diff --git a/CHANGELOG.md b/CHANGELOG.md
index b504a828a5..0951807e57 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,8 +1,35 @@
 # Change Log
 
-## [3.4.0](https://github.com/TheHive-Project/TheHive/tree/HEAD) (2019-09-05)
+## [3.4.1](https://github.com/TheHive-Project/TheHive/milestone/53) (2020-04-17)
 
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.4.0-RC2...3.4.0)
+**Implemented enhancements:**
+
+- docker: TheHive fails to connect to elasticsearch (NoNodeAvailableException) [\#854](https://github.com/TheHive-Project/TheHive/issues/854)
+- Improved support for OpenID connect and OAuth2 [\#1110](https://github.com/TheHive-Project/TheHive/issues/1110)
+- TheHive's Docker entrypoint logs the Play secret key at startup [\#1177](https://github.com/TheHive-Project/TheHive/issues/1177)
+- [Q] Configure TheHive's first run using Docker Compose [\#1199](https://github.com/TheHive-Project/TheHive/issues/1199)
+- TheHive's docker containers should be orchestration-ready [\#1204](https://github.com/TheHive-Project/TheHive/issues/1204)
+- MISP synchronisation: map to_ids to ioc [\#1273](https://github.com/TheHive-Project/TheHive/issues/1273)
+
+**Closed issues:**
+
+- Include Dockerfile in root of project [\#1222](https://github.com/TheHive-Project/TheHive/issues/1222)
+- Docker user daemon with id 1 causes permission issues with local [\#1227](https://github.com/TheHive-Project/TheHive/issues/1227)
+
+**Fixed bugs:**
+
+- MISP & TheHive out of sync? [\#866](https://github.com/TheHive-Project/TheHive/issues/866)
+- Owner is case-sensitive on api calls [\#928](https://github.com/TheHive-Project/TheHive/issues/928)
+- Bug: Observable without data breaks display of observables [\#1080](https://github.com/TheHive-Project/TheHive/issues/1080)
+- Docker-Compose ElasticSearch incompatibility [\#1140](https://github.com/TheHive-Project/TheHive/issues/1140)
+- [Bug] Analyzers that take more than 10 Minutes run into timeout [\#1156](https://github.com/TheHive-Project/TheHive/issues/1156)
+- TheHive 3.4.0 migration logs errors ([error] m.Migration - Failed to create dashboard) [\#1202](https://github.com/TheHive-Project/TheHive/issues/1202)
+- Computed metrics is not compatible with painless scripting language [\#1210](https://github.com/TheHive-Project/TheHive/issues/1210)
+- OAuth2 Bearer header should be of the format "Authorization Bearer" ? [\#1228](https://github.com/TheHive-Project/TheHive/issues/1228)
+- Health API endpoint returns warning when everything is OK [\#1233](https://github.com/TheHive-Project/TheHive/issues/1233)
+- [Bug] Job submission sometimes fails when multiple Cortex servers  [\#1272](https://github.com/TheHive-Project/TheHive/issues/1272)
+
+## [3.4.0](https://github.com/TheHive-Project/TheHive/milestone/52) (2019-09-09)
 
 **Implemented enhancements:**
 
@@ -10,107 +37,84 @@
 
 **Fixed bugs:**
 
-- Cosmetic Bug: wrong number of exported observables displayed [\#1071](https://github.com/TheHive-Project/TheHive/issues/1071)
-- Update Database button does not appear in training appliance [\#1067](https://github.com/TheHive-Project/TheHive/issues/1067)
-- bulk merge alerts into case lose description's alert [\#1065](https://github.com/TheHive-Project/TheHive/issues/1065)
-- Incorrect number of related observables returned [\#1062](https://github.com/TheHive-Project/TheHive/issues/1062)
-- Incorrect tag filter results when observables with tags are added then deleted [\#1061](https://github.com/TheHive-Project/TheHive/issues/1061)
-- Cannot setup TheHive 3.4.0-RC2 using Docker [\#1051](https://github.com/TheHive-Project/TheHive/issues/1051)
-- Case statistics dashboard loads with an error message and the case over time panel fails to display any data [\#1050](https://github.com/TheHive-Project/TheHive/issues/1050)
 - Can't secure ElasticSearch connection [\#1046](https://github.com/TheHive-Project/TheHive/issues/1046)
+- Case statistics dashboard loads with an error message and the case over time panel fails to display any data [\#1050](https://github.com/TheHive-Project/TheHive/issues/1050)
+- Cannot setup TheHive 3.4.0-RC2 using Docker [\#1051](https://github.com/TheHive-Project/TheHive/issues/1051)
+- Incorrect tag filter results when observables with tags are added then deleted [\#1061](https://github.com/TheHive-Project/TheHive/issues/1061)
+- Incorrect number of related observables returned [\#1062](https://github.com/TheHive-Project/TheHive/issues/1062)
+- bulk merge alerts into case lose description's alert [\#1065](https://github.com/TheHive-Project/TheHive/issues/1065)
+- Update Database button does not appear in training appliance [\#1067](https://github.com/TheHive-Project/TheHive/issues/1067)
+- Cosmetic Bug: wrong number of exported observables displayed [\#1071](https://github.com/TheHive-Project/TheHive/issues/1071)
+- 3.4 RC2 doesn't prompt to update/create the database when one doesn't exist [\#1107](https://github.com/TheHive-Project/TheHive/issues/1107)
 
-## [3.4.0-RC2](https://github.com/TheHive-Project/TheHive/tree/3.4.0-RC2) (2019-07-10)
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.4.0-RC1...3.4.0-RC2)
+## [3.4.0-RC2](https://github.com/TheHive-Project/TheHive/milestone/51) (2019-07-11)
 
 **Implemented enhancements:**
 
-- Display ioc and sighted attributes in Alert artifact list [\#1035](https://github.com/TheHive-Project/TheHive/issues/1035)
-- Merge Observable tags with existing observables during importing alerts into case [\#1014](https://github.com/TheHive-Project/TheHive/issues/1014)
-- API not recognizing the attribute 'sighted' of artifacts on alert creation [\#1003](https://github.com/TheHive-Project/TheHive/issues/1003)
 - Alerts are not getting deleted as expected [\#974](https://github.com/TheHive-Project/TheHive/issues/974)
-
-**Fixed bugs:**
-
-- Update case owner field validation to handle null value [\#1036](https://github.com/TheHive-Project/TheHive/issues/1036)
-- thehive prints error messages on first run \("Authentication failure" / "user init not found"\) [\#1027](https://github.com/TheHive-Project/TheHive/issues/1027)
-- TLP:WHITE for observable not shown, not editable [\#1025](https://github.com/TheHive-Project/TheHive/issues/1025)
-- Dashboard based on observables not refreshing correctly [\#996](https://github.com/TheHive-Project/TheHive/issues/996)
-- javascript error in tasks [\#979](https://github.com/TheHive-Project/TheHive/issues/979)
-- /api/alert/{}/createCase does not use caseTemplate [\#929](https://github.com/TheHive-Project/TheHive/issues/929)
+- API not recognizing the attribute 'sighted' of artifacts on alert creation [\#1003](https://github.com/TheHive-Project/TheHive/issues/1003)
+- Merge Observable tags with existing observables during importing alerts into case [\#1014](https://github.com/TheHive-Project/TheHive/issues/1014)
+- Display ioc and sighted attributes in Alert artifact list [\#1035](https://github.com/TheHive-Project/TheHive/issues/1035)
 
 **Closed issues:**
 
-- Cannot add custom fields to case template [\#1042](https://github.com/TheHive-Project/TheHive/issues/1042)
+- can't add custom fields to case in 3.4.0-RC1 [\#1026](https://github.com/TheHive-Project/TheHive/issues/1026)
 - sample hive does not connect to cortex and prints no helpful error message [\#1028](https://github.com/TheHive-Project/TheHive/issues/1028)
 
-## [3.4.0-RC1](https://github.com/TheHive-Project/TheHive/tree/HEAD) (2019-06-05)
+**Fixed bugs:**
+
+- /api/alert/{}/createCase does not use caseTemplate [\#929](https://github.com/TheHive-Project/TheHive/issues/929)
+- javascript error in tasks [\#979](https://github.com/TheHive-Project/TheHive/issues/979)
+- Dashboard based on observables not refreshing correctly [\#996](https://github.com/TheHive-Project/TheHive/issues/996)
+- TLP:WHITE for observable not shown, not editable [\#1025](https://github.com/TheHive-Project/TheHive/issues/1025)
+- thehive prints error messages on first run ("Authentication failure" / "user init not found") [\#1027](https://github.com/TheHive-Project/TheHive/issues/1027)
+- Update case owner field validation to handle null value [\#1036](https://github.com/TheHive-Project/TheHive/issues/1036)
 
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.3.1...3.4.0-4C1)
+## [3.4.0-RC1](https://github.com/TheHive-Project/TheHive/milestone/49) (2019-06-05)
 
 **Implemented enhancements:**
 
-- Allow to import file from Cortex report [\#982](https://github.com/TheHive-Project/TheHive/issues/982)
-- Remove metrics module [\#975](https://github.com/TheHive-Project/TheHive/issues/975)
-- Upgrade frontend libraries [\#966](https://github.com/TheHive-Project/TheHive/issues/966)
-- Cortex AddArtifactToCase AssignCase [\#922](https://github.com/TheHive-Project/TheHive/issues/922)
-- Communication to ElasticSearch via HTTP API 9200 [\#913](https://github.com/TheHive-Project/TheHive/issues/913)
-- Add Cortex AssignCase [\#924](https://github.com/TheHive-Project/TheHive/pull/924) ([zpriddy](https://github.com/zpriddy))
 - Support Elasticsearch 6.x clusters [\#623](https://github.com/TheHive-Project/TheHive/issues/623)
-
-**Fixed bugs:**
-
-- Donut dashboard metric values are not transformed to searches [\#972](https://github.com/TheHive-Project/TheHive/issues/972)
-- Bulk merge of alerts does not merge the tags [\#994](https://github.com/TheHive-Project/TheHive/issues/994)
-- Java 11 build crash [\#990](https://github.com/TheHive-Project/TheHive/issues/990)
-- Failure to load datatypes [\#988](https://github.com/TheHive-Project/TheHive/issues/988)
-- Fix search page base filter [\#983](https://github.com/TheHive-Project/TheHive/issues/983)
-- Authentication Error when using Hive API \(Patch\) [\#951](https://github.com/TheHive-Project/TheHive/issues/951)
+- Communication to ElasticSearch via HTTP API 9200 [\#913](https://github.com/TheHive-Project/TheHive/issues/913)
+- Cortex AddArtifactToCase AssignCase [\#922](https://github.com/TheHive-Project/TheHive/issues/922)
+- Upgrade frontend libraries [\#966](https://github.com/TheHive-Project/TheHive/issues/966)
+- Remove metrics module [\#975](https://github.com/TheHive-Project/TheHive/issues/975)
+- Allow to import file from Cortex report [\#982](https://github.com/TheHive-Project/TheHive/issues/982)
 
 **Closed issues:**
 
-- bintray repo for deb packages not signed [\#976](https://github.com/TheHive-Project/TheHive/issues/976)
-- Set alert to status "Ignored" via API does not work [\#955](https://github.com/TheHive-Project/TheHive/issues/955)
+- Have AlertFilter for "New&Updated" [\#952](https://github.com/TheHive-Project/TheHive/issues/952)
 
-**Merged pull requests:**
-
-- Add 'My open cases' and 'New & Updated alerts' to quick filters [\#925](https://github.com/TheHive-Project/TheHive/pull/925) ([zpriddy](https://github.com/zpriddy))
+**Fixed bugs:**
 
-## [3.3.1](https://github.com/TheHive-Project/TheHive/tree/3.3.1) (2019-05-22)
+- Donut dashboard metric values are not transformed to searches [\#972](https://github.com/TheHive-Project/TheHive/issues/972)
+- Fix search page base filter [\#983](https://github.com/TheHive-Project/TheHive/issues/983)
+- Failure to load datatypes [\#988](https://github.com/TheHive-Project/TheHive/issues/988)
+- Java 11 build crash [\#990](https://github.com/TheHive-Project/TheHive/issues/990)
+- Bulk merge of alerts does not merge the tags [\#994](https://github.com/TheHive-Project/TheHive/issues/994)
 
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.3.0...3.3.1)
+## [3.3.1](https://github.com/TheHive-Project/TheHive/milestone/50) (2019-05-22)
 
 **Fixed bugs:**
 
 - THP-SEC-ADV-2017-001: Privilege Escalation in all Versions of TheHive [\#408](https://github.com/TheHive-Project/TheHive/issues/408)
 
-## [3.3.0](https://github.com/TheHive-Project/TheHive/tree/3.3.0) (2019-03-19)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.3.0-RC6...3.3.0)
+## [3.3.0](https://github.com/TheHive-Project/TheHive/milestone/48) (2019-03-19)
 
 **Fixed bugs:**
 
 - Merge case by CaseID Broken [\#930](https://github.com/TheHive-Project/TheHive/issues/930)
 
-## [3.3.0-RC6](https://github.com/TheHive-Project/TheHive/tree/3.3.0-RC6) (2019-03-07)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.3.0-RC5...3.3.0-RC6)
+## [3.3.0-RC6](https://github.com/TheHive-Project/TheHive/milestone/47) (2019-03-19)
 
 **Implemented enhancements:**
 
-- Add Tags to an Alert with Responder [\#912](https://github.com/TheHive-Project/TheHive/issues/912)
-- Dashboards - Add text widget [\#908](https://github.com/TheHive-Project/TheHive/issues/908)
+- Support for filtering Tags by prefix (using asterisk, % or something) in search dialog [\#666](https://github.com/TheHive-Project/TheHive/issues/666)
 - Empty case still available when disabled [\#901](https://github.com/TheHive-Project/TheHive/issues/901)
-- Support for filtering Tags by prefix \(using asterisk, % or something\) in search dialog [\#666](https://github.com/TheHive-Project/TheHive/issues/666)
-
-**Closed issues:**
-
-- Dynamic \(auto-refresh\) of cases is break in 3.3.0-RC5 [\#907](https://github.com/TheHive-Project/TheHive/issues/907)
-- Hostname Artifact [\#900](https://github.com/TheHive-Project/TheHive/issues/900)
-- DOS issue: Firefox crashing TheHive [\#899](https://github.com/TheHive-Project/TheHive/issues/899)
-
-## [3.3.0-RC5](https://github.com/TheHive-Project/TheHive/tree/3.3.0-RC5) (2019-02-23)
+- Dashboards - Add text widget [\#908](https://github.com/TheHive-Project/TheHive/issues/908)
+- Add Tags to an Alert with Responder [\#912](https://github.com/TheHive-Project/TheHive/issues/912)
 
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.3.0-RC4...3.3.0-RC5)
+## [3.3.0-RC5](https://github.com/TheHive-Project/TheHive/milestone/46) (2019-02-23)
 
 **Implemented enhancements:**
 
@@ -118,12 +122,10 @@
 
 **Fixed bugs:**
 
-- dashboard clicks are not correctly translated to tag filters [\#896](https://github.com/TheHive-Project/TheHive/issues/896)
 - Search results not visible [\#895](https://github.com/TheHive-Project/TheHive/issues/895)
+- dashboard clicks are not correctly translated to tag filters [\#896](https://github.com/TheHive-Project/TheHive/issues/896)
 
-## [3.3.0-RC4](https://github.com/TheHive-Project/TheHive/tree/3.3.0-RC4) (2019-02-22)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.3.0-RC3...3.3.0-RC4)
+## [3.3.0-RC4](https://github.com/TheHive-Project/TheHive/milestone/45) (2019-02-22)
 
 **Implemented enhancements:**
 
@@ -131,88 +133,67 @@
 
 **Fixed bugs:**
 
-- Issue with navigation from dashboard clickable donuts to search page [\#894](https://github.com/TheHive-Project/TheHive/issues/894)
 - Hide Empty Case Button Broken [\#890](https://github.com/TheHive-Project/TheHive/issues/890)
+- Issue with navigation from dashboard clickable donuts to search page [\#894](https://github.com/TheHive-Project/TheHive/issues/894)
 
-## [3.3.0-RC3](https://github.com/TheHive-Project/TheHive/tree/3.3.0-RC3) (2019-02-21)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.3.0-RC2...3.3.0-RC3)
+## [3.3.0 RC3](https://github.com/TheHive-Project/TheHive/milestone/43) (2019-02-21)
 
 **Implemented enhancements:**
 
-- Add a UI configuration admin section [\#888](https://github.com/TheHive-Project/TheHive/issues/888)
-- Add a Related Alerts link to case details view [\#884](https://github.com/TheHive-Project/TheHive/issues/884)
-- Update Copyright with year 2019 [\#879](https://github.com/TheHive-Project/TheHive/issues/879)
-- Provide a quick link to copy alert id [\#870](https://github.com/TheHive-Project/TheHive/issues/870)
-- \[BUG\] Audit trail for alert ignore [\#863](https://github.com/TheHive-Project/TheHive/issues/863)
-- Related artifacts: IOC/not IOC [\#838](https://github.com/TheHive-Project/TheHive/issues/838)
-- Feature: Add "auto-completion" to the UI [\#831](https://github.com/TheHive-Project/TheHive/issues/831)
-- Improvement: Upload of observables seem to fail "silently" [\#829](https://github.com/TheHive-Project/TheHive/issues/829)
-- Feature Request: link to and from Hive to MISP [\#820](https://github.com/TheHive-Project/TheHive/issues/820)
+- Ability to disable "New Case" -> "Empty case" [\#449](https://github.com/TheHive-Project/TheHive/issues/449)
 - Disable clickable widgets in dashboard edit mode [\#485](https://github.com/TheHive-Project/TheHive/issues/485)
-- Ability to disable "New Case" -\> "Empty case" [\#449](https://github.com/TheHive-Project/TheHive/issues/449)
+- Feature Request: link to and from Hive to MISP [\#820](https://github.com/TheHive-Project/TheHive/issues/820)
+- Improvement: Upload of observables seem to fail "silently" [\#829](https://github.com/TheHive-Project/TheHive/issues/829)
+- Feature: Add "auto-completion" to the UI [\#831](https://github.com/TheHive-Project/TheHive/issues/831)
+- Related artifacts: IOC/not IOC [\#838](https://github.com/TheHive-Project/TheHive/issues/838)
+- [BUG] Audit trail for alert ignore [\#863](https://github.com/TheHive-Project/TheHive/issues/863)
+- Provide a quick link to copy alert id [\#870](https://github.com/TheHive-Project/TheHive/issues/870)
+- Update Copyright with year 2019 [\#879](https://github.com/TheHive-Project/TheHive/issues/879)
+- Add a Related Alerts link to case details view [\#884](https://github.com/TheHive-Project/TheHive/issues/884)
+- Add a UI configuration admin section [\#888](https://github.com/TheHive-Project/TheHive/issues/888)
 
 **Fixed bugs:**
 
-- Drone build fails on pull-requests [\#882](https://github.com/TheHive-Project/TheHive/issues/882)
-- AKKA version missmatch [\#877](https://github.com/TheHive-Project/TheHive/issues/877)
-- Label Typo in Updated Alerts [\#874](https://github.com/TheHive-Project/TheHive/issues/874)
+- Alert updates and tracking (follow) [\#856](https://github.com/TheHive-Project/TheHive/issues/856)
+- Cortex responders with DataType `thehive:case_artifact` do not show up within thehive when attempting to run them for observables. [\#869](https://github.com/TheHive-Project/TheHive/issues/869)
 - Log message related to MISP synchronization is confusing [\#871](https://github.com/TheHive-Project/TheHive/issues/871)
-- Cortex responders with DataType `thehive:case\_artifact` do not show up within thehive when attempting to run them for observables. [\#869](https://github.com/TheHive-Project/TheHive/issues/869)
-- Alert updates and tracking \(follow\) [\#856](https://github.com/TheHive-Project/TheHive/issues/856)
-
-**Merged pull requests:**
-
-- Update akka version [\#878](https://github.com/TheHive-Project/TheHive/pull/878) ([zpriddy](https://github.com/zpriddy))
-- Fix Update Label to Warning [\#873](https://github.com/TheHive-Project/TheHive/pull/873) ([zpriddy](https://github.com/zpriddy))
-
-## [3.3.0-RC2](https://github.com/TheHive-Project/TheHive/tree/3.3.0-RC2) (2019-02-07)
+- Label Typo in Updated Alerts [\#874](https://github.com/TheHive-Project/TheHive/issues/874)
+- AKKA version missmatch [\#877](https://github.com/TheHive-Project/TheHive/issues/877)
+- Drone build fails on pull-requests [\#882](https://github.com/TheHive-Project/TheHive/issues/882)
 
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.3.0-RC1...3.3.0-RC2)
+## [3.3.0 RC2](https://github.com/TheHive-Project/TheHive/milestone/42) (2019-02-12)
 
 **Fixed bugs:**
 
 - Java dependency of DEB package is broken [\#867](https://github.com/TheHive-Project/TheHive/issues/867)
 
-## [3.3.0-RC1](https://github.com/TheHive-Project/TheHive/tree/3.3.0-RC1) (2019-02-06)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.2.1...3.3.0-RC1)
+## [3.3.0 RC1](https://github.com/TheHive-Project/TheHive/milestone/41) (2019-02-06)
 
 **Implemented enhancements:**
 
-- \[BUG\] Session cookie received with API token [\#864](https://github.com/TheHive-Project/TheHive/issues/864)
-- Add support to Java versions, higher than 8 [\#861](https://github.com/TheHive-Project/TheHive/issues/861)
-- MISP - Add an Event Tag instead of/additionnally to Attribute Tag [\#836](https://github.com/TheHive-Project/TheHive/issues/836)
-- sorting in alerts [\#824](https://github.com/TheHive-Project/TheHive/issues/824)
-- Improve case template selection for case creation [\#769](https://github.com/TheHive-Project/TheHive/issues/769)
 - Bulk Merge Alerts into Case [\#271](https://github.com/TheHive-Project/TheHive/issues/271)
+- Improve case template selection for case creation [\#769](https://github.com/TheHive-Project/TheHive/issues/769)
+- sorting in alerts [\#824](https://github.com/TheHive-Project/TheHive/issues/824)
 - Merge alerts directly to a case [\#826](https://github.com/TheHive-Project/TheHive/issues/826)
-- Tag normalization [\#657](https://github.com/TheHive-Project/TheHive/pull/657) ([Viltaria](https://github.com/Viltaria))
+- MISP - Add an Event Tag instead of/additionnally to Attribute Tag [\#836](https://github.com/TheHive-Project/TheHive/issues/836)
+- Add support to Java versions, higher than 8 [\#861](https://github.com/TheHive-Project/TheHive/issues/861)
+- [BUG] Session cookie received with API token  [\#864](https://github.com/TheHive-Project/TheHive/issues/864)
 
 **Fixed bugs:**
 
-- Alert updates and tracking \(follow\) [\#856](https://github.com/TheHive-Project/TheHive/issues/856)
+- Delete user from Thehive:   DELETE /api/user/user1 returned 500 org.elastic4play.InternalError: user can't be removed [\#844](https://github.com/TheHive-Project/TheHive/issues/844)
 - Assigned Tasks do not show up in 'My Tasks' before they are started [\#845](https://github.com/TheHive-Project/TheHive/issues/845)
-- Delete user from Thehive: DELETE /api/user/user1 returned 500 org.elastic4play.InternalError: user can't be removed [\#844](https://github.com/TheHive-Project/TheHive/issues/844)
-
-## [3.2.1](https://github.com/TheHive-Project/TheHive/tree/3.2.1) (2018-12-20)
 
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.2.0...3.2.1)
+## [3.2.1](https://github.com/TheHive-Project/TheHive/milestone/40) (2019-01-02)
 
 **Fixed bugs:**
 
-- Bug UI "Tooltip" / Hint is cropped by window borders [\#832](https://github.com/TheHive-Project/TheHive/issues/832)
-- Can't unset case template when alert is imported [\#825](https://github.com/TheHive-Project/TheHive/issues/825)
-- Potential Regression: Case templates cannot be exported in 3.2.0 [\#823](https://github.com/TheHive-Project/TheHive/issues/823)
 - Tag order is reversed if a case is created from an alert [\#810](https://github.com/TheHive-Project/TheHive/issues/810)
+- Potential Regression: Case templates cannot be exported in 3.2.0 [\#823](https://github.com/TheHive-Project/TheHive/issues/823)
+- Can't unset case template when alert is imported [\#825](https://github.com/TheHive-Project/TheHive/issues/825)
+- Bug UI "Tooltip" / Hint is cropped by window borders [\#832](https://github.com/TheHive-Project/TheHive/issues/832)
 
-**Merged pull requests:**
-
-- Make improvements to configuration file [\#828](https://github.com/TheHive-Project/TheHive/pull/828) ([adl1995](https://github.com/adl1995))
-
-## [3.2.0](https://github.com/TheHive-Project/TheHive/tree/3.2.0) (2018-11-29)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.2.0-RC1...3.2.0)
+## [3.2.0](https://github.com/TheHive-Project/TheHive/milestone/39) (2018-12-11)
 
 **Implemented enhancements:**
 
@@ -222,283 +203,203 @@
 
 - Error when uploading password protected zips as observables [\#805](https://github.com/TheHive-Project/TheHive/issues/805)
 - Lowercase user ID coming from HTTP header [\#808](https://github.com/TheHive-Project/TheHive/issues/808)
-- Error when uploading password protected zips as observables [\#805](https://github.com/TheHive-Project/TheHive/issues/805)
 
-## [3.2.0-RC1](https://github.com/TheHive-Project/TheHive/tree/3.2.0-RC1) (2018-11-16)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.1.2...3.2.0-RC1)
+## [3.2.0-RC1](https://github.com/TheHive-Project/TheHive/milestone/16) (2018-11-21)
 
 **Implemented enhancements:**
 
-- Add ability to add a log in responder operation [\#795](https://github.com/TheHive-Project/TheHive/issues/795)
-- Add responder actions in dashboard [\#794](https://github.com/TheHive-Project/TheHive/issues/794)
-- Show observable description on mouseover observables [\#793](https://github.com/TheHive-Project/TheHive/issues/793)
-- Update Play [\#791](https://github.com/TheHive-Project/TheHive/issues/791)
-- Show tags of observables in Alert preview [\#778](https://github.com/TheHive-Project/TheHive/issues/778)
-- Observable Value gets cleared when changing its type \(importing it from an analyser result\) [\#763](https://github.com/TheHive-Project/TheHive/issues/763)
-- Add confirmation dialogs when running a responder [\#762](https://github.com/TheHive-Project/TheHive/issues/762)
-- Support header variable authentication [\#554](https://github.com/TheHive-Project/TheHive/issues/554)
 - Whitelist of tags for MISP alerts [\#481](https://github.com/TheHive-Project/TheHive/issues/481)
+- Support header variable authentication [\#554](https://github.com/TheHive-Project/TheHive/issues/554)
+- Add confirmation dialogs when running a responder [\#762](https://github.com/TheHive-Project/TheHive/issues/762)
+- Observable Value gets cleared when changing its type (importing it from an analyser result) [\#763](https://github.com/TheHive-Project/TheHive/issues/763)
+- Show tags of observables in Alert preview [\#778](https://github.com/TheHive-Project/TheHive/issues/778)
+- Update Play [\#791](https://github.com/TheHive-Project/TheHive/issues/791)
+- Show observable description on mouseover observables [\#793](https://github.com/TheHive-Project/TheHive/issues/793)
+- Add responder actions in dashboard [\#794](https://github.com/TheHive-Project/TheHive/issues/794)
+- Add ability to add a log in responder operation [\#795](https://github.com/TheHive-Project/TheHive/issues/795)
 
 **Fixed bugs:**
 
-- MISP synchronization fails if event contains attachment with invalid name [\#801](https://github.com/TheHive-Project/TheHive/issues/801)
-- Observable creation doesn't allow multiline observables [\#790](https://github.com/TheHive-Project/TheHive/issues/790)
-- A user with "write" permission can delete a case using API [\#773](https://github.com/TheHive-Project/TheHive/issues/773)
-- Basic authentication method should be disabled by default [\#772](https://github.com/TheHive-Project/TheHive/issues/772)
-- Case search from dashboard clic "invalid filters error" [\#761](https://github.com/TheHive-Project/TheHive/issues/761)
 - Intermittently losing Cortex [\#739](https://github.com/TheHive-Project/TheHive/issues/739)
+- Case search from dashboard clic "invalid filters error" [\#761](https://github.com/TheHive-Project/TheHive/issues/761)
+- Basic authentication method should be disabled by default [\#772](https://github.com/TheHive-Project/TheHive/issues/772)
+- A user with "write" permission can delete a case using API [\#773](https://github.com/TheHive-Project/TheHive/issues/773)
+- Observable creation doesn't allow multiline observables [\#790](https://github.com/TheHive-Project/TheHive/issues/790)
+- MISP synchronization fails if event contains attachment with invalid name [\#801](https://github.com/TheHive-Project/TheHive/issues/801)
 
