[BUG] Related reports who's links are filtered in correlation graphs are not also shaded-out

[ckane]

Description

The "shading" of entities by type in the Correlation Graphs should grey-out any "related reporting" nodes where every linking entity to the "current report" is filtered.

This is related to the discussion in #9236 and is being proposed as an alternative solution to achieve the visualization goal there.

Environment

1. OS (where OpenCTI server runs): Ubuntu
2. OpenCTI version: 6.4.4
3. OpenCTI client: 6.4.4
4. Other environment details: Docker container-deployed

Reproducible Steps

View a report where there's sufficient correlated reporting that the correlation graph is fairly large. Find a related report and filter the items, using the graph filter tools, such that every item linking the related report to the current report is filtered (and visually greyed out on screen).

Expected Output

The related report should also get greyed out, so that it is easier for the filters in the correlation graph to allow the analysts to focus on the related reporting linked by unfiltered nodes.

Actual Output

All related reporting is still present on the graph, still making it difficult to explore where an ATT&CK pattern or sector or country is an entity contained in the report:

In this chart, as an example, the "Regin Scanner" report at top-right is the "current report". All nodes connected to "OSINT Regin Samples" are greyed out, so that report should also get greyed out, in order to use the filters to "hide correlations based upon linked entity type". The "Secret Malware in..." related report has some entities filtered and some unfiltered, so it should remain colored-in for the analyst.

[nino-filigran]

@ckane just to understand, you're filtering for instance on IOCs & you expect the linked reports to be greyed too, if linked IOCs are greyed?

[ckane]

Yes, if the filters I have selected cause all linked nodes to one or more reports to be grayed out, then those linked reports should also be grayed

[ckane]

It would also be nice to have the edges impacted by the filters to be grayed out too... trying to think of what the logic would be: if a "to" node on an edge is gray, then the edge should also be gray, I think.

[ckane]

Ok, I thought about it a bit more, considering that the Report nodes are always the "to" nodes on the correlation graphs, and working off the node-coloring logic:

1. The "current report" node should never be grayed
2. If either the "to" or "from" node is gray, then the corresponding edge should also be gray

[nino-filigran]

Ok, that's clear and seems to be a good idea. So I've turned this into a feature given it's not a behavior built yet in the platform. We will soon start to work on graphs, and we'll take this request into account when working on them.
At first, we'll first refactor the graph from a technical point of view to make it an object easier to maintain & then we will apply some functional changes. We want to work around the filters, so this is definitely something we will keep an eye on when tackling the topic.