-
Notifications
You must be signed in to change notification settings - Fork 1.8k
Commit 3e22990
* Group-IB hot fix integration (#30470) (#30878)
* test commit
* remove bt link
* Remove A in TI for yaml and md for indicator
* back yaml to default
* refactor yaml with cortex utils
* refactor md and yaml for feed
* remove bp/domain
* replace git_leak with git_repository
* Add new collection
Fix issue with date for TI
* remove changes outside the Packs
* Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json
* Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json
* Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json
* Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json
* Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json
* update release notes
* update logo
* update logo
* Revert "update release notes"
This reverts commit fc93e44461b3085c156c42a96e3f5aaf8efbe0af.
* revert microsocks
* fix compromised account issue
* adding RL
* Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/GroupIBTIA.py
* create release notes v1_3_12
* add test for compromised/account_group
* refactor changes in playbook
* fixed validation errors
* adding pragma no cover
* refactor RN
* add urllib exception
* fixing validation errors
* adding pragma no cover
* format
* fix lint test errors
* revert sentinel
* revert changes to azure sentinel
* fixing cloud machine ids processing (#29777)
* fixing cloud machine ids processing
* not exiting the installation script if we fail to install a pack. report an error but continue with the test playbook upload (#29759)
* Microsoft DNS Parsing Rule Drop (#29765)
* Updated ParsingRules
* Updated ReleaseNotes
* Updated ReleaseNotes
* Updated ReleaseNotes
* Updated pack_metadata
* Updated pack_metadata
* Updated pack_metadata
* Updated README
* Updated README
* Updated README
* [JoeSecurity] Pre-Commit (#29717)
* [pre-commit ruff] Align the entire repo with ruff #2 (#29754)
* [pre-commit ruff] Align the entire repo with ruff #2
* Add RN
* Update the docker image
* Don't checkout build files in pre-commit (#27900)
* is file up to date pre-commit
* Revert changes made by mistake
---------
* Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks (#29774)
* Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks
* RN
* fixed RN and 'NGFW Scan playbook'
* CiscoSMA- Added timeout parameter (#29372)
* fix
* add_tests
* fix_test_description
* fix_yml_add_readme
* fixes - add timeout to the client
* add timeout to yml
* revert changes
* Update CiscoSMA.py
* Update CiscoSMA.py
* CR review
* add RN
* fix CR review
* update docker image
* XSUP-27956/ Added EWS PS V3 Description (#29784)
* updated the description
* update rn
* Apply suggestions from code review
---------
* Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701)
* failed ut
* fix
* rn
* pre-commit
* pre commit
* just the fix
* fix description in yml
* fix
* docker
* Update Packs/Base/ReleaseNotes/1_32_34.md
* test
* test
* removed import
---------
* Wiz v1 2 11 (#29719)
* Wiz v1 2 11 (#29688)
* remove redundant parenthesis
* ../Packs/Wiz/Integrations/Wiz/Wiz.py
* add Wiz user agent
* rephrase release notes
* update pack metadata json
* rephrase release notes v2
* fix minor typos and update docker image
* Bump Docker version
---------
* [ASM] - Expander - Update ASM fields (4821) (#29702)
* [ASM] - Expander - Update ASM fields (4821) (#29506)
* Add missing comments to grid fields
- Update descriptions of fields as needed.
* Add release notes
* Add descriptions to two fields
- asmdevcheckdetails
- asmenrichmentstatus
* Update release notes.
* Grammar updates.
