Release/v11.0.2 (#1481)

* fix(alert): remove debug logs from ngOnInit method in alert entity display

Signed-off-by: Manuel Abascal <[email protected]>

* feat(agent): add TLS connection option and update command generation for syslog integrations

Signed-off-by: Manuel Abascal <[email protected]>

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* Update frontend/src/app/app-management/api-keys/shared/components/api-key-modal/api-key-modal.component.ts

Co-authored-by: Copilot <[email protected]>

* Update backend/src/main/java/com/park/utmstack/security/api_key/ApiKeyFilter.java

Co-authored-by: Copilot <[email protected]>

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): enhance clipboard functionality with fallback support and feedback

Signed-off-by: Manuel Abascal <[email protected]>

* feat(api_key): enhance ApiKeyFilter with improved logging and validation checks

* feat(api_key): enhance ApiKeyFilter with improved logging and validation checks

* fix[frontend](web_console): sanitized password parameter to admit all utf8 characters even url structure ones

* feat[backend](api-keys): added api keys dto, controllers and entities

* feat[backend](api_keys): added api keys

* feat(api_keys): create api_keys table with user_id and add foreign key constraint

* feat(api_keys): implement API key management with CRUD operations and validation

* refactor(api_keys): simplify API key management by removing user ID dependency in service methods

* feat(api_keys): implement API key filtering and usage logging for enhanced security

* feat[frontend](api_key): added api key list/creation components

* refactor(api_keys): remove unused ApplicationEventService from ApiKeyFilter

* refactor(api_keys): update API key table schema and change ID type to BIGINT

* feat(api_keys): enhance API key management UI

Signed-off-by: Manuel Abascal <[email protected]>

* feat(api_keys): enhance API key management UI

Signed-off-by: Manuel Abascal <[email protected]>

* feat(api_keys): implement API key filtering and usage logging for enhanced security

* feat(api_keys): enhance API key management with new fields and logging improvements

* feat(api_keys): enhance IP address management with validation and error handling

Signed-off-by: Manuel Abascal <[email protected]>

* feat(api_keys): add API key generation and expiration handling with user feedback

Signed-off-by: Manuel Abascal <[email protected]>

* feat(api_keys): update API key modal for editing and improved deletion confirmation

Signed-off-by: Manuel Abascal <[email protected]>

* refactor(api_keys): change API key identifier type from UUID to Long for consistency

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): improve API key listing with pagination, loading states, and expiration indicators

Signed-off-by: Manuel Abascal <[email protected]>

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* Update frontend/src/app/app-management/api-keys/shared/components/api-key-modal/api-key-modal.component.ts

Co-authored-by: Copilot <[email protected]>

* Update backend/src/main/java/com/park/utmstack/security/api_key/ApiKeyFilter.java

Co-authored-by: Copilot <[email protected]>

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): enhance clipboard functionality with fallback support and feedback

Signed-off-by: Manuel Abascal <[email protected]>

* feat(api_key): enhance ApiKeyFilter with improved logging and validation checks

* feat(api_key): enhance ApiKeyFilter with improved logging and validation checks

* feat(api_key): enhance ApiKeyFilter with improved logging and validation checks

* refactor(agent): remove unused TLS certificate validation and related functions;

* Update frontend/src/app/core/auth/account.service.ts

Co-authored-by: Copilot <[email protected]>

* feat(agent): validate TLS certificates before enabling TLS for integrations

* feat(agent): add TLS support for syslog command generation and update argument handling

Signed-off-by: Manuel Abascal <[email protected]>

* feat(agent): add TLS support for syslog command generation and update argument handling

Signed-off-by: Manuel Abascal <[email protected]>

* refactor(agent): remove unused TLS certificate validation and related functions;

* fix[frontend](web_console): sanitized password parameter to admit all utf8 characters even url structure ones

* Update frontend/src/app/core/auth/account.service.ts

Co-authored-by: Copilot <[email protected]>

* fix[frontend](app_settings): added GMT+12 and daylight saving options on date settings