-**Merged pull requests:**
-
-- Added Integration with FireEye iSIGHT [\#755](https://github.com/TheHive-Project/TheHive/pull/755) ([garanews](https://github.com/garanews))
-
-## [3.1.2](https://github.com/TheHive-Project/TheHive/tree/3.1.2) (2018-10-12)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.1.1...3.1.2)
+## [3.1.2](https://github.com/TheHive-Project/TheHive/milestone/38) (2018-10-12)
 
 **Fixed bugs:**
 
 - Cortex polling settings break startup [\#754](https://github.com/TheHive-Project/TheHive/issues/754)
 
-## [3.1.1](https://github.com/TheHive-Project/TheHive/tree/3.1.1) (2018-10-09)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.1.0...3.1.1)
+## [3.1.1](https://github.com/TheHive-Project/TheHive/milestone/37) (2018-10-12)
 
 **Implemented enhancements:**
 
-- Allow TheHive to use a custom root context [\#752](https://github.com/TheHive-Project/TheHive/issues/752)
-- Change Debian dependencies [\#751](https://github.com/TheHive-Project/TheHive/issues/751)
-- Publish stable versions in beta package channels [\#733](https://github.com/TheHive-Project/TheHive/issues/733)
 - url category to MISP: poll for default [\#732](https://github.com/TheHive-Project/TheHive/issues/732)
+- Publish stable versions in beta package channels [\#733](https://github.com/TheHive-Project/TheHive/issues/733)
+- Change Debian dependencies [\#751](https://github.com/TheHive-Project/TheHive/issues/751)
+- Allow TheHive to use a custom root context [\#752](https://github.com/TheHive-Project/TheHive/issues/752)
 
 **Fixed bugs:**
 
-- Console output should not be logged in syslog [\#749](https://github.com/TheHive-Project/TheHive/issues/749)
-- Update breaks RHEL [\#743](https://github.com/TheHive-Project/TheHive/issues/743)
-- Observable Result Icons Not Displaying [\#738](https://github.com/TheHive-Project/TheHive/issues/738)
 - UPN attribute is not correctly lowercased [\#736](https://github.com/TheHive-Project/TheHive/issues/736)
+- Observable Result Icons Not Displaying [\#738](https://github.com/TheHive-Project/TheHive/issues/738)
+- Update breaks RHEL [\#743](https://github.com/TheHive-Project/TheHive/issues/743)
+- Console output should not be logged in syslog [\#749](https://github.com/TheHive-Project/TheHive/issues/749)
 
-**Closed issues:**
-
-- Artifact tags are overwritten by alert sourceRef during import to case [\#734](https://github.com/TheHive-Project/TheHive/issues/734)
-
-## [3.1.0](https://github.com/TheHive-Project/TheHive/tree/3.1.0) (2018-09-25)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.1.0-RC3...3.1.0)
+## [3.1.0](https://github.com/TheHive-Project/TheHive/milestone/36) (2018-09-25)
 
 **Implemented enhancements:**
 
-- Add MarkAlertAsRead action to responders [\#729](https://github.com/TheHive-Project/TheHive/issues/729)
-- AddCustomField responder operation [\#724](https://github.com/TheHive-Project/TheHive/issues/724)
 - 3.1.0RC3: Browsing to negative case ids is possible [\#713](https://github.com/TheHive-Project/TheHive/issues/713)
-
-**Fixed bugs:**
-
-- RPM Updates not available \(404\) [\#719](https://github.com/TheHive-Project/TheHive/issues/719)
-- Observables not being displayed [\#655](https://github.com/TheHive-Project/TheHive/issues/655)
-- TheHive Hyperlinking [\#723](https://github.com/TheHive-Project/TheHive/issues/723)
-- Multiple responder actions does not seem to be handled [\#722](https://github.com/TheHive-Project/TheHive/issues/722)
-- API allows alert creation with duplicate artifacts [\#720](https://github.com/TheHive-Project/TheHive/issues/720)
-- 3.0.1RC3: certificate based authentication failes as attributes are not correctly lowercased [\#714](https://github.com/TheHive-Project/TheHive/issues/714)
-- Fix PAP labels [\#711](https://github.com/TheHive-Project/TheHive/issues/711)
+- AddCustomField responder operation [\#724](https://github.com/TheHive-Project/TheHive/issues/724)
+- Add MarkAlertAsRead action to responders [\#729](https://github.com/TheHive-Project/TheHive/issues/729)
 
 **Closed issues:**
 
-- Cortex Connector [\#721](https://github.com/TheHive-Project/TheHive/issues/721)
-- Markdown syntex not rendered correctly [\#718](https://github.com/TheHive-Project/TheHive/issues/718)
-- 3.1.0RC3: Search produces errors on screen [\#712](https://github.com/TheHive-Project/TheHive/issues/712)
 - TheHive:Alerts don't send observables to Responders [\#725](https://github.com/TheHive-Project/TheHive/issues/725)
 
-**Merged pull requests:**
-
-- CloseTask responder operation [\#728](https://github.com/TheHive-Project/TheHive/pull/728) ([srilumpa](https://github.com/srilumpa))
-- Add AddTagToArtifact action to responders [\#717](https://github.com/TheHive-Project/TheHive/pull/717) ([srilumpa](https://github.com/srilumpa))
+**Fixed bugs:**
 
-## [3.1.0-RC3](https://github.com/TheHive-Project/TheHive/tree/3.1.0-RC3) (2018-09-06)
+- Fix PAP labels [\#711](https://github.com/TheHive-Project/TheHive/issues/711)
+- 3.0.1RC3: certificate based authentication failes as attributes are not correctly lowercased [\#714](https://github.com/TheHive-Project/TheHive/issues/714)
+- API allows alert creation with duplicate artifacts [\#720](https://github.com/TheHive-Project/TheHive/issues/720)
+- Multiple responder actions does not seem to be handled [\#722](https://github.com/TheHive-Project/TheHive/issues/722)
+- TheHive Hyperlinking  [\#723](https://github.com/TheHive-Project/TheHive/issues/723)
 
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.1.0-RC2...3.1.0-RC3)
+## [3.1.0-RC3](https://github.com/TheHive-Project/TheHive/milestone/35) (2018-09-06)
 
 **Implemented enhancements:**
 
-- Extend Case Description Field [\#81](https://github.com/TheHive-Project/TheHive/issues/81)
-- Display task description via a collapsible row [\#709](https://github.com/TheHive-Project/TheHive/issues/709)
-- Allow task group auto complete in case template admin section [\#707](https://github.com/TheHive-Project/TheHive/issues/707)
-- Display task group in global task lists [\#705](https://github.com/TheHive-Project/TheHive/issues/705)
-- Make task group input optional [\#696](https://github.com/TheHive-Project/TheHive/issues/696)
-- Related Cases: See \(x\) more links [\#690](https://github.com/TheHive-Project/TheHive/issues/690)
-- Search section: Search for a string over all types of objects [\#689](https://github.com/TheHive-Project/TheHive/issues/689)
 - Filter on computedHandlingDuration in SearchDialog fails [\#688](https://github.com/TheHive-Project/TheHive/issues/688)
-- Change layout of observable creation form [\#706](https://github.com/TheHive-Project/TheHive/pull/706) ([srilumpa](https://github.com/srilumpa))
+- Search section: Search for a string over all types of objects [\#689](https://github.com/TheHive-Project/TheHive/issues/689)
+- Related Cases: See (x) more links [\#690](https://github.com/TheHive-Project/TheHive/issues/690)
+- Make task group input optional [\#696](https://github.com/TheHive-Project/TheHive/issues/696)
+- Display task group in global task lists [\#705](https://github.com/TheHive-Project/TheHive/issues/705)
+- Allow task group auto complete in case template admin section [\#707](https://github.com/TheHive-Project/TheHive/issues/707)
+- Display task description via a collapsible row [\#709](https://github.com/TheHive-Project/TheHive/issues/709)
 
 **Fixed bugs:**
 
-- Adding new observables to an alert retrospectively is impossible [\#511](https://github.com/TheHive-Project/TheHive/issues/511)
-- .sbt build of current git version fails with x-pack-transport error [\#710](https://github.com/TheHive-Project/TheHive/issues/710)
-- PKI authentication fails if user name in certificate has the wrong case [\#700](https://github.com/TheHive-Project/TheHive/issues/700)
-- Error handling deletion and re creation of file observables [\#699](https://github.com/TheHive-Project/TheHive/issues/699)
 - Start waiting tasks when adding task logs [\#695](https://github.com/TheHive-Project/TheHive/issues/695)
+- Error handling deletion and re creation of file observables [\#699](https://github.com/TheHive-Project/TheHive/issues/699)
+- PKI authentication fails if user name in certificate has the wrong case [\#700](https://github.com/TheHive-Project/TheHive/issues/700)
+- .sbt build of current git version fails with x-pack-transport error [\#710](https://github.com/TheHive-Project/TheHive/issues/710)
 
-## [3.1.0-RC2](https://github.com/TheHive-Project/TheHive/tree/3.1.0-RC2) (2018-08-27)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.1.0-RC1...3.1.0-RC2)
+## [3.1.0-RC2](https://github.com/TheHive-Project/TheHive/milestone/34) (2018-08-30)
 
 **Implemented enhancements:**
 
-- Add a search box to quickly search for case by caseId [\#685](https://github.com/TheHive-Project/TheHive/issues/685)
-- MISP Exports in livestream miss hyperlink to caseid [\#684](https://github.com/TheHive-Project/TheHive/issues/684)
-- Remember task list configuration \(grouped/list\) [\#681](https://github.com/TheHive-Project/TheHive/issues/681)
-- x509 certificate authentication option 'wantClientAuth' [\#667](https://github.com/TheHive-Project/TheHive/issues/667)
-- TheHive 3.1RC1: Slow reaction if Cortex is \(unclear\) unreachable [\#664](https://github.com/TheHive-Project/TheHive/issues/664)
-- TheHive 3.1RC1: Add status to cases and tasks in new search page [\#663](https://github.com/TheHive-Project/TheHive/issues/663)
-- TheHive 3.1RC1: Add Username that executes an active response to json data field of responder [\#662](https://github.com/TheHive-Project/TheHive/issues/662)
-- Ability to set custom fields as mandatory [\#652](https://github.com/TheHive-Project/TheHive/issues/652)
-- Application.conf needs clarifications [\#606](https://github.com/TheHive-Project/TheHive/issues/606)
 - Observable type boxes doesn't line break on alert preview pane [\#593](https://github.com/TheHive-Project/TheHive/issues/593)
-- On branch betterDescriptions [\#660](https://github.com/TheHive-Project/TheHive/pull/660) ([secdecompiled](https://github.com/secdecompiled))
+- Application.conf needs clarifications [\#606](https://github.com/TheHive-Project/TheHive/issues/606)
+- Ability to set custom fields as mandatory [\#652](https://github.com/TheHive-Project/TheHive/issues/652)
+- TheHive 3.1RC1: Add Username that executes an active response to json data field of responder [\#662](https://github.com/TheHive-Project/TheHive/issues/662)
+- TheHive 3.1RC1: Add status to cases and tasks in new search page [\#663](https://github.com/TheHive-Project/TheHive/issues/663)
+- TheHive 3.1RC1: Slow reaction if Cortex is (unclear) unreachable [\#664](https://github.com/TheHive-Project/TheHive/issues/664)
+- x509 certificate authentication option 'wantClientAuth' [\#667](https://github.com/TheHive-Project/TheHive/issues/667)
+- Remember task list configuration (grouped/list) [\#681](https://github.com/TheHive-Project/TheHive/issues/681)
+- MISP Exports in livestream miss hyperlink to caseid [\#684](https://github.com/TheHive-Project/TheHive/issues/684)
+- Add a search box to quickly search for case by caseId [\#685](https://github.com/TheHive-Project/TheHive/issues/685)
 
 **Fixed bugs:**
 
-- The hive docker image has no latest tag [\#670](https://github.com/TheHive-Project/TheHive/issues/670)
-- case metrics unordered in cases [\#419](https://github.com/TheHive-Project/TheHive/issues/419)
-- 3.1.0-RC1- Tasks list is limited to 10 items. [\#679](https://github.com/TheHive-Project/TheHive/issues/679)
-- WebUI inaccessible after upgrading to 3.1.0-0-RC1 \(elastic4play and Play exceptions\) [\#674](https://github.com/TheHive-Project/TheHive/issues/674)
-- play.crypto.secret is depecrated [\#671](https://github.com/TheHive-Project/TheHive/issues/671)
-- 'Tagged as' displayed in Related Cases even if cases are untagged [\#594](https://github.com/TheHive-Project/TheHive/issues/594)
-- Horizontal Scrolling and Word-Wrap options for Logs [\#573](https://github.com/TheHive-Project/TheHive/issues/573)
 - Dashboard visualizations do not work with custom fields [\#478](https://github.com/TheHive-Project/TheHive/issues/478)
+- Horizontal Scrolling and Word-Wrap options for Logs [\#573](https://github.com/TheHive-Project/TheHive/issues/573)
+- 'Tagged as' displayed in Related Cases even if cases are untagged [\#594](https://github.com/TheHive-Project/TheHive/issues/594)
+- play.crypto.secret is depecrated [\#671](https://github.com/TheHive-Project/TheHive/issues/671)
+- WebUI inaccessible after upgrading to 3.1.0-0-RC1 (elastic4play and Play exceptions) [\#674](https://github.com/TheHive-Project/TheHive/issues/674)
+- 3.1.0-RC1- Tasks list is limited to 10 items. [\#679](https://github.com/TheHive-Project/TheHive/issues/679)
 
-**Closed issues:**
-
-- ES Mapping bug [\#680](https://github.com/TheHive-Project/TheHive/issues/680)
-- ignore - delete me [\#675](https://github.com/TheHive-Project/TheHive/issues/675)
-- HTTPS not working with Keystore [\#669](https://github.com/TheHive-Project/TheHive/issues/669)
+## [3.1.0-RC1 (Cerana 1)](https://github.com/TheHive-Project/TheHive/milestone/7) (2018-08-20)
 
-**Merged pull requests:**
+**Implemented enhancements:**
 
-- Update Cortex reference.conf [\#668](https://github.com/TheHive-Project/TheHive/pull/668) ([ErnHem](https://github.com/ErnHem))
-- Fix some minor typos [\#658](https://github.com/TheHive-Project/TheHive/pull/658) ([srilumpa](https://github.com/srilumpa))
-- Move input group addons from right to left for better usage [\#672](https://github.com/TheHive-Project/TheHive/pull/672) ([srilumpa](https://github.com/srilumpa))
+- Ability to have nested tasks [\#148](https://github.com/TheHive-Project/TheHive/issues/148)
+- Output of analyzer as new observable [\#246](https://github.com/TheHive-Project/TheHive/issues/246)
+- Single-Sign On support [\#354](https://github.com/TheHive-Project/TheHive/issues/354)
+- MISP Sharing Improvements [\#366](https://github.com/TheHive-Project/TheHive/issues/366)
+- Make The Hive MISP integration sharing vs pull configurable [\#374](https://github.com/TheHive-Project/TheHive/issues/374)
+- StreamSrv: Unexpected message : StreamNotFound [\#414](https://github.com/TheHive-Project/TheHive/issues/414)
+- Assign Tasks to users from the Tasks tab [\#426](https://github.com/TheHive-Project/TheHive/issues/426)
+- Auto-refresh for Dashboards [\#476](https://github.com/TheHive-Project/TheHive/issues/476)
+- Handling malware as zip protected file [\#538](https://github.com/TheHive-Project/TheHive/issues/538)
+- Start Task  - Button [\#540](https://github.com/TheHive-Project/TheHive/issues/540)
+- Consider providing checksums for the release files [\#590](https://github.com/TheHive-Project/TheHive/issues/590)
+- Ability to execute active response on any element of TheHive [\#609](https://github.com/TheHive-Project/TheHive/issues/609)
+- Add PAP to case to indicate which kind of action is allowed [\#616](https://github.com/TheHive-Project/TheHive/issues/616)
+- New TheHive-Project repository [\#618](https://github.com/TheHive-Project/TheHive/issues/618)
+- Revamp the search section capabilities [\#620](https://github.com/TheHive-Project/TheHive/issues/620)
+- Check Cortex authentication in status page [\#625](https://github.com/TheHive-Project/TheHive/issues/625)
+- Custom fields in Alerts? [\#635](https://github.com/TheHive-Project/TheHive/issues/635)
+- Display drop-down for custom fields sorted alphabetically [\#653](https://github.com/TheHive-Project/TheHive/issues/653)
 
-## [3.1.0-RC1](https://github.com/TheHive-Project/TheHive/tree/3.1.0-RC1) (2018-07-31)
+**Closed issues:**
 
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.0.10...3.1.0-RC1)
+- Is X-Pack enabled TLS for elasticsearch supported? [\#611](https://github.com/TheHive-Project/TheHive/issues/611)
+- add double quotes in mini reports [\#634](https://github.com/TheHive-Project/TheHive/issues/634)
 
-**Implemented enhancements:**
+**Fixed bugs:**
 
-- Display drop-down for custom fields sorted alphabetically [\#653](https://github.com/TheHive-Project/TheHive/issues/653)
-- Custom fields in Alerts? [\#635](https://github.com/TheHive-Project/TheHive/issues/635)
-- Check Cortex authentication in status page [\#625](https://github.com/TheHive-Project/TheHive/issues/625)
-- Revamp the search section capabilities [\#620](https://github.com/TheHive-Project/TheHive/issues/620)
-- New TheHive-Project repository [\#618](https://github.com/TheHive-Project/TheHive/issues/618)
-- Add PAP to case to indicate which kind of action is allowed [\#616](https://github.com/TheHive-Project/TheHive/issues/616)
-- Ability to execute active response on any element of TheHive [\#609](https://github.com/TheHive-Project/TheHive/issues/609)
-- Consider providing checksums for the release files [\#590](https://github.com/TheHive-Project/TheHive/issues/590)
-- Start Task - Button [\#540](https://github.com/TheHive-Project/TheHive/issues/540)
-- Handling malware as zip protected file [\#538](https://github.com/TheHive-Project/TheHive/issues/538)
-- Auto-refresh for Dashboards [\#476](https://github.com/TheHive-Project/TheHive/issues/476)
-- Assign Tasks to users from the Tasks tab [\#426](https://github.com/TheHive-Project/TheHive/issues/426)
-- Make The Hive MISP integration sharing vs pull configurable [\#374](https://github.com/TheHive-Project/TheHive/issues/374)
-- MISP Sharing Improvements [\#366](https://github.com/TheHive-Project/TheHive/issues/366)
-- Output of analyzer as new observable [\#246](https://github.com/TheHive-Project/TheHive/issues/246)
-- Ability to have nested tasks [\#148](https://github.com/TheHive-Project/TheHive/issues/148)
-- Single-Sign On support [\#354](https://github.com/TheHive-Project/TheHive/issues/354)
-
-**Fixed bugs:**
-
-- Default value of custom fields are not saved [\#649](https://github.com/TheHive-Project/TheHive/issues/649)
-- Attachments with character "\#" in the filename are wrongly proceesed [\#645](https://github.com/TheHive-Project/TheHive/issues/645)
-- Session does not expire correctly [\#640](https://github.com/TheHive-Project/TheHive/issues/640)
-- Dashboards contain analyzer IDs instead of correct names [\#608](https://github.com/TheHive-Project/TheHive/issues/608)
-- Error with Single Sign-On on TheHive with X.509 Certificates [\#600](https://github.com/TheHive-Project/TheHive/issues/600)
-- Entity case XXXXXXXXXX not found - After deleting case [\#534](https://github.com/TheHive-Project/TheHive/issues/534)
-- Artifacts reports are not merged when merging cases [\#446](https://github.com/TheHive-Project/TheHive/issues/446)
-- If cortex modules fails in some way, it is permanently repolled by TheHive [\#324](https://github.com/TheHive-Project/TheHive/issues/324)
 - Previewing alerts fails with "too many substreams open" due to case similarity process [\#280](https://github.com/TheHive-Project/TheHive/issues/280)
+- File upload when /tmp is full [\#321](https://github.com/TheHive-Project/TheHive/issues/321)
+- If cortex modules fails in some way, it is permanently repolled by TheHive [\#324](https://github.com/TheHive-Project/TheHive/issues/324)
+- Artifacts reports are not merged when merging cases [\#446](https://github.com/TheHive-Project/TheHive/issues/446)
+- Error with Single Sign-On on TheHive with X.509 Certificates [\#600](https://github.com/TheHive-Project/TheHive/issues/600)
+- Dashboards contain analyzer IDs instead of correct names [\#608](https://github.com/TheHive-Project/TheHive/issues/608)
+- Session does not expire correctly [\#640](https://github.com/TheHive-Project/TheHive/issues/640)
+- Attachments with character "#" in the filename are wrongly proceesed [\#645](https://github.com/TheHive-Project/TheHive/issues/645)
+- Default value of custom fields are not saved [\#649](https://github.com/TheHive-Project/TheHive/issues/649)
 
-**Closed issues:**
-
-- add double quotes in mini reports [\#634](https://github.com/TheHive-Project/TheHive/issues/634)
-
-**Merged pull requests:**
-
-- fix bug in AlertListCtrl [\#642](https://github.com/TheHive-Project/TheHive/pull/642) ([billmurrin](https://github.com/billmurrin))
-- flag for Windows env [\#641](https://github.com/TheHive-Project/TheHive/pull/641) ([billmurrin](https://github.com/billmurrin))
-- 426 - assign tasks to users from tasks tab [\#628](https://github.com/TheHive-Project/TheHive/pull/628) ([billmurrin](https://github.com/billmurrin))
-- Fix installation links [\#603](https://github.com/TheHive-Project/TheHive/pull/603) ([Viltaria](https://github.com/Viltaria))
-
-## [3.0.10](https://github.com/TheHive-Project/TheHive/tree/3.0.10) (2018-05-29)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.0.9...3.0.10)
+## [3.0.10](https://github.com/TheHive-Project/TheHive/milestone/33) (2018-06-09)
 
 **Implemented enhancements:**
 
-- Rotate logs [\#579](https://github.com/TheHive-Project/TheHive/issues/579)
-- Send caseId to Cortex analyzer [\#564](https://github.com/TheHive-Project/TheHive/issues/564)
-- Poll for connectors status and display [\#563](https://github.com/TheHive-Project/TheHive/issues/563)
-- Sort related cases by related artifacts amount [\#548](https://github.com/TheHive-Project/TheHive/issues/548)
 - Time Calculation for individual tasks [\#546](https://github.com/TheHive-Project/TheHive/issues/546)
+- Sort related cases by related artifacts amount [\#548](https://github.com/TheHive-Project/TheHive/issues/548)
+- Poll for connectors status and display  [\#563](https://github.com/TheHive-Project/TheHive/issues/563)
+- Send caseId to Cortex analyzer [\#564](https://github.com/TheHive-Project/TheHive/issues/564)
+- Rotate logs [\#579](https://github.com/TheHive-Project/TheHive/issues/579)
 
 **Fixed bugs:**
 
-- Wrong error message when creating a observable with invalid data [\#592](https://github.com/TheHive-Project/TheHive/issues/592)
-- Analyzer name not reflected in modal view of mini-reports [\#586](https://github.com/TheHive-Project/TheHive/issues/586)
-- Invalid searches lead to read error messages [\#584](https://github.com/TheHive-Project/TheHive/issues/584)
-- Merge case by ID brings red error message if not a number in textfield [\#583](https://github.com/TheHive-Project/TheHive/issues/583)
-- Open cases not listed after deletion of merged case in UI [\#557](https://github.com/TheHive-Project/TheHive/issues/557)
-- Making dashboards private makes them "invisible" [\#555](https://github.com/TheHive-Project/TheHive/issues/555)
+- Short Report is not shown on observables (3.0.8) [\#512](https://github.com/TheHive-Project/TheHive/issues/512)
 - MISP Synchronisation error [\#522](https://github.com/TheHive-Project/TheHive/issues/522)
-- Short Report is not shown on observables \(3.0.8\) [\#512](https://github.com/TheHive-Project/TheHive/issues/512)
-
-**Closed issues:**
-
-- Max Age Filter Not Working? [\#577](https://github.com/TheHive-Project/TheHive/issues/577)
-- Support X-Pack authentication/encryption for elastic [\#570](https://github.com/TheHive-Project/TheHive/issues/570)
-- Order the cases list by custom field \[Feature Request\] [\#567](https://github.com/TheHive-Project/TheHive/issues/567)
-- Using Postman to test the API, getting "No CSRF token found in headers" [\#549](https://github.com/TheHive-Project/TheHive/issues/549)
-
-## [3.0.9](https://github.com/TheHive-Project/TheHive/tree/3.0.9) (2018-04-13)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.0.8...3.0.9)
+- Making dashboards private makes them "invisible" [\#555](https://github.com/TheHive-Project/TheHive/issues/555)
+- Open cases not listed after deletion of merged case in UI [\#557](https://github.com/TheHive-Project/TheHive/issues/557)
+- Merge case by ID brings red error message if not a number in textfield [\#583](https://github.com/TheHive-Project/TheHive/issues/583)
+- Invalid searches lead to read error messages [\#584](https://github.com/TheHive-Project/TheHive/issues/584)
+- Analyzer name not reflected in modal view of mini-reports [\#586](https://github.com/TheHive-Project/TheHive/issues/586)
+- Wrong error message when creating a observable with invalid data [\#592](https://github.com/TheHive-Project/TheHive/issues/592)
 
-**Fixed bugs:**
-
-- Cortex connection can fail without any error log [\#543](https://github.com/TheHive-Project/TheHive/issues/543)
-- PhishTank Cortex Tag is transparent [\#535](https://github.com/TheHive-Project/TheHive/issues/535)
-- Naming inconsistencies in Live-Channel [\#531](https://github.com/TheHive-Project/TheHive/issues/531)
-- Error when trying to analyze a filename with the Hybrid Analysis analyzer [\#530](https://github.com/TheHive-Project/TheHive/issues/530)
-- Long Report isn't shown [\#527](https://github.com/TheHive-Project/TheHive/issues/527)
-- Artifacts' sighted flags are not merged when merging cases [\#518](https://github.com/TheHive-Project/TheHive/issues/518)
-- TheHive MISP cert validation, the trustAnchors parameter must be non-empty [\#452](https://github.com/TheHive-Project/TheHive/issues/452)
+## [3.0.9](https://github.com/TheHive-Project/TheHive/milestone/32) (2018-04-13)
 
 **Closed issues:**
 
-- The Hive - MISP SSL configuration: General SSLEngine problem [\#544](https://github.com/TheHive-Project/TheHive/issues/544)
 - Dropdown menu for case templates doesnt have scroll [\#541](https://github.com/TheHive-Project/TheHive/issues/541)
 
-**Merged pull requests:**
-
-- Update spacing for elasticsearch section in docker-compose yml file [\#539](https://github.com/TheHive-Project/TheHive/pull/539) ([jbarlow-mcafee](https://github.com/jbarlow-mcafee))
+**Fixed bugs:**
 
-## [3.0.8](https://github.com/TheHive-Project/TheHive/tree/3.0.8) (2018-04-04)
+- TheHive MISP cert validation, the trustAnchors parameter must be non-empty [\#452](https://github.com/TheHive-Project/TheHive/issues/452)
+- Artifacts' sighted flags are not merged when merging cases [\#518](https://github.com/TheHive-Project/TheHive/issues/518)
+- Long Report isn't shown [\#527](https://github.com/TheHive-Project/TheHive/issues/527)
+- Error when trying to analyze a filename with the Hybrid Analysis analyzer [\#530](https://github.com/TheHive-Project/TheHive/issues/530)
+- Naming inconsistencies in Live-Channel [\#531](https://github.com/TheHive-Project/TheHive/issues/531)
+- PhishTank Cortex Tag is transparent [\#535](https://github.com/TheHive-Project/TheHive/issues/535)
+- Cortex connection can fail without any error log [\#543](https://github.com/TheHive-Project/TheHive/issues/543)
 
