Polarity Server v5 (Platform)

v5.7.1 (Latest)

About the Latest Version

Every second counts during a security investigation. You're racing against adversaries, wading through mountains of data from dozens of integrations, and trying to connect the dots before an incident escalates. Version 5.7.1 transforms how you work by introducing native AI capabilities that cut through the noise and accelerate your investigations.

Instead of manually parsing through integration results, cross-referencing indicators, and synthesizing findings, you now have an intelligent assistant that understands your threat landscape. Ask questions in natural language, get instant summaries of complex data, and receive guided recommendations for next steps—all without leaving your investigation workflow.

This release represents our commitment to empowering analysts with cutting-edge technology while maintaining the flexibility to use your own AI models. You stay in control of your data, your models, and your security posture.

New Features

Command Center: AI-Powered Investigation Assistant

The Command Center is your new AI investigation partner, accessible directly within Polarity Web. This conversational interface understands what you're investigating and provides intelligent assistance throughout your workflow.

What You Can Do:

• Ask Natural Questions: "Summarize the results for this IP address" or "What's the risk profile for this domain?"

• Context-Aware Responses: The AI knows what entity you're viewing and automatically incorporates that context into its responses

• Integration-Powered Insights: The AI can query your connected integrations in real-time to provide up-to-date threat intelligence

• Continuous Conversations: Build on previous questions with follow-up queries that reference earlier context

Key Capabilities:

• Two-Column Investigation Mode: Keep the AI chat visible alongside your investigation results for seamless multitasking

• Real-Time Entity Context: When viewing 8.8.8.8, the AI automatically knows you're analyzing that specific IP

• Tool Transparency: See which integrations and tools the AI is accessing to answer your questions

• Smart Controls: Prevent accidental simultaneous requests and cancel in-flight queries when needed

User Experience Details:

• Clean, intuitive chat interface with markdown-formatted responses

• Clear visual indicators when the AI is processing your request

• Collapsible Command Center bar that stays out of your way until you need it

• One-click expandable chat for focused AI interactions

Bring Your Own AI Model (BYOM)

You control your AI destiny. Polarity v5.7.0 supports a bring-your-own-model approach, giving you the flexibility to connect to your organization's preferred AI infrastructure.

Supported Providers:

• OpenAI

• Anthropic

• Gemini

• Ollama

• Bedrock

Global AI Controls

Take command of AI features across your entire Polarity deployment with centralized management.

Admin Controls:

• Global Enable/Disable Toggle: Turn AI features on or off organization-wide with a single setting

• Timeout Configuration: Set custom timeout values (1ms - 120,000ms) for AI inference requests to match your infrastructure

• Cost Tracking: Monitor AI usage costs per user, per day, per model for accurate chargeback and budgeting

• Model Settings Management: Configure provider, model, temperature, max tokens, and more from a centralized interface

Notification Data Reduction

Stop drowning in verbose integration responses. Polarity now automatically reduces and optimizes notification data using AI-powered reducers.

How It Works:

1. Your integrations return comprehensive threat data

2. AI-powered reducers extract only the most relevant information

3. You see concise, actionable summaries in your notifications

4. Full details remain accessible when you need them

v5.6.0

About the Latest Version

This release marks a significant milestone in the evolution of Polarity, bringing the platform visually in line with the Dataminr ecosystem. Users will notice a complete visual refresh of the Web UI, featuring a new color palette and updated page designs.

On the Server side, we have introduced a robust Audit Logging framework. Administrators now have granular visibility into user actions, integration changes, and system events, ensuring better compliance and security tracking. Additionally, critical updates have been made to SAML group attribute validation to enhance access control security.

Features:

Enhanced Audit Logging We have implemented comprehensive logging to build detailed audit trails. This update captures a wide range of user and administrator actions to assist with security auditing and troubleshooting.

New Audit Events Captured:

• Authentication & Access:

  • user_login / user_login_failure / user_logout

  • user_account_creation

  • admin_password_changed

  • user_granted_admin_permissions

• Channel Management:

  • admin_deleted_user_channel

  • user_created_channel

  • channel_permissions_granted

  • channel_subscription_deleted / channel_subscriptions_created

• Integration Management:

  • integration_installed / integration_deleted

  • admin_modified_integration / user_modified_integration

  • integration_permissions_granted

  • integration_force_subscribed

• User Activity & Annotation:

  • annotate_entity / user_annotated_entity

  • ignore_indicators

  • clear_overlay_window_indicator

  • users_added_to_group / users_removed_from_group

See the documentation here for more information on Polarity Server Audit Logging.