* Update release notes
* Add mandatory or optional in comments
* Update comments with mandatory
* Update pack version and release notes
* Add correct 1_6_33 release notes
* fix rn
* fix rn
---------
* Wildfire-upload-url add poling timeout argument (#29790)
* save adding timeout param
* new docker image
* added rn
* fix ruff
* ruff made me to do this fixes :( not related to my changes
* Update Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/2_1_35.md
* poetry files (#29793)
* Dra-cvss-color-fix (#29757)
* Fixed a small issue when indicator had no custom fields
* RN
* docker bump
* RN
* Update CVECVSSColor.py
* docker bump
* RN
* fixing typos in build scripts. (#29788)
unremovable -> non-removable
productname -> product_name
testplaybook -> test_playbook
changed some arg passing to use their full name:
-gpidd -gpidp
* mapping to standard stix values (#29785)
* mapping to standard stix values
* updated release notes
* update docker
* breaking json
* add dot
* Add the nightly_ruff file for run pre-commit with --all flag (#29684)
* Add the nightly_ruff file for run pre-commit with --all flag
* Add more rules; Add the error name
* Add E501
* Add F601, F842, TID252
* XSUP-27528 (#29705)
* add_tests
* add_tests
* add RN, fix tests, format yml
* Update Packs/CommonScripts/ReleaseNotes/1_12_24.md
* fix readme
* Bump pack from version CommonScripts to 1.12.25.
---------
* [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29802)
* [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29625)
* bumped docker version for axonius api client
* docker image
* remove the -
---------
* format
---------
* Updated native:8.4 image; Add auth-utils support (#29792)
* Fixed sc_task closing state (#29636)
* Fixed sc_task closing state
* Added release notes
* Updated docker image
* small fix
* bumped dokcer
* fixed rn
---------
* Private Compliance Packs (#29664)
* XSUP-27936 problem with regex (#29613)
* failed test
* fix
* rn
* rn
* unit test
* ut
* validations
* fixed test and docker
* fix
* validation
* Prisma Cloud V2 Add "usernames" Argument (#29710)
* add username arg
* support list
* update UT
* update README
* docker update
* update TPB
* Fortinet fortigate enhancement (#29655)
* Updated the readme for proofpoint fortigate.
* Modified the modeling rule.
* Modified the modeling rule and the schema file.
* Updated the release note.
* Update Packs/FortiGate/README.md
* Updated the modeling rule.
* Added tags to the readme.
* removed ftntfgtmastersrcmac and ftntfgtmasterdstmac from the mapping.
* updated the modeling rule and the schema file.
* updated the modeling rule
* updated the modeling rule
---------
* Add syslog example for War Room Actions (#29800)
* Graph Security Update (#29797)
* Updated MicrosoftGraphSecurity_schema
* Updated ReleaseNotes
* Updated ReleaseNotes
* [Dataminr Pulse] Release 106 (#29805)
* [Dataminr Pulse] Release 106 (#29693)
* Changes related to release v1.0.6
* Changes related to release v1.0.6
* Fixing Release Note related issue
---------
* Bump Docker version
---------
* [RecordedFuture] threat actor playbook update V2.5.1 (#29690) (#29807)
* Update Threat actor search playbook.
* Add release notes
* Fix formatting
* Change ExtractedIndicators to ExtractedIndicators\.File
* Fix release notes
---------
* [JoeSecurity] show partial result in polling commands (#29715)
* updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 (#29761)
* updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455
* Private Upload Mode - ThreatExchange v2 (#28249)
* ThreatExchange integration
* ThreatExchange updates
* Added param to instance configuration
* pre-commit
* updated RN
* RN test
* CR updates
* Removed Threat_Crowd
* Update Packs/ThreatExchange/ReleaseNotes/2_0_12.md
* docker
* format
* skip tests since theres no instance
* no testing instance
---------
* added plus 1 for each iteration in find destination (#29811)
* added plus 1 for each iteration in find destination (#29760)
* added plus 1 for each iteration in find destination
* added release notes
* Update Packs/Cisco-umbrella-cloud-security/ReleaseNotes/2_0_2.md
* updated docker image tag to latest
* updated unit test for pagination functions
* removed comments
---------
* Update 2_0_2.md
---------
* Mde list indicator filter (#29640)
* Mde list indicator filter (#29338)
* init indicator filter
* release notes
* latest docker image
* updated docker image
* minor fixes
* reslove conflicts
* resolve version conflicts
* silence linter
* format
* docker
* Apply suggestions from Shirley
* add period
* change phrase
* adding "is_mockable": false
* docker
* try change test playbook
* empty line
* docker
* return the mock
* Revert "return the mock"
This reverts commit da9baeff5cadddf2cd125fb073c266c867f465a5.