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.0.7...3.0.8)
+## [3.0.8](https://github.com/TheHive-Project/TheHive/milestone/31) (2018-04-04)
 
 **Fixed bugs:**
 
-- Mini reports is not shown when Cortex 2 is used [\#526](https://github.com/TheHive-Project/TheHive/issues/526)
-- Session collision when TheHive & Cortex 2 share the same URL [\#525](https://github.com/TheHive-Project/TheHive/issues/525)
-- "Run all" in single observable context does not work [\#524](https://github.com/TheHive-Project/TheHive/issues/524)
-- Error on displaying analyzers name in report template admin page [\#523](https://github.com/TheHive-Project/TheHive/issues/523)
 - Job Analyzer is no longer named in 3.0.7 with Cortex2 [\#521](https://github.com/TheHive-Project/TheHive/issues/521)
+- Error on displaying analyzers name in report template admin page [\#523](https://github.com/TheHive-Project/TheHive/issues/523)
+- "Run all" in single observable context does not work [\#524](https://github.com/TheHive-Project/TheHive/issues/524)
+- Session collision when TheHive & Cortex 2 share the same URL [\#525](https://github.com/TheHive-Project/TheHive/issues/525)
+- Mini reports is not shown when Cortex 2 is used [\#526](https://github.com/TheHive-Project/TheHive/issues/526)
 
-**Merged pull requests:**
-
-- Add ElasticSearch file descriptor limit to docker-compose.yml [\#505](https://github.com/TheHive-Project/TheHive/pull/505) ([flmsc](https://github.com/flmsc))
-
-## [3.0.7](https://github.com/TheHive-Project/TheHive/tree/3.0.7) (2018-04-03)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.0.6...3.0.7)
+## [3.0.7](https://github.com/TheHive-Project/TheHive/milestone/30) (2018-03-29)
 
 **Implemented enhancements:**
 
@@ -506,12 +407,10 @@
 
 **Fixed bugs:**
 
-- Display only cortex servers available for each analyzer, in observable details page [\#513](https://github.com/TheHive-Project/TheHive/issues/513)
 - Can't save case template in 3.0.6 [\#502](https://github.com/TheHive-Project/TheHive/issues/502)
+- Display only cortex servers available for each analyzer, in observable details page [\#513](https://github.com/TheHive-Project/TheHive/issues/513)
 
-## [3.0.6](https://github.com/TheHive-Project/TheHive/tree/3.0.6) (2018-03-08)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.0.5...3.0.6)
+## [3.0.6](https://github.com/TheHive-Project/TheHive/milestone/29) (2018-03-02)
 
 **Implemented enhancements:**
 
@@ -521,460 +420,386 @@
 
 - Tasks are stripped when merging cases [\#489](https://github.com/TheHive-Project/TheHive/issues/489)
 
-## [3.0.5](https://github.com/TheHive-Project/TheHive/tree/3.0.5) (2018-02-08)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.0.4...3.0.5)
+## [3.0.5](https://github.com/TheHive-Project/TheHive/milestone/28) (2018-02-08)
 
 **Fixed bugs:**
 
-- No reports available for "domain" type [\#469](https://github.com/TheHive-Project/TheHive/issues/469)
 - Importing Template Button Non-Functional [\#404](https://github.com/TheHive-Project/TheHive/issues/404)
+- No reports available for "domain" type [\#469](https://github.com/TheHive-Project/TheHive/issues/469)
 
-## [3.0.4](https://github.com/TheHive-Project/TheHive/tree/3.0.4) (2018-02-06)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.0.3...3.0.4)
+## [3.0.4](https://github.com/TheHive-Project/TheHive/milestone/27) (2018-02-08)
 
 **Implemented enhancements:**
 
-- Make alerts searchable through the global search field [\#456](https://github.com/TheHive-Project/TheHive/issues/456)
-- Make counts on Counter dashboard's widget clickable [\#455](https://github.com/TheHive-Project/TheHive/issues/455)
-- MISP feeds cause the growing of ES audit docs [\#450](https://github.com/TheHive-Project/TheHive/issues/450)
-- Case metrics sort [\#418](https://github.com/TheHive-Project/TheHive/issues/418)
 - Filter MISP Events Using MISP Tags & More Before Creating Alerts [\#370](https://github.com/TheHive-Project/TheHive/issues/370)
-- OAuth2 single sign-on implementation \(BE + FE\) [\#430](https://github.com/TheHive-Project/TheHive/pull/430) ([saibot94](https://github.com/saibot94))
+- Case metrics sort  [\#418](https://github.com/TheHive-Project/TheHive/issues/418)
+- MISP feeds cause the growing of ES audit docs [\#450](https://github.com/TheHive-Project/TheHive/issues/450)
+- Make counts on Counter dashboard's widget clickable [\#455](https://github.com/TheHive-Project/TheHive/issues/455)
+- Make alerts searchable through the global search field [\#456](https://github.com/TheHive-Project/TheHive/issues/456)
+
+**Closed issues:**
+
+- Add query capability to visualization elements [\#395](https://github.com/TheHive-Project/TheHive/issues/395)
 
 **Fixed bugs:**
 
-- Remove uppercase filter on template name [\#464](https://github.com/TheHive-Project/TheHive/issues/464)
-- Fix the alert bulk update timeline message [\#463](https://github.com/TheHive-Project/TheHive/issues/463)
-- "too many substreams open" on alerts [\#462](https://github.com/TheHive-Project/TheHive/issues/462)
-- Fix MISP export error dialog column's wrap [\#460](https://github.com/TheHive-Project/TheHive/issues/460)
-- More than 20 users prevents assignment in tasks [\#459](https://github.com/TheHive-Project/TheHive/issues/459)
-- Type is not used when generating alert id [\#457](https://github.com/TheHive-Project/TheHive/issues/457)
-- Fix link to default report templates [\#454](https://github.com/TheHive-Project/TheHive/issues/454)
-- Make dashboard donuts clickable [\#453](https://github.com/TheHive-Project/TheHive/issues/453)
-- Refresh custom fields on open cases by background changes [\#440](https://github.com/TheHive-Project/TheHive/issues/440)
-- Bug: Case metrics not shown when creating case from template [\#417](https://github.com/TheHive-Project/TheHive/issues/417)
 - Observable report taxonomies bug [\#409](https://github.com/TheHive-Project/TheHive/issues/409)
+- Bug: Case metrics not shown when creating case from template [\#417](https://github.com/TheHive-Project/TheHive/issues/417)
+- Refresh custom fields on open cases by background changes [\#440](https://github.com/TheHive-Project/TheHive/issues/440)
+- Make dashboard donuts clickable [\#453](https://github.com/TheHive-Project/TheHive/issues/453)
+- Fix link to default report templates [\#454](https://github.com/TheHive-Project/TheHive/issues/454)
+- Type is not used when generating alert id [\#457](https://github.com/TheHive-Project/TheHive/issues/457)
+- More than 20 users prevents assignment in tasks [\#459](https://github.com/TheHive-Project/TheHive/issues/459)
+- Fix MISP export error dialog column's wrap [\#460](https://github.com/TheHive-Project/TheHive/issues/460)
+- "too many substreams open" on alerts [\#462](https://github.com/TheHive-Project/TheHive/issues/462)
+- Fix the alert bulk update timeline message [\#463](https://github.com/TheHive-Project/TheHive/issues/463)
+- Remove uppercase filter on template name [\#464](https://github.com/TheHive-Project/TheHive/issues/464)
 
-**Closed issues:**
-
-- GET request with Content-Type ends up in HTTP 400 [\#438](https://github.com/TheHive-Project/TheHive/issues/438)
-- Feature Request: Ability to bulk upload files as observables. [\#435](https://github.com/TheHive-Project/TheHive/issues/435)
-- Add metadata to MISP event when exporting case from TheHive [\#433](https://github.com/TheHive-Project/TheHive/issues/433)
-- How to limit by date amount of events pulled from MISP initially? [\#432](https://github.com/TheHive-Project/TheHive/issues/432)
+## [2.13.3](https://github.com/TheHive-Project/TheHive/milestone/26) (2018-01-19)
 
-## [3.0.3](https://github.com/TheHive-Project/TheHive/tree/3.0.3) (2018-01-10)
 
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.0.2...3.0.3)
 
-**Fixed bugs:**
+## [3.0.3](https://github.com/TheHive-Project/TheHive/milestone/25) (2018-01-04)
 
-- THP-SEC-ADV-2017-001: Privilege Escalation in all Versions of TheHive [\#408](https://github.com/TheHive-Project/TheHive/issues/408)
 
-## [3.0.2](https://github.com/TheHive-Project/TheHive/tree/3.0.2) (2017-12-20)
 
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.0.1...3.0.2)
+## [3.0.2](https://github.com/TheHive-Project/TheHive/milestone/24) (2018-01-04)
 
 **Implemented enhancements:**
 
-- Add multiline/multi entity graph to dashboards [\#399](https://github.com/TheHive-Project/TheHive/issues/399)
 - Can not configure ElasticSearch authentication [\#384](https://github.com/TheHive-Project/TheHive/issues/384)
+- Add multiline/multi entity graph to dashboards [\#399](https://github.com/TheHive-Project/TheHive/issues/399)
 
 **Fixed bugs:**
 
 - "Mark as Sighted" Option not available for "File" observable type [\#400](https://github.com/TheHive-Project/TheHive/issues/400)
 
-## [3.0.1](https://github.com/TheHive-Project/TheHive/tree/3.0.1) (2017-12-07)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/3.0.0...3.0.1)
+## [3.0.1](https://github.com/TheHive-Project/TheHive/milestone/23) (2017-12-13)
 
 **Fixed bugs:**
 
-- MISP Event Export Error [\#387](https://github.com/TheHive-Project/TheHive/issues/387)
-- During migration, dashboards are not created [\#386](https://github.com/TheHive-Project/TheHive/issues/386)
 - Error when configuring multiple ElasticSearch nodes [\#383](https://github.com/TheHive-Project/TheHive/issues/383)
+- During migration, dashboards are not created [\#386](https://github.com/TheHive-Project/TheHive/issues/386)
+- MISP Event Export Error [\#387](https://github.com/TheHive-Project/TheHive/issues/387)
 
-## [3.0.0](https://github.com/TheHive-Project/TheHive/tree/3.0.0) (2017-12-05)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/2.13.2...3.0.0)
+## [3.0.0 (Cerana)](https://github.com/TheHive-Project/TheHive/milestone/6) (2017-12-06)
 
 **Implemented enhancements:**
 
-- Assign default values to case templates' custom fields [\#375](https://github.com/TheHive-Project/TheHive/issues/375)
-- Add the Ability to Import and Export Case Templates [\#369](https://github.com/TheHive-Project/TheHive/issues/369)
-- Add a sighted flag for IOCs [\#365](https://github.com/TheHive-Project/TheHive/issues/365)
-- Alert id should not be used to build case title when using case templates [\#364](https://github.com/TheHive-Project/TheHive/issues/364)
-- Set task assignee in case template [\#362](https://github.com/TheHive-Project/TheHive/issues/362)
-- Add Autonomous Systems to the Default Datatype List [\#359](https://github.com/TheHive-Project/TheHive/issues/359)
-- Display more than 10 users per page and sort them by alphanumerical order [\#346](https://github.com/TheHive-Project/TheHive/issues/346)
-- \[Minor\] Add user dialog title issue [\#345](https://github.com/TheHive-Project/TheHive/issues/345)
-- Deleted cases showing in statistics [\#317](https://github.com/TheHive-Project/TheHive/issues/317)
-- Dynamic dashboard [\#312](https://github.com/TheHive-Project/TheHive/issues/312)
-- Add health check in status API [\#306](https://github.com/TheHive-Project/TheHive/issues/306)
-- Alerts in Statistics [\#274](https://github.com/TheHive-Project/TheHive/issues/274)
-- Statistics: Observables and IOC over time [\#215](https://github.com/TheHive-Project/TheHive/issues/215)
-- Export Statistics/Metrics [\#197](https://github.com/TheHive-Project/TheHive/issues/197)
-- Msg_Parser analyser show for all files [\#184](https://github.com/TheHive-Project/TheHive/issues/184)
-- Assign default metric values [\#176](https://github.com/TheHive-Project/TheHive/issues/176)
-- Display Cortex Version, Instance Name, Status and Available Analyzers [\#130](https://github.com/TheHive-Project/TheHive/issues/130)
 - Feature Request: Webhooks [\#20](https://github.com/TheHive-Project/TheHive/issues/20)
-- Remove the From prefix and template suffix around a template name in the New Case menu [\#348](https://github.com/TheHive-Project/TheHive/issues/348)
-- Keep the alert date when creating a case from it [\#320](https://github.com/TheHive-Project/TheHive/issues/320)
-- Export to MISP: add TLP [\#314](https://github.com/TheHive-Project/TheHive/issues/314)
+- Display Cortex Version, Instance Name, Status and Available Analyzers [\#130](https://github.com/TheHive-Project/TheHive/issues/130)
 - Show already known observables in Import MISP Events preview window [\#137](https://github.com/TheHive-Project/TheHive/issues/137)
-
-**Fixed bugs:**
-
-- The misp \> instance name \> tags parameter is not honored when importing MISP events [\#373](https://github.com/TheHive-Project/TheHive/issues/373)
-- \[Bug\] Merging an alert into case with duplicate artifacts does not merge descriptions [\#357](https://github.com/TheHive-Project/TheHive/issues/357)
-- Share a case if MISP is not enabled raise an error [\#349](https://github.com/TheHive-Project/TheHive/issues/349)
-- Validate alert's TLP and severity attributes values [\#326](https://github.com/TheHive-Project/TheHive/issues/326)
-- Merge of cases overrides task log owners [\#303](https://github.com/TheHive-Project/TheHive/issues/303)
+- Assign default metric values [\#176](https://github.com/TheHive-Project/TheHive/issues/176)
+- Export Statistics/Metrics [\#197](https://github.com/TheHive-Project/TheHive/issues/197)
+- Statistics: Observables and IOC over time [\#215](https://github.com/TheHive-Project/TheHive/issues/215)
+- Templates can not be cloned [\#226](https://github.com/TheHive-Project/TheHive/issues/226)
+- Alerts in Statistics [\#274](https://github.com/TheHive-Project/TheHive/issues/274)
+- Statistics - Saved Filters [\#279](https://github.com/TheHive-Project/TheHive/issues/279)
+- Add health check in status API [\#306](https://github.com/TheHive-Project/TheHive/issues/306)
+- Export and Import Case Templates [\#310](https://github.com/TheHive-Project/TheHive/issues/310)
+- Dynamic dashboard [\#312](https://github.com/TheHive-Project/TheHive/issues/312)
+- Export to MISP: add TLP [\#314](https://github.com/TheHive-Project/TheHive/issues/314)
+- Deleted cases showing in statistics [\#317](https://github.com/TheHive-Project/TheHive/issues/317)
+- Keep the alert date when creating a case from it [\#320](https://github.com/TheHive-Project/TheHive/issues/320)
+- [Minor] Add user dialog title issue [\#345](https://github.com/TheHive-Project/TheHive/issues/345)
+- Display more than 10 users per page and sort them by alphanumerical order [\#346](https://github.com/TheHive-Project/TheHive/issues/346)
+- Remove the From prefix and template suffix around a template name in the New Case menu [\#348](https://github.com/TheHive-Project/TheHive/issues/348)
+- Add Autonomous Systems to the Default Datatype List [\#359](https://github.com/TheHive-Project/TheHive/issues/359)
+- Set task assignee in case template [\#362](https://github.com/TheHive-Project/TheHive/issues/362)
+- Alert id should not be used to build case title when using case templates [\#364](https://github.com/TheHive-Project/TheHive/issues/364)
+- Add a sighted flag for IOCs [\#365](https://github.com/TheHive-Project/TheHive/issues/365)
+- Add the Ability to Import and Export Case Templates [\#369](https://github.com/TheHive-Project/TheHive/issues/369)
+- Assign default values to case templates' custom fields [\#375](https://github.com/TheHive-Project/TheHive/issues/375)
 
 **Closed issues:**
 
-- MISP Connection Error with Cortex/HIVE [\#371](https://github.com/TheHive-Project/TheHive/issues/371)
 - Single Sign-On with X.509 certificates [\#297](https://github.com/TheHive-Project/TheHive/issues/297)
 - Remove the deprecated "user" property [\#316](https://github.com/TheHive-Project/TheHive/issues/316)
-- Run observable analyzers through API [\#308](https://github.com/TheHive-Project/TheHive/issues/308)
-
-**Merged pull requests:**
+- caseTemplate should be kept when creating a case from a template [\#325](https://github.com/TheHive-Project/TheHive/issues/325)
 
-- typos and improvements to text [\#355](https://github.com/TheHive-Project/TheHive/pull/355) ([steoleary](https://github.com/steoleary))
-- Correct typo [\#353](https://github.com/TheHive-Project/TheHive/pull/353) ([arnydo](https://github.com/arnydo))
+**Fixed bugs:**
 
-## [2.13.2](https://github.com/TheHive-Project/TheHive/tree/2.13.2) (2017-10-24)
+- Merge of cases overrides task log owners [\#303](https://github.com/TheHive-Project/TheHive/issues/303)
+- Validate alert's TLP and severity attributes values [\#326](https://github.com/TheHive-Project/TheHive/issues/326)
+- Share a case if MISP is not enabled raise an error [\#349](https://github.com/TheHive-Project/TheHive/issues/349)
+- [Bug] Merging an alert into case with duplicate artifacts does not merge descriptions [\#357](https://github.com/TheHive-Project/TheHive/issues/357)
 
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/2.13.1...2.13.2)
+## [2.13.2](https://github.com/TheHive-Project/TheHive/milestone/22) (2017-11-08)
 
 **Fixed bugs:**
 
-- Security issue on Play 2.6.5 [\#356](https://github.com/TheHive-Project/TheHive/issues/356)
-- Incorrect stats: non-IOC observables counted as IOC and IOC word displayed twice [\#347](https://github.com/TheHive-Project/TheHive/issues/347)
-- Deleted Observables, Show up on the statistics tab under Observables by Type [\#343](https://github.com/TheHive-Project/TheHive/issues/343)
-- Statistics on metrics doesn't work [\#342](https://github.com/TheHive-Project/TheHive/issues/342)
 - Error on custom fields format when merging cases [\#331](https://github.com/TheHive-Project/TheHive/issues/331)
+- Statistics on metrics doesn't work [\#342](https://github.com/TheHive-Project/TheHive/issues/342)
+- Deleted Observables, Show up on the statistics tab under Observables by Type [\#343](https://github.com/TheHive-Project/TheHive/issues/343)
+- Incorrect stats: non-IOC observables counted as IOC and IOC word displayed twice [\#347](https://github.com/TheHive-Project/TheHive/issues/347)
+- Security issue on Play 2.6.5 [\#356](https://github.com/TheHive-Project/TheHive/issues/356)
 
-## [2.13.1](https://github.com/TheHive-Project/TheHive/tree/2.13.1) (2017-09-18)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/2.13.0...2.13.1)
+## [2.13.1](https://github.com/TheHive-Project/TheHive/milestone/21) (2017-09-18)
 
 **Fixed bugs:**
 
-- Tasks Tab Elasticsearch exception: Fielddata is disabled on text fields by default. Set fielddata=true on \[title\] [\#311](https://github.com/TheHive-Project/TheHive/issues/311)
+- Tasks Tab Elasticsearch exception: Fielddata is disabled on text fields by default. Set fielddata=true on [title] [\#311](https://github.com/TheHive-Project/TheHive/issues/311)
 
-## [2.13.0](https://github.com/TheHive-Project/TheHive/tree/2.13.0) (2017-09-15)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/2.12.1...2.13.0)
+## [2.13.0](https://github.com/TheHive-Project/TheHive/milestone/13) (2017-09-15)
 
 **Implemented enhancements:**
 
-- Group ownership in Docker image prevents running on OpenShift [\#307](https://github.com/TheHive-Project/TheHive/issues/307)
-- Improve the content of alert flow items [\#304](https://github.com/TheHive-Project/TheHive/issues/304)
-- Add a basic support for webhooks [\#293](https://github.com/TheHive-Project/TheHive/issues/293)
-- Add basic authentication to Stream API [\#291](https://github.com/TheHive-Project/TheHive/issues/291)
-- Add Support for Play 2.6.x and Elasticsearch 5.x [\#275](https://github.com/TheHive-Project/TheHive/issues/275)
-- Fine grained user permissions for API access [\#263](https://github.com/TheHive-Project/TheHive/issues/263)
-- Alert Pane: Catch Incorrect Keywords [\#241](https://github.com/TheHive-Project/TheHive/issues/241)
-- Specify multiple AD servers in TheHive configuration [\#231](https://github.com/TheHive-Project/TheHive/issues/231)
 - Export cases in MISP events [\#52](https://github.com/TheHive-Project/TheHive/issues/52)
-
-**Fixed bugs:**
-
-- Download attachment with non-latin filename [\#302](https://github.com/TheHive-Project/TheHive/issues/302)
-- Undefined threat level from MISP events becomes severity "4" [\#300](https://github.com/TheHive-Project/TheHive/issues/300)
-- File name is not displayed in observable conflict dialog [\#295](https://github.com/TheHive-Project/TheHive/issues/295)
-- A colon punctuation mark in a search query results in 500 [\#285](https://github.com/TheHive-Project/TheHive/issues/285)
+- Specify multiple AD servers in TheHive configuration [\#231](https://github.com/TheHive-Project/TheHive/issues/231)
+- Alert Pane: Catch Incorrect Keywords [\#241](https://github.com/TheHive-Project/TheHive/issues/241)
+- Fine grained user permissions for API access [\#263](https://github.com/TheHive-Project/TheHive/issues/263)
+- Add Support for Play 2.6.x and Elasticsearch 5.x [\#275](https://github.com/TheHive-Project/TheHive/issues/275)
+- Add basic authentication to Stream API [\#291](https://github.com/TheHive-Project/TheHive/issues/291)
+- Add a basic support for webhooks [\#293](https://github.com/TheHive-Project/TheHive/issues/293)
+- Improve the content of alert flow items [\#304](https://github.com/TheHive-Project/TheHive/issues/304)
+- Group ownership in Docker image prevents running on OpenShift [\#307](https://github.com/TheHive-Project/TheHive/issues/307)
 
 **Closed issues:**
 
+- Elasticsearch 5.x roadmap? [\#82](https://github.com/TheHive-Project/TheHive/issues/82)
 - Threat level/severity code inverted between The Hive and MISP [\#292](https://github.com/TheHive-Project/TheHive/issues/292)
 
-## [2.12.1](https://github.com/TheHive-Project/TheHive/tree/2.12.1) (2017-08-01)
+**Fixed bugs:**
+
+- A colon punctuation mark in a search query results in 500 [\#285](https://github.com/TheHive-Project/TheHive/issues/285)
+- File name is not displayed in observable conflict dialog [\#295](https://github.com/TheHive-Project/TheHive/issues/295)
+- Undefined threat level from MISP events becomes severity "4" [\#300](https://github.com/TheHive-Project/TheHive/issues/300)
+- Download attachment with non-latin filename [\#302](https://github.com/TheHive-Project/TheHive/issues/302)
 
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/2.12.0...2.12.1)
+## [2.12.1](https://github.com/TheHive-Project/TheHive/milestone/15) (2017-08-24)
 
 **Implemented enhancements:**
 
-- Fix warnings in debian package [\#267](https://github.com/TheHive-Project/TheHive/issues/267)
 - Merging alert into existing case does not merge alert description into case description [\#255](https://github.com/TheHive-Project/TheHive/issues/255)
+- Fix warnings in debian package [\#267](https://github.com/TheHive-Project/TheHive/issues/267)
 
 **Fixed bugs:**
 
-- Cortex Connector Not Found [\#256](https://github.com/TheHive-Project/TheHive/issues/256)
-- Case similarity reports merged cases [\#272](https://github.com/TheHive-Project/TheHive/issues/272)
-- Closing a case with an open task does not dismiss task in "My tasks" [\#269](https://github.com/TheHive-Project/TheHive/issues/269)
-- API: cannot create alert if one alert artifact contains the IOC field set [\#268](https://github.com/TheHive-Project/TheHive/issues/268)
-- Can't get logs of a task via API [\#259](https://github.com/TheHive-Project/TheHive/issues/259)
-- Add multiple attachments in a single task log doesn't work [\#257](https://github.com/TheHive-Project/TheHive/issues/257)
-- TheHive doesn't send the file name to Cortex [\#254](https://github.com/TheHive-Project/TheHive/issues/254)
 - Renaming of users does not work [\#249](https://github.com/TheHive-Project/TheHive/issues/249)
+- TheHive doesn't send the file name to Cortex [\#254](https://github.com/TheHive-Project/TheHive/issues/254)
+- Add multiple attachments in a single task log doesn't work [\#257](https://github.com/TheHive-Project/TheHive/issues/257)
+- Can't get logs of a task via API [\#259](https://github.com/TheHive-Project/TheHive/issues/259)
+- API: cannot create alert if one alert artifact contains the IOC field set [\#268](https://github.com/TheHive-Project/TheHive/issues/268)
+- Closing a case with an open task does not dismiss task in "My tasks" [\#269](https://github.com/TheHive-Project/TheHive/issues/269)
+- Case similarity reports merged cases [\#272](https://github.com/TheHive-Project/TheHive/issues/272)
 
-## [2.12.0](https://github.com/TheHive-Project/TheHive/tree/2.12.0) (2017-07-04)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/2.11.3...2.12.0)
+## [2.12.0](https://github.com/TheHive-Project/TheHive/milestone/11) (2017-07-06)
 
 **Implemented enhancements:**
 
-- Use local font files [\#250](https://github.com/TheHive-Project/TheHive/issues/250)
-- Sort the analyzers list in observable details page [\#245](https://github.com/TheHive-Project/TheHive/issues/245)
-- More options to sort cases [\#243](https://github.com/TheHive-Project/TheHive/issues/243)
-- Alert Preview and management improvements [\#232](https://github.com/TheHive-Project/TheHive/issues/232)
-- Show case status and category \(FP, TP, IND\) in related cases [\#229](https://github.com/TheHive-Project/TheHive/issues/229)
-- Open External Links in New Tab [\#228](https://github.com/TheHive-Project/TheHive/issues/228)
-- Observable analyzers view reports. [\#191](https://github.com/TheHive-Project/TheHive/issues/191)
-- Specifying tags on statistics page or performing a search [\#186](https://github.com/TheHive-Project/TheHive/issues/186)
-- Choose case template while importing events from MISP [\#175](https://github.com/TheHive-Project/TheHive/issues/175)
-- Ability to Reopen Tasks [\#156](https://github.com/TheHive-Project/TheHive/issues/156)
-- Display short reports on the Observables tab [\#131](https://github.com/TheHive-Project/TheHive/issues/131)
 - Custom fields for case template [\#12](https://github.com/TheHive-Project/TheHive/issues/12)
+- Display short reports on the Observables tab [\#131](https://github.com/TheHive-Project/TheHive/issues/131)
+- Ability to Reopen Tasks [\#156](https://github.com/TheHive-Project/TheHive/issues/156)
+- Choose case template while importing events from MISP [\#175](https://github.com/TheHive-Project/TheHive/issues/175)
+- Specifying tags on statistics page or performing a search [\#186](https://github.com/TheHive-Project/TheHive/issues/186)
+- Observable analyzers view reports. [\#191](https://github.com/TheHive-Project/TheHive/issues/191)
+- Open External Links in New Tab [\#228](https://github.com/TheHive-Project/TheHive/issues/228)
+- Show case status and category (FP, TP, IND) in related cases  [\#229](https://github.com/TheHive-Project/TheHive/issues/229)
+- Alert Preview and management improvements [\#232](https://github.com/TheHive-Project/TheHive/issues/232)
+- More options to sort cases [\#243](https://github.com/TheHive-Project/TheHive/issues/243)
+- Sort the analyzers list in observable details page [\#245](https://github.com/TheHive-Project/TheHive/issues/245)
+- Use local font files [\#250](https://github.com/TheHive-Project/TheHive/issues/250)
 