* feat(agent): validate TLS certificates before enabling TLS for integrations

* fix[frontend](web_console): sanitized password parameter to admit all utf8 characters even url structure ones

* feat[backend](api-keys): added api keys dto, controllers and entities

* feat[backend](api_keys): added api keys

* feat(api_keys): create api_keys table with user_id and add foreign key constraint

* feat(api_keys): implement API key management with CRUD operations and validation

* refactor(api_keys): simplify API key management by removing user ID dependency in service methods

* feat(api_keys): implement API key filtering and usage logging for enhanced security

* feat[frontend](api_key): added api key list/creation components

* refactor(api_keys): remove unused ApplicationEventService from ApiKeyFilter

* refactor(api_keys): update API key table schema and change ID type to BIGINT

* feat(api_keys): enhance API key management UI

Signed-off-by: Manuel Abascal <[email protected]>

* feat(api_keys): enhance API key management UI

Signed-off-by: Manuel Abascal <[email protected]>

* feat(api_keys): implement API key filtering and usage logging for enhanced security

* feat(api_keys): enhance API key management with new fields and logging improvements

* feat(api_keys): enhance IP address management with validation and error handling

Signed-off-by: Manuel Abascal <[email protected]>

* feat(api_keys): add API key generation and expiration handling with user feedback

Signed-off-by: Manuel Abascal <[email protected]>

* feat(api_keys): update API key modal for editing and improved deletion confirmation

Signed-off-by: Manuel Abascal <[email protected]>

* refactor(api_keys): change API key identifier type from UUID to Long for consistency

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): improve API key listing with pagination, loading states, and expiration indicators

Signed-off-by: Manuel Abascal <[email protected]>

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* Update frontend/src/app/app-management/api-keys/shared/components/api-key-modal/api-key-modal.component.ts

Co-authored-by: Copilot <[email protected]>

* Update backend/src/main/java/com/park/utmstack/security/api_key/ApiKeyFilter.java

Co-authored-by: Copilot <[email protected]>

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): enhance clipboard functionality with fallback support and feedback

Signed-off-by: Manuel Abascal <[email protected]>

* feat(api_key): enhance ApiKeyFilter with improved logging and validation checks

* feat(api_key): enhance ApiKeyFilter with improved logging and validation checks

* feat(api_key): enhance ApiKeyFilter with improved logging and validation checks

* feat[backend](api-keys): added api keys dto, controllers and entities

* feat[backend](api_keys): added api keys

* feat(api_keys): create api_keys table with user_id and add foreign key constraint

* feat(api_keys): implement API key management with CRUD operations and validation

* feat[frontend](api_key): added api key list/creation components

* refactor(api_keys): remove unused ApplicationEventService from ApiKeyFilter

* refactor(api_keys): update API key table schema and change ID type to BIGINT

* feat(api_keys): enhance API key management UI

Signed-off-by: Manuel Abascal <[email protected]>

* feat(api_keys): implement API key filtering and usage logging for enhanced security

* feat(api_keys): enhance API key management with new fields and logging improvements

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* feat(api_keys): simplify API key listing endpoint and enhance expiration handling

* Update backend/src/main/java/com/park/utmstack/security/api_key/ApiKeyFilter.java

Co-authored-by: Copilot <[email protected]>

* feat: improve asset source sorting and display in assets view

Signed-off-by: Manuel Abascal <[email protected]>

* feat: enhance loading state handling in chart and view components

Signed-off-by: Manuel Abascal <[email protected]>

* feat: enhance alert rule modal presentation and improve alert completion messaging

Signed-off-by: Manuel Abascal <[email protected]>

* feat: enhance asset detail interaction and add trackBy function for performance

Signed-off-by: Manuel Abascal <[email protected]>

* feat: add isEcho input to data field render for conditional rendering of alert status and action components

Signed-off-by: Manuel Abascal <[email protected]>

* feat: add adversary field rendering to alert view detail component

Signed-off-by: Manuel Abascal <[email protected]>

* feat: add adversary field rendering to alert view detail component

Signed-off-by: Manuel Abascal <[email protected]>

* feat: rename UtmLogstashFilterResource to UtmFilterResource and update API endpoints