---------
* Audit Logs Endpoints Scripts Aligments for Xsoar-8 (#29781)
* test
* fix core api
* ExportAuditLogsToFile - add support for xsoar-8
* add ExportAuditLogsToFile UTs
* add forward audit logs uts
* update ut
* validation fixes
* mypy
* bump rns
* update docker
* update docker image
* fix ut
* format
* Bump pack from version CommonScripts to 1.12.25.
* Bump pack from version CommonScripts to 1.12.26.
* cr
* cr fixes
* update
* fix uts
---------
* Add command prisma-cloud-compute-get-file-integrity-events (#29608)
* Add command prisma-cloud-compute-get-file-integrity-events (#29187)
* Add command prisma-cloud-compute-get-file-integrity-events
* Incorporate changes from review comments. Add documentation and unit test.
* Add missing lines to YML file (add description of new command)
* Update docker image
* Incorporate changes from demo
* Update docker image
* fix validation
* fix validation
---------
* Bump pack from version PrismaCloudCompute to 1.4.10.
* [pre-commit ruff] Align the entire repo with ruff (#29603)
* Fix falls of the ruff hook
* pre-commit
* Fix B003 ruff error
* Fix ruff errors on Utils/update_playbook.py
* remove code to trigger upload on dev branches (#29621)
* [pre-commit pycln] Align the entire repo with pycln (#29611)
* Fix falls of the pycln hook
* pre-commit
* Fix unit test
* Add RN
* Fix validate in GetDomainDNSDetails
* fuff on GetDomainDNSDetails
* ignore mypy error in test_content.py:350
* Fix falls of the autopep8 hook (#29638)
* add marketplaces to metadata (#29629)
* Fixing AWS Project Number in ASM Cloud (#29593) (#29642)
* [MS Teams] support reset_graph_auth (#29644)
* fixed
* pre-commit
* update
* Recordedfuture threathunting v2.5.0 (#29641)
* Recordedfuture threathunting v2.5.0 (#29025)
* Add commands related to Automated Threat hunting
recordedfuture-threat-map
recordedfuture-threat-links
recordedfuture-detection-rules
* Add recordedfuture-collective-insight command. Change app version.
* Update README.md. Add release notes
* Add playbook. Add unittests
* Add unittests
* Fix test_collective_insight_command
* Remove incorrect release note
* Add documentation for threat actor search playbook
* update Recorded Future Threat actor search playbook. add release note about new playbook.
* Update release notes, fix formatting
* Format yml files
* Update Recorded future threat actor search playbook
* Update docker image
* Fix linter
---------
* Minor README fixes
---------
* [ASM] Expander 5777 (#29647)
* [ASM] Expander 5777 (#29619)
* first
* RN
* Bump pack from version CortexAttackSurfaceManagement to 1.6.36.
---------
* XDR Malware Enrichment - hotfix for usernames (split) (#29585)
* Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment
* Added RN
* remove irrelevant test
* Updated RN
* Bump pack from version CortexXDR to 5.1.6.