 **Fixed bugs:**
 
-- A locked user can use the API to create / delete / list cases \(and more\) [\#251](https://github.com/TheHive-Project/TheHive/issues/251)
-- Fix case metrics malformed definitions [\#248](https://github.com/TheHive-Project/TheHive/issues/248)
-- Sorting alerts by severity fails [\#242](https://github.com/TheHive-Project/TheHive/issues/242)
-- Alerting Panel: Typo Correction [\#240](https://github.com/TheHive-Project/TheHive/issues/240)
-- files in alerts are limited to 32kB [\#237](https://github.com/TheHive-Project/TheHive/issues/237)
-- Alert can contain inconsistent data [\#234](https://github.com/TheHive-Project/TheHive/issues/234)
-- Search do not work with non-latin characters [\#223](https://github.com/TheHive-Project/TheHive/issues/223)
 - report status not updated after finish [\#212](https://github.com/TheHive-Project/TheHive/issues/212)
+- Search do not work with non-latin characters [\#223](https://github.com/TheHive-Project/TheHive/issues/223)
+- Alert can contain inconsistent data [\#234](https://github.com/TheHive-Project/TheHive/issues/234)
+- files in alerts are limited to 32kB [\#237](https://github.com/TheHive-Project/TheHive/issues/237)
+- Alerting Panel: Typo Correction [\#240](https://github.com/TheHive-Project/TheHive/issues/240)
+- Sorting alerts by severity fails [\#242](https://github.com/TheHive-Project/TheHive/issues/242)
+- Fix case metrics malformed definitions [\#248](https://github.com/TheHive-Project/TheHive/issues/248)
+- A locked user can use the API to create / delete / list cases (and more) [\#251](https://github.com/TheHive-Project/TheHive/issues/251)
 
-## [2.11.3](https://github.com/TheHive-Project/TheHive/tree/2.11.3) (2017-06-14)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/debian/2.11.2...2.11.3)
+## [2.11.3](https://github.com/TheHive-Project/TheHive/milestone/14) (2017-06-14)
 
 **Fixed bugs:**
 
-- Unable to add tasks to case template [\#239](https://github.com/TheHive-Project/TheHive/issues/239)
-- Problem Start TheHive on Ubuntu 16.04 [\#238](https://github.com/TheHive-Project/TheHive/issues/238)
 - MISP synchronization doesn't retrieve all events [\#236](https://github.com/TheHive-Project/TheHive/issues/236)
+- Problem Start TheHive on Ubuntu 16.04 [\#238](https://github.com/TheHive-Project/TheHive/issues/238)
+- Unable to add tasks to case template [\#239](https://github.com/TheHive-Project/TheHive/issues/239)
 
-## [2.11.2](https://github.com/TheHive-Project/TheHive/tree/2.11.2) (2017-05-24)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/2.11.1...2.11.2)
+## [2.11.2](https://github.com/TheHive-Project/TheHive/milestone/12) (2017-05-31)
 
 **Implemented enhancements:**
 
-- Visually distinguish between analyzed and non analyzer observables [\#224](https://github.com/TheHive-Project/TheHive/issues/224)
-- Add Description Field to Alert Preview Modal [\#218](https://github.com/TheHive-Project/TheHive/issues/218)
 - Show case severity in lists [\#188](https://github.com/TheHive-Project/TheHive/issues/188)
+- Add Description Field to Alert Preview Modal [\#218](https://github.com/TheHive-Project/TheHive/issues/218)
+- Visually distinguish between analyzed and non analyzer observables [\#224](https://github.com/TheHive-Project/TheHive/issues/224)
 
 **Fixed bugs:**
 
-- MISP synchronization - attributes are not retrieve [\#221](https://github.com/TheHive-Project/TheHive/issues/221)
-- MISP synchronization - Alerts are wrongly updated [\#220](https://github.com/TheHive-Project/TheHive/issues/220)
 - Cortex jobs from thehive fail silently [\#219](https://github.com/TheHive-Project/TheHive/issues/219)
+- MISP synchronization - Alerts are wrongly updated [\#220](https://github.com/TheHive-Project/TheHive/issues/220)
+- MISP synchronization - attributes are not retrieve [\#221](https://github.com/TheHive-Project/TheHive/issues/221)
 
-**Merged pull requests:**
-
-- Fixing links to docu repo [\#213](https://github.com/TheHive-Project/TheHive/pull/213) ([SHSauler](https://github.com/SHSauler))
-
-## [2.11.1](https://github.com/TheHive-Project/TheHive/tree/2.11.1) (2017-05-17)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/2.11.0...2.11.1)
+## [2.11.1](https://github.com/TheHive-Project/TheHive/milestone/10) (2017-05-17)
 
 **Implemented enhancements:**
 
-- Show available reports number for each observable [\#211](https://github.com/TheHive-Project/TheHive/issues/211)
 - Merge Duplicate Tasks during Case Merge [\#180](https://github.com/TheHive-Project/TheHive/issues/180)
+- Show available reports number for each observable [\#211](https://github.com/TheHive-Project/TheHive/issues/211)
+
+**Closed issues:**
+
+- No API Alert documentation [\#203](https://github.com/TheHive-Project/TheHive/issues/203)
 
 **Fixed bugs:**
 
-- Case templates not applied when converting an alert to a case [\#206](https://github.com/TheHive-Project/TheHive/issues/206)
-- Observable of merged cased might have duplicate tags [\#205](https://github.com/TheHive-Project/TheHive/issues/205)
 - Error updating case templates [\#204](https://github.com/TheHive-Project/TheHive/issues/204)
+- Observable of merged cased might have duplicate tags [\#205](https://github.com/TheHive-Project/TheHive/issues/205)
+- Case templates not applied when converting an alert to a case [\#206](https://github.com/TheHive-Project/TheHive/issues/206)
 
-## [2.11.0](https://github.com/TheHive-Project/TheHive/tree/2.11.0) (2017-05-14)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/2.10.2...2.11.0)
+## [2.11.0](https://github.com/TheHive-Project/TheHive/milestone/4) (2017-05-12)
 
 **Implemented enhancements:**
 
-- Display the logos of the integrated external services [\#198](https://github.com/TheHive-Project/TheHive/issues/198)
-- TheHive send to many information to Cortex when an analyze is requested [\#196](https://github.com/TheHive-Project/TheHive/issues/196)
-- Sort the list of report templates [\#195](https://github.com/TheHive-Project/TheHive/issues/195)
-- Add support to .deb and .rpm package generation [\#193](https://github.com/TheHive-Project/TheHive/issues/193)
-- Cannot distinguish which analysers run on which cortex instance [\#179](https://github.com/TheHive-Project/TheHive/issues/179)
-- Connect to Cortex protected by Basic Auth [\#173](https://github.com/TheHive-Project/TheHive/issues/173)
-- Implement the alerting framework feature [\#170](https://github.com/TheHive-Project/TheHive/issues/170)
-- Make the flow collapsible, in case details page [\#167](https://github.com/TheHive-Project/TheHive/issues/167)
-- Update the datalist filter previews to display meaningful values [\#166](https://github.com/TheHive-Project/TheHive/issues/166)
-- Show severity on the "Cases Page" [\#165](https://github.com/TheHive-Project/TheHive/issues/165)
-- Add pagination component at the top of all the data lists [\#151](https://github.com/TheHive-Project/TheHive/issues/151)
-- Connect to Cortex instance via proxy [\#147](https://github.com/TheHive-Project/TheHive/issues/147)
-- Disable field autocomplete on the login form [\#146](https://github.com/TheHive-Project/TheHive/issues/146)
-- Refresh the UI's skin [\#145](https://github.com/TheHive-Project/TheHive/issues/145)
-- Add support of case template in back-end API [\#144](https://github.com/TheHive-Project/TheHive/issues/144)
-- Proxy authentication [\#143](https://github.com/TheHive-Project/TheHive/issues/143)
-- Improve logs browsing [\#128](https://github.com/TheHive-Project/TheHive/issues/128)
-- Improve logs browsing [\#128](https://github.com/TheHive-Project/TheHive/issues/128)
-- Feature request: Autocomplete tags [\#119](https://github.com/TheHive-Project/TheHive/issues/119)
-- Ignored MISP events are no longer visible and cannot be imported [\#107](https://github.com/TheHive-Project/TheHive/issues/107)
-- MISP import filter / filtering of events [\#86](https://github.com/TheHive-Project/TheHive/issues/86)
 - Reordering Tasks [\#21](https://github.com/TheHive-Project/TheHive/issues/21)
-
-**Fixed bugs:**
-
-- Authentication fails with wrong message if database migration is needed [\#200](https://github.com/TheHive-Project/TheHive/issues/200)
-- Fix the success message when running a set of analyzers [\#199](https://github.com/TheHive-Project/TheHive/issues/199)
-- Duplicate HTTP calls in case page [\#187](https://github.com/TheHive-Project/TheHive/issues/187)
-- Job status refresh [\#171](https://github.com/TheHive-Project/TheHive/issues/171)
+- MISP import filter / filtering of events [\#86](https://github.com/TheHive-Project/TheHive/issues/86)
+- Ignored MISP events are no longer visible and cannot be imported [\#107](https://github.com/TheHive-Project/TheHive/issues/107)
+- Feature request: Autocomplete tags [\#119](https://github.com/TheHive-Project/TheHive/issues/119)
+- Improve logs browsing [\#128](https://github.com/TheHive-Project/TheHive/issues/128)
+- Proxy authentication [\#143](https://github.com/TheHive-Project/TheHive/issues/143)
+- Add support of case template in back-end API [\#144](https://github.com/TheHive-Project/TheHive/issues/144)
+- Refresh the UI's skin [\#145](https://github.com/TheHive-Project/TheHive/issues/145)
+- Disable field autocomplete on the login form [\#146](https://github.com/TheHive-Project/TheHive/issues/146)
+- Connect to Cortex instance via proxy [\#147](https://github.com/TheHive-Project/TheHive/issues/147)
+- Add pagination component at the top of all the data lists [\#151](https://github.com/TheHive-Project/TheHive/issues/151)
+- Show severity on the "Cases Page" [\#165](https://github.com/TheHive-Project/TheHive/issues/165)
+- Update the datalist filter previews to display meaningful values [\#166](https://github.com/TheHive-Project/TheHive/issues/166)
+- Make the flow collapsible, in case details page [\#167](https://github.com/TheHive-Project/TheHive/issues/167)
+- Implement the alerting framework feature [\#170](https://github.com/TheHive-Project/TheHive/issues/170)
+- Connect to Cortex protected by Basic Auth [\#173](https://github.com/TheHive-Project/TheHive/issues/173)
+- Cannot distinguish which analysers run on which cortex instance [\#179](https://github.com/TheHive-Project/TheHive/issues/179)
+- Add support to .deb and .rpm package generation [\#193](https://github.com/TheHive-Project/TheHive/issues/193)
+- Sort the list of report templates [\#195](https://github.com/TheHive-Project/TheHive/issues/195)
+- TheHive send to many information to Cortex when an analyze is requested [\#196](https://github.com/TheHive-Project/TheHive/issues/196)
+- Display the logos of the integrated external services [\#198](https://github.com/TheHive-Project/TheHive/issues/198)
 
 **Closed issues:**
 
-- Support for cuckoo malware analysis plattform \(link analysis\) [\#181](https://github.com/TheHive-Project/TheHive/issues/181)
+- MISP event filter require manual escapes [\#87](https://github.com/TheHive-Project/TheHive/issues/87)
 - Scala code cleanup [\#153](https://github.com/TheHive-Project/TheHive/issues/153)
 
-**Merged pull requests:**
-
-- Fixed minor typo in template creation and update notifications. [\#194](https://github.com/TheHive-Project/TheHive/pull/194) ([dewoodruff](https://github.com/dewoodruff))
+**Fixed bugs:**
 
-## [2.10.2](https://github.com/TheHive-Project/TheHive/tree/2.10.2) (2017-04-19)
+- Job status refresh [\#171](https://github.com/TheHive-Project/TheHive/issues/171)
+- Duplicate HTTP calls in case page [\#187](https://github.com/TheHive-Project/TheHive/issues/187)
+- Fix the success message when running a set of analyzers [\#199](https://github.com/TheHive-Project/TheHive/issues/199)
+- Authentication fails with wrong message if database migration is needed [\#200](https://github.com/TheHive-Project/TheHive/issues/200)
 
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/2.10.1...2.10.2)
+## [2.10.2](https://github.com/TheHive-Project/TheHive/milestone/8) (2017-04-18)
 
 **Implemented enhancements:**
 
-- Run all analyzers on multiple observables from observables view [\#174](https://github.com/TheHive-Project/TheHive/issues/174)
-- Add CSRF protection [\#158](https://github.com/TheHive-Project/TheHive/issues/158)
 - Persistence for task viewing options [\#157](https://github.com/TheHive-Project/TheHive/issues/157)
-
-**Fixed bugs:**
-
-- MISP import fails [\#169](https://github.com/TheHive-Project/TheHive/issues/169)
-- Unauthenticated access to some pages doesn't redirect to login page [\#161](https://github.com/TheHive-Project/TheHive/issues/161)
-- Disable readonly access to admin pages, for users without 'admin' role [\#160](https://github.com/TheHive-Project/TheHive/issues/160)
-- Secure the usage of angular-ui-notification library [\#159](https://github.com/TheHive-Project/TheHive/issues/159)
-- Pagination does not work with 100 results per page [\#152](https://github.com/TheHive-Project/TheHive/issues/152)
+- Add CSRF protection [\#158](https://github.com/TheHive-Project/TheHive/issues/158)
+- Run all analyzers on multiple observables from observables view [\#174](https://github.com/TheHive-Project/TheHive/issues/174)
 
 **Closed issues:**
 
 - Observable Tags not displayed in 2.10.1 [\#155](https://github.com/TheHive-Project/TheHive/issues/155)
 
-## [2.10.1](https://github.com/TheHive-Project/TheHive/tree/2.10.1) (2017-03-08)
+**Fixed bugs:**
 
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/2.10.0...2.10.1)
+- Pagination does not work with 100 results per page [\#152](https://github.com/TheHive-Project/TheHive/issues/152)
+- Secure the usage of angular-ui-notification library [\#159](https://github.com/TheHive-Project/TheHive/issues/159)
+- Disable readonly access to admin pages, for users without 'admin' role [\#160](https://github.com/TheHive-Project/TheHive/issues/160)
+- Unauthenticated access to some pages doesn't redirect to login page [\#161](https://github.com/TheHive-Project/TheHive/issues/161)
+- MISP import fails [\#169](https://github.com/TheHive-Project/TheHive/issues/169)
+
+## [2.10.1](https://github.com/TheHive-Project/TheHive/milestone/3) (2017-03-08)
 
 **Implemented enhancements:**
 
-- Feature Request: Ansible build scripts [\#124](https://github.com/TheHive-Project/TheHive/issues/124)
-- Remove the "Run all analyzers" option from observables list [\#141](https://github.com/TheHive-Project/TheHive/issues/141)
-- Remove duplicate stream callbacks registration [\#138](https://github.com/TheHive-Project/TheHive/issues/138)
-- Typo in quick filters [\#134](https://github.com/TheHive-Project/TheHive/issues/134)
-- Display a warning when trying to merge an already merged case [\#129](https://github.com/TheHive-Project/TheHive/issues/129)
-- Restyle avatar's upload button [\#126](https://github.com/TheHive-Project/TheHive/issues/126)
-- Add pagination component at the top of the task log [\#116](https://github.com/TheHive-Project/TheHive/issues/116)
-- Disable buttons in MISP event's preview dialog [\#115](https://github.com/TheHive-Project/TheHive/issues/115)
-- Make The Hive working on any URL path and not only / [\#114](https://github.com/TheHive-Project/TheHive/issues/114)
-- Misleading MISP Event Date and Time [\#101](https://github.com/TheHive-Project/TheHive/issues/101)
 - Upgrade to the last version of UI-Bootstrap UI library [\#79](https://github.com/TheHive-Project/TheHive/issues/79)
+- Misleading MISP Event Date and Time [\#101](https://github.com/TheHive-Project/TheHive/issues/101)
+- Make The Hive working on any URL path and not only / [\#114](https://github.com/TheHive-Project/TheHive/issues/114)
+- Disable buttons in MISP event's preview dialog [\#115](https://github.com/TheHive-Project/TheHive/issues/115)
+- Add pagination component at the top of the task log [\#116](https://github.com/TheHive-Project/TheHive/issues/116)
+- Restyle avatar's upload button [\#126](https://github.com/TheHive-Project/TheHive/issues/126)
+- Display a warning when trying to merge an already merged case [\#129](https://github.com/TheHive-Project/TheHive/issues/129)
+- Typo in quick filters [\#134](https://github.com/TheHive-Project/TheHive/issues/134)
+- Remove duplicate stream callbacks registration [\#138](https://github.com/TheHive-Project/TheHive/issues/138)
+- Remove the "Run all analyzers" option from observables list [\#141](https://github.com/TheHive-Project/TheHive/issues/141)
 
 **Fixed bugs:**
 
-- Fix OTXQuery report template [\#142](https://github.com/TheHive-Project/TheHive/issues/142)
-- 401 HTTP responses don't trigger redirection to login page [\#140](https://github.com/TheHive-Project/TheHive/issues/140)
-- Fix a JS issue related to inactivity dialog [\#139](https://github.com/TheHive-Project/TheHive/issues/139)
-- Flow is not shown [\#127](https://github.com/TheHive-Project/TheHive/issues/127)
-- Case merge does not close tasks in merged cases [\#118](https://github.com/TheHive-Project/TheHive/issues/118)
-- Web UI doesn't refresh once a report template is deleted [\#113](https://github.com/TheHive-Project/TheHive/issues/113)
-- Open log in new windows [\#108](https://github.com/TheHive-Project/TheHive/issues/108)
-- Cannot add an observable which datatype has been added by an admin [\#106](https://github.com/TheHive-Project/TheHive/issues/106)
 - Observables password hint does not reflect backend change [\#83](https://github.com/TheHive-Project/TheHive/issues/83)
+- Cannot add an observable which datatype has been added by an admin [\#106](https://github.com/TheHive-Project/TheHive/issues/106)
+- Open log in new windows [\#108](https://github.com/TheHive-Project/TheHive/issues/108)
+- Web UI doesn't refresh once a report template is deleted [\#113](https://github.com/TheHive-Project/TheHive/issues/113)
+- Case merge does not close tasks in merged cases [\#118](https://github.com/TheHive-Project/TheHive/issues/118)
+- Flow is not shown [\#127](https://github.com/TheHive-Project/TheHive/issues/127)
+- Fix a JS issue related to inactivity dialog [\#139](https://github.com/TheHive-Project/TheHive/issues/139)
+- 401 HTTP responses don't trigger redirection to login page [\#140](https://github.com/TheHive-Project/TheHive/issues/140)
+- Fix OTXQuery report template [\#142](https://github.com/TheHive-Project/TheHive/issues/142)
 
-## [2.10.0](https://github.com/TheHive-Project/TheHive/tree/2.10.0) (2017-02-01)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/2.9.2...2.10.0)
+## [2.10.0](https://github.com/TheHive-Project/TheHive/milestone/2) (2017-02-03)
 
 **Implemented enhancements:**
 
-- Improve cases listing page [\#76](https://github.com/TheHive-Project/TheHive/issues/76)
-- Feature Request - Add Case Statistics by Severity [\#70](https://github.com/TheHive-Project/TheHive/issues/70)
-- Use avatars in user profiles [\#69](https://github.com/TheHive-Project/TheHive/issues/69)
-- Allow \(un\)set observable as IOC from the observable's page [\#68](https://github.com/TheHive-Project/TheHive/issues/68)
-- When closing a task, close the associated tab as well [\#66](https://github.com/TheHive-Project/TheHive/issues/66)
-- Load the Current Cases View when Closing a Case [\#61](https://github.com/TheHive-Project/TheHive/issues/61)
-- Externalize observable analysis [\#53](https://github.com/TheHive-Project/TheHive/issues/53)
-- Changeable case owner [\#30](https://github.com/TheHive-Project/TheHive/issues/30)
-- Make release process easier [\#28](https://github.com/TheHive-Project/TheHive/issues/28)
 - Newly created case template not visible in NEW case until logout/login [\#26](https://github.com/TheHive-Project/TheHive/issues/26)
-
-**Fixed bugs:**
-
-- Template Limit Bug [\#105](https://github.com/TheHive-Project/TheHive/issues/105)
-- Bug related case [\#97](https://github.com/TheHive-Project/TheHive/issues/97)
-- Case TLP should be set to AMBER by default [\#96](https://github.com/TheHive-Project/TheHive/issues/96)
-- User is not notified on MISP error [\#88](https://github.com/TheHive-Project/TheHive/issues/88)
-- Locked users cannot be assignee of cases [\#77](https://github.com/TheHive-Project/TheHive/issues/77)
-- Task descriptions from case templates are not applied [\#65](https://github.com/TheHive-Project/TheHive/issues/65)
-- Add an already exist observable returns an unexpected error [\#63](https://github.com/TheHive-Project/TheHive/issues/63)
-- Don't use deleted obserables to link cases [\#62](https://github.com/TheHive-Project/TheHive/issues/62)
-- Assign a default role to new users and remove the ability to assign empty roles [\#60](https://github.com/TheHive-Project/TheHive/issues/60)
-- Locked users are still able to log in [\#59](https://github.com/TheHive-Project/TheHive/issues/59)
-- MISP events counter is not refreshed [\#58](https://github.com/TheHive-Project/TheHive/issues/58)
-- Make sure to clear new task log editor [\#57](https://github.com/TheHive-Project/TheHive/issues/57)
-- Missing markdown editor in case close dialog [\#42](https://github.com/TheHive-Project/TheHive/issues/42)
+- Make release process easier [\#28](https://github.com/TheHive-Project/TheHive/issues/28)
+- Changeable case owner [\#30](https://github.com/TheHive-Project/TheHive/issues/30)
+- Externalize observable analysis [\#53](https://github.com/TheHive-Project/TheHive/issues/53)
+- Load the Current Cases View when Closing a Case [\#61](https://github.com/TheHive-Project/TheHive/issues/61)
+- When closing a task, close the associated tab as well [\#66](https://github.com/TheHive-Project/TheHive/issues/66)
+- Allow (un)set observable as IOC from the observable's page [\#68](https://github.com/TheHive-Project/TheHive/issues/68)
+- Use avatars in user profiles [\#69](https://github.com/TheHive-Project/TheHive/issues/69)
+- Feature Request - Add Case Statistics by Severity [\#70](https://github.com/TheHive-Project/TheHive/issues/70)
+- Improve cases listing page [\#76](https://github.com/TheHive-Project/TheHive/issues/76)
 
 **Closed issues:**
 
-- Database schema update \(v8\) [\#67](https://github.com/TheHive-Project/TheHive/issues/67)
-- Add support for more filetypes to PE_info analyser [\#54](https://github.com/TheHive-Project/TheHive/issues/54)
-- Create an analyzer to get information about PE file [\#51](https://github.com/TheHive-Project/TheHive/issues/51)
-- PhishTank Analyzer [\#40](https://github.com/TheHive-Project/TheHive/issues/40)
 - OTX Analyzer [\#32](https://github.com/TheHive-Project/TheHive/issues/32)
+- PhishTank Analyzer [\#40](https://github.com/TheHive-Project/TheHive/issues/40)
+- Unable to use SSL on AD auth [\#50](https://github.com/TheHive-Project/TheHive/issues/50)
+- Create an analyzer to get information about PE file [\#51](https://github.com/TheHive-Project/TheHive/issues/51)
+- Add support for more filetypes to PE_info analyser [\#54](https://github.com/TheHive-Project/TheHive/issues/54)
+- Database schema update (v8) [\#67](https://github.com/TheHive-Project/TheHive/issues/67)
 
-**Merged pull requests:**
-
-- AlienVault OTX Analyzer [\#39](https://github.com/TheHive-Project/TheHive/pull/39) ([ecapuano](https://github.com/ecapuano))
-
-## [2.9.2](https://github.com/TheHive-Project/TheHive/tree/2.9.2) (2017-01-19)
-
-[Full Changelog](https://github.com/TheHive-Project/TheHive/compare/2.9.1...2.9.2)
+**Fixed bugs:**
 
-**Implemented enhancements:**
+- Missing markdown editor in case close dialog [\#42](https://github.com/TheHive-Project/TheHive/issues/42)
+- Make sure to clear new task log editor [\#57](https://github.com/TheHive-Project/TheHive/issues/57)
+- MISP events counter is not refreshed [\#58](https://github.com/TheHive-Project/TheHive/issues/58)
+- Locked users are still able to log in [\#59](https://github.com/TheHive-Project/TheHive/issues/59)
+- Assign a default role to new users and remove the ability to assign empty roles [\#60](https://github.com/TheHive-Project/TheHive/issues/60)
+- Don't use deleted obserables to link cases [\#62](https://github.com/TheHive-Project/TheHive/issues/62)
+- Add an already exist observable returns an unexpected error [\#63](https://github.com/TheHive-Project/TheHive/issues/63)
+- Task descriptions from case templates are not applied [\#65](https://github.com/TheHive-Project/TheHive/issues/65)
+- Locked users cannot be assignee of cases [\#77](https://github.com/TheHive-Project/TheHive/issues/77)
+- User is not notified on MISP error [\#88](https://github.com/TheHive-Project/TheHive/issues/88)
+- Case TLP should be set to AMBER by default [\#96](https://github.com/TheHive-Project/TheHive/issues/96)
+- Bug related case [\#97](https://github.com/TheHive-Project/TheHive/issues/97)
+- Hippocampe Analyzer [\#104](https://github.com/TheHive-Project/TheHive/issues/104)
+- Template Limit Bug [\#105](https://github.com/TheHive-Project/TheHive/issues/105)
 
-- Feature Request - Add observable statistics [\#71](https://github.com/TheHive-Project/TheHive/issues/71)
+## [2.9.2](https://github.com/TheHive-Project/TheHive/milestone/5) (2017-01-19)
 
 **Fixed bugs:**
 
-- docker image: \$.post\(...\).success is not a function [\#95](https://github.com/TheHive-Project/TheHive/issues/95)
+- docker image: $.post(...).success is not a function [\#95](https://github.com/TheHive-Project/TheHive/issues/95)
 
-## [2.9.1](https://github.com/TheHive-Project/TheHive/tree/2.9.1) (2016-11-28)
+## [2.9.1](https://github.com/TheHive-Project/TheHive/milestone/1) (2016-11-28)
 
 **Implemented enhancements:**
 
-- Statistics on a per case template name / prefix basis [\#31](https://github.com/TheHive-Project/TheHive/issues/31)
-- Observable Viewing Page [\#17](https://github.com/TheHive-Project/TheHive/issues/17)
-- Update logo and favicon [\#45](https://github.com/TheHive-Project/TheHive/issues/45)
-- Inconsistent wording between the login and user management pages [\#44](https://github.com/TheHive-Project/TheHive/issues/44)
-- MaxMind Analyzer 'Short Report' has hard-coded language [\#23](https://github.com/TheHive-Project/TheHive/issues/23)
-- Don't update imported case from MISP if it is deleted or merged [\#22](https://github.com/TheHive-Project/TheHive/issues/22)
 - Case merging [\#14](https://github.com/TheHive-Project/TheHive/issues/14)
-- New analyzer to check URL categories [\#24](https://github.com/TheHive-Project/TheHive/pull/24) ([ecapuano](https://github.com/ecapuano))
+- Don't update imported case from MISP if it is deleted or merged [\#22](https://github.com/TheHive-Project/TheHive/issues/22)
+- MaxMind Analyzer 'Short Report' has hard-coded language [\#23](https://github.com/TheHive-Project/TheHive/issues/23)
+- Inconsistent wording between the login and user management pages [\#44](https://github.com/TheHive-Project/TheHive/issues/44)
+- Update logo and favicon [\#45](https://github.com/TheHive-Project/TheHive/issues/45)
 