* feat: enhance logstash filters component with loading state and quick create functionality

Signed-off-by: Manuel Abascal <[email protected]>

* feat(agent): update TLS command generation for syslog integrations to use concatenation

Signed-off-by: Manuel Abascal <[email protected]>

* feat: update database schema and properties for v11 release

* feat: update database schema and properties for v11 release

* feat: refactor constants for log event data and update Elasticsearch query

* feat: refactor event handling to use Event type and update related components

Signed-off-by: Manuel Abascal <[email protected]>

* feat: enhance agent console UI and improve password input handling

Signed-off-by: Manuel Abascal <[email protected]>

* feat: refactor layout and styling for active directory components

Signed-off-by: Manuel Abascal <[email protected]>

* feat: enhance add rule component with after events section and modal styling

Signed-off-by: Manuel Abascal <[email protected]>

* feat: improve layout and styling for active directory event component

Signed-off-by: Manuel Abascal <[email protected]>

* feat: add changelogs to hide compliance menu items and update filters visualization

* feat: filter compliance standards by ID in the HTTP response

Signed-off-by: Manuel Abascal <[email protected]>

* feat: implement search functionality for fields in condition item component

Signed-off-by: Manuel Abascal <[email protected]>

* feat: remove duplicate alert badge fields and clean up HTML structure

Signed-off-by: Manuel Abascal <[email protected]>

* feat: remove loading spinner from visualization preview tooltip

Signed-off-by: Manuel Abascal <[email protected]>

* feat: update aggregation field mappings in filters visualization

* feat: comment out documentation alert in logstash filter create component

Signed-off-by: Manuel Abascal <[email protected]>

* feat: add changelog to disable correlation rules with regex

* feat: update placement attribute to support multiple positions in alert action select component

Signed-off-by: Manuel Abascal <[email protected]>

* feat: condition builder visibility based on fields availability

Signed-off-by: Manuel Abascal <[email protected]>

* feat: add system owner field to alert response rules and update related logic

* feat: add systemOwner filter to playbooks component

Signed-off-by: Manuel Abascal <[email protected]>

* feat: add system owner field to alert response rules and update related logic

* feat: enhance playbook component with improved layout and functionality

Signed-off-by: Manuel Abascal <[email protected]>

* feat: enhance playbook component with improved layout and functionality

Signed-off-by: Manuel Abascal <[email protected]>

* feat: enhance playbook component with improved layout and functionality

Signed-off-by: Manuel Abascal <[email protected]>

* feat: add system owner field to alert response rules and update related logic

* feat: enhance playbook component with improved layout and functionality

Signed-off-by: Manuel Abascal <[email protected]>

* feat: update agent handling strategy description for clarity and context

Signed-off-by: Manuel Abascal <[email protected]>

* feat: update agent handling strategy description for clarity and context

Signed-off-by: Manuel Abascal <[email protected]>

* fix: change PostgreSQL logger level from WARN to ERROR

* feat: update log handling and display logic for improved clarity and consistency

Signed-off-by: Manuel Abascal <[email protected]>

* feat: update log filter selection to improve user experience

Signed-off-by: Manuel Abascal <[email protected]>

* fix: handle potential null value in audits length check

Signed-off-by: Manuel Abascal <[email protected]>

* fix: update filterBySelect method to accept a generic field type

Signed-off-by: Manuel Abascal <[email protected]>

* feat: update workflows and send to new cm in gcp

* feat: include script to compile installer

* fix: resolve workflow errors and improve cross-platform compatibility

* fix problem with agent SIGN KEY

* feat: implement service to automatically assign asset groups to alerts

* feat: add asset group fields to alert constants and configuration

Signed-off-by: Manuel Abascal <[email protected]>

* feat(agent/syslog): add RFC 5424 octet counting framing support and improve message handling