* Update Packs/CortexXDR/ReleaseNotes/5_1_6.md
---------
* Update Docker Image To demisto/pyjwt3 (#29656)
* Updated Metadata Of Pack Silverfort
* Added release notes to pack Silverfort
* Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update
* Update Docker Image To demisto/trustar (#29660)
* Updated Metadata Of Pack TruSTAR
* Added release notes to pack TruSTAR
* Update Docker Image To demisto/keeper-ksm (#29661)
* Updated Metadata Of Pack KeeperSecretsManager
* Added release notes to pack KeeperSecretsManager
* Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update
* Update Docker Image To demisto/py3-tools (#29654)
* Updated Metadata Of Pack Intezer
* Added release notes to pack Intezer
* Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update
* Updated Metadata Of Pack FeedMalwareBazaar
* Added release notes to pack FeedMalwareBazaar
* Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update
* Updated Metadata Of Pack FeedGCPWhitelist
* Added release notes to pack FeedGCPWhitelist
* Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update
* Updated Metadata Of Pack AccentureCTI_Feed
* Added release notes to pack AccentureCTI_Feed
* Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update
* Fix DS108
---------
* Update Docker Image To demisto/taxii-server (#29659)
* Updated Metadata Of Pack CybleThreatIntel
* Added release notes to pack CybleThreatIntel
* Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update
* Fix DS108
---------
* Update Docker Image To demisto/datadog-api-client (#29662)
* Updated Metadata Of Pack DatadogCloudSIEM
* Added release notes to pack DatadogCloudSIEM
* Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update
* Fix DS108
---------
* Add reliability parameter to cves and pipl integration (#28703)
* commiting PrismaCloudCompute
* release notes added
* changed couldcompute, CVESearchV2, pipl
* added pack metadata
* fixed pipl readme
* reverting changes in CVESearch since it was deprecated
* removed redundant
* committing pre commit changes
* added known words
* added known words
* fixed lint error
* changed according to review
* updated docker version in PrismaCloudCompute
* changed according to doc review
* Added condition for not receiving new incidents in the test playbook
* updating release notes
* reverting fetch changes
* fixed playbook
* formatted playbook
* new validation, new run
* new validation, new run
* Bump pack from version PrismaCloudCompute to 1.4.10.
* update the docker image
---------
* Proofpoint email security pack: update description (#29651)
* update description
* Updated the schema file.
* Updated the schema file.
---------
* Jira v2 deprecated (#29649)
* Deprecate to jira v2
* update RN
* update conf.json file
* add task to the Create Jira Issue playbook that check if jira v3 is enable
* add image.png of the playbook
* update the playbook (yml, readme, image) and RN
* Update Docker Image To demisto/python3 (#29652)
* Updated Metadata Of Pack PANOSPolicyOptimizer
* Added release notes to pack PANOSPolicyOptimizer
* Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update
* Updated Metadata Of Pack VMwareWorkspaceONEUEM
* Added release notes to pack VMwareWorkspaceONEUEM
* Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update
* Updated Metadata Of Pack CiscoSMA
* Added release notes to pack CiscoSMA
* Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update
* Updated Metadata Of Pack FeedThreatConnect
* Added release notes to pack FeedThreatConnect
* Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update
* Updated Metadata Of Pack BitSight
* Added release notes to pack BitSight
* Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update
* Updated Metadata Of Pack AWS-ILM
* Added release notes to pack AWS-ILM
* Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update
* Updated Metadata Of Pack CiscoWSA
* Added release notes to pack CiscoWSA
* Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update
* Updated Metadata Of Pack SysAid
* Added release notes to pack SysAid
* Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update
* Updated Metadata Of Pack ManageEngine_PAM360
* Added release notes to pack ManageEngine_PAM360
* Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update
* Updated Metadata Of Pack CiscoUmbrellaReporting
* Added release notes to pack CiscoUmbrellaReporting
* Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update
* Fix DS108
---------
* XSUP-27717/FortiSIEM (#29458)
* add tests
* add RN,fix,logs
* Update 2_0_21.md
* add period
* add a name to incident
* fixes CR
* update docker image
* delete logs
* CR fixes
* Update 2_0_21.md
* Update FortiSIEMV2.py
* reverting the Docker image (#29607)
* reverting the Docker image
* Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md
---------
* [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663)
* [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314)
* "pack contribution initial commit"
* Update RoksitDNSSecurityIntegrationSarp.py
* Update RoksitDNSSecurityIntegrationSarp.py
* Yehuda's version
* test module
* readme
* new logo
* Update RoksitDNSSecurityIntegrationSarp.yml
* Apply suggestions from code review
* Update RoksitDNSSecurityIntegrationSarp_description.md
* Update pack_metadata.json
* Update README.md
* Update pack_metadata.json
* Update pack_metadata.json
* Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json
* fixes
* change name
* folder name
* file names
* version
* rename sub folder
* remove (DNSSense) from the integration name
* rename folder
* docker
* replace image
* fix image name
---------
* rename image
---------
* add unstuck fetch stream command (#29646)
* add unstuck fetch stream command
* added RN
* fixes
* add note
* cr fixes
* fix conflicts
* reverts
* [pre-commit pycln] Align the entire repo with pycln #4 (#29665)
* Fix pycln errors
* Update the docker images
* Run demisto-sdk pre-commit
* Remove unnecessary recommendations from extensions.json (#29605)
* update extensions.json
* Update devcontainer.json
* Update recommendations list
* Zscaler-FW-Logs (#29094)
* Zscaler FW Logs Modeling Rules
* Zscaler FW logs Modeling Rules
* Updated README
* Updated ZscalerModelingRule_1_3
* Changed cs5 field name to cat
* Apply suggestions from code review
* Updated README
* Updated ModelingRules and Schema
* Updated ModelingRules and schema
* Updated ModelingRules
* Updated ModelingRules
---------
* PANOS - EXPANDR-5744 (#29223) (#29686)
* playbook updates
* RN, Readme, screenshot
* Apply suggestions from code review
* update RN
* bump ver
* more descriptive task
* bump ver
---------
* Audit alert fields fix (#29685)
* Add associated types to systemAssociatedTypes
* Add associated types to systemAssociatedTypes
* fix incident field structure
* RN
* Workday documentation fix (#29681)
* readme
* readme
* rn
* rn
* [Marketplace Contribution] Active Directory Query - Content Pack Update (#28633)
* [Marketplace Contribution] Active Directory Query - Content Pack Update (#27822)
* "contribution update to pack "Active Directory Query""
* revert changes
* rl
* remove files
* removed from rl
* Update pack_metadata.json
* Create 1_6_19.md
* Update 1_6_18.md
* Update 1_6_19.md
* Delete 1_6_19.md
* Update 1_6_18.md
* Update pack_metadata.json
* Update Active_Directory_Query.yml
removed duplicate section and type
* pass SERVER_IP as argument to test_credentials function
* Create 1_7_0.md
* Update pack_metadata.json
* Update README.md with ad-test-credentials info
* Update Active_Directory_Query.yml
* removed duplicate `type: 8` from ntlm
* removed duplicate types from integration settings
* removed duplicate description from ad-enable-account
* Update Active_Directory_Query.yml
* Update Active_Directory_Query.yml
* Update Active_Directory_Query.yml
* removing not relevant release note
* adding function
* update fucntion
* cr note
* adding NTLM_AUTH option
* Update Active_Directory_Query.py
* Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py
* cr notes
* update after merging from master
* reverting a change in olr rl
* added test_test_credentials unit test function
* fix unit test
* fixing unit tests
* fix unit test
* fixed lint errors
* Update Active_Directory_Query_test.py
* empty commit
* fix yml and docker file
* revert changes in send email manager
* fix yml
* fix
* fix validation error
* fixing in129
---------
* cr notes
* Bump pack from version Active_Directory_Query to 1.6.21.