 **Fixed bugs:**
 
-- Resource not found by Assets controller [\#38](https://github.com/TheHive-Project/TheHive/issues/38)
-- NPE occurs at startup if conf directory doesn't exists [\#41](https://github.com/TheHive-Project/TheHive/issues/41)
-- Systemd startup script does not work [\#29](https://github.com/TheHive-Project/TheHive/issues/29)
-- MISP event parsing error when it doesn't contain any attribute [\#25](https://github.com/TheHive-Project/TheHive/issues/25)
-- Phantom tabs [\#18](https://github.com/TheHive-Project/TheHive/issues/18)
-- The Action button of observables list is blank [\#15](https://github.com/TheHive-Project/TheHive/issues/15)
-- Description becomes empty when you cancel an edition [\#13](https://github.com/TheHive-Project/TheHive/issues/13)
-- Metric Labels Not Showing in Case View [\#10](https://github.com/TheHive-Project/TheHive/issues/10)
-- chrome on os x - header alignment [\#5](https://github.com/TheHive-Project/TheHive/issues/5)
 - Tags not saving when creating observable. [\#4](https://github.com/TheHive-Project/TheHive/issues/4)
-
-**Closed issues:**
-
-- Statistics based on Tags [\#37](https://github.com/TheHive-Project/TheHive/issues/37)
-- Give us something to work with! [\#2](https://github.com/TheHive-Project/TheHive/issues/2)
-
-**Merged pull requests:**
-
-- Fix "Run from Docker" [\#9](https://github.com/TheHive-Project/TheHive/pull/9) ([2xyo](https://github.com/2xyo))
-- Fixing a Simple Typo [\#6](https://github.com/TheHive-Project/TheHive/pull/6) ([swannysec](https://github.com/swannysec))
-- Fixed broken link to Wiki [\#1](https://github.com/TheHive-Project/TheHive/pull/1) ([Neo23x0](https://github.com/Neo23x0))
-
-\* _This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)_
+- chrome on os x - header alignment [\#5](https://github.com/TheHive-Project/TheHive/issues/5)
+- Metric Labels Not Showing in Case View [\#10](https://github.com/TheHive-Project/TheHive/issues/10)
+- Description becomes empty when you cancel an edition [\#13](https://github.com/TheHive-Project/TheHive/issues/13)
+- The Action button of observables list is blank [\#15](https://github.com/TheHive-Project/TheHive/issues/15)
+- Phantom tabs [\#18](https://github.com/TheHive-Project/TheHive/issues/18)
+- MISP event parsing error when it doesn't contain any attribute [\#25](https://github.com/TheHive-Project/TheHive/issues/25)
+- Systemd startup script does not work [\#29](https://github.com/TheHive-Project/TheHive/issues/29)
+- NPE occurs at startup if conf directory doesn't exists [\#41](https://github.com/TheHive-Project/TheHive/issues/41)
diff --git a/build.sbt b/build.sbt
index 467a6ff192..82efa88501 100644
--- a/build.sbt
+++ b/build.sbt
@@ -53,7 +53,7 @@ lazy val thehiveCortex = (project in file("thehive-cortex"))
   )
 
 lazy val thehive = (project in file("."))
-  .enablePlugins(PlayScala/*, PlayAkkaHttp2Support*/)
+  .enablePlugins(PlayScala /*, PlayAkkaHttp2Support*/ )
   .enablePlugins(Bintray)
   .dependsOn(thehiveBackend, thehiveMisp, thehiveCortex)
   .aggregate(thehiveBackend, thehiveMisp, thehiveCortex)
@@ -61,9 +61,9 @@ lazy val thehive = (project in file("."))
   .settings(
     aggregate in Debian := false,
     aggregate in Rpm := false,
-    aggregate in Docker := false
+    aggregate in Docker := false,
+    aggregate in changeLog := false
   )
-
 lazy val rpmPackageRelease = (project in file("package/rpm-release"))
   .enablePlugins(RpmPlugin)
   .settings(projectSettings)
@@ -81,23 +81,27 @@ lazy val rpmPackageRelease = (project in file("package/rpm-release"))
     packageDescription :=
       """This package contains the TheHive-Project packages repository
         |GPG key as well as configuration for yum.""".stripMargin,
-    linuxPackageMappings in Rpm := Seq(packageMapping(
-      file("PGP-PUBLIC-KEY") -> "etc/pki/rpm-gpg/GPG-TheHive-Project",
-      file("package/rpm-release/thehive-rpm.repo") -> "/etc/yum.repos.d/thehive-rpm.repo",
-      file("LICENSE") -> "/usr/share/doc/thehive-project-release/LICENSE"
-    ))
+    linuxPackageMappings in Rpm := Seq(
+      packageMapping(
+        file("PGP-PUBLIC-KEY")                       → "etc/pki/rpm-gpg/GPG-TheHive-Project",
+        file("package/rpm-release/thehive-rpm.repo") → "/etc/yum.repos.d/thehive-rpm.repo",
+        file("LICENSE")                              → "/usr/share/doc/thehive-project-release/LICENSE"
+      )
+    )
   )
 
 rpmReleaseFile := {
   import scala.sys.process._
   val rpmFile = (packageBin in Rpm in rpmPackageRelease).value
-  Process("rpm" ::
-    "--define" :: "_gpg_name TheHive Project" ::
-    "--define" :: "_signature gpg" ::
-    "--define" :: "__gpg_check_password_cmd /bin/true" ::
-    "--define" :: "__gpg_sign_cmd %{__gpg} gpg --batch --no-verbose --no-armor --use-agent --no-secmem-warning -u \"%{_gpg_name}\" -sbo %{__signature_filename} %{__plaintext_filename}" ::
-    "--addsign" :: rpmFile.toString ::
-    Nil).!!
+  Process(
+    "rpm" ::
+      "--define" :: "_gpg_name TheHive Project" ::
+      "--define" :: "_signature gpg" ::
+      "--define" :: "__gpg_check_password_cmd /bin/true" ::
+      "--define" :: "__gpg_sign_cmd %{__gpg} gpg --batch --no-verbose --no-armor --use-agent --no-secmem-warning -u \"%{_gpg_name}\" -sbo %{__signature_filename} %{__plaintext_filename}" ::
+      "--addsign" :: rpmFile.toString ::
+      Nil
+  ).!!
   rpmFile
 }
 
diff --git a/conf/application.sample b/conf/application.sample
index b4c10083f9..786a70df7a 100644
--- a/conf/application.sample
+++ b/conf/application.sample
@@ -45,57 +45,110 @@ search {
 
 # Authentication
 auth {
-	# "provider" parameter contains authentication provider. It can be multi-valued (useful for migration)
-	# available auth types are:
-	# services.LocalAuthSrv : passwords are stored in user entity (in Elasticsearch). No configuration is required.
-	# ad : use ActiveDirectory to authenticate users. Configuration is under "auth.ad" key
-	# ldap : use LDAP to authenticate users. Configuration is under "auth.ldap" key
-	provider = [local]
+  # "provider" parameter contains authentication provider. It can be multi-valued (useful for migration)
+  # available auth types are:
+  # services.LocalAuthSrv : passwords are stored in user entity (in Elasticsearch). No configuration is required.
+  # ad : use ActiveDirectory to authenticate users. Configuration is under "auth.ad" key
+  # ldap : use LDAP to authenticate users. Configuration is under "auth.ldap" key
+  # oauth2 : use OAuth/OIDC to authenticate users. Configuration is under "auth.oauth2" and "auth.sso" keys
+  provider = [local]
 
   # By default, basic authentication is disabled. You can enable it by setting "method.basic" to true.
   #method.basic = true
 
-
-	ad {
-		# The Windows domain name in DNS format. This parameter is required if you do not use
-		# 'serverNames' below.
-		#domainFQDN = "mydomain.local"
-
-		# Optionally you can specify the host names of the domain controllers instead of using 'domainFQDN
-		# above. If this parameter is not set, TheHive uses 'domainFQDN'.
-        #serverNames = [ad1.mydomain.local, ad2.mydomain.local]
-
-		# The Windows domain name using short format. This parameter is required.
-		#domainName = "MYDOMAIN"
-
-		# If 'true', use SSL to connect to the domain controller.
-		#useSSL = true
-	}
-
-	ldap {
-		# The LDAP server name or address. The port can be specified using the 'host:port'
-		# syntax. This parameter is required if you don't use 'serverNames' below.
-		#serverName = "ldap.mydomain.local:389"
-
-		# If you have multiple LDAP servers, use the multi-valued setting 'serverNames' instead.
-        #serverNames = [ldap1.mydomain.local, ldap2.mydomain.local]
-
-		# Account to use to bind to the LDAP server. This parameter is required.
-		#bindDN = "cn=thehive,ou=services,dc=mydomain,dc=local"
-
-		# Password of the binding account. This parameter is required.
-		#bindPW = "***secret*password***"
-
-		# Base DN to search users. This parameter is required.
-		#baseDN = "ou=users,dc=mydomain,dc=local"
-
-		# Filter to search user in the directory server. Please note that {0} is replaced
-		# by the actual user name. This parameter is required.
-		#filter = "(cn={0})"
-
-		# If 'true', use SSL to connect to the LDAP directory server.
-		#useSSL = true
-	}
+  ad {
+    # The Windows domain name in DNS format. This parameter is required if you do not use
+    # 'serverNames' below.
+    #domainFQDN = "mydomain.local"
+
+    # Optionally you can specify the host names of the domain controllers instead of using 'domainFQDN
+    # above. If this parameter is not set, TheHive uses 'domainFQDN'.
+    #serverNames = [ad1.mydomain.local, ad2.mydomain.local]
+
+    # The Windows domain name using short format. This parameter is required.
+    #domainName = "MYDOMAIN"
+
+    # If 'true', use SSL to connect to the domain controller.
+    #useSSL = true
+  }
+
+  ldap {
+    # The LDAP server name or address. The port can be specified using the 'host:port'
+    # syntax. This parameter is required if you don't use 'serverNames' below.
+    #serverName = "ldap.mydomain.local:389"
+
+    # If you have multiple LDAP servers, use the multi-valued setting 'serverNames' instead.
+    #serverNames = [ldap1.mydomain.local, ldap2.mydomain.local]
+
+    # Account to use to bind to the LDAP server. This parameter is required.
+    #bindDN = "cn=thehive,ou=services,dc=mydomain,dc=local"
+
+    # Password of the binding account. This parameter is required.
+    #bindPW = "***secret*password***"
+
+    # Base DN to search users. This parameter is required.
+    #baseDN = "ou=users,dc=mydomain,dc=local"
+
+    # Filter to search user in the directory server. Please note that {0} is replaced
+    # by the actual user name. This parameter is required.
+    #filter = "(cn={0})"
+
+    # If 'true', use SSL to connect to the LDAP directory server.
+    #useSSL = true
+  }
+
+  oauth2 {
+    # URL of the authorization server
+    #clientId = "client-id"
+    #clientSecret = "client-secret"
+    #redirectUri = "https://my-thehive-instance.example/index.html#!/login"
+    #responseType = "code"
+    #grantType = "authorization_code"
+
+    # URL from where to get the access token
+    #authorizationUrl = "https://auth-site.com/OAuth/Authorize"
+    #tokenUrl = "https://auth-site.com/OAuth/Token"
+
+    # The endpoint from which to obtain user details using the OAuth token, after successful login
+    #userUrl = "https://auth-site.com/api/User"
+    #scope = "openid profile"
+  }
+
+  # Single-Sign On
+  sso {
+    # Autocreate user in database?
+    #autocreate = false
+
+    # Autoupdate its profile and roles?
+    #autoupdate = false
+
+    # Autologin user using SSO?
+    #autologin = false
+
+    # Attributes mappings
+    #attributes {
+    #  login = "sub"
+    #  name = "name"
+    #  groups = "groups"
+    #  #roles = "roles"
+    #}
+
+    # Name of mapping class from user resource to backend user ('simple' or 'group')
+    #mapper = group
+    # Default roles for users with no groups mapped ("read", "write", "admin")
+    #defaultRoles = []
+
+    #groups {
+    #  # URL to retreive groups (leave empty if you are using OIDC)
+    #  #url = "https://auth-site.com/api/Groups"
+    #  # Group mappings, you can have multiple roles for each group: they are merged
+    #  mappings {
+    #    admin-profile-name = ["admin"]
+    #    editor-profile-name = ["write"]
+    #    reader-profile-name = ["read"]
+    #  }
+    #}
+  }
 }
 
 # Maximum time between two requests without requesting authentication
diff --git a/conf/logback.xml b/conf/logback.xml
index 3d090db65d..6420ad405c 100644
--- a/conf/logback.xml
+++ b/conf/logback.xml
@@ -46,9 +46,14 @@
     <!--logger name="services.LocalStreamActor" level="DEBUG" /-->
     <!--logger name="services.StreamActor" level="DEBUG" /-->
 
+    <!-- Uncomment the next lines to log debug information for OAuth/OIDC login -->
+    <!--logger name="org.elastic4play.services.auth" level="DEBUG" /-->
+    <!--logger name="services.OAuth2Srv" level="DEBUG" /-->
+    <!--logger name="services.mappers" level="DEBUG" /-->
+
     <root level="INFO">
         <appender-ref ref="ASYNCFILE" />
         <appender-ref ref="ASYNCSTDOUT" />
     </root>
 
-</configuration>
\ No newline at end of file
+</configuration>
diff --git a/docker.sbt b/docker.sbt
index 148c59a24c..e96488b4cf 100644
--- a/docker.sbt
+++ b/docker.sbt
@@ -3,10 +3,10 @@ import com.typesafe.sbt.packager.docker.{Cmd, ExecCmd}
 
 version in Docker := {
   version.value match {
-    case stableVersion(_, _) => version.value
-    case betaVersion(v1, v2) => v1 + "-0.1RC" + v2
-    case snapshotVersion(_, _) => version.value + "-SNAPSHOT"
-    case _ => sys.error("Invalid version: " + version.value)
+    case stableVersion(_, _)   ⇒ version.value
+    case betaVersion(v1, v2)   ⇒ v1 + "-0.1RC" + v2
+    case snapshotVersion(_, _) ⇒ version.value + "-SNAPSHOT"
+    case _                     ⇒ sys.error("Invalid version: " + version.value)
   }
 }
 defaultLinuxInstallLocation in Docker := "/opt/thehive"
@@ -14,25 +14,42 @@ dockerRepository := Some("thehiveproject")
 dockerUpdateLatest := !version.value.toUpperCase.contains("RC") && !version.value.contains("SNAPSHOT")
 dockerEntrypoint := Seq("/opt/thehive/entrypoint")
 dockerExposedPorts := Seq(9000)
+daemonUser in Docker := "thehive"
+daemonGroup in Docker := "thehive"
 mappings in Docker ++= Seq(
-  file("package/docker/entrypoint") -> "/opt/thehive/entrypoint",
-  file("package/logback.xml") -> "/etc/thehive/logback.xml",
-  file("package/empty") -> "/var/log/thehive/application.log")
+  file("package/docker/entrypoint") → "/opt/thehive/entrypoint",
+  file("package/logback.xml")       → "/etc/thehive/logback.xml",
+  file("package/empty")             → "/var/log/thehive/application.log"
+)
 mappings in Docker ~= (_.filterNot {
-  case (_, filepath) => filepath == "/opt/thehive/conf/application.conf"
+  case (_, filepath) ⇒ filepath == "/opt/thehive/conf/application.conf"
 })
-dockerCommands ~= { dc =>
-  val (dockerInitCmds, dockerTailCmds) = dc
-    .collect {
-      case ExecCmd("RUN", "chown", _*) => ExecCmd("RUN", "chown", "-R", "daemon:root", ".")
-      case other => other
-    }
-    .splitAt(4)
-  dockerInitCmds ++
-    Seq(
-      Cmd("ADD", "var", "/var"),
-      Cmd("ADD", "etc", "/etc"),
-      ExecCmd("RUN", "chown", "-R", "daemon:root", "/var/log/thehive"),
-      ExecCmd("RUN", "chmod", "+x", "/opt/thehive/bin/thehive", "/opt/thehive/entrypoint")) ++
-    dockerTailCmds
-}
\ No newline at end of file
+dockerCommands := Seq(
+  Cmd("FROM", "openjdk:8"),
+  Cmd("LABEL", "MAINTAINER=\"TheHive Project <support@thehive-project.org>\"", "repository=\"https://github.com/TheHive-Project/TheHive\""),
+  Cmd("WORKDIR", "/opt/thehive"),
+  // format: off
+  Cmd("RUN",
+    "apt", "update", "&&",
+    "apt", "upgrade", "-y", "&&",
+    "apt", "autoclean", "-y", "-q",  "&&",
+    "apt", "autoremove", "-y", "-q",  "&&",
+    "rm", "-rf", "/var/lib/apt/lists/*", "&&",
+    "(", "type", "groupadd", "1>/dev/null", "2>&1", "&&",
+      "groupadd", "-g", "1000", "thehive", "||",
+      "addgroup", "-g", "1000", "-S", "thehive",
+    ")", "&&",
+    "(", "type", "useradd", "1>/dev/null", "2>&1", "&&",
+      "useradd", "--system", "--uid", "1000", "--gid", "1000", "thehive", "||",
+      "adduser", "-S", "-u", "1000", "-G", "thehive", "thehive",
+    ")"),
+  //format: on
+  Cmd("ADD", "--chown=root:root", "opt", "/opt"),
+  Cmd("ADD", "--chown=thehive:thehive", "var", "/var"),
+  Cmd("ADD", "--chown=thehive:thehive", "etc", "/etc"),
+  ExecCmd("RUN", "chmod", "+x", "/opt/thehive/bin/thehive", "/opt/thehive/entrypoint"),
+  Cmd("EXPOSE", "9000"),
+  Cmd("USER", "thehive"),
+  ExecCmd("ENTRYPOINT", "/opt/thehive/entrypoint"),
+  ExecCmd("CMD")
+)
diff --git a/docker/thehive/docker-compose.yml b/docker/thehive/docker-compose.yml
index 5ca4e1cb12..0a9969c6ac 100644
--- a/docker/thehive/docker-compose.yml
+++ b/docker/thehive/docker-compose.yml
@@ -1,27 +1,25 @@
 version: "2"
 services:
   elasticsearch:
-    image: elasticsearch:6.8.0
+    image: elasticsearch:6.8.8
     environment:
       - http.host=0.0.0.0
-      - cluster.name=hive
-      - thread_pool.index.queue_size=100000
-      - thread_pool.search.queue_size=100000
-      - thread_pool.bulk.queue_size=100000
+      - discovery.type=single-node
     ulimits:
       nofile:
         soft: 65536
         hard: 65536
   cortex:
-    image: thehiveproject/cortex:3.0.1
+    image: thehiveproject/cortex:latest
     depends_on:
       - elasticsearch
     ports:
       - "0.0.0.0:9001:9001"
   thehive:
-    image: thehiveproject/thehive:3.4.0
+    image: thehiveproject/thehive:latest
     depends_on:
       - elasticsearch
       - cortex
     ports:
       - "0.0.0.0:9000:9000"
+    command: --cortex-port 9001
\ No newline at end of file
diff --git a/migration/12/dashboards/Observable_statistics .json b/migration/12/dashboards/Observable_statistics .json
deleted file mode 100644
index 467bf0d517..0000000000
--- a/migration/12/dashboards/Observable_statistics .json	
+++ /dev/null
@@ -1 +0,0 @@
-{"_routing":"AWu4YZXHg8tFuebkSwcG","description":"Observable statistics","title":"Observable statistics","_parent":null,"definition":{"period":"last3Months","items":[{"type":"container","items":[{"type":"donut","options":{"title":"Observables by type","entity":"case_artifact","field":"dataType","query":{"_not":{"_field":"status","_value":"Deleted"}},"names":{"fqdn":"fqdn","url":"url","regexp":"regexp","mail":"mail","hash":"hash","registry":"registry","uri_path":"uri_path","truc":"truc","ip":"ip","user-agent":"user-agent","autonomous-system":"autonomous-system","file":"file","mail_subject":"mail_subject","filename":"filename","other":"other","domain":"domain"},"filters":[{"field":"status","type":"enumeration","value":{"operator":"none","list":[{"text":"Deleted","label":"Deleted"}]}}]},"id":"6ee86a99-3f40-1960-fd4d-398a1da5b76e"},{"type":"donut","options":{"title":"Observables by attachment content type","entity":"case_artifact","field":"attachment.contentType","query":{"_and":[{"_field":"dataType","_value":"file"},{"_not":{"_field":"status","_value":"Deleted"}}]},"names":{},"filters":[{"field":"dataType","type":"enumeration","value":{"list":[{"text":"file","label":"file"}]}},{"field":"status","type":"enumeration","value":{"operator":"none","list":[{"text":"Deleted","label":"Deleted"}]}}]},"id":"b6110238-3074-4e85-674f-4bc56829e68a"}]},{"type":"container","items":[{"type":"donut","options":{"title":"Observable tags","entity":"case_artifact","field":"tags","query":{"_not":{"_field":"status","_value":"Deleted"}},"names":{},"filters":[{"field":"status","type":"enumeration","value":{"operator":"none","list":[{"text":"Deleted","label":"Deleted"}]}}]},"id":"70bbc0a5-1692-4e46-ebac-8769952ad9c0"},{"type":"donut","options":{"title":"Observables by TLP","entity":"case_artifact","field":"tlp","query":{"_not":{"_field":"status","_value":"Deleted"}},"names":{"0":"white","1":"green","2":"amber","3":"red"},"colors":{"0":"#bdf0ea","1":"#48e80f","2":"#e0a91a","3":"#f02626"},"filters":[{"field":"status","type":"enumeration","value":{"operator":"none","list":[{"text":"Deleted","label":"Deleted"}]}}]},"id":"633fbe97-805e-6123-3330-29f5c8f45f13"}]},{"type":"container","items":[{"type":"donut","options":{"title":"Observables by IOC flag","entity":"case_artifact","field":"ioc","query":{"_not":{"_field":"status","_value":"Deleted"}},"names":{},"filters":[{"field":"status","type":"enumeration","value":{"operator":"none","list":[{"text":"Deleted","label":"Deleted"}]}}]},"id":"771a3bdf-e437-ac3a-384d-23be91a25b07"},{"type":"line","options":{"title":"Observables over time","entity":"case_artifact","field":"createdAt","interval":"1w","series":[{"agg":"count","field":null,"type":"area-spline","filters":[{"field":"ioc","type":"boolean","value":true}],"label":"IOC","query":{"_field":"ioc","_value":true}},{"agg":"count","field":null,"type":"area-spline","label":"non-IOC","filters":[{"field":"ioc","type":"boolean","value":false}],"query":{"_field":"ioc","_value":false}}],"stacked":true,"query":{"_not":{"_field":"status","_value":"Deleted"}},"filters":[{"field":"status","type":"enumeration","value":{"operator":"none","list":[{"text":"Deleted","label":"Deleted"}]}}]},"id":"e5ed24a6-51ed-ecc4-9db0-ce837fd84214"}]}],"customPeriod":{"fromDate":null,"toDate":null}},"_id":"AWu4YZXHg8tFuebkSwcG","_version":3,"status":"Shared"}
diff --git a/migration/12/dashboards/Observable_statistics.json b/migration/12/dashboards/Observable_statistics.json
new file mode 100644
index 0000000000..2be434a943
--- /dev/null
+++ b/migration/12/dashboards/Observable_statistics.json
@@ -0,0 +1,101 @@
+{
+  "description": "Observable statistics",
+  "title": "Observable statistics",
+  "definition": {
+    "period": "last3Months", "items": [
+      {
+        "type": "container", "items": [
+        {
+          "type": "donut", "options": {
+          "title": "Observables by type", "entity": "case_artifact", "field": "dataType",
+          "query": {"_not": {"_field": "status", "_value": "Deleted"}}, "names": {
+            "fqdn": "fqdn", "url": "url", "regexp": "regexp", "mail": "mail", "hash": "hash", "registry": "registry",
+            "uri_path": "uri_path", "truc": "truc", "ip": "ip", "user-agent": "user-agent",
+            "autonomous-system": "autonomous-system", "file": "file", "mail_subject": "mail_subject",
+            "filename": "filename", "other": "other", "domain": "domain"
+          }, "filters": [
+            {
+              "field": "status", "type": "enumeration",
+              "value": {"operator": "none", "list": [{"text": "Deleted", "label": "Deleted"}]}
+            }
+          ]
+        }, "id": "6ee86a99-3f40-1960-fd4d-398a1da5b76e"
+        }, {
+          "type": "donut", "options": {
+            "title": "Observables by attachment content type", "entity": "case_artifact",
+            "field": "attachment.contentType", "query": {
+              "_and": [{"_field": "dataType", "_value": "file"}, {"_not": {"_field": "status", "_value": "Deleted"}}]
+            }, "names": {}, "filters": [
+              {"field": "dataType", "type": "enumeration", "value": {"list": [{"text": "file", "label": "file"}]}}, {
+                "field": "status", "type": "enumeration",
+                "value": {"operator": "none", "list": [{"text": "Deleted", "label": "Deleted"}]}
+              }
+            ]
+          }, "id": "b6110238-3074-4e85-674f-4bc56829e68a"
+        }
+      ]
+      }, {
+        "type": "container", "items": [
+          {
+            "type": "donut", "options": {
+            "title": "Observable tags", "entity": "case_artifact", "field": "tags",
+            "query": {"_not": {"_field": "status", "_value": "Deleted"}}, "names": {}, "filters": [
+              {
+                "field": "status", "type": "enumeration",
+                "value": {"operator": "none", "list": [{"text": "Deleted", "label": "Deleted"}]}
+              }
+            ]
+          }, "id": "70bbc0a5-1692-4e46-ebac-8769952ad9c0"
+          }, {
+            "type": "donut", "options": {
+              "title": "Observables by TLP", "entity": "case_artifact", "field": "tlp",
+              "query": {"_not": {"_field": "status", "_value": "Deleted"}},
+              "names": {"0": "white", "1": "green", "2": "amber", "3": "red"},
+              "colors": {"0": "#bdf0ea", "1": "#48e80f", "2": "#e0a91a", "3": "#f02626"}, "filters": [
+                {
+                  "field": "status", "type": "enumeration",
+                  "value": {"operator": "none", "list": [{"text": "Deleted", "label": "Deleted"}]}
+                }
+              ]
+            }, "id": "633fbe97-805e-6123-3330-29f5c8f45f13"
+          }
+        ]
+      }, {
+        "type": "container", "items": [
+          {
+            "type": "donut", "options": {
+            "title": "Observables by IOC flag", "entity": "case_artifact", "field": "ioc",
+            "query": {"_not": {"_field": "status", "_value": "Deleted"}}, "names": {}, "filters": [
+              {
+                "field": "status", "type": "enumeration",
+                "value": {"operator": "none", "list": [{"text": "Deleted", "label": "Deleted"}]}
+              }
+            ]
+          }, "id": "771a3bdf-e437-ac3a-384d-23be91a25b07"
+          }, {
+            "type": "line", "options": {
+              "title": "Observables over time", "entity": "case_artifact", "field": "createdAt", "interval": "1w",
+              "series": [
+                {
+                  "agg": "count", "field": null, "type": "area-spline",
+                  "filters": [{"field": "ioc", "type": "boolean", "value": true}], "label": "IOC",
+                  "query": {"_field": "ioc", "_value": true}
+                }, {
+                  "agg": "count", "field": null, "type": "area-spline", "label": "non-IOC",
+                  "filters": [{"field": "ioc", "type": "boolean", "value": false}],
+                  "query": {"_field": "ioc", "_value": false}
+                }
+              ], "stacked": true, "query": {"_not": {"_field": "status", "_value": "Deleted"}}, "filters": [
+                {
+                  "field": "status", "type": "enumeration",
+                  "value": {"operator": "none", "list": [{"text": "Deleted", "label": "Deleted"}]}
+                }
+              ]
+            }, "id": "e5ed24a6-51ed-ecc4-9db0-ce837fd84214"
+          }
+        ]
+      }
+    ], "customPeriod": {"fromDate": null, "toDate": null}
+  },
+  "status": "Shared"
+}
diff --git a/package/docker/Dockerfile b/package/docker/Dockerfile
new file mode 100644
index 0000000000..6c25d72119
--- /dev/null
+++ b/package/docker/Dockerfile
@@ -0,0 +1,67 @@
+# This Dockerfile is not the one used for official Docker image of TheHive but the result image should be identical
+# Official image are generated by sbt (with the command sbt docker:publishLocal)
+# This Dockerfile is largely inspired by https://github.com/ilyaglow/dockerfiles/blob/master/thehive/Dockerfile
+
+FROM openjdk:8 as build-env
+
+LABEL MAINTAINER="TheHive Project <support@thehive-project.org>"
+
+ARG THEHIVE_VERSION=develop
+
+RUN apt update && \
+  apt install -y apt-transport-https && \
+  curl -sL https://raw.githubusercontent.com/nvm-sh/nvm/v0.35.3/install.sh | bash - && \
+  export NVM_DIR="${HOME}/.nvm" && \
+  . "$NVM_DIR/nvm.sh" && \
+  nvm install --lts && \
+  apt-get install -y git && \
+  npm install -g grunt-cli \
+                 bower && \
+  git -c advice.detachedHead=false \
+      clone \
+      --branch=$THEHIVE_VERSION \
+      --depth=1 \
+      https://github.com/TheHive-Project/TheHive.git && \
+  echo '{"allow_root": true}' > /root/.bowerrc && \
+  cd TheHive && \
+  ./sbt clean stage && \
+  mv /TheHive/target/universal/stage /opt/thehive && \
+  mv /TheHive/package/docker/entrypoint /opt/thehive/entrypoint && \
+  mkdir /var/log/thehive && \
+  apt-get purge -y git && \
+  rm -rf /TheHive \
+         /root/* \
+         /root/.nvm \
+         /root/.m2 \
+         /root/.ivy2 \
+         /root/.sbt \
+         /var/lib/apt/lists/*
+
+FROM openjdk:8
+COPY --from=build-env /opt/thehive /opt/thehive
+COPY --from=build-env /var/log/thehive /var/log/thehive
+
+RUN apt update && \
+  apt upgrade -y && \
+  apt autoclean -y -q && \
+  apt autoremove -y -q && \
+  rm -rf /var/lib/apt/lists/* && \
+  ( type groupadd 1>/dev/null 2>&1 && \
+    groupadd -g 1000 thehive || \
+    addgroup -g 1000 -S thehive ) && \
+  ( type useradd 1>/dev/null 2>&1 && \
+    useradd --system --uid 1000 --gid 1000 thehive || \
+    adduser -S -u 1000 -G thehive thehive ) && \
+  mkdir /etc/thehive && \
+  cp /opt/thehive/conf/logback.xml /etc/thehive/logback.xml && \
+  chown -R root:root /opt/thehive && \
+  chown -R thehive:thehive /var/log/thehive /etc/thehive && \
+  chmod +x /opt/thehive/entrypoint
+
+USER thehive
+
+EXPOSE 9000
+
+WORKDIR /opt/thehive
+
+ENTRYPOINT ["/opt/thehive/entrypoint"]
diff --git a/package/docker/entrypoint b/package/docker/entrypoint
index 8a2e2fdda7..39d2827375 100755
--- a/package/docker/entrypoint
+++ b/package/docker/entrypoint
@@ -1,131 +1,221 @@
 #!/bin/bash
 