* fix: always update pending versions

* improve v11 changelog

* feat: enhance playbook UI and loading behavior, add new alert fields

Signed-off-by: Manuel Abascal <[email protected]>

* feat: add CrowdStrike plugin core implementation

* feat: add gRPC configuration management for CrowdStrike

* refactor: update version info handling and clean up community module display

Signed-off-by: Manuel Abascal <[email protected]>

* refactor: remove deprecated standalone plugin architecture

* feat: enhance timezone handling by dynamically generating timezone list

Signed-off-by: Manuel Abascal <[email protected]>

* feat: enhance timezone handling by dynamically generating timezone list

Signed-off-by: Manuel Abascal <[email protected]>

* fix[bitdefender-plugin]: make StartServer blocking and remove retry loop

* update macos guide

* fix: adjust TFA expiration time to use configurable constant

* feat: conditionally render module card based on module name

Signed-off-by: Manuel Abascal <[email protected]>

* feat: add application version info retrieval functionality

* feat: add application version info retrieval functionality

Signed-off-by: Manuel Abascal <[email protected]>

* feat: add application version info retrieval functionality

* fix: remove conditional rendering for AS_400 module and filter out in module retrieval

Signed-off-by: Manuel Abascal <[email protected]>

* feat(o365-plugin): add multi-cloud environment support for Microsoft Cloud (Commercial, GCC, GCC High, DoD)

* feat: add exception handling for MethodArgumentNotValidException and update UtmModuleConfigValidator logic

* fix(o365-plugin): Remove invalid field check and add multi-cloud support

- Implement cloud-aware connection checking per authority
- Use correct endpoints and scopes for each cloud environment

* feat(o365-plugin): add Office 365 cloud environment configuration options

* Update backend/src/main/resources/config/liquibase/changelog/20251125001_add_environment_o365_integration.xml

Co-authored-by: Copilot <[email protected]>

* Update backend/src/main/java/com/park/utmstack/domain/application_modules/factory/impl/ModuleO365.java

Co-authored-by: Copilot <[email protected]>

* Update backend/src/main/java/com/park/utmstack/domain/application_modules/UtmModuleGroupConfiguration.java

Co-authored-by: Copilot <[email protected]>

* fix: update file permissions from 777 to 755 for security improvements

* feat(azure plugin): enhance Azure cloud detection and connection validation

* feat(o365_validation-modules-config): add Management API validation and multi-cloud endpoint support

* feat(header): integrate version info display and update logic

Signed-off-by: Manuel Abascal <[email protected]>

* refactor: rename UtmStackConnectionService to ModuleConfigurationValidationService and enhance validation logic

* feat(exception-handling): add ApiException class and global exception handler

* feat(int-generic-group-config): improve searchable option based on config options length

Signed-off-by: Manuel Abascal <[email protected]>

* feat(int-generic-group-config): improve searchable option based on config options length

Signed-off-by: Manuel Abascal <[email protected]>

* fix(modules-config): disable CROWDSTRIKE module not implemented in backend.

* refactor(plugins): standardize logging with catcher

* style(dashboard): adjust padding and layout for improved UI consistency

Signed-off-by: Manuel Abascal <[email protected]>

* fix: optimize cloud detection logic in connection string parsing

* feat(elastic-filter-time): enhance time filter functionality and update UI interactions

Signed-off-by: Manuel Abascal <[email protected]>

* feat(azure): extract individual records from Azure Event Hub logs

Parse Azure logs with 'records' array structure and send each record
as a separate log entry for better indexing and security analysis.
Maintains backward compatibility for logs without records array.

* fix(modules-config): remove gin default logger middleware to eliminate non-standardized HTTP logs while maintaining catcher logging standard and panic protection.