Issues Addressed

• Fix:  SAML Group Attribute Validation - Fixed an issue where the application was not correctly validating group memberships when a specific Group or Group Regex was configured. Previously, users outside the designated group (e.g., "Polarity") could inadvertently gain access. The system now strictly enforces group attributes before granting access.

• Update:  SAML Attribute Visibility - Added improved logging and visibility for SAML attributes during the login process. This addresses issues where administrators were unable to view incoming attributes when troubleshooting failed installations or plugin errors (such as SAML tracer plugin issues).  To enable enhanced SAML logging, add the following environment variable line to the /app/.env file:  POLARITY_LOG_SAML=true and restart the Polarity Server containers.

v5.5.2

About the Latest Version

The latest Polarity Server hotfix release patches an issue with global proxy settings not taking affect for integrations without a restart of the integration. As well as patches some legacy migration issues when updating the server versions to the latest.

Issues Addressed

• Fix: Global Proxy UI settings not taking affect for integrations without an integration restart

• Fix: Address migration issues when updating to the latest version

v5.5.0

About the Latest Version

The latest Polarity Server release adds a new and exciting capability for customers that utilize our API.  Admins will now be able to create API Tokens to use for our API, allowing the use of a token instead of a user’s username and password for authentication.  We also added in the ability for admins to set a time to live on the server to force user re-authentication when they are inactive.

API Token

Admins can now easily create an API token to use for authentication to Polarity's API. Tokens act very similar to users where admins will grant access to integrations and channels for the API token to have access to.

Time-to-Live Timeouts

Admins can now also set a TTL on the server that will force users to re-authenticate when they are not active within that time frame that is set. The previous default was 30 days.

To set the TTL add in the following parameter to the .env file:

POLARITY_TOKEN_TTL_MINS=

ForceAuthn SAML Support

As a part of the release, we were able to add in the ForceAuthn SAML parameter for customers to force their users to use MFA through their IDP

Issues Addressed

• Fix - Updating an integration will no longer revert the configuration options back to the defaults and will keep the newly set options.

• Fix - Addressed issue with incorrect property types for hash entities.

• Fix - Addressed issue when updating entityTypes to dataTypes in the config.json file.

• Fix - Addressed string entity type order issue.

• Update - Updated cache settings to a greater TTL.

• Fix - Addressed nodeJS crash within certain integrations.

• Fix - Updated log rotation within Docker containers to avoid unchecked volume growth.

v5.4.2

WARNING!

Prior to updating to any version of Polarity Server 5.4 please ensure that all of your integrations are running the latest version.

Integrations that have not been updated may not be compatible with Polarity Server 5.4+.

When updating integrations please keep in mind that any custom types that were manually added to the integration will be lost. Prior to updating, be sure to have a copy of any custom type regular expressions so they can be re-added after the update.

Polarity 5.4+ allows adding these custom types directly through the Data Types page on the integration settings page. Once on Polarity 5.4+, future integration updates will not reset your custom types.

Note

If you have not yet updated to v5.4.x of Polarity Server, please review the new features and updates available in v5.4.x of the Server as well as updates available in v5.4.x of Web.

Polarity Server 5.4.2 is a minor patch release that addresses several issues in v5.4.1.  This is a recommended upgrade for all customers.

Issues Addressed

• Fix - Integration errors sending over websockets missing id property

• Fix - Not guaranteeing unique integration error ids

• Update - Updated cache configuration settings

• Update - added a flag to support document searching functionality within the polarity client

v5.4.1

WARNING!

Prior to updating to any version of Polarity Server 5.4 please ensure that all of your integrations are running the latest version.

Integrations that have not been updated may not be compatible with Polarity Server 5.4+.

When updating integrations please keep in mind that any custom types that were manually added to the integration will be lost. Prior to updating, be sure to have a copy of any custom type regular expressions so they can be re-added after the update.

Polarity 5.4+ allows adding these custom types directly through the Data Types page on the integration settings page. Once on Polarity 5.4+, future integration updates will not reset your custom types.

Note

If you have not yet updated to v5.4.x of Polarity Server, please review the new features and updates available in v5.4.x of the Server as well as updates available in v5.4.x of Web.

Polarity Server 5.4.1 is a minor patch release that addresses several issues in v5.4.0. This is a recommended upgrade for all customers.

