
 
 - Threat Trees
 	+ Now possible to edit categories in an existing threat tree
@@ -12,13 +33,13 @@ CHANGELOG
 	+ Can import/export template packs as JSON files
 - Multiple bug fixes in all areas
 
-# June 8th, 2021
+## June 8th, 2021
 
-## MITRE ATT&CK v9
+### MITRE ATT&CK v9
 
 Techniques have been edited to reflect changes present in ATT&CK v9
 
-## New Features:
+### New Features:
 
 - Threat Trees
 	+ MITRE ATT&CK IDs are pulled from an entire assessment and populate a new design page for threat trees. From the design page you can customize many aspects of how the graph will appear when exported. This can be found by navigating to an Assessment and clicking the THREAT TREE button. Please note that once categories have been created for a threat tree, those are not changeable without deleting the tree and starting over. This was implemented to aid when creating the outbrief graphs we've seen lately
@@ -33,19 +54,19 @@ Techniques have been edited to reflect changes present in ATT&CK v9
 - BLS Descriptions
   + While editing an event in a scenario, clicking the info helper button will now present you with the NIST descriptions as well as BLS descriptions. Hopefully these will make it easier to interpret and apply values to the various factors. Feedback is welcome if there is a great disagreement on interpretation
 
-## Bug Fixes:
+### Bug Fixes:
 
 - When creating the labels for each node in a scenario graph, it is no longer necessary to escape quotations to avoid breaking the graph while rendering.
 
-# February 25th, 2021
+## February 25th, 2021
 
-## MITRE ATT&CK v8.2
+### MITRE ATT&CK v8.2
 
 FactorModels->Techniques has been updated to incorporate changes made to the ATT&CK framework in version 8.2.
 
-# December 1st, 2020
+## December 1st, 2020
 
-## Schema Change
+### Schema Change
 
 This update includes changes to the application schema. Because of this, if you had used the previous version you may need to update your data to continue proper functionality
 
@@ -54,7 +75,7 @@ This update includes changes to the application schema. Because of this, if you
   - ParentId was previously a string value, moving forward it is a string[] value
 - At the end of this changelog, we have included the script we used to migrate our data in hopes it will help others migrate theirs
 
-## New Features
+### New Features
 
 Below are a list of the features implemented in this release
 
@@ -71,39 +92,39 @@ Below are a list of the features implemented in this release
   - As of the time of this update, ETM is in line with current MITRE ATT&CK techniques that have also been added
   - Previous threat matrices generated with ETM will still provide use to client's as MITRE provides redirects to the deprecated techniques
 
-## Data Migration Steps
+### Data Migration Steps
 
-### First where GraphNode is null, attempt to set it with it's members:
+#### First where GraphNode is null, attempt to set it with it's members:
 ```
 > db.Steps.find({"GraphNode":null}).forEach(function(myDoc){ db.Steps.update( { _id: myDoc._id }, { "$set": { "GraphNode.ParentId": "na", "GraphNode.EntityType": "na", "GraphNode.EntityDescription": "na", "GraphNode.Risk": "na", "GraphNode._id": "na" } } ); })
 ```
 
-### Second, there may be some nulls there still. Check
+#### Second, there may be some nulls there still. Check
 ```
 > db.Steps.find({"GraphNode":null}).count()
 ```
 
-### Third, if there are, unset GraphNode
+#### Third, if there are, unset GraphNode
 ```
 > db.Steps.find({"GraphNode":null}).forEach(function(myDoc){ db.Steps.update( { _id: myDoc._id }, { "$unset" : { "GraphNode": null } } ); })
 ```
 
-### Fourth, re-set for those two
+#### Fourth, re-set for those two
 ```
 > db.Steps.find({"GraphNode":null}).forEach(function(myDoc) { db.Steps.update( { _id: myDoc._id }, { "$set": { "GraphNode.ParentId": "na", "GraphNode.EntityType": "na", "GraphNode.EntityDescription": "na", "GraphNode.Risk": "na", "GraphNode._id": "na" } } ); })
 ```
 
-### Fifth, check and replace any ParentIds that are null
+#### Fifth, check and replace any ParentIds that are null
 ```
 > db.Steps.find({"GraphNode.ParentId":null}).forEach(function(myDoc){ db.Steps.update( { _id: myDoc._id }, { "$set": { "GraphNode.ParentId": "na" } } ); })
 ```
 
-### Sixth, turn all of your string type ParentIds to array type
+#### Sixth, turn all of your string type ParentIds to array type
 ```
 > db.Steps.find().forEach(function(myDoc){ db.Steps.update( { _id: myDoc._id }, { "$set": { "GraphNode.ParentId": [myDoc.GraphNode.ParentId] } } ); })
 ```
 
-### Finally, confirm the array count is the total count of entries
+#### Finally, confirm the array count is the total count of entries
 ```
 > db.Steps.find({"GraphNode.ParentId": {"$type": "array"}}).count()
 > db.Steps.find().count()