* refactor(azure-filter): deleted 'Expand log.records' data to improve parsing

* refactor(gcp-filter): deleted 'Expand jsonPayload.structuredRdata' data to improve parsing

* update the version of the Azure and GCP filters

* fix(totp): prevent potential error by checking subscription before unsubscribe

Signed-off-by: Manuel Abascal <[email protected]>

* style(totp): comment out unused email resend container for cleaner code

Signed-off-by: Manuel Abascal <[email protected]>

* style(utm-code-view): add word-break class to code element for better text handling

Signed-off-by: Manuel Abascal <[email protected]>

* feat(filters): add Azure and GCP filters with updated field mappings and severity handling

* refactor(ModuleSocAi): remove unused getName method for cleaner code

* fix(deployment-pipeline): update tag pattern for v10 to support semantic versioning

* chore(changelog): update release notes for UTMStack v11.0.3 with fixed issues and performance improvements

* chore(changelog): update release notes for UTMStack v11.0.3 with fixed issues and performance improvements

---------

Signed-off-by: Manuel Abascal <[email protected]>
Co-authored-by: Copilot <[email protected]>
Co-authored-by: AlexSanchez-bit <[email protected]>
Co-authored-by: Yadian Llada Lopez <[email protected]>
Co-authored-by: Yorjander Hernandez Vergara <[email protected]>
Co-authored-by: JocLRojas <[email protected]>
Co-authored-by: Osmany Montero <[email protected]>

Author: 7 people

.github/workflows/v11-deployment-pipeline.yml

@@ -193,6 +193,7 @@ jobs:
           curl -sSL "https://storage.googleapis.com/utmstack-updates/dependencies/agent/utmstack_agent_dependencies_linux.zip" -o ./dependencies/agent/utmstack_agent_dependencies_linux.zip
           curl -sSL "https://storage.googleapis.com/utmstack-updates/dependencies/agent/utmstack_agent_dependencies_windows.zip" -o ./dependencies/agent/utmstack_agent_dependencies_windows.zip
           curl -sSL "https://storage.googleapis.com/utmstack-updates/dependencies/agent/utmstack_agent_dependencies_windows_arm64.zip" -o ./dependencies/agent/utmstack_agent_dependencies_windows_arm64.zip
+          curl -sSL "https://storage.googleapis.com/utmstack-updates/dependencies/agent/utmstack-macos-agent-v10.pkg" -o ./dependencies/agent/utmstack-macos-agent.pkg
 
           cp "${{ github.workspace }}/agent/utmstack_agent_service" ./dependencies/agent/
           cp "${{ github.workspace }}/agent/utmstack_agent_service.exe" ./dependencies/agent/

CHANGELOG.md

@@ -1,4 +1,12 @@
-# UTMStack 11.0.1 Release Notes
+# UTMStack 11.0.3
 
-- Enriched the TIMEZONES constant to include additional IANA zones for broader coverage.
-- Support for additional syslog framing methods (RFC 5424 octet counting).
+This is the release notes for **UTMStack v11.0.3**, a minor update focused on bug fixes and performance improvements.
+
+## Fixed Issues
+
+- Fixed a bug in the SOC-AI integration that caused occasional failures when generating insights.
+- Fixed a bug when trying to enroll and authenticate by TFA.
+
+## Enhancements
+
+- SIEM configuration now adapts to the Sovereign Cloud Model implemented by the provider in each region for Azure and Microsoft 365 integrations.

backend/src/main/java/com/park/utmstack/advice/GlobalExceptionHandler.java

@@ -10,6 +10,7 @@
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.web.bind.MethodArgumentNotValidException;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RestControllerAdvice;
 
@@ -60,6 +61,16 @@ public ResponseEntity<?> handleConflict(Exception e, HttpServletRequest request)
         return ResponseUtil.buildErrorResponse(HttpStatus.CONFLICT, e.getMessage());
     }
 
+    @ExceptionHandler(MethodArgumentNotValidException.class)
+    public ResponseEntity<?> handleMethodArgumentNotValid(MethodArgumentNotValidException e, HttpServletRequest request) {
+        return ResponseUtil.buildBadRequestResponse(e.getBindingResult().getAllErrors().get(0).getDefaultMessage());
+    }
+
+    @ExceptionHandler(ApiException.class)
+    public ResponseEntity<?> handleApiException(ApiException ex) {
+        return ResponseUtil.buildErrorResponse(ex.getStatus(), ex.getMessage());
+    }
+
     @ExceptionHandler(Exception.class)
     public ResponseEntity<?> handleGenericException(Exception e, HttpServletRequest request) {
         return ResponseUtil.buildInternalServerErrorResponse(e.getMessage());

backend/src/main/java/com/park/utmstack/aop/logging/NoLogException.java

@@ -1,10 +1,8 @@
 package com.park.utmstack.aop.logging;
 