• Fix - Improve upgrade migration path from server versions prior to v5.4.0 to preserve whether data types are enabled or disabled when transitioning to new custom type implementation.

• Fix - Ensure proper typeflag on custom entity object values that are passed to Integrations.

• Fix - Fix loading of certain values for the new  dataTypes  setting within an Integration's config.json

Troubleshooting Upgrade to Latest 5.4 Version

Permission Issues

After upgrading to V5.4 and the server will not start you might see an error like the following :

:cacertfile either does not exist, or the application does not have permission to access it

This is due to a permission not getting set during the upgrade process. The fix is fairly straight forward as all you will need to do is run the following script to force set the permissions:

cd /app
bin/polarity docker-set-permissions

Improperly Referenced tls-ca-bundle.pem file

If you notice the following error in your server logs then you may need to update your docker-compose.ymlfile to remove the POLARITY_TLS_CA_PATH environment variable:

Kernel pid terminated (application_controller) 
({application_start_failure,polarity,{{shutdown,{failed_to_start_child,'Elixir.PolarityWeb.Endpoint',
{#{'__exception__' => true,'__struct__' => 'Elixir.ArgumentError',message => 
<<"could not start Cowboy2 adapter, the file /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem required by SSL's :cacertfile either does not exist, 
or the application does not have permission to access it">>},

If you see the above error, open the /app/docker-compose.yml file and look for the following line within the app service:

environment:
  - POLARITY_TLS_CA_PATH=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem

If you see this line, delete the environment and POLARITY_TLS_CA_PATH lines, then restart your containers.

cd /app && ./down.sh && ./up.sh

v5.4.0

The latest 5.4.0 release adds in some great new features and functionality for users! We have added the ability to consolidate Errors into a single page for admins and users, as well as added the ability for admins to add in custom entity types from the UI versus having to update them on the backend. Enabling a much more seamless administrative experience for integrations. As always for more information on Errors and Custom Types, please see the Polarity Web release docs.

Single Pane for Error Management

The server added the ability for users to be able to see their errors as well as for there to be a single view for errors. Allowing admins to be able to quickly take action on errors and clear them out if needed. It also allows for users for the first time to see their errors.

Adding Custom Types through UI

Adding custom types to integrations is one of the biggest abilities our integration framework enables. It allows for any type of information to be looked up in different tools. However with the enablement of our integration store adding a custom type has become a little bit harder since the work takes place on the backend server, causing friction when Polarity publishes a new version of an integration which will lead to the over writing of an integration.

However we have now added the ability for admins to quickly add a custom type to integrations that support it right through the UI. Allowing for quick setup and time to value for different tools.

Server User Permissions Update

As a part of the new 5.4.0 release we have added in a new user that will own all of the polarity files on the server. This change was added in to address the issue of customers not being able to run docker as root. As a part of the upgrade the permissions will attempt to get set. If you run into issues during the upgrade please see the troubleshooting section below or reach out to us at support@polarity.io.

Issues Addressed

• Fixed issue when looking up more than 2 entities with spaces on web search

• Addresses issue with web search parser when looking up defanged entities

• Added ability to rate limit emails

• Increased integration timeouts to 60 seconds versus 30 seconds

• Added environment variable for admins to disable integration store

• Added ability to change and edit email templates

• Fixed issue with lookup pagination

Troubleshooting Upgrade to Latest 5.4 Version

Permission Issues

After upgrading to V5.4 and the server will not start you might see an error like the following:

:cacertfile either does not exist, or the application does not have permission to access it

This is due to a permission not getting set during the upgrade process. The fix is fairly straight forward as all you will need to do is run the following script to force set the permissions:

cd /app
bin/polarity docker-set-permissions

Improperly Referenced tls-ca-bundle.pem file

If you notice the following error in your server logs, then you may need to update your docker-compose.yml file to remove the POLARITY_TLS_CA_PATH environment variable:

Kernel pid terminated (application_controller) 
({application_start_failure,polarity,{{shutdown,{failed_to_start_child,'Elixir.PolarityWeb.Endpoint',
{#{'__exception__' => true,'__struct__' => 'Elixir.ArgumentError',message => 
<<"could not start Cowboy2 adapter, the file /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem required by SSL's :cacertfile either does not exist, 
or the application does not have permission to access it">>},

If you see the above error, open the /app/docker-compose.yml file and look for the following line within the app service:

environment:
  - POLARITY_TLS_CA_PATH=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem

If you see this line, you should delete the environment and POLARITY_TLS_CA_PATH line and then restart your containers.

cd /app && ./down.sh && ./up.sh

WARNING!

