As of Thursday, June 9, 2016, AlienVault USM and OSSIM v5.2.5 are now generally available for all existing and new customers. Users can update their system(s) through the console or web UI (see upgrade instructions for more information).
Please take a few minutes to carefully read these release notes before upgrading.
As of v5.2.5, two major changes occurred in how we handle backups of configuration settings. These changes were made to prevent exploitation of a vulnerability related to the API key:
Removal of API key from backups The AVAPI key will no longer be stored in the configuration backups. As a precaution, we recommend that you reset the AVAPI key via the ssh console after updating to v5.2.5.
Encryption password added to backups Users must create a new encryption password that will be used to decrypt configuration backups at the time of restore. Password can be set in the web UI under "Configuration > Admin > Main > Backups". Configuration backups will not run until the password is set. If we detect that no password has been set for the backups, you will receive a message in the Message Center with instructions on how to set your password.
Additional Upgrade Info for All Users on v5.1.1 and Earlier