elastic · nastasha-solomon · Nov 21, 2024 · Nov 21, 2024 · Dec 2, 2024
@@ -3,6 +3,7 @@
 
 This section summarizes the changes in each release.
 
+* <<release-notes-8.17.0, {elastic-sec} version 8.17.0>>
 * <<release-notes-8.16.1, {elastic-sec} version 8.16.1>>
 * <<release-notes-8.16.0, {elastic-sec} version 8.16.0>>
 * <<release-notes-8.15.5, {elastic-sec} version 8.15.5>>
@@ -69,6 +70,7 @@ This section summarizes the changes in each release.
 * <<release-notes-8.0.0, {elastic-sec} version 8.0.0>>
 * <<release-notes-8.0.0-rc2, {elastic-sec} version 8.0.0-rc2>>
 
+include::release-notes/8.17.asciidoc[]
 include::release-notes/8.16.asciidoc[]
 include::release-notes/8.15.asciidoc[]
 include::release-notes/8.14.asciidoc[]

@@ -0,0 +1,63 @@
+[[release-notes-header-8.17.0]]
+== 8.17
+
+[discrete]
+[[release-notes-8.17.0]]
+=== 8.17.0
+
+[discrete]
+[[known-issue-8.17.0]]
+==== Known issues
+
+// tag::known-issue[]
+[discrete]
+.Duplicate alerts can be produced from manually running threshold rules 
+[%collapsible]
+====
+*Details* +
+On November 12, 2024, it was discovered that manually running threshold rules could produce duplicate alerts if the date range was already covered by a scheduled rule execution.
+
+====
+// end::known-issue[]
+
+// tag::known-issue[]
+[discrete]
+.Manually running custom query rules with suppression could suppress more alerts than expected
+[%collapsible]
+====
+*Details* +
+On November 12, 2024, it was discovered that manually running a custom query rule with suppression could incorrectly inflate the number of suppressed alerts. 
+
+====
+// end::known-issue[]
+
+[discrete]
+[[features-8.17.0]]
+==== New features
+* Adds Signer option to Mac trusted apps ({kibana-pull}197821[#197821]).
+
+[discrete]
+[[enhancements-8.17.0]]
+==== Enhancements
+* Check user permissions before initialising entity engine ({kibana-pull}198661[#198661]).
+
+[discrete]
+[[bug-fixes-8.17.0]]
+==== Bug fixes
+* Fixes a bug in Automatic Import where icons were not shown after the integration was installed ({kibana-pull}201139[#201139]).
+* Only refresh the asset criticality index after bulk upload ({kibana-pull}200897[#200897]).
+* Fetching Assistant Knowledge Base fails when current user's username contains a : character ({kibana-pull}200131[#200131]).
+* Index Values are not available in dropdown under New Index Enter for Knowledge Base ({kibana-pull}199990[#199990]).
+* Fixes `required_fields` being removed after rule `PATCH` calls ({kibana-pull}199901[#199901]).
+* Update file validation because the file type is empty on windows ({kibana-pull}199791[#199791]).
+* API changes for right placement of deleting the old component template ({kibana-pull}199734[#199734]).
+* Improve asset criticality bulk error when entities are duplicated ({kibana-pull}199651[#199651]).
+* Fixes Asset Criticality index issue when setting up entity engines concurrently ({kibana-pull}199486[#199486]).
+* Fixes issue with duplicate timeline reloading ({kibana-pull}198652[#198652]).
+* Refactor UI on insights ({kibana-pull}197349[#197349]).
+* Explicitly Skip two mocked data tests form serverless MKI runs ({kibana-pull}196871[#196871]).
+* Bug: update timestamp on criticality soft delete ({kibana-pull}196722[#196722]).
+* Fixes a bug where quickly disabling and re-enabling event aggregation will result in aggregation being disabled.
+* On Linux endpoints, enable process information enrichment for file and network events when process events are disabled.
+* Fixes a time skew bug when Linux VMs using ebpf event probes are suspended and then resumed.
+* Fixes a bug where the Linux system call, setsid, was not properly gathered for RHEL 9/CentOS Stream 9 process events.