Prior to updating to any version of Polarity Server 5.4 please ensure that all of your integrations are running the latest version.

Integrations that have not been updated may not be compatible with Polarity Server 5.4+.

When updating integrations please keep in mind that any custom types that were manually added to the integration will be lost. Prior to updating, be sure to have a copy of any custom type regular expressions so they can be re-added after the update.

Polarity 5.4+ allows adding these custom types directly through the Data Types page on the integration settings page. Once on Polarity 5.4+, future integration updates will not reset your custom types.

About Latest Version

The latest 5.4.0 release adds in some great new features and functionality for users! We have added the ability to consolidate Errors into a single page for admins and users, as well as added the ability for admins to add in custom entity types from the UI versus having to update them on the backend. Enabling a much more seamless administrative experince for integrations. As always for more information on Errors and Custom Types, please see the Polarity Web release docs.

v5.3.4

The latest release of the Polarity Server is a server-side patch that addresses some identified vulnerabilities, adds in support for TLS connections to Redis and PostgreSQL, fixed an issue with integration functions being called out of order, added the ability to configure SMTP without having to set a username.

Issues Addressed

• Addressed issue with integration functions sometimes being called before the startup function causing integrations to stop.

• Addressed vulnerabilities identified

• Added ability for the server to connect to Redis and PostgreSQLinstances over TLS connections

• Added ability to use SMTP without needing to specify a username

v5.3.1

The 5.3.1 release of the Polarity Server is a server-side patch that addresses the issue with some of the desktop client lookups not working for users leading to lookups returning no information back to users.

Issues Addressed

• Addressed issue with server caching certain entities, not allowing desktop client lookups to go through

v5.3.0

New Functionality

• Team Subscriptions

  • Admins can now quickly subscribes all users that have access to an integration right form the UI, as long as that integration is configured. Enabling analysts to quickly get the full use out of Polarity without needing to think about subscribing to data.

• Global Proxy

  • Instead of having to add in a global proxy to the server in the environment file, admins can now easily add the global proxy right to the UI, making configuration that much easier.

Issues Addressed

• Addressed issue with newly installed integrations not showing up

• Addressed issue where full text was getting sent to some integrations instead of just entities that match on regexes.

• Added functionality to ensure user emails and user fullnames are apart of the integration options payload for the dolookup, onMessage and onDetails functions for integration developers.

v5.2.2

Our latest V5.2.2 version of the Polarity server adds the ability for user emails to be added to and adds additional logging for LDAP.

Improvements:

• Update:  Added the ability to pass through user emails to integration options.

• Update: Added additional logging for LDAP troubleshooting.

v5.2.1

V5.2.1 of the Polarity Server patches up a few issues with the server.

Improvements:

• Update: Moved caddy configurations into its own file for easier configuration with global proxies.

• Patch: Resolved issue with caching layer preventing options from being saved.

• Patch: Resolved issue with caching and searching integrations that have been un subscribed.

• Patch: Resolved issue with incorrect hostname getting set in SMTP emails

• Patch: Resolved issue with incorrect DL links for client

• Patch: Resolved inconsistencies with global versus integration proxies

v5.1.1

We are super excited to be rolling out our newest Polarity Server Version, version 5! This is a massive update for us here at Polarity and includes some great new functionality.

Complete re-write

• This update is a complete re-write of our original NodeJS server to Elixir. Which allows us to gain massive improvements as an engineering team and allowed us to look at our deployment architecture and support deployments with Docker natively.

• This update also enables us as a team to deliver features and functionality at a higher rate!

New Features and Functionality

• Integration Store

  • We now have a new integration store! Which pulls in all of the new integrations and updates so admins no longer will need to go to the server to run updates or install new integrations!

• Integration Proxy Support

  • Polarity admins can now easily set and manage integration specific proxies right from the UI instead of making changes on the server!

• Deleting Integrations

  • Polarity admins can now easily completely delete integrations right from the UI instead of just removing the directories on the server like before.

• Updating Integration name and descriptions

  • Polarity admins can now also easily update the name and descriptions of integrations without having to update the configs on the server.

• Docker Deployments

  • Our architecture for v5 is now very different from that of v4 as we now deploy Docker containers for our server and web components. Upgrading to Polarity V5 will install polarity_platform and polarity_web Docker containers.