* fix yml changes
* cr notes
* lint fixes
* fix test
* docker update
* Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md
* fix delete required
* Apply suggestions from code review
* fix test
* docker update
* rl
* empty commit
* docker update
* empty commit
* empty commit
* merge from master
* empty commit check
* revert changes
* Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml
* docker downgrade
* rl
* trying new docker image
* validate errors fix
* revert docker version
* [DS108] - Description must end with a period (".") - fix
* empty commit check
* empty commit check
---------
* Big query bug xsup 28132 (#29680)
* bug fix
* rn
* rn
* Apply suggestions from code review
* format
* pre commit
---------
* New Prisma Cloud v2 commands (#29323)
* resource list command
* limit results
* user roles list command
* pre commit
* users list command
* edit remediation commands
* UTs
* update README
* update RN
* pre commit fixes
* edit test playbook
* CR changes
* Demo changes -
remediate 406 raises error
new args for resource_list & user_roles
* fix test
* Apply suggestions from doc review
* fix test playbook
* Tomer's changes
---------
* Prisma Cloud Update (#29666)
* Updated ModelingRules
* Updated ReleaseNotes
* Updated ReleaseNotes
* Updated ModelingRules
* Updated ModelingRules
* Updated ModelingRules
* Bump pack from version PrismaCloud to 4.2.4.
---------
* Rapid7 appsec (#29134) (#29687)
* Revert "Add space to conf"
This reverts commit 3a74b931d31ae2b33e0e4570c7df7d06c668e9c8.
* Updated the packs category to *Authentication & Identity Management* (part 2) (#24876)
* Update Docker Image To demisto/fastapi (#24923)
* Updated Metadata Of Pack CyberArkIdentity
* Added release notes to pack CyberArkIdentity
* Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update
* Update Docker Image To demisto/lxml (#24924)
* Updated Metadata Of Pack TaniumThreatResponse
* Added release notes to pack TaniumThreatResponse
* Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update
* Update Docker Image To demisto/crypto (#24922)
* Updated Metadata Of Pack X509Certificate
* Added release notes to pack X509Certificate
* Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update
* Update Docker Image To demisto/python3 (#24921)
* Updated Metadata Of Pack Cybereason
* Added release notes to pack Cybereason
* Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update
* Updated Metadata Of Pack DNSDB
* Added release notes to pack DNSDB
* Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update
* Updated Metadata Of Pack DeepInstinct
* Added release notes to pack DeepInstinct
* Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update
* Updated Metadata Of Pack FeedCyrenThreatInDepth
* Added release notes to pack FeedCyrenThreatInDepth
* Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update
* Updated Metadata Of Pack IronDefense
* Added release notes to pack IronDefense
* Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update
* Updated Metadata Of Pack Qintel
* Added release notes to pack Qintel
* Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update
* Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update
* Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update
* Updated Metadata Of Pack QualysFIM
* Added release notes to pack QualysFIM
* Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update
* Updated Metadata Of Pack QutteraWebsiteMalwareScanner
* Added release notes to pack QutteraWebsiteMalwareScanner
* Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update
* Fixed mypy + validation
---------
* NGINXApiModule: fix logging typo (#24878)
* fix logging typo
* bump dependent packs
---------
* Downgrade docker to fix banner issue (#24905)
* Downgrade docker to fix banner issue
* Fix docs
* Add UT to prevent Docker bump
* Fix yml validation
* Adding vulnerability commands
* Fixing pagination page index
* Updating PR comments and Scan commands
* Updating ID in test data.
* Updating integration
* Updating integration
* Updating fromversion
* Updating linters
* Updating linters
* Updating git pre-commit
* Updating docstring
* Updating the handling of request when limit
* Removing get_pagination_params
* Updating integration
* Updating git-pre commit
* Updating integration
* Updating integration
* Updating unit test
* Updating docker image
* Updating integration
* Updating README version.
* Updating secrets
* Updating integration
* Updating integration
* Updating integration
* Updating docstrings
* Updating doc-review comments.
* Updating doc-review comments.
* Updating description
---------
* Panos add param (#29672)
* added param job_polling_max_num_attempts
* Added rn
* Added missing param type
Fixed unit tests
* added to readme
* fixed readme
* Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml
* fixed text and namings
* Bump pack from version PAN-OS to 2.1.8.