-ES_HOSTNAME=elasticsearch
-CONFIG_SECRET=1
-CONFIG_ES=1
-CONFIG_CORTEX=1
-CORTEX_HOSTNAME=cortex
-CORTEX_PROTO=http
-CORTEX_PORT=9001
-CORTEX_URLS=()
-CONFIG=1
-CONFIG_FILE=/etc/thehive/application.conf
-CORTEX_KEYS=()
+ES_HOSTNAME=${TH_ES_HOSTNAME:-elasticsearch}
+test "${TH_NO_CONFIG_SECRET}" == 1
+CONFIG_SECRET=$?
+SECRET=${TH_SECRET}
+SHOW_SECRET=${TH_SHOW_SECRET:-0}
+test "${TH_NO_CONFIG_ES}" == 1
+CONFIG_ES=$?
+test "${TH_NO_CONFIG_CORTEX}" == 1
+CONFIG_CORTEX=$?
+CORTEX_HOSTNAME=${TH_CORTEX_HOSTNAME:-cortex}
+CORTEX_PROTO=${TH_CORTEX_PROTO:-http}
+CORTEX_PORT=${TH_CORTEX_PORT:9001}
+IFS=',' read -r -a CORTEX_URLS <<< "${TH_CORTEX_URLS}"
+test "${TH_NO_CONFIG}" == 1
+CONFIG=$?
+CONFIG_FILE=${TH_CONFIG_FILE:-/etc/thehive/application.conf}
+IFS=',' read -r -a CORTEX_KEYS <<< "${TH_CORTEX_KEYS}"
+AUTO_MIGRATION=${TH_AUTO_MIGRATION:-0}
+CREATE_ADMIN_LOGIN=${TH_CREATE_ADMIN_LOGIN}
+CREATE_ADMIN_PASSWORD=${TH_CREATE_ADMIN_PASSWORD}
+CREATE_USER_LOGIN=${TH_CREATE_USER_LOGIN}
+IFS=',' read -r -a CREATE_USER_ROLE <<< "${TH_CREATE_USER_ROLE}"
+CREATE_USER_PASSWORD=${TH_CREATE_USER_PASSWORD}
 
 function usage {
-	cat <<- _EOF_
-		Available options:
-		--no-config		| do not try to configure TheHive (add secret and elasticsearch)
-		--no-config-secret	| do not add random secret to configuration
-		--no-config-es		| do not add elasticsearch hosts to configuration
-		--es-uri <uri>		| use this string to configure elasticsearch hosts (format: http(s)://host:port,host:port(/prefix)?querystring)
-		--es-hostname <host>	| resolve this hostname to find elasticseach instances
-		--secret <secret>	| secret to secure sessions
-		--cortex-proto <proto>	| define protocol to connect to Cortex (default: http)
-		--cortex-port <port>	| define port to connect to Cortex (default: 9000)
-		--cortex-url <url>	| add Cortex connection
-		--cortex-hostname <host>| resolve this hostname to find Cortex instances
-		--cortex-key <key>      | define Cortex key 
-	_EOF_
-	exit 1
+  cat <<- _EOF_
+    Available options:
+    --no-config                           | do not try to configure TheHive (add secret and elasticsearch)
+    --no-config-secret                    | do not add random secret to configuration
+    --secret <secret>                     | secret to secure sessions
+    --show-secret                         | show the generated secret
+    --no-config-es                        | do not add elasticsearch hosts to configuration
+    --es-uri <uri>                        | use this string to configure elasticsearch hosts (format: http(s)://host:port,host:port(/prefix)?querystring)
+    --es-hostname <host>                  | resolve this hostname to find elasticsearch instances
+    --no-config-cortex                    | do not add Cortex configuration
+    --cortex-proto <proto>                | define protocol to connect to Cortex (default: http)
+    --cortex-port <port>                  | define port to connect to Cortex (default: 9000)
+    --cortex-url <url>                    | add Cortex connection
+    --cortex-hostname <host>              | resolve this hostname to find Cortex instances
+    --cortex-key <key>                    | define Cortex key
+    --auto-migration                      | migrate the database, if needed
+    --create-admin <user> <password>      | create the first admin user, if not exist yet
+    --create-user <user> <role> <password>| create a user, only in conjunction with admin creation
+_EOF_
+  exit 1
 }
 
+
 STOP=0
-while test $# -gt 0 -o $STOP = 1
+while test $# -gt 0 -o "${STOP}" = 1
 do
-	case "$1" in
-		"--no-config")		CONFIG=0;;
-		"--no-config-secret")	CONFIG_SECRET=0;;
-		"--secret")		shift; SECRET=$1;;
-		"--no-config-es")	CONFIG_ES=0;;
-		"--es-hosts")		echo "--es-hosts is deprecated, please use --es-uri"
-					usage;;
-		"--es-uri")		shift; ES_URI=$1;;
-		"--es-hostname")	shift; ES_HOSTNAME=$1;;
-		"--no-config-cortex")	CONFIG_CORTEX=0;;
-		"--cortex-proto")	shift; CORTEX_PROTO=$1;;
-		"--cortex-port")	shift; CORTEX_PORT=$1;;
-		"--cortex-url")		shift; CORTEX_URLS+=($1);;
-		"--cortex-hostname")	shift; CORTEX_HOSTNAME=$1;;
-		"--cortex-key")  	shift; CORTEX_KEYS=($1);;
-		"--")			STOP=1;;
-		*)			usage
-	esac
-	shift
+  case "$1" in
+    "--no-config")         CONFIG=0 ;;
+    "--no-config-secret")  CONFIG_SECRET=0 ;;
+    "--secret")            shift; SECRET=$1 ;;
+    "--show-secret")       SHOW_SECRET=1 ;;
+    "--no-config-es")      CONFIG_ES=0 ;;
+    "--es-hosts")          echo "--es-hosts is deprecated, please use --es-uri"
+                           usage ;;
+    "--es-uri")            shift; ES_URI=$1 ;;
+    "--es-hostname")       shift; ES_HOSTNAME=$1 ;;
+    "--no-config-cortex")  CONFIG_CORTEX=0 ;;
+    "--cortex-proto")      shift; CORTEX_PROTO=$1 ;;
+    "--cortex-port")       shift; CORTEX_PORT=$1 ;;
+    "--cortex-url")        shift; CORTEX_URLS+=($1) ;;
+    "--cortex-hostname")   shift; CORTEX_HOSTNAME=$1 ;;
+    "--cortex-key")        shift; CORTEX_KEYS=($1) ;;
+    "--auto-migration")    AUTO_MIGRATION=1 ;;
+    "--create-admin")      shift; CREATE_ADMIN_LOGIN=$1
+                           shift; CREATE_ADMIN_PASSWORD=$1 ;;
+    "--create-user")       shift; CREATE_USER_LOGIN=$1
+                           shift; IFS=',' read -r -a CREATE_USER_ROLE <<< "$1"
+                           shift; CREATE_USER_PASSWORD=$1 ;;
+    "--")                  STOP=1;;
+    *)                     usage
+  esac
+  shift
 done
 
-if test $CONFIG = 1
+if test "${CONFIG}" = 1
 then
-	CONFIG_FILE=$(mktemp).conf
-	if test $CONFIG_SECRET = 1
-	then
-		if test -z "$SECRET"
-		then
-			SECRET=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1)
-		fi
-		echo Using secret: $SECRET
-		echo play.http.secret.key=\"$SECRET\" >> $CONFIG_FILE
-	fi
+  CONFIG_FILE=$(mktemp).conf
+  if test "${CONFIG_SECRET}" = 1
+  then
+    if test -z "${SECRET}"
+    then
+      SECRET=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1)
+      test "${SHOW_SECRET}" = 1 && echo Using secret: ${SECRET}
+    fi
+    echo "play.http.secret.key=\"${SECRET}\"" >> ${CONFIG_FILE}
+  fi
 
-	if test $CONFIG_ES = 1
-	then
-		if test -z "$ES_URI"
-		then
-			function join_es_hosts {
-				echo -n $1:9200
-				shift
-				printf "%s," "${@/#/:9200}"
-			}
+  if test "${CONFIG_ES}" = 1
+  then
+    if test -z "${ES_URI}"
+    then
+      ES=$(getent ahostsv4 "${ES_HOSTNAME}" | awk '{ print $1 }' | sort -u)
+      if test -z "${ES}"
+      then
+        echo "Warning automatic elasticsearch host config fails"
+      else
+        JOIN_ES_HOST=$(printf "%s:9200," "${ES}")
+        ES_URI=http://${JOIN_ES_HOST::-1}
+      fi
+    fi
+    if test -n "${ES_URI}"
+    then
+      echo "Using elasticsearch uri: ${ES_URI}"
+      echo "search.uri=\"${ES_URI}\"" >> ${CONFIG_FILE}
+    else
+      echo "elasticsearch uri not configured"
+    fi
+  fi
 
-			ES=$(getent ahostsv4 $ES_HOSTNAME | awk '{ print $1 }' | sort -u)
-			if test -z "$ES"
-			then
-				echo "Warning automatic elasticsearch host config fails"
-			else
-				ES_URI=http://$(join_es_hosts $ES)
-			fi
-		fi
-		if test -n "$ES_URI"
-		then
-			echo Using elasticsearch uri: $ES_URI
-			echo search.uri=\"$ES_URI\" >> $CONFIG_FILE
-		else
-			echo elasticsearch host not configured
-		fi
-	fi
+  if test -n "${CREATE_USER_LOGIN}"; then
+    echo "Enable basic authentication method to permit user creation"
+    echo "auth.method.basic=true" >> ${CONFIG_FILE}
+  fi
 
-	if test $CONFIG_CORTEX = 1
-	then
-		if test -n "$CORTEX_HOSTNAME"
-		then
-			CORTEX_URLS+=($(getent ahostsv4 $CORTEX_HOSTNAME | awk "{ print \"$CORTEX_PROTO://\"\$1\":$CORTEX_PORT\" }" | sort -u))
-		fi
+  if test "${CONFIG_CORTEX}" = 1
+  then
+    if test -n "${CORTEX_HOSTNAME}"
+    then
+      CORTEX_URLS+=($(getent ahostsv4 "${CORTEX_HOSTNAME}" | awk "{ print \"${CORTEX_PROTO}://\"\$1\":${CORTEX_PORT}\" }" | sort -u))
+    fi
 
-		if test ${#CORTEX_URLS[@]} -gt 0
-		then
-			echo "play.modules.enabled += connectors.cortex.CortexConnector" >> $CONFIG_FILE
-		fi
-		I=1
-		for C in ${CORTEX_URLS[@]}
-		do
-			echo Add Cortex cortex$I: $C
-			echo cortex.cortex$I.url=\"$C\" >> $CONFIG_FILE
-			I=$(($I+1))
-		done
-		I=1
-		for K in ${CORTEX_KEYS[@]}
-		do
-			echo Add Cortex cortex$I key: $K
-			echo cortex.cortex$I.key=\"$K\" >> $CONFIG_FILE
-			I=$(($I+1))
-		done
-	fi
+    if test ${#CORTEX_URLS[@]} -gt 0
+    then
+      echo "play.modules.enabled += connectors.cortex.CortexConnector" >> ${CONFIG_FILE}
+    fi
+    I=1
+    for C in ${CORTEX_URLS[@]}
+    do
+      echo "Add Cortex cortex${I}: ${C}"
+      echo "cortex.cortex${I}.url=\"${C}\"" >> ${CONFIG_FILE}
+      I=$((${I}+1))
+    done
+    I=1
+    for K in ${CORTEX_KEYS[@]}
+    do
+      echo "Add Cortex cortex${I} key: ${K}"
+      echo "cortex.cortex${I}.key=\"${K}\"" >> ${CONFIG_FILE}
+      I=$((${I}+1))
+    done
+  fi
 
-	echo 'include file("/etc/thehive/application.conf")' >> $CONFIG_FILE
+  echo 'include file("/etc/thehive/application.conf")' >> ${CONFIG_FILE}
 fi
 
-exec bin/thehive \
-	-Dconfig.file=$CONFIG_FILE \
-	-Dlogger.file=/etc/thehive/logback.xml \
-	-Dpidfile.path=/dev/null \
-	$@
+
+bin/thehive \
+  -Dconfig.file=${CONFIG_FILE} \
+  -Dlogger.file=/etc/thehive/logback.xml \
+  -Dpidfile.path=/dev/null \
+  $@ &
+PID=$!
+trap 'kill -SIGTERM "${PID}"; wait "${PID}"; exit 143' SIGTERM SIGINT
+
+if test "${AUTO_MIGRATION}" = 1 -o -n "${CREATE_ADMIN_LOGIN}"; then
+  echo -n "Wait until TheHive starts"
+  MAX_WAIT=15
+  IS_STARTED=0
+  while test "${MAX_WAIT}" -gt 0 -a "${IS_STARTED}" = 0; do
+    sleep 3
+    echo -n .
+    HTTP_CODE=$(curl -s -w '%{http_code}' -m 2 -o /dev/null http://127.0.0.1:9000/api/status)
+    test "${HTTP_CODE}" != 200
+    IS_STARTED=$?
+    MAX_WAIT=$(("${MAX_WAIT}"-1))
+  done
+  echo
+  if test "${IS_STARTED}" = 0; then
+    echo "Thehive fails to start"
+  else
+    HTTP_CODE=$(curl -s -w '%{http_code}' -o /dev/null http://127.0.0.1:9000/api/user/current)
+    if test "${HTTP_CODE}" = 520 -a "${AUTO_MIGRATION}" = 1; then
+      echo -n "Migrating database ..."
+      HTTP_CODE=$(curl -s -w '%{http_code}' -o /dev/null -XPOST http://127.0.0.1:9000/api/maintenance/migrate)
+      if test "${HTTP_CODE}" != 204; then
+        echo "fails! ${HTTP_CODE}"
+      else
+        echo "ok"
+        if test -n "${CREATE_ADMIN_LOGIN}"; then
+          echo -n "Create admin user ..."
+          HTTP_CODE=$(curl -s -w '%{http_code}' -o /dev/null http://127.0.0.1:9000/api/user \
+            -H "Content-type: application/json" \
+            -d '{
+              "login": "'${CREATE_ADMIN_LOGIN}'",
+              "name": "'${CREATE_ADMIN_LOGIN}'",
+              "roles": ["ADMIN","READ","WRITE","ALERT"],
+              "password":"'${CREATE_ADMIN_PASSWORD}'"}')
+          if test ${HTTP_CODE} != 201; then
+            echo "fails"
+          else
+            echo "ok"
+            if test -n "${CREATE_USER_LOGIN}"; then
+              echo -n "Create user ${CREATE_USER_LOGIN} ..."
+              ROLE=$(printf '"%s",' ${CREATE_USER_ROLE[@]})
+              HTTP_CODE=$(curl -s -w '%{http_code}' -o /dev/null http://127.0.0.1:9000/api/user \
+                -u ${CREATE_ADMIN_LOGIN}:${CREATE_ADMIN_PASSWORD} \
+                -H "Content-type: application/json" \
+                -d '{
+                  "login": "'${CREATE_USER_LOGIN}'",
+                  "name": "'${CREATE_USER_LOGIN}'",
+                  "roles": ['${ROLE::-1}'],
+                  "password": "'${CREATE_USER_PASSWORD}'"}')
+              if test ${HTTP_CODE} = 201; then
+                echo "ok"
+              else
+                echo "fails"
+              fi
+            fi
+          fi
+        fi
+      fi
+    fi
+  fi
+fi
+wait ${PID}
\ No newline at end of file
diff --git a/project/build.properties b/project/build.properties
index c0bab04941..080a737edb 100644
--- a/project/build.properties
+++ b/project/build.properties
@@ -1 +1 @@
-sbt.version=1.2.8
+sbt.version=1.3.0
diff --git a/project/plugins.sbt b/project/plugins.sbt
index c8ec87a869..5af970f6ad 100644
--- a/project/plugins.sbt
+++ b/project/plugins.sbt
@@ -1,6 +1,7 @@
 // Comment to get more information during initialization
 logLevel := Level.Info
 
-addSbtPlugin("com.typesafe.play" % "sbt-plugin" % "2.6.23")
-addSbtPlugin("org.foundweekends" % "sbt-bintray" % "0.5.1")
-addSbtPlugin("org.scalameta"     % "sbt-scalafmt" % "2.0.0")
+addSbtPlugin("com.typesafe.play"   % "sbt-plugin"           % "2.6.23")
+addSbtPlugin("org.foundweekends"   % "sbt-bintray"          % "0.5.1")
+addSbtPlugin("org.scalameta"       % "sbt-scalafmt"         % "2.0.0")
+addSbtPlugin("org.thehive-project" % "sbt-github-changelog" % "0.2.0")
diff --git a/thehive-backend/app/controllers/StatusCtrl.scala b/thehive-backend/app/controllers/StatusCtrl.scala
index 08ee2f7145..936a029744 100644
--- a/thehive-backend/app/controllers/StatusCtrl.scala
+++ b/thehive-backend/app/controllers/StatusCtrl.scala
@@ -38,6 +38,7 @@ class StatusCtrl @Inject()(
   private def updateStatus(): Unit = {
     clusterStatusName = Try(dbIndex.clusterStatusName).getOrElse("ERROR")
     system.scheduler.scheduleOnce(checkStatusInterval)(updateStatus())
+    ()
   }
   updateStatus()
 
@@ -79,8 +80,7 @@ class StatusCtrl @Inject()(
         case 1 ⇒ HealthStatus.Warning
         case _ ⇒ HealthStatus.Error
       }
-      connectorStatus = connectors.map(c ⇒ c.health).toSeq
-      distinctStatus  = connectorStatus :+ dbStatus
+      distinctStatus = connectors.map(c ⇒ c.health) + dbStatus
       globalStatus = if (distinctStatus.contains(HealthStatus.Ok)) {
         if (distinctStatus.size > 1) HealthStatus.Warning else HealthStatus.Ok
       } else if (distinctStatus.contains(HealthStatus.Error)) HealthStatus.Error
diff --git a/thehive-backend/app/models/Alert.scala b/thehive-backend/app/models/Alert.scala
index 2dcde4860f..b9afab587f 100644
--- a/thehive-backend/app/models/Alert.scala
+++ b/thehive-backend/app/models/Alert.scala
@@ -60,7 +60,7 @@ trait AlertAttributes {
       Attribute("alert", "ioc", OptionalAttributeFormat(F.booleanFmt), Nil, None, "")
     )
   }
-
+  
   val alertId: A[String]              = attribute("_id", F.stringFmt, "Alert id", O.readonly)
   val tpe: A[String]                  = attribute("type", F.stringFmt, "Type of the alert", O.readonly)
   val source: A[String]               = attribute("source", F.stringFmt, "Source of the alert", O.readonly)
@@ -70,7 +70,7 @@ trait AlertAttributes {
   val caze: A[Option[String]]         = optionalAttribute("case", F.stringFmt, "Id of the case, if created")
   val title: A[String]                = attribute("title", F.textFmt, "Title of the alert")
   val description: A[String]          = attribute("description", F.textFmt, "Description of the alert")
-  val severity: A[Long]               = attribute("severity", SeverityAttributeFormat, "Severity if the alert (0-3)", 2L)
+  val severity: A[Long]               = attribute("severity", SeverityAttributeFormat, "Severity if the alert (1-4)", 2L)
   val tags: A[Seq[String]]            = multiAttribute("tags", F.stringFmt, "Alert tags")
   val tlp: A[Long]                    = attribute("tlp", TlpAttributeFormat, "TLP level", 2L)
   val artifacts: A[Seq[JsObject]]     = multiAttribute("artifacts", F.objectFmt(artifactAttributes), "Artifact of the alert", O.unaudited)
@@ -83,10 +83,15 @@ trait AlertAttributes {
 @Singleton
 class AlertModel @Inject()(dblists: DBLists) extends ModelDef[AlertModel, Alert]("alert", "Alert", "/alert") with AlertAttributes with AuditedModel {
 
-  private[AlertModel] lazy val logger               = Logger(getClass)
-  override val defaultSortBy: Seq[String]           = Seq("-date")
-  override val removeAttribute: JsObject            = Json.obj("status" → AlertStatus.Ignored)
-  override val computedMetrics: Map[String, String] = Map("observableCount" → "_source['artifacts']?.size()")
+  private[AlertModel] lazy val logger     = Logger(getClass)
+  override val defaultSortBy: Seq[String] = Seq("-date")
+  override val removeAttribute: JsObject  = Json.obj("status" → AlertStatus.Ignored)
+  override val computedMetrics: Map[String, String] = Map(
+    "observableCount"           → "if (params._source.containsKey('artifacts')) { params._source['artifacts'].size() } else 0",
+    "handlingDurationInSeconds" → "(doc['updatedAt'].date.getMillis() - doc['createdAt'].date.getMillis()) / 1000",
+    "handlingDurationInHours"   → "(doc['updatedAt'].date.getMillis() - doc['createdAt'].date.getMillis()) / 3600000",
+    "handlingDurationInDays"    → "(doc['updatedAt'].date.getMillis() - doc['createdAt'].date.getMillis()) / (3600000 * 24)"
+  )
 
   override def creationHook(parent: Option[BaseEntity], attrs: JsObject): Future[JsObject] = {
     // check if data attribute is present on all artifacts
diff --git a/thehive-backend/app/models/AttributeFormat.scala b/thehive-backend/app/models/AttributeFormat.scala
index debadb278e..6bf2ad96ac 100644
--- a/thehive-backend/app/models/AttributeFormat.scala
+++ b/thehive-backend/app/models/AttributeFormat.scala
@@ -11,7 +11,7 @@ import org.elastic4play.{AttributeError, InvalidFormatAttributeError}
 
 object SeverityAttributeFormat extends NumberAttributeFormat {
 
-  def isValidValue(value: Long): Boolean = 1 <= value && value <= 3
+  def isValidValue(value: Long): Boolean = 1 <= value && value <= 4
 
   override def definition(dblists: DBLists, attribute: Attribute[Long]): Seq[AttributeDefinition] =
     Seq(
@@ -19,8 +19,8 @@ object SeverityAttributeFormat extends NumberAttributeFormat {
         attribute.attributeName,
         name,
         attribute.description,
-        Seq(JsNumber(1), JsNumber(2), JsNumber(3)),
-        Seq("low", "medium", "high")
+        Seq(JsNumber(1), JsNumber(2), JsNumber(3), JsNumber(4)),
+        Seq("low", "medium", "high", "critical")
       )
     )
 
diff --git a/thehive-backend/app/models/Case.scala b/thehive-backend/app/models/Case.scala
index a6fe3984d5..450d471d3d 100644
--- a/thehive-backend/app/models/Case.scala
+++ b/thehive-backend/app/models/Case.scala
@@ -37,7 +37,7 @@ trait CaseAttributes { _: AttributeDef ⇒
   val caseId: A[Long]             = attribute("caseId", F.numberFmt, "Id of the case (auto-generated)", O.model)
   val title: A[String]            = attribute("title", F.textFmt, "Title of the case")
   val description: A[String]      = attribute("description", F.textFmt, "Description of the case")
-  val severity: A[Long]           = attribute("severity", SeverityAttributeFormat, "Severity if the case is an incident (0-3)", 2L)
+  val severity: A[Long]           = attribute("severity", SeverityAttributeFormat, "Severity if the case is an incident (1-4)", 2L)
   val owner: A[String]            = attribute("owner", F.userFmt, "Owner of the case")
   val startDate: A[Date]          = attribute("startDate", F.dateFmt, "Creation date", new Date)
   val endDate: A[Option[Date]]    = optionalAttribute("endDate", F.dateFmt, "Resolution date")
@@ -81,10 +81,12 @@ class CaseModel @Inject()(
 
   override def creationHook(parent: Option[BaseEntity], attrs: JsObject): Future[JsObject] =
     sequenceSrv("case").map { caseId ⇒
-      attrs + ("caseId" → JsNumber(caseId))
+      attrs +
+        ("caseId" → JsNumber(caseId)) +
+        ("owner"  → (attrs \ "owner").asOpt[String].fold[JsValue](JsNull)(o ⇒ JsString(o.toLowerCase())))
     }
 