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
+import java.lang.annotation.*;
 
+@Inherited
 @Target(ElementType.TYPE)
 @Retention(RetentionPolicy.RUNTIME)
 public @interface NoLogException {}

backend/src/main/java/com/park/utmstack/config/Constants.java

@@ -162,6 +162,9 @@ public final class Constants {
     public static final String API_KEY_HEADER = "Utm-Api-Key";
     public static final List<String> API_ENDPOINT_IGNORE = Collections.emptyList();
 
+    // Application version file
+    public static final String APP_VERSION_FILE = "/updates/version.json";
+
     private Constants() {
     }
 }

backend/src/main/java/com/park/utmstack/domain/application_modules/UtmModuleGroupConfiguration.java

@@ -71,7 +71,8 @@ public UtmModuleGroupConfiguration(ModuleConfigurationKey key) {
         this.confDataType = key.getConfDataType();
         this.confRequired = key.getConfRequired();
         this.confOptions = key.getConfOptions();
-        this.confVisibility = key.getConfOptions();
+        this.confValue = key.getConfValue();
+        this.confVisibility = key.getConfVisibility();
     }
 
 }

backend/src/main/java/com/park/utmstack/domain/application_modules/factory/impl/ModuleO365.java

@@ -72,6 +72,22 @@ public List<ModuleConfigurationKey> getConfigurationKeys(Long groupId) throws Ex
             .withConfDataType("text")
             .withConfRequired(true)
             .build());
+
+        keys.add(ModuleConfigurationKey.builder()
+                .withGroupId(groupId)
+                .withConfKey("office365_cloud_environment")
+                .withConfName("Cloud Environment")
+                .withConfDescription("Select the Microsoft cloud environment for Office 365 integration.")
+                .withConfDataType("select")
+                .withConfRequired(false)
+                .withConfValue("Commercial")
+                .withConfOptions("[" +
+                        "{ \"value\": \"Commercial\", \"label\": \"Commercial - Azure commercial global (Default)\" }," +
+                        "{ \"value\": \"GCC\", \"label\": \"GCC - US Government Community Cloud\" }," +
+                        "{ \"value\": \"GCCHigh\", \"label\": \"GCC High - US Government Community Cloud High (DoD IL4)\" }," +
+                        "{ \"value\": \"DoD\", \"label\": \"DoD - US Department of Defense (DoD IL5)\" }" +
+                        "]")
+                .build());
         return keys;
     }
 

backend/src/main/java/com/park/utmstack/domain/application_modules/factory/impl/ModuleSocAi.java

@@ -7,6 +7,7 @@
 import com.park.utmstack.domain.application_modules.types.ModuleConfigurationKey;
 import com.park.utmstack.domain.application_modules.types.ModuleRequirement;
 import com.park.utmstack.domain.application_modules.validators.UtmModuleConfigValidator;
+import com.park.utmstack.repository.UtmModuleGroupConfigurationRepository;
 import com.park.utmstack.service.application_modules.UtmModuleService;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Component;
@@ -23,6 +24,7 @@ public class ModuleSocAi implements IModule {
 
     private final UtmModuleService moduleService;
     private final UtmModuleConfigValidator utmStackConfigValidator;
+    private final UtmModuleGroupConfigurationRepository moduleGroupConfigurationRepository;
 
     @Override
     public UtmModule getDetails(Long serverId) throws Exception {
@@ -102,8 +104,49 @@ public List<ModuleConfigurationKey> getConfigurationKeys(Long groupId) throws Ex
         return keys;
     }
 