---------
* Fix proxy usage (#85) (#29630)
* Fix proxy usage (#85) (#29181)
* Fix proxy usage (#85)
* Fix proxy usage in ZF client
* Fix variable USE_SSL to verify requests
* Remove proxy object from client
Given that the proxy works by default with env vars, the proxy object
is not necessary
* Update version and add release notes
* Fix call to modified alerts (#86)
* Fix call to modified alerts
* Update docker image
* Fix tests associated with get modified data
* change rn
* fix validation
---------
* Missing dependencies when installing packs (#28989)
* search and install packs
---------
* Deprecate Picus Community (#29573)
* Merge branch 'master' into github_workflow_partner
# Conflicts:
# Utils/github_workflow_scripts/utils.py
* Merge branch 'master' into github_workflow_partner
# Conflicts:
# Utils/github_workflow_scripts/utils.py
* Picus NG display name
* Picus update
* Picus update
* Picus update
* Picus update
* Picus update
* Picus update
* Picus update
* Picus update
---------
* [ASM] - Expander - GCP Hierarchy field - 4376 (#29696) (#29704)
* Add assethierarchy field to GCP ASM playbook
* Add release notes
* Update field json
* fix merge
* update rn
* remove access code
* fix conflicts
* update docker
* fix validation
---------
* [Marketplace Contribution] Okta - Content Pack Update (#29650)
* [Marketplace Contribution] Okta - Content Pack Update (#29303)
* "contribution update to pack "Okta""
* minor fixes
* add outputs and readme
* add outputs description
* update docker
* change outputs
---------
* Fixing AWS Project Number in ASM Cloud (#29593) (#29642)
* [MS Teams] support reset_graph_auth (#29644)
* fixed
* pre-commit
* update
* Recordedfuture threathunting v2.5.0 (#29641)
* Recordedfuture threathunting v2.5.0 (#29025)
* Add commands related to Automated Threat hunting
recordedfuture-threat-map
recordedfuture-threat-links
recordedfuture-detection-rules
* Add recordedfuture-collective-insight command. Change app version.
* Update README.md. Add release notes
* Add playbook. Add unittests
* Add unittests
* Fix test_collective_insight_command
* Remove incorrect release note
* Add documentation for threat actor search playbook
* update Recorded Future Threat actor search playbook. add release note about new playbook.
* Update release notes, fix formatting
* Format yml files
* Update Recorded future threat actor search playbook
* Update docker image
* Fix linter
---------
* Minor README fixes
---------
* [ASM] Expander 5777 (#29647)
* [ASM] Expander 5777 (#29619)
* first
* RN
* Bump pack from version CortexAttackSurfaceManagement to 1.6.36.
---------
* XDR Malware Enrichment - hotfix for usernames (split) (#29585)
* Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment
* Added RN
* remove irrelevant test
* Updated RN
* Bump pack from version CortexXDR to 5.1.6.