-  override def updateHook(entity: BaseEntity, updateAttrs: JsObject): Future[JsObject] = Future.successful {
+  private def updateStatus(updateAttrs: JsObject): JsObject =
     (updateAttrs \ "status").asOpt[CaseStatus.Type] match {
       case Some(CaseStatus.Resolved) if !updateAttrs.keys.contains("endDate") ⇒
         updateAttrs +
@@ -95,7 +97,12 @@ class CaseModel @Inject()(
       case _ ⇒
         updateAttrs
     }
-  }
+
+  private def lowercaseOwner(updateAttrs: JsObject): JsObject =
+    (updateAttrs \ "owner").asOpt[String].fold(updateAttrs)(o ⇒ updateAttrs + ("owner" → JsString(o.toLowerCase)))
+
+  override def updateHook(entity: BaseEntity, updateAttrs: JsObject): Future[JsObject] =
+    Future.successful(lowercaseOwner(updateStatus(updateAttrs)))
 
   private[models] def buildArtifactStats(caze: Case): Future[JsObject] = {
     import org.elastic4play.services.QueryDSL._
@@ -177,9 +184,9 @@ class CaseModel @Inject()(
     }
 
   override val computedMetrics = Map(
-    "handlingDurationInSeconds" → "(doc['endDate'].value - doc['startDate'].value) / 1000",
-    "handlingDurationInHours"   → "(doc['endDate'].value - doc['startDate'].value) / 3600000",
-    "handlingDurationInDays"    → "(doc['endDate'].value - doc['startDate'].value) / (3600000 * 24)"
+    "handlingDurationInSeconds" → "(doc['endDate'].date.getMillis() - doc['startDate'].date.getMillis()) / 1000",
+    "handlingDurationInHours"   → "(doc['endDate'].date.getMillis() - doc['startDate'].date.getMillis()) / 3600000",
+    "handlingDurationInDays"    → "(doc['endDate'].date.getMillis() - doc['startDate'].date.getMillis()) / (3600000 * 24)"
   )
 }
 
diff --git a/thehive-backend/app/models/CaseTemplate.scala b/thehive-backend/app/models/CaseTemplate.scala
index 83ef3a8f81..dc3f607298 100644
--- a/thehive-backend/app/models/CaseTemplate.scala
+++ b/thehive-backend/app/models/CaseTemplate.scala
@@ -19,7 +19,7 @@ trait CaseTemplateAttributes { _: AttributeDef ⇒
   val templateName: A[String]             = attribute("name", F.stringFmt, "Name of the template")
   val titlePrefix: A[Option[String]]      = optionalAttribute("titlePrefix", F.textFmt, "Title of the case")
   val description: A[Option[String]]      = optionalAttribute("description", F.textFmt, "Description of the case")
-  val severity: A[Option[Long]]           = optionalAttribute("severity", SeverityAttributeFormat, "Severity if the case is an incident (0-5)")
+  val severity: A[Option[Long]] = optionalAttribute("severity", SeverityAttributeFormat, "Severity if the case is an incident (1-4)")
   val tags: A[Seq[String]]                = multiAttribute("tags", F.stringFmt, "Case tags")
   val flag: A[Option[Boolean]]            = optionalAttribute("flag", F.booleanFmt, "Flag of the case")
   val tlp: A[Option[Long]]                = optionalAttribute("tlp", TlpAttributeFormat, "TLP level")
diff --git a/thehive-backend/app/services/AlertSrv.scala b/thehive-backend/app/services/AlertSrv.scala
index 4b367c3ca0..962c9b2e88 100644
--- a/thehive-backend/app/services/AlertSrv.scala
+++ b/thehive-backend/app/services/AlertSrv.scala
@@ -109,8 +109,27 @@ class AlertSrv(
         case a ⇒ Future.successful(a)
       }
     artifactsFields.flatMap { af ⇒
+      val validArtifacts = af.filter { a ⇒
+        val hasAttachment = (a \ "attachment").asOpt[JsObject].isDefined
+        val hasData       = (a \ "data").asOpt[String].isDefined
+        val dataType      = (a \ "dataType").asOpt[String]
+        val isValid = dataType match {
+          case None         ⇒ false
+          case Some("file") ⇒ hasAttachment && !hasData
+          case _            ⇒ !hasAttachment && hasData
+        }
+        if (!isValid) {
+          val dataTypeStr   = dataType.fold("DataType is not set!")(d ⇒ s"DataType is $d")
+          val dataStr       = if (hasData) "data is set" else "data is not set"
+          val attachmentStr = if (hasAttachment) "attachment is set" else "attachment is not set"
+          logger.warn(
+            s"The alert contains an invalid artifact: $dataTypeStr, $dataStr, $attachmentStr"
+          )
+        }
+        isValid
+      }
       /* remove duplicate artifacts */
-      val distinctArtifacts = Collection.distinctBy(af) { a ⇒
+      val distinctArtifacts = Collection.distinctBy(validArtifacts) { a ⇒
         val data       = (a \ "data").asOpt[String]
         val attachment = (a \ "attachment" \ "id").asOpt[String]
         val dataType   = (a \ "dataType").asOpt[String]
@@ -280,31 +299,33 @@ class AlertSrv(
   def importArtifacts(alert: Alert, caze: Case)(implicit authContext: AuthContext): Future[Case] = {
     val artifactsFields = alert
       .artifacts()
-      .map { artifact ⇒
+      .flatMap { artifact ⇒
         val tags    = (artifact \ "tags").asOpt[Seq[JsString]].getOrElse(Nil) :+ JsString("src:" + alert.tpe())
         val message = (artifact \ "message").asOpt[JsString].getOrElse(JsString(""))
-        val artifactFields = Fields(
-          artifact +
-            ("tags"    → JsArray(tags)) +
-            ("message" → message)
-        )
-        if (artifactFields.getString("dataType").contains("file")) {
-          artifactFields
-            .getString("data")
-            .map {
+        (artifact \ "dataType").asOpt[String].flatMap {
+          case "file" ⇒
+            (artifact \ "data").asOpt[String].collect {
               case dataExtractor(filename, contentType, data) ⇒
                 val f = Files.createTempFile("alert-", "-attachment")
                 Files.write(f, java.util.Base64.getDecoder.decode(data))
-                artifactFields
-                  .set("attachment", FileInputValue(filename, f, contentType))
+                Fields(
+                  artifact +
+                    ("tags"    → JsArray(tags)) +
+                    ("message" → message)
+                ).set("attachment", FileInputValue(filename, f, contentType))
                   .unset("data")
-              case data ⇒
-                logger.warn(s"Invalid data format for file artifact: $data")
-                artifactFields
             }
-            .getOrElse(artifactFields)
-        } else {
-          artifactFields
+          case _ if artifact.value.contains("data") ⇒
+            Some(
+              Fields(
+                artifact +
+                  ("tags"    → JsArray(tags)) +
+                  ("message" → message)
+              )
+            )
+          case _ ⇒
+            logger.warn(s"Invalid artifact format: $artifact")
+            None
         }
       }
 
diff --git a/thehive-backend/app/services/OAuth2Srv.scala b/thehive-backend/app/services/OAuth2Srv.scala
index ea6664f0ef..936a6ad678 100644
--- a/thehive-backend/app/services/OAuth2Srv.scala
+++ b/thehive-backend/app/services/OAuth2Srv.scala
@@ -24,7 +24,8 @@ case class OAuth2Config(
     tokenUrl: String,
     userUrl: String,
     scope: String,
-    autocreate: Boolean
+    autocreate: Boolean,
+    autoupdate: Boolean
 )
 
 object OAuth2Config {
@@ -41,7 +42,20 @@ object OAuth2Config {
       tokenUrl         ← configuration.getOptional[String]("auth.oauth2.tokenUrl")
       scope            ← configuration.getOptional[String]("auth.oauth2.scope")
       autocreate = configuration.getOptional[Boolean]("auth.sso.autocreate").getOrElse(false)
-    } yield OAuth2Config(clientId, clientSecret, redirectUri, responseType, grantType, authorizationUrl, tokenUrl, userUrl, scope, autocreate)
+      autoupdate = configuration.getOptional[Boolean]("auth.sso.autoupdate").getOrElse(false)
+    } yield OAuth2Config(
+      clientId,
+      clientSecret,
+      redirectUri,
+      responseType,
+      grantType,
+      authorizationUrl,
+      tokenUrl,
+      userUrl,
+      scope,
+      autocreate,
+      autoupdate
+    )
 }
 
 @Singleton
@@ -77,7 +91,7 @@ class OAuth2Srv(
     }
 
   private def getAuthTokenAndAuthenticate(clientId: String, code: String)(implicit request: RequestHeader): Future[AuthContext] = {
-    logger.debug("Getting user token with the code from the response!")
+    logger.debug("Getting user token with the code from the response")
     withOAuth2Config { cfg ⇒
       ws.url(cfg.tokenUrl)
         .post(
@@ -97,22 +111,23 @@ class OAuth2Srv(
         .flatMap { r ⇒
           r.status match {
             case Status.OK ⇒
+              logger.debug("Getting user info using access token")
               val accessToken = (r.json \ "access_token").asOpt[String].getOrElse("")
-              val authHeader  = "Authorization" → s"bearer $accessToken"
+              val authHeader  = "Authorization" → s"Bearer $accessToken"
               ws.url(cfg.userUrl)
                 .addHttpHeaders(authHeader)
                 .get()
                 .flatMap { userResponse ⇒
                   if (userResponse.status != Status.OK) {
-                    Future.failed(AuthenticationError(s"unexpected response from server: ${userResponse.status} ${userResponse.body}"))
+                    Future.failed(AuthenticationError(s"Unexpected response from server: ${userResponse.status} ${userResponse.body}"))
                   } else {
                     val response = userResponse.json.asInstanceOf[JsObject]
                     getOrCreateUser(response, authHeader)
                   }
                 }
             case _ ⇒
-              logger.error(s"unexpected response from server: ${r.status} ${r.body}")
-              Future.failed(AuthenticationError("unexpected response from server"))
+              logger.error(s"Unexpected response from server: ${r.status} ${r.body}")
+              Future.failed(AuthenticationError("Unexpected response from server"))
           }
         }
     }
@@ -125,11 +140,24 @@ class OAuth2Srv(
         userSrv
           .get(userId)
           .flatMap(user ⇒ {
-            userSrv.getFromUser(request, user, name)
+            if (cfg.autoupdate) {
+              logger.debug(s"Updating OAuth/OIDC user")
+              userSrv.inInitAuthContext { implicit authContext ⇒
+                // Only update name and roles, not login (can't change it)
+                userSrv
+                  .update(user, userFields.unset("login"))
+                  .flatMap(user ⇒ {
+                    userSrv.getFromUser(request, user, name)
+                  })
+              }
+            } else {
+              userSrv.getFromUser(request, user, name)
+            }
           })
           .recoverWith {
             case authErr: AuthorizationError ⇒ Future.failed(authErr)
             case _ if cfg.autocreate ⇒
+              logger.debug(s"Creating OAuth/OIDC user")
               userSrv.inInitAuthContext { implicit authContext ⇒
                 userSrv
                   .create(userFields)
diff --git a/thehive-backend/app/services/mappers/GroupUserMapper.scala b/thehive-backend/app/services/mappers/GroupUserMapper.scala
index 6aafb08965..cf036ce379 100644
--- a/thehive-backend/app/services/mappers/GroupUserMapper.scala
+++ b/thehive-backend/app/services/mappers/GroupUserMapper.scala
@@ -3,21 +3,21 @@ package services.mappers
 import javax.inject.Inject
 
 import scala.concurrent.{ExecutionContext, Future}
+import scala.util.parsing.combinator._
 
-import play.api.Configuration
+import play.api.{Configuration, Logger}
 import play.api.libs.json._
 import play.api.libs.ws.WSClient
 
-import org.elastic4play.AuthenticationError
+import org.elastic4play.{AuthenticationError, AuthorizationError}
 import org.elastic4play.controllers.Fields
 
 class GroupUserMapper(
     loginAttrName: String,
     nameAttrName: String,
-    rolesAttrName: Option[String],
-    groupAttrName: String,
+    groupsAttrName: String,
     defaultRoles: Seq[String],
-    groupsUrl: String,
+    groupsUrl: Option[String],
     mappings: Map[String, Seq[String]],
     ws: WSClient,
     implicit val ec: ExecutionContext
@@ -25,12 +25,11 @@ class GroupUserMapper(
 
   @Inject() def this(configuration: Configuration, ws: WSClient, ec: ExecutionContext) =
     this(
-      configuration.getOptional[String]("auth.sso.attributes.login").getOrElse("name"),
-      configuration.getOptional[String]("auth.sso.attributes.name").getOrElse("username"),
-      configuration.getOptional[String]("auth.sso.attributes.roles"),
+      configuration.getOptional[String]("auth.sso.attributes.login").getOrElse("sub"),
+      configuration.getOptional[String]("auth.sso.attributes.name").getOrElse("name"),
       configuration.getOptional[String]("auth.sso.attributes.groups").getOrElse(""),
       configuration.getOptional[Seq[String]]("auth.sso.defaultRoles").getOrElse(Seq()),
-      configuration.getOptional[String]("auth.sso.groups.url").getOrElse(""),
+      configuration.getOptional[String]("auth.sso.groups.url"),
       configuration.getOptional[Map[String, Seq[String]]]("auth.sso.groups.mappings").getOrElse(Map()),
       ws,
       ec
@@ -38,13 +37,73 @@ class GroupUserMapper(
 
   override val name: String = "group"
 
+  private[GroupUserMapper] lazy val logger = Logger(getClass)
+
+  private class RoleListParser extends RegexParsers {
+    val str     = "[a-zA-Z0-9_]+".r
+    val strSpc  = "[a-zA-Z0-9_ ]+".r
+    val realStr = ("\""~>strSpc<~"\"" | "'"~>strSpc<~"'" | str)
+
+    def expr: Parser[Seq[String]] = {
+      "[" ~ opt(realStr ~ rep("," ~ realStr)) ~ "]" ^^ {
+        case _ ~ Some(firstRole ~ list) ~ _ ⇒ list.foldLeft(Seq(firstRole)) {
+          case (queue, _ ~ role) ⇒ role +: queue
+        }
+        case _ ~ _      ⇒ Seq.empty[String]
+      } | opt(realStr) ^^ {
+        case Some(role) ⇒ Seq(role)
+        case None       ⇒ Seq.empty[String]
+      }
+    }
+  }
+
   override def getUserFields(jsValue: JsValue, authHeader: Option[(String, String)]): Future[Fields] = {
+    groupsUrl match {
+      case Some(groupsEndpointUrl) ⇒ {
+        logger.debug(s"Retreiving groups from ${groupsEndpointUrl}")
+        val apiCall = authHeader.fold(ws.url(groupsEndpointUrl))(headers ⇒ ws.url(groupsEndpointUrl).addHttpHeaders(headers))
+        apiCall.get.flatMap { r ⇒ extractGroupsThenBuildUserFields(jsValue, r.json) }
+      }
+      case None ⇒ {
+        logger.debug(s"Extracting groups from user info")
+        extractGroupsThenBuildUserFields(jsValue, jsValue)
+      }
+    }
+  }
+
+  private def extractGroupsThenBuildUserFields(jsValue: JsValue, groupsContainer: JsValue): Future[Fields] = {
+    (groupsContainer \ groupsAttrName) match {
+      // Groups received as valid JSON array
+      case JsDefined(JsArray(groupsList)) ⇒ mapGroupsAndBuildUserFields(jsValue, groupsList.map(_.as[String]).toList)
+
+      // Groups list received as string (invalid JSON, for example: "ROLE" or "['Role 1', ROLE2, 'Role_3']")
+      case JsDefined(JsString(groupsStr)) ⇒ {
+        val parser = new RoleListParser
+        parser.parseAll(parser.expr, groupsStr) match {
+          case parser.Success(result, _) ⇒ mapGroupsAndBuildUserFields(jsValue, result)
+          case err: parser.NoSuccess     ⇒ Future.failed(AuthenticationError(s"User info fails: can't parse groups list (${err.msg})"))
+        }
+      }
+
+      // Invalid group list
+      case JsDefined(error) ⇒
+        Future.failed(AuthenticationError(s"User info fails: invalid groups list received in user info ('${error}' of type ${error.getClass})"))
+
+      // Groups field is undefined
+      case _: JsUndefined ⇒
+        Future.failed(AuthenticationError(s"User info fails: groups attribute ${groupsAttrName} doesn't exist in user info"))
+    }
+  }
+
+  private def mapGroupsAndBuildUserFields(jsValue: JsValue, jsonGroups: Seq[String]): Future[Fields] = {
+    val mappedRoles = jsonGroups.flatMap(mappings.get).flatten.toSet
+    val roles       = if (mappedRoles.nonEmpty) mappedRoles else defaultRoles
+
+    if (roles.isEmpty) {
+      Future.failed(AuthorizationError(s"No matched roles for user"))
 
-    val apiCall = authHeader.fold(ws.url(groupsUrl))(headers ⇒ ws.url(groupsUrl).addHttpHeaders(headers))
-    apiCall.get.flatMap { r ⇒
-      val jsonGroups  = (r.json \ groupAttrName).as[Seq[String]]
-      val mappedRoles = jsonGroups.flatMap(mappings.get).maxBy(_.length)
-      val roles       = if (mappedRoles.nonEmpty) mappedRoles else defaultRoles
+    } else {
+      logger.debug(s"Computed roles: ${roles.mkString(", ")}")
 
       val fields = for {
         login ← (jsValue \ loginAttrName).validate[String]
@@ -52,7 +111,7 @@ class GroupUserMapper(
       } yield Fields(Json.obj("login" → login, "name" → name, "roles" → roles))
       fields match {
         case JsSuccess(f, _) ⇒ Future.successful(f)
-        case JsError(errors) ⇒ Future.failed(AuthenticationError(s"User info fails: ${errors.map(_._1).mkString}"))
+        case JsError(errors) ⇒ Future.failed(AuthenticationError(s"User info fails: ${errors.map(_._2).map(_.map(_.messages.mkString(", ")).mkString("; ")).mkString}"))
       }
     }
   }
diff --git a/thehive-backend/app/services/mappers/SimpleUserMapper.scala b/thehive-backend/app/services/mappers/SimpleUserMapper.scala
index b549c9b0ee..598d9d2ece 100644
--- a/thehive-backend/app/services/mappers/SimpleUserMapper.scala
+++ b/thehive-backend/app/services/mappers/SimpleUserMapper.scala
@@ -20,8 +20,8 @@ class SimpleUserMapper(
 
   @Inject() def this(configuration: Configuration, ec: ExecutionContext) =
     this(
-      configuration.getOptional[String]("auth.sso.attributes.login").getOrElse("name"),
-      configuration.getOptional[String]("auth.sso.attributes.name").getOrElse("username"),
+      configuration.getOptional[String]("auth.sso.attributes.login").getOrElse("sub"),
+      configuration.getOptional[String]("auth.sso.attributes.name").getOrElse("name"),
       configuration.getOptional[String]("auth.sso.attributes.roles"),
       configuration.getOptional[Seq[String]]("auth.sso.defaultRoles").getOrElse(Seq()),
       ec
@@ -37,7 +37,7 @@ class SimpleUserMapper(
     } yield Fields(Json.obj("login" → login, "name" → name, "roles" → roles))
     fields match {
       case JsSuccess(f, _) ⇒ Future.successful(f)
-      case JsError(errors) ⇒ Future.failed(AuthenticationError(s"User info fails: ${errors.map(_._1).mkString}"))
+      case JsError(errors) ⇒ Future.failed(AuthenticationError(s"User info fails: ${errors.map(_._2).map(_.map(_.messages.mkString(", ")).mkString("; ")).mkString}"))
     }
   }
 }
diff --git a/thehive-backend/conf/reference.conf b/thehive-backend/conf/reference.conf
index 49fdb53b16..344e3dba8f 100644
--- a/thehive-backend/conf/reference.conf
+++ b/thehive-backend/conf/reference.conf
@@ -28,8 +28,6 @@ play.http.session.cookieName = THE_HIVE_SESSION
 search {
   # Name of the index
   index = the_hive
-  # Name of the ElasticSearch cluster
-  cluster = hive
   # Address of the ElasticSearch instance
   host = ["127.0.0.1:9300"]
   # Scroll keepalive
@@ -191,7 +189,7 @@ migration {
 //
 //    # Maximum number of sync messages that actor can process for stream to substream communication.
 //    # Parameter allows to interrupt synchronous processing to get upsteam/downstream messages.
-//    # Allows to accelerate message processing that happening withing same actor but keep system responsive.
+//    # Allows to accelerate message processing that happening within same actor but keep system responsive.
 //    sync-processing-limit = 1000
 //
 //    debug {
diff --git a/thehive-cortex/app/connectors/cortex/controllers/CortexCtrl.scala b/thehive-cortex/app/connectors/cortex/controllers/CortexCtrl.scala
index efe5818dc9..64591954ed 100644
--- a/thehive-cortex/app/connectors/cortex/controllers/CortexCtrl.scala
+++ b/thehive-cortex/app/connectors/cortex/controllers/CortexCtrl.scala
@@ -162,7 +162,7 @@ class CortexCtrl(
     for {
       job ← cortexAnalyzerSrv.getJob(jobId)
       jobJson = job.toJson
-      jobWithStats ← if (withStats) cortexAnalyzerSrv.addImportFieldInArtifacts(jobJson) else Future.successful(Json.toJson(job))
+      jobWithStats ← if (withStats) cortexAnalyzerSrv.addImportFieldInArtifacts(jobJson) else Future.successful(jobJson)
     } yield Ok(jobWithStats)
   }
 
diff --git a/thehive-cortex/app/connectors/cortex/services/CortexActionSrv.scala b/thehive-cortex/app/connectors/cortex/services/CortexActionSrv.scala
index 5f5ef8a71c..cc0a5e7db0 100644
--- a/thehive-cortex/app/connectors/cortex/services/CortexActionSrv.scala
+++ b/thehive-cortex/app/connectors/cortex/services/CortexActionSrv.scala
@@ -4,6 +4,7 @@ import java.util.Date
 
 import scala.concurrent.duration.FiniteDuration
 import scala.concurrent.{ExecutionContext, Future, Promise}
+import scala.util.Success
 import scala.util.control.NonFatal
 import scala.util.matching.Regex
 
@@ -42,7 +43,7 @@ class CortexActionSrv @Inject()(
     implicit val mat: Materializer
 ) {
 
-  lazy val logger                  = Logger(getClass)
+  lazy val logger: Logger          = Logger(getClass)
   lazy val responderIdRegex: Regex = "(.*)-(.*)".r
 
   def getResponderById(id: String): Future[Responder] =
@@ -221,9 +222,20 @@ class CortexActionSrv @Inject()(
             }
         }
         .getOrElse {
-          Future.firstCompletedOf {
-            cortexConfig.instances.map(c ⇒ getResponder(c).map(c → _))
-          }
+          Future
+            .traverse(cortexConfig.instances) { c ⇒
+              getResponder(c)
+                .transform {
+                  case Success(w) ⇒ Success(Some(c → w))
+                  case _          ⇒ Success(None)
+                }
+            }
+            .flatMap { responders ⇒
+              responders
+                .flatten
+                .headOption
+                .fold[Future[(CortexClient, Responder)]](Future.failed(NotFoundError(s"Responder not found")))(Future.successful)
+            }
         }
 
     for {
diff --git a/thehive-cortex/app/connectors/cortex/services/CortexAnalyzerSrv.scala b/thehive-cortex/app/connectors/cortex/services/CortexAnalyzerSrv.scala
index 2f27e8592c..18cb243c54 100644
--- a/thehive-cortex/app/connectors/cortex/services/CortexAnalyzerSrv.scala
+++ b/thehive-cortex/app/connectors/cortex/services/CortexAnalyzerSrv.scala
@@ -5,13 +5,11 @@ import java.util.Date
 
 import scala.concurrent.duration.FiniteDuration
 import scala.concurrent.{ExecutionContext, Future, Promise}
-import scala.util.Try
+import scala.util.{Success, Try}
 import scala.util.control.NonFatal
-
 import play.api.Logger
 import play.api.libs.json._
 import play.api.libs.ws.WSClient
-
 import akka.NotUsed
 import akka.actor.{Actor, ActorSystem}
 import akka.stream.Materializer
@@ -21,7 +19,6 @@ import connectors.cortex.models._
 import javax.inject.{Inject, Singleton}
 import models.{Artifact, Case}
 import services.{UserSrv ⇒ _, _}
-
 import org.elastic4play.controllers.{Fields, FileInputValue}
 import org.elastic4play.database.{DBRemove, ModifyConfig}
 import org.elastic4play.services.JsonFormat.attachmentFormat
@@ -139,7 +136,7 @@ class CortexAnalyzerSrv @Inject()(
   def realDeleteJob(job: Job): Future[Unit] =
     dbRemove(job).map(_ ⇒ ())
 
-  def stats(query: QueryDef, aggs: Seq[Agg]) = findSrv(jobModel, query, aggs: _*)
+  def stats(query: QueryDef, aggs: Seq[Agg]): Future[JsObject] = findSrv(jobModel, query, aggs: _*)
 
   def getAnalyzer(analyzerId: String): Future[Analyzer] =
     Future
@@ -330,15 +327,22 @@ class CortexAnalyzerSrv @Inject()(
             .set("status", JobStatus.Failure.toString)
             .set("endDate", Json.toJson(new Date))
           update(jobId, jobFields)
-        case _ if maxRetryOnError > 0 ⇒
-          logger.debug(s"Request of status of job $cortexJobId in cortex ${cortex.name} fails, restarting ...")
+        /* Workaround */
+        case CortexError(500, _, body) if Try((Json.parse(body) \ "type").as[String]) == Success("akka.pattern.AskTimeoutException") ⇒
+          logger.debug("Got a 500 Timeout, retry")
+          updateJobWithCortex(jobId, cortexJobId, cortex)
+        case e if maxRetryOnError > 0 ⇒
+          logger.debug(s"Request of status of job $cortexJobId in cortex ${cortex.name} fails, restarting ...", e)
           val result = Promise[Job]
           system.scheduler.scheduleOnce(retryDelay) {
             updateJobWithCortex(jobId, cortexJobId, cortex, retryDelay, maxRetryOnError - 1).onComplete(result.complete)
           }
           result.future
-        case _ ⇒
-          logger.error(s"Request of status of job $cortexJobId in cortex ${cortex.name} fails and the number of errors reaches the limit, aborting")
+        case e ⇒
+          logger.error(
+            s"Request of status of job $cortexJobId in cortex ${cortex.name} fails and the number of errors reaches the limit, aborting",
+            e
+          )
           update(
             jobId,
             Fields
@@ -361,9 +365,20 @@ class CortexAnalyzerSrv @Inject()(
           }
 
       case None ⇒
-        Future.firstCompletedOf {
-          cortexConfig.instances.map(c ⇒ c.getAnalyzer(analyzerName).map(c → _))
-        }
+        Future
+          .traverse(cortexConfig.instances) { c ⇒
+            c.getAnalyzer(analyzerName)
+              .transform {
+                case Success(w) ⇒ Success(Some(c → w))
+                case _          ⇒ Success(None)
+              }
+          }
+          .flatMap { analyzers ⇒
+            analyzers
+              .flatten
+              .headOption
+              .fold[Future[(CortexClient, Analyzer)]](Future.failed(NotFoundError(s"Analyzer not found")))(Future.successful)
+          }
     }
 
     cortexClientAnalyzer.flatMap {
diff --git a/thehive-cortex/app/connectors/cortex/services/CortexClient.scala b/thehive-cortex/app/connectors/cortex/services/CortexClient.scala
index db3e45b8a1..a5a5b7ed9e 100644
--- a/thehive-cortex/app/connectors/cortex/services/CortexClient.scala
+++ b/thehive-cortex/app/connectors/cortex/services/CortexClient.scala
@@ -165,7 +165,11 @@ class CortexClient(val name: String, baseUrl: String, authentication: Option[Cor
     request(s"api/analyzer/type/$dataType", _.get, _.json.as[Seq[Analyzer]]).map(_.map(_.copy(cortexIds = List(name))))
 
   def waitReport(jobId: String, atMost: Duration)(implicit ec: ExecutionContext): Future[JsObject] =
-    request(s"api/job/$jobId/waitreport", _.withQueryStringParameters("atMost" → atMost.toString).get, _.json.as[JsObject])
+    request(
+      s"api/job/$jobId/waitreport",
+      _.withQueryStringParameters("atMost" → atMost.toString).withRequestTimeout(atMost + 1.second).get,
+      _.json.as[JsObject]
+    )
 
   def getVersion()(implicit ec: ExecutionContext): Future[Option[String]] =
     request("api/status", _.get, identity)
diff --git a/thehive-misp/app/connectors/misp/JsonFormat.scala b/thehive-misp/app/connectors/misp/JsonFormat.scala
index e2a80c652b..ab45c69a81 100644
--- a/thehive-misp/app/connectors/misp/JsonFormat.scala
+++ b/thehive-misp/app/connectors/misp/JsonFormat.scala
@@ -65,7 +65,8 @@ object JsonFormat {
         value    ← (json \ "value").validate[String]
         category ← (json \ "category").validate[String]
         tags     ← JsArray(json \ "EventTag" \\ "name").validate[Seq[String]]
-      } yield MispAttribute(id, category, tpe, date, comment, value, tags)
+        toIds    ← (json \ "to_ids").validate[Boolean]
+      } yield MispAttribute(id, category, tpe, date, comment, value, tags, toIds)
   )
 
   val tlpWrites: Writes[Long] = Writes[Long] {
@@ -82,7 +83,8 @@ object JsonFormat {
       "type"     → attribute.tpe,
       "value"    → attribute.value.fold[String](identity, _.name),
       "comment"  → attribute.comment,
-      "Tag"      → Json.arr(Json.obj("name" → tlpWrites.writes(attribute.tlp)))
+      "Tag"      → Json.arr(Json.obj("name" → tlpWrites.writes(attribute.tlp))),
+      "to_ids"   → attribute.artifact.ioc()
     )
   }
 