-    public boolean validateConfiguration(UtmModule module, List<UtmModuleGroupConfiguration> configuration) throws Exception {
-        return utmStackConfigValidator.validate(module, configuration);
+    public boolean validateConfiguration(UtmModule module, List<UtmModuleGroupConfiguration> configuration) {
+
+        if(configuration == null || configuration.isEmpty()) {
+            throw  new IllegalArgumentException("Configurations cannot be null or empty");
+        }
+
+        Long groupId = configuration.get(0).getGroupId();
+
+        List<UtmModuleGroupConfiguration> dbConfigs = moduleGroupConfigurationRepository
+                .findAllByGroupId(groupId);
+
+        UtmModuleGroupConfiguration providerConfig = configuration.stream()
+                .filter(c -> "utmstack.socai.provider".equals(c.getConfKey()))
+                .findFirst()
+                .orElseGet(() -> dbConfigs.stream()
+                        .filter(c -> "utmstack.socai.provider".equals(c.getConfKey()))
+                        .findFirst()
+                        .orElse(null));
+
+        List<UtmModuleGroupConfiguration> configs = dbConfigs.stream()
+                .filter(c -> !"utmstack.socai.provider".equals(c.getConfKey()))
+                .toList();
+
+        List<UtmModuleGroupConfiguration> filteredConfigs = providerConfig != null && "custom".equals(providerConfig.getConfValue())
+                ? filterCustomConfigs(configs)
+                : filterStandardConfigs(configs);
+
+        filteredConfigs.add(providerConfig);
+
+        return utmStackConfigValidator.validate(module, configuration, filteredConfigs);
+    }
+
+    private List<UtmModuleGroupConfiguration> filterCustomConfigs(List<UtmModuleGroupConfiguration> configs) {
+        return configs.stream()
+                .filter(config -> !config.getConfKey().equals("utmstack.socai.model"))
+                .collect(Collectors.toList());
+    }
+
+    private List<UtmModuleGroupConfiguration> filterStandardConfigs(List<UtmModuleGroupConfiguration> configs) {
+        return configs.stream()
+                .filter(config -> !config.getConfKey().equals("utmstack.socai.custom.model") &&
+                        !config.getConfKey().equals("utmstack.socai.custom.url"))
+                .collect(Collectors.toList());
     }
 
     @Override

backend/src/main/java/com/park/utmstack/domain/application_modules/types/ModuleConfigurationKey.java

@@ -1,74 +1,24 @@
 package com.park.utmstack.domain.application_modules.types;
 
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
 public class ModuleConfigurationKey {
     private Long groupId;
     private String confKey;
     private String confName;
+    private String confValue;
     private String confDescription;
     private String confDataType;
     private String confOptions;
-
+    private String confVisibility;
     private Boolean confRequired;
 
     private ModuleConfigurationKey() {
     }
 
-    public Long getGroupId() {
-        return groupId;
-    }
-
-    public void setGroupId(Long groupId) {
-        this.groupId = groupId;
-    }
-
-    public String getConfKey() {
-        return confKey;
-    }
-
-    public void setConfKey(String confKey) {
-        this.confKey = confKey;
-    }
-
-    public String getConfName() {
-        return confName;
-    }
-
-    public void setConfName(String confName) {
-        this.confName = confName;
-    }
-
-    public String getConfDescription() {
-        return confDescription;
-    }
-
-    public void setConfDescription(String confDescription) {
-        this.confDescription = confDescription;
-    }
-
-    public String getConfDataType() {
-        return confDataType;
-    }
-
-    public void setConfDataType(String confDataType) {
-        this.confDataType = confDataType;
-    }
-
-    public Boolean getConfRequired() {
-        return confRequired;
-    }
-
-    public void setConfRequired(Boolean confRequired) {
-        this.confRequired = confRequired;
-    }
-
-    public String getConfOptions() {
-        return confOptions;
-    }
-
-    public void setConfOptions(String confOptions) {
-        this.confOptions = confOptions;
-    }
-
     public static Builder builder() {
         return new Builder();
     }
@@ -77,11 +27,11 @@ public static class Builder {
         private Long groupId;
         private String confKey;
         private String confName;
+        private String confValue;
         private String confDescription;
         private String confDataType;
         private Boolean confRequired;
-        private Boolean confVisible = true;
-
+        private String confVisibility;
         private String confOptions;
 
         public Builder withGroupId(Long groupId) {
@@ -119,6 +69,16 @@ public Builder withConfOptions(String confOptions) {
             return this;
         }
 