@@ -92,7 +94,8 @@ object JsonFormat {
       "message"   → artifact.message,
       "tlp"       → artifact.tlp,
       "tags"      → artifact.tags,
-      "startDate" → artifact.startDate
+      "startDate" → artifact.startDate,
+      "ioc"       → artifact.ioc
     ) + (artifact.value match {
       case SimpleArtifactData(data) ⇒ "data" → JsString(data)
       case RemoteAttachmentArtifact(filename, reference, tpe) ⇒
diff --git a/thehive-misp/app/connectors/misp/MispConverter.scala b/thehive-misp/app/connectors/misp/MispConverter.scala
index 6498f4fa97..88d4e0e2cd 100644
--- a/thehive-misp/app/connectors/misp/MispConverter.scala
+++ b/thehive-misp/app/connectors/misp/MispConverter.scala
@@ -12,7 +12,8 @@ trait MispConverter {
           message = mispAttribute.comment,
           tlp = 0,
           tags = tags ++ mispAttribute.tags,
-          startDate = mispAttribute.date
+          startDate = mispAttribute.date,
+          ioc = mispAttribute.toIds
         )
       )
     } else {
@@ -24,7 +25,8 @@ trait MispConverter {
           message = mispAttribute.comment,
           tlp = 0,
           tags = tags ++ mispAttribute.tags,
-          startDate = mispAttribute.date
+          startDate = mispAttribute.date,
+          ioc = mispAttribute.toIds
         )
 
       val types = mispAttribute.tpe.split('|').toSeq
diff --git a/thehive-misp/app/connectors/misp/MispExport.scala b/thehive-misp/app/connectors/misp/MispExport.scala
index 3104c06f76..db7abf38a1 100644
--- a/thehive-misp/app/connectors/misp/MispExport.scala
+++ b/thehive-misp/app/connectors/misp/MispExport.scala
@@ -115,7 +115,7 @@ class MispExport @Inject()(
 
   def exportAttribute(mispConnection: MispConnection, eventId: String, attribute: ExportedMispAttribute): Future[Artifact] = {
     val mispResponse = attribute match {
-      case ExportedMispAttribute(_, _, _, _, Right(attachment), comment) ⇒
+      case ExportedMispAttribute(artifact, _, _, _, Right(attachment), comment) ⇒
         attachmentSrv
           .source(attachment.id)
           .runReduce(_ ++ _)
@@ -126,7 +126,8 @@ class MispExport @Inject()(
                 "category" → "Payload delivery",
                 "type"     → "malware-sample",
                 "comment"  → comment,
-                "files"    → Json.arr(Json.obj("filename" → attachment.name, "data" → b64data))
+                "files"    → Json.arr(Json.obj("filename" → attachment.name, "data" → b64data)),
+                "to_ids"   → artifact.ioc()
               )
             )
             mispConnection(s"events/upload_sample/$eventId").post(body)
@@ -205,9 +206,9 @@ class MispExport @Inject()(
           logger.debug(s"Updating MISP event $eventId")
           mispSrv.getAttributesFromMisp(mispConnection, eventId, None).map { attributes ⇒
             (eventId, Nil, attributes.map {
-              case MispArtifact(SimpleArtifactData(data), _, _, _, _, _)                             ⇒ Left(data)
-              case MispArtifact(RemoteAttachmentArtifact(filename, _, _), _, _, _, _, _)             ⇒ Right(filename)
-              case MispArtifact(AttachmentArtifact(Attachment(filename, _, _, _, _)), _, _, _, _, _) ⇒ Right(filename)
+              case MispArtifact(SimpleArtifactData(data), _, _, _, _, _, _)                             ⇒ Left(data)
+              case MispArtifact(RemoteAttachmentArtifact(filename, _, _), _, _, _, _, _, _)             ⇒ Right(filename)
+              case MispArtifact(AttachmentArtifact(Attachment(filename, _, _, _, _)), _, _, _, _, _, _) ⇒ Right(filename)
             })
           }
         }
diff --git a/thehive-misp/app/connectors/misp/MispModel.scala b/thehive-misp/app/connectors/misp/MispModel.scala
index 05d42b4bb2..542d3db1fc 100644
--- a/thehive-misp/app/connectors/misp/MispModel.scala
+++ b/thehive-misp/app/connectors/misp/MispModel.scala
@@ -34,7 +34,7 @@ case class MispAlert(
     caseTemplate: String
 )
 
-case class MispAttribute(id: String, category: String, tpe: String, date: Date, comment: String, value: String, tags: Seq[String])
+case class MispAttribute(id: String, category: String, tpe: String, date: Date, comment: String, value: String, tags: Seq[String], toIds: Boolean)
 
 case class ExportedMispAttribute(
     artifact: Artifact,
@@ -45,6 +45,6 @@ case class ExportedMispAttribute(
     comment: Option[String]
 )
 
-case class MispArtifact(value: ArtifactData, dataType: String, message: String, tlp: Long, tags: Seq[String], startDate: Date)
+case class MispArtifact(value: ArtifactData, dataType: String, message: String, tlp: Long, tags: Seq[String], startDate: Date, ioc: Boolean)
 
 case class MispExportError(message: String, artifact: Artifact) extends ErrorWithObject(message, artifact.attributes)
diff --git a/thehive-misp/app/connectors/misp/MispSrv.scala b/thehive-misp/app/connectors/misp/MispSrv.scala
index 8e8da7c315..d2254fea26 100644
--- a/thehive-misp/app/connectors/misp/MispSrv.scala
+++ b/thehive-misp/app/connectors/misp/MispSrv.scala
@@ -1,17 +1,16 @@
 package connectors.misp
 
 import java.util.Date
+
 import javax.inject.{Inject, Provider, Singleton}
 
 import scala.concurrent.{ExecutionContext, Future}
-
 import play.api.Logger
 import play.api.libs.json.JsLookupResult.jsLookupResultToJsLookup
 import play.api.libs.json.JsValue.jsValueToJsLookup
 import play.api.libs.json.Json.toJsFieldJsValueWrapper
 import play.api.libs.json._
 import play.api.libs.ws.WSBodyWritables.writeableOf_JsValue
-
 import akka.NotUsed
 import akka.stream.Materializer
 import akka.stream.scaladsl.{FileIO, Sink, Source}
@@ -21,11 +20,12 @@ import net.lingala.zip4j.core.ZipFile
 import net.lingala.zip4j.exception.ZipException
 import net.lingala.zip4j.model.FileHeader
 import services._
-
 import org.elastic4play.controllers.{Fields, FileInputValue}
 import org.elastic4play.services.{Attachment, AuthContext, TempSrv}
 import org.elastic4play.{InternalError, NotFoundError}
 
+import scala.util.Try
+
 @Singleton
 class MispSrv @Inject()(
     mispConfig: MispConfig,
@@ -69,13 +69,14 @@ class MispSrv @Inject()(
           .post(Json.obj("searchpublish_timestamp" → date))
       }
       .mapConcat { response ⇒
-        val eventJson = Json
-          .parse(response.body)
-          .asOpt[Seq[JsValue]]
-          .getOrElse {
-            logger.warn(s"Invalid MISP event format:\n${response.body}")
-            Nil
-          }
+        val eventJson = Try {
+          response
+            .body[JsValue]
+            .as[Seq[JsValue]]
+        }.getOrElse {
+          logger.warn(s"Invalid MISP event format:\n${response.body}")
+          Nil
+        }
         val events = eventJson
           .flatMap { j ⇒
             j.asOpt[MispAlert]
@@ -137,9 +138,9 @@ class MispSrv @Inject()(
           .filter(_.date after refDate)
           .flatMap(convertAttribute)
           .groupBy {
-            case MispArtifact(SimpleArtifactData(data), dataType, _, _, _, _)                             ⇒ dataType → Right(data)
-            case MispArtifact(RemoteAttachmentArtifact(filename, _, _), dataType, _, _, _, _)             ⇒ dataType → Left(filename)
-            case MispArtifact(AttachmentArtifact(Attachment(filename, _, _, _, _)), dataType, _, _, _, _) ⇒ dataType → Left(filename)
+            case MispArtifact(SimpleArtifactData(data), dataType, _, _, _, _, _)                             ⇒ dataType → Right(data)
+            case MispArtifact(RemoteAttachmentArtifact(filename, _, _), dataType, _, _, _, _, _)             ⇒ dataType → Left(filename)
+            case MispArtifact(AttachmentArtifact(Attachment(filename, _, _, _, _)), dataType, _, _, _, _, _) ⇒ dataType → Left(filename)
           }
           .values
           .map { mispArtifact ⇒
@@ -192,7 +193,7 @@ class MispSrv @Inject()(
           )
         )
         .set("tlp", tlp)
-      if attachment.isDefined != data.isDefined
+      if (attachment.isDefined && data.isEmpty) || (dataType != "file" && data.isDefined)
     } yield attachment.fold(Future.successful(fields.set("data", data.get)))(_.map { fiv ⇒
       fields.set("attachment", fiv)
     })) match {
diff --git a/thehive-misp/app/connectors/misp/MispSynchro.scala b/thehive-misp/app/connectors/misp/MispSynchro.scala
index 44148ed988..95cda14517 100644
--- a/thehive-misp/app/connectors/misp/MispSynchro.scala
+++ b/thehive-misp/app/connectors/misp/MispSynchro.scala
@@ -3,24 +3,22 @@ package connectors.misp
 import java.util.Date
 
 import javax.inject.{Inject, Provider, Singleton}
+
 import scala.collection.immutable
 import scala.concurrent.{ExecutionContext, Future}
 import scala.concurrent.duration._
 import scala.util.{Failure, Success, Try}
-
 import play.api.Logger
 import play.api.inject.ApplicationLifecycle
 import play.api.libs.json._
-
 import akka.NotUsed
 import akka.actor.ActorSystem
-import akka.stream.Materializer
+import akka.stream.{ActorAttributes, Materializer, Supervision}
 import akka.stream.scaladsl.{Sink, Source}
 import connectors.misp.JsonFormat.mispArtifactWrites
 import models.{Alert, AlertStatus, Artifact, CaseStatus}
 import services.{AlertSrv, ArtifactSrv, CaseSrv, UserSrv}
 import JsonFormat.mispAlertWrites
-
 import org.elastic4play.controllers.Fields
 import org.elastic4play.services.{Attachment, AuthContext, MigrationSrv, TempSrv}
 import org.elastic4play.utils.Collection
@@ -91,12 +89,14 @@ class MispSynchro @Inject()(
         case (mispConnection, lastSyncDate) ⇒
           synchronize(mispConnection, Some(lastSyncDate))
       }
+      .withAttributes(ActorAttributes.supervisionStrategy(_ ⇒ Supervision.Resume))
       .runWith(Sink.seq)
   }
 
   def fullSynchronize()(implicit authContext: AuthContext): Future[immutable.Seq[Try[Alert]]] =
     Source(mispConfig.connections.filter(_.canImport).toList)
       .flatMapConcat(mispConnection ⇒ synchronize(mispConnection, None))
+      .withAttributes(ActorAttributes.supervisionStrategy(_ ⇒ Supervision.Resume))
       .runWith(Sink.seq)
 
   def updateArtifacts(mispConnection: MispConnection, caseId: String, mispArtifacts: Seq[MispArtifact])(
@@ -112,14 +112,15 @@ class MispSynchro @Inject()(
         .map { artifact ⇒
           artifact.data().map(Left.apply).getOrElse(Right(artifact.attachment().get.name))
         }
+        .withAttributes(ActorAttributes.supervisionStrategy(_ ⇒ Supervision.Resume))
         .runWith(Sink.seq)
       newAttributes ← Future.traverse(mispArtifacts) {
-        case artifact @ MispArtifact(SimpleArtifactData(data), _, _, _, _, _) if !existingArtifacts.contains(Right(data)) ⇒
+        case artifact @ MispArtifact(SimpleArtifactData(data), _, _, _, _, _, _) if !existingArtifacts.contains(Right(data)) ⇒
           Future.successful(Fields(Json.toJson(artifact).as[JsObject]))
-        case artifact @ MispArtifact(AttachmentArtifact(Attachment(filename, _, _, _, _)), _, _, _, _, _)
+        case artifact @ MispArtifact(AttachmentArtifact(Attachment(filename, _, _, _, _)), _, _, _, _, _, _)
             if !existingArtifacts.contains(Left(filename)) ⇒
           Future.successful(Fields(Json.toJson(artifact).as[JsObject]))
-        case artifact @ MispArtifact(RemoteAttachmentArtifact(filename, reference, tpe), _, _, _, _, _)
+        case artifact @ MispArtifact(RemoteAttachmentArtifact(filename, reference, tpe), _, _, _, _, _, _)
             if !existingArtifacts.contains(Left(filename)) ⇒
           mispSrv
             .downloadAttachment(mispConnection, reference)
diff --git a/ui/Gruntfile.js b/ui/Gruntfile.js
index 48419d9e92..d8364a1b5d 100644
--- a/ui/Gruntfile.js
+++ b/ui/Gruntfile.js
@@ -182,7 +182,7 @@ module.exports = function(grunt) {
         postcss: {
             options: {
                 processors: [
-                  require('autoprefixer')({browsers: ['last 1 version']})
+                  //require('autoprefixer')({browsers: ['last 1 version']})
                 ]
             },
             server: {
diff --git a/ui/app/scripts/app.js b/ui/app/scripts/app.js
index 5628903a9c..f53e43292d 100644
--- a/ui/app/scripts/app.js
+++ b/ui/app/scripts/app.js
@@ -58,7 +58,7 @@ angular.module('thehive', [
                     }
                 },
                 params: {
-                    autoLogin: false
+                    disableSsoAutoLogin: false
                 },
                 title: 'Login'
             })
diff --git a/ui/app/scripts/controllers/AuthenticationCtrl.js b/ui/app/scripts/controllers/AuthenticationCtrl.js
index 4ba859caff..a54abf1bc4 100644
--- a/ui/app/scripts/controllers/AuthenticationCtrl.js
+++ b/ui/app/scripts/controllers/AuthenticationCtrl.js
@@ -4,18 +4,21 @@
 (function() {
     'use strict';
     angular.module('theHiveControllers')
-        .controller('AuthenticationCtrl', function($scope, $state, $location, $uibModalStack, $stateParams, AuthenticationSrv, NotificationSrv, UtilsSrv, UrlParser, appConfig) {
+        .controller('AuthenticationCtrl', function($scope, $state, $location, $uibModalStack, $stateParams, AuthenticationSrv, NotificationSrv, appConfig) {
             $scope.params = {};
+            $scope.ssoLogingIn = false;
 
             $uibModalStack.dismissAll();
 
             $scope.ssoLogin = function (code) {
+                $scope.ssoLogingIn = true;
                 AuthenticationSrv.ssoLogin(code)
                     .then(function(response) {
                         var redirectLocation = response.headers().location;
                         if(angular.isDefined(redirectLocation)) {
                             window.location = redirectLocation;
                         } else {
+                            $location.search('code', null);
                             $state.go('app.cases');
                         }
                     })
@@ -25,6 +28,7 @@
                         } else {
                             NotificationSrv.log(err.data.message, 'error');
                         }
+                        $scope.ssoLogingIn = false;
                         $location.url($location.path());
                     });
             };
@@ -49,8 +53,8 @@
                 });
             };
 
-            var code = UtilsSrv.extractQueryParam('code', UrlParser('query', $location.absUrl()));
-            if(angular.isDefined(code) || $stateParams.autoLogin) {
+            var code = $location.search().code;
+            if(angular.isDefined(code) || (appConfig.config.ssoAutoLogin && !$stateParams.disableSsoAutoLogin)) {
                 $scope.ssoLogin(code);
             }
         });
diff --git a/ui/app/scripts/controllers/RootCtrl.js b/ui/app/scripts/controllers/RootCtrl.js
index acbd718b83..737f53231a 100644
--- a/ui/app/scripts/controllers/RootCtrl.js
+++ b/ui/app/scripts/controllers/RootCtrl.js
@@ -9,7 +9,7 @@ angular.module('theHiveControllers').controller('RootCtrl',
             $state.go('maintenance');
             return;
         }else if(!currentUser || !currentUser.id) {
-            $state.go('login', {autoLogin: appConfig.config.ssoAutoLogin });
+            $state.go('login');
             return;
         }
 
@@ -141,7 +141,7 @@ angular.module('theHiveControllers').controller('RootCtrl',
 
         $scope.logout = function() {
             AuthenticationSrv.logout(function() {
-                $state.go('login');
+                $state.go('login', {disableSsoAutoLogin: true});
             }, function(data, status) {
                 NotificationSrv.error('RootCtrl', data, status);
             });
diff --git a/ui/app/scripts/controllers/case/CaseObservablesItemCtrl.js b/ui/app/scripts/controllers/case/CaseObservablesItemCtrl.js
index 26a0e3dc17..589ff7328d 100644
--- a/ui/app/scripts/controllers/case/CaseObservablesItemCtrl.js
+++ b/ui/app/scripts/controllers/case/CaseObservablesItemCtrl.js
@@ -155,7 +155,7 @@
                     }, 500);
 
                 }, function(/*err*/) {
-                    NotificationSrv.log('An expected error occured while fetching the job report');
+                    NotificationSrv.log('An expected error occurred while fetching the job report');
                 });
             };
 
diff --git a/ui/app/scripts/directives/entityLink.js b/ui/app/scripts/directives/entityLink.js
index 35dba95b0a..4d5134291a 100644
--- a/ui/app/scripts/directives/entityLink.js
+++ b/ui/app/scripts/directives/entityLink.js
@@ -19,7 +19,7 @@
 
                     if (angular.isDefined(scope.value)) {
                         if (!compiledContents) {
-                            // Get the link function with the contents frome top
+                            // Get the link function with the contents from top
                             // level template with
                             // the transclude
                             compiledContents = $compile(contents, transclude);
diff --git a/ui/app/scripts/services/Constants.js b/ui/app/scripts/services/Constants.js
index 0bae8587ac..9ae839dcb1 100644
--- a/ui/app/scripts/services/Constants.js
+++ b/ui/app/scripts/services/Constants.js
@@ -16,11 +16,12 @@
         })
         .value('Severity', {
             keys: {
+                Critical: 4,
                 High: 3,
                 Medium: 2,
                 Low: 1
             },
-            values: ['Unknown', 'Low', 'Medium', 'High']
+            values: ['Unknown', 'Low', 'Medium', 'High', 'Critical']
         })
         .value('AlertStatus', {
             values: ['New', 'Updated', 'Ignored', 'Imported']
diff --git a/ui/app/scripts/services/UtilsSrv.js b/ui/app/scripts/services/UtilsSrv.js
index 5a4fdb4288..6322ab2cb9 100644
--- a/ui/app/scripts/services/UtilsSrv.js
+++ b/ui/app/scripts/services/UtilsSrv.js
@@ -101,23 +101,6 @@
                         scope.value = scope.oldValue;
                         scope.updatable.updating = false;
                     };
-                },
-
-                extractQueryParam: function(paramName, queryString) {
-                    if (!queryString || !paramName) {
-                        return;
-                    }
-
-                    var param = $location.search()[paramName];
-
-                    if (param) {
-                        return param;
-                    } else {
-                        var parsedQuery = _.find(queryString.split('&'), function(str) {
-                            return str.startsWith(paramName + '=');
-                        });
-                        return parsedQuery ? parsedQuery.substr(paramName.length + 1) : undefined;
-                    }
                 }
             };
 
diff --git a/ui/app/styles/dashboard.css b/ui/app/styles/dashboard.css
index 426a299d64..3b5c249161 100644
--- a/ui/app/styles/dashboard.css
+++ b/ui/app/styles/dashboard.css
@@ -139,7 +139,7 @@ dashboard-item .box {
 
 .dashboard-serie > .form-inline {
     display: flex;
-    justify-content: start;
+    justify-content: flex-start;
     align-items: stretch;
 }
 
@@ -157,9 +157,9 @@ dashboard-item .box {
 
 .dashboard-period > div{
     height: 34px;
-    display:flex;
-    justify-content:start;
-    align-items:stretch;
+    display: flex;
+    justify-content: flex-start;
+    align-items: stretch;
 }
 
 .dashboard-period .label{
diff --git a/ui/app/views/directives/severity.html b/ui/app/views/directives/severity.html
index 193495b93a..74f74b3bbb 100644
--- a/ui/app/views/directives/severity.html
+++ b/ui/app/views/directives/severity.html
@@ -1,11 +1,14 @@
 <div ng-if="active == true">
-	<span class="label" ng-class="{ true:'label-info', false:'label-default' }[value == 1]" ng-click="update(1)">L</span>
-	<span class="label" ng-class="{ true:'label-warning', false:'label-default' }[value == 2 || !value]" ng-click="update(2)">M</span>
-	<span class="label" ng-class="{ true:'label-danger', false:'label-default' }[value == 3]" ng-click="update(3)">H</span>
+    <span class="label" ng-class="{ true:'label-success', false:'label-default' }[value == 1]" ng-click="update(1)">L</span>
+    <span class="label" ng-class="{ true:'label-info', false:'label-default' }[value == 2 || !value]" ng-click="update(2)">M</span>
+    <span class="label" ng-class="{ true:'label-warning', false:'label-default' }[value == 3]" ng-click="update(3)">H</span>
+    <span class="label" ng-class="{ true:'label-danger', false:'label-default' }[value == 4]" ng-click="update(4)">!!</span>
+
 </div>
 <span ng-if="active != true" ng-switch="value">
-	<span ng-switch-when="1" class="label label-info">L</span>
-	<span ng-switch-when="2" class="label label-warning">M</span>
-	<span ng-switch-when="3" class="label label-danger">H</span>
+	<span ng-switch-when="1" class="label label-success">L</span>
+	<span ng-switch-when="2" class="label label-info">M</span>
+	<span ng-switch-when="3" class="label label-warning">H</span>
+  <span ng-switch-when="4" class="label label-danger">!!</span>
 	<span ng-switch-default class="label label-primary">?</span>
 </span>
diff --git a/ui/app/views/login.html b/ui/app/views/login.html
index 0c30c09a84..18bc6d7729 100644
--- a/ui/app/views/login.html
+++ b/ui/app/views/login.html
@@ -6,25 +6,25 @@
         <p class="login-box-msg">Sign in to start your session</p>
         <form name="loginForm">
             <div class="form-group has-feedback has-feedback-left">
-                 <input type="text" class="form-control" placeholder="Login" ng-model="params.username" autocomplete="off" required>
+                 <input type="text" class="form-control" placeholder="Login" ng-model="params.username" autocomplete="off" required ng-disabled="ssoLogingIn">
                  <i class="form-control-feedback glyphicon glyphicon-user"></i>
             </div>
             <div class="form-group has-feedback has-feedback-left">
-                <input type="password" class="input form-control" placeholder="Password" ng-model="params.password" autocomplete="off" required>
+                <input type="password" class="input form-control" placeholder="Password" ng-model="params.password" autocomplete="off" required ng-disabled="ssoLogingIn">
                 <i class="form-control-feedback glyphicon glyphicon-lock "></i>
             </div>
 
             <div class="row">
                 <div class="col-xs-offset-8 col-xs-4">
-                    <button type="submit" ng-click="login()" class="btn btn-primary btn-sm btn-block btn-flat" ng-disabled="loginForm.$invalid">Sign In</button>
+                    <button type="submit" ng-click="login()" class="btn btn-primary btn-sm btn-block btn-flat" ng-disabled="loginForm.$invalid || ssoLogingIn">Sign In</button>
                 </div>
             </div>
         </form>
     </div>
     <div class="sso-login-box" ng-if="::ssoEnabled()">
         <div class="row">
-            <div class="col-xs-offset-4 col-xs-4">
-                <button type="submit" class="btn btn-success btn-sm btn-block btn-flat" ng-click="ssoLogin()">Sign In with SSO</button>
+            <div class="col-xs-6" style="margin: 0 auto; float: none;">
+		    <button type="submit" class="btn btn-sm btn-flat" ng-class="{'btn-warning': ssoLogingIn, 'btn-success': !ssoLogingIn}" ng-click="ssoLogin()" ng-disabled="ssoLogingIn">{{ ssoLogingIn ? "Signing in with SSO..." : "Sign in with SSO" }}</button>
             </div>
         </div>
     </div>
diff --git a/ui/app/views/partials/alert/list/filters.html b/ui/app/views/partials/alert/list/filters.html
index 33c873611f..8f91ead91d 100644
--- a/ui/app/views/partials/alert/list/filters.html
+++ b/ui/app/views/partials/alert/list/filters.html
@@ -89,7 +89,7 @@ <h4>Filters</h4>
                             <tags-input class="form-control form-control-wrapper"
                                 min-length="2"
                                 ng-model="$vm.filtering.activeFilters.severity.value"
-                                placeholder="ex: High, Medium, Low"
+                                placeholder="ex: Critical, High, Medium, Low"
                                 replace-spaces-with-dashes="false"
                                 add-from-autocomplete-only="true">
                                     <auto-complete load-on-focus="true" load-on-down-arrow="true" min-length="1" source="$vm.getSeverities($query)"></auto-complete>
diff --git a/ui/app/views/partials/case/list/filters.html b/ui/app/views/partials/case/list/filters.html
index 9566871ff9..a7208c5fc6 100644
--- a/ui/app/views/partials/case/list/filters.html
+++ b/ui/app/views/partials/case/list/filters.html
@@ -71,7 +71,7 @@ <h4>Filters</h4>
                             <tags-input class="form-control form-control-wrapper"
                                 min-length="2"
                                 ng-model="$vm.uiSrv.activeFilters.severity.value"
-                                placeholder="ex: High, Medium, Low"
+                                placeholder="ex: Critical, High, Medium, Low"
                                 replace-spaces-with-dashes="false"
                                 add-from-autocomplete-only="true">
                                     <auto-complete load-on-focus="true" load-on-down-arrow="true" min-length="1" source="$vm.getSeverities($query)"></auto-complete>
diff --git a/ui/bower.json b/ui/bower.json
index c00deac64d..7338a0bee8 100644
--- a/ui/bower.json
+++ b/ui/bower.json
@@ -50,7 +50,7 @@
     "angular-drag-and-drop-lists": "^2.1.0",
     "angular-bootstrap-colorpicker": "^3.0.32",
     "file-saver": "1.3.4",
-    "js-url": "^2.5.3",
+    "js-url": "~2.5.3",
     "bootstrap-sass": "bootstrap-sass-official#^3.4.1"
   },
   "devDependencies": {
diff --git a/ui/package.json b/ui/package.json
index 160c4a7531..cbe2c7d71e 100644
--- a/ui/package.json
+++ b/ui/package.json
@@ -12,26 +12,26 @@
     "homepage": "https://thehive-project.org/",
     "dependencies": {},
     "devDependencies": {
-        "autoprefixer": "^9.5.1",
-        "grunt": "^1.0.4",
-        "grunt-angular-templates": "^1.1.0",
-        "grunt-concurrent": "^2.3.1",
+        "autoprefixer": "^9.7.6",
+        "grunt": "^1.1.0",
+        "grunt-angular-templates": "^1.2.0",
+        "grunt-concurrent": "^3.0.0",
         "grunt-connect-proxy": "^0.2.0",
         "grunt-contrib-clean": "^2.0.0",
         "grunt-contrib-concat": "^1.0.1",
-        "grunt-contrib-connect": "^2.0.0",
+        "grunt-contrib-connect": "^2.1.0",
         "grunt-contrib-copy": "^1.0.0",
         "grunt-contrib-cssmin": "^3.0.0",
         "grunt-contrib-htmlmin": "^3.1.0",
-        "grunt-contrib-imagemin": "^3.1.0",
+        "grunt-contrib-imagemin": "^4.0.0",
         "grunt-contrib-jshint": "^2.1.0",
         "grunt-contrib-uglify": "^4.0.1",
         "grunt-contrib-watch": "^1.1.0",
         "grunt-filerev": "^2.3.1",
         "grunt-injector": "^1.1.0",
-        "grunt-karma": "3.0.2",
+        "grunt-karma": "4.0.0",
         "grunt-newer": "^1.3.0",
-        "grunt-ng-annotate": "^3.0.0",
+        "grunt-ng-annotate": "^4.0.0",
         "grunt-npm-bower": "0.0.4",
         "grunt-postcss": "^0.9.0",
         "grunt-svgmin": "^6.0.0",
@@ -39,10 +39,11 @@
         "grunt-wiredep": "^3.0.1",
         "jit-grunt": "^0.10.0",
         "jshint-stylish": "^2.2.1",
-        "karma-jasmine": "2.0.1",
+        "karma": "^5.0.2",
+        "karma-jasmine": "3.1.1",
         "karma-phantomjs-launcher": "1.0.4",
-        "lodash": "^4.17.11",
-        "serve-static": "^1.14.0",
+        "lodash": "^4.17.15",
+        "serve-static": "^1.14.1",
         "time-grunt": "^2.0.0"
     },
     "engines": {
@@ -50,5 +51,8 @@
     },
     "scripts": {
         "test": "grunt test"
-    }
+    },
+    "browserslist": [
+        "last 1 version"
+    ]
 }
diff --git a/version.sbt b/version.sbt
index 4a9221edea..cd1276f56c 100644
--- a/version.sbt
+++ b/version.sbt
@@ -1 +1 @@
-version in ThisBuild := "3.4.0-1"
+version in ThisBuild := "3.4.1-1"