+        public Builder withConfValue(String confValue) {
+            this.confValue = confValue;
+            return this;
+        }
+
+        public Builder withConfVisibility(String confVisibility) {
+            this.confVisibility = confVisibility;
+            return this;
+        }
+
         public ModuleConfigurationKey build() {
             ModuleConfigurationKey key = new ModuleConfigurationKey();
             key.setGroupId(groupId);
@@ -128,6 +88,8 @@ public ModuleConfigurationKey build() {
             key.setConfDataType(confDataType);
             key.setConfRequired(confRequired);
             key.setConfOptions(confOptions);
+            key.setConfValue(confValue);
+            key.setConfVisibility(confVisibility);
             return key;
         }
     }

backend/src/main/java/com/park/utmstack/domain/application_modules/validators/UtmModuleConfigValidator.java

@@ -4,44 +4,49 @@
 import com.park.utmstack.domain.application_modules.UtmModule;
 import com.park.utmstack.domain.application_modules.UtmModuleGroupConfiguration;
 import com.park.utmstack.repository.UtmModuleGroupConfigurationRepository;
-import com.park.utmstack.service.application_modules.connectors.UtmStackConnectionService;
+import com.park.utmstack.service.application_modules.connectors.ModuleConfigurationValidationService;
 import com.park.utmstack.service.dto.application_modules.UtmModuleGroupConfDTO;
 import com.park.utmstack.service.dto.application_modules.UtmModuleGroupConfWrapperDTO;
 import com.park.utmstack.util.CipherUtil;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
 
 import java.util.List;
-import java.util.stream.Collectors;
 
 @Service
 @RequiredArgsConstructor
 public class UtmModuleConfigValidator {
 
     private final UtmModuleGroupConfigurationRepository moduleGroupConfigurationRepository;
-    private final UtmStackConnectionService utmStackConnectionService;
+    private final ModuleConfigurationValidationService utmStackConnectionService;
 
-    public boolean validate(UtmModule module, List<UtmModuleGroupConfiguration> keys) throws Exception {
+    public boolean validate(UtmModule module, List<UtmModuleGroupConfiguration> keys) {
         if (keys.isEmpty()) return false;
 
         List<UtmModuleGroupConfiguration> dbConfigs = moduleGroupConfigurationRepository
                 .findAllByGroupId(keys.get(0).getGroupId());
 
+        return validate(module, keys, dbConfigs);
+    }
+
+    public boolean validate(UtmModule module, List<UtmModuleGroupConfiguration> keys, List<UtmModuleGroupConfiguration> dbConfigs) {
+        if (keys.isEmpty()) return false;
+
         List<UtmModuleGroupConfDTO> configDTOs = dbConfigs.stream()
                 .map(dbConf -> {
                     UtmModuleGroupConfiguration override = findInKeys(keys, dbConf.getConfKey());
                     UtmModuleGroupConfiguration source = override != null ? override : dbConf;
 
                     return new UtmModuleGroupConfDTO(
                             source.getConfKey(),
-                            decryptIfNeeded(source.getConfDataType(), source.getConfValue())
+                            override != null ? source.getConfValue() : decryptIfNeeded(source.getConfDataType(), source.getConfValue())
                     );
                 })
                 .toList();
 
         UtmModuleGroupConfWrapperDTO body = new UtmModuleGroupConfWrapperDTO(configDTOs);
 
-        return utmStackConnectionService.testConnection(module.getModuleName().name(), body);
+        return utmStackConnectionService.validateModuleConfiguration(module.getModuleName().name(), body);
     }
 
     private UtmModuleGroupConfiguration findInKeys(List<UtmModuleGroupConfiguration> keys, String confKey) {