* Update Packs/CortexXDR/ReleaseNotes/5_1_6.md
---------
* Update Docker Image To demisto/pyjwt3 (#29656)
* Updated Metadata Of Pack Silverfort
* Added release notes to pack Silverfort
* Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update
* Update Docker Image To demisto/trustar (#29660)
* Updated Metadata Of Pack TruSTAR
* Added release notes to pack TruSTAR
* Update Docker Image To demisto/keeper-ksm (#29661)
* Updated Metadata Of Pack KeeperSecretsManager
* Added release notes to pack KeeperSecretsManager
* Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update
* Update Docker Image To demisto/py3-tools (#29654)
* Updated Metadata Of Pack Intezer
* Added release notes to pack Intezer
* Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update
* Updated Metadata Of Pack FeedMalwareBazaar
* Added release notes to pack FeedMalwareBazaar
* Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update
* Updated Metadata Of Pack FeedGCPWhitelist
* Added release notes to pack FeedGCPWhitelist
* Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update
* Updated Metadata Of Pack AccentureCTI_Feed
* Added release notes to pack AccentureCTI_Feed
* Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update
* Fix DS108
---------
* Update Docker Image To demisto/taxii-server (#29659)
* Updated Metadata Of Pack CybleThreatIntel
* Added release notes to pack CybleThreatIntel
* Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update
* Fix DS108
---------
* Update Docker Image To demisto/datadog-api-client (#29662)
* Updated Metadata Of Pack DatadogCloudSIEM
* Added release notes to pack DatadogCloudSIEM
* Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update
* Fix DS108
---------
* Add reliability parameter to cves and pipl integration (#28703)
* commiting PrismaCloudCompute
* release notes added
* changed couldcompute, CVESearchV2, pipl
* added pack metadata
* fixed pipl readme
* reverting changes in CVESearch since it was deprecated
* removed redundant
* committing pre commit changes
* added known words
* added known words
* fixed lint error
* changed according to review
* updated docker version in PrismaCloudCompute
* changed according to doc review
* Added condition for not receiving new incidents in the test playbook
* updating release notes
* reverting fetch changes
* fixed playbook
* formatted playbook
* new validation, new run
* new validation, new run
* Bump pack from version PrismaCloudCompute to 1.4.10.
* update the docker image
---------
* Proofpoint email security pack: update description (#29651)
* update description
* Updated the schema file.
* Updated the schema file.
---------
* Jira v2 deprecated (#29649)
* Deprecate to jira v2
* update RN
* update conf.json file
* add task to the Create Jira Issue playbook that check if jira v3 is enable
* add image.png of the playbook
* update the playbook (yml, readme, image) and RN
* Update Docker Image To demisto/python3 (#29652)
* Updated Metadata Of Pack PANOSPolicyOptimizer
* Added release notes to pack PANOSPolicyOptimizer
* Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update
* Updated Metadata Of Pack VMwareWorkspaceONEUEM
* Added release notes to pack VMwareWorkspaceONEUEM
* Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update
* Updated Metadata Of Pack CiscoSMA
* Added release notes to pack CiscoSMA
* Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update
* Updated Metadata Of Pack FeedThreatConnect
* Added release notes to pack FeedThreatConnect
* Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update
* Updated Metadata Of Pack BitSight
* Added release notes to pack BitSight
* Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update
* Updated Metadata Of Pack AWS-ILM
* Added release notes to pack AWS-ILM
* Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update
* Updated Metadata Of Pack CiscoWSA
* Added release notes to pack CiscoWSA
* Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update
* Updated Metadata Of Pack SysAid
* Added release notes to pack SysAid
* Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update
* Updated Metadata Of Pack ManageEngine_PAM360
* Added release notes to pack ManageEngine_PAM360
* Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update
* Updated Metadata Of Pack CiscoUmbrellaReporting
* Added release notes to pack CiscoUmbrellaReporting
* Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update
* Fix DS108
---------
* XSUP-27717/FortiSIEM (#29458)
* add tests
* add RN,fix,logs
* Update 2_0_21.md
* add period
* add a name to incident
* fixes CR
* update docker image
* delete logs
* CR fixes
* Update 2_0_21.md
* Update FortiSIEMV2.py
* reverting the Docker image (#29607)
* reverting the Docker image
* Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md
---------
* [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663)
* [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314)
* "pack contribution initial commit"
* Update RoksitDNSSecurityIntegrationSarp.py
* Update RoksitDNSSecurityIntegrationSarp.py
* Yehuda's version
* test module
* readme
* new logo
* Update RoksitDNSSecurityIntegrationSarp.yml
* Apply suggestions from code review
* Update RoksitDNSSecurityIntegrationSarp_description.md
* Update pack_metadata.json
* Update README.md
* Update pack_metadata.json
* Update pack_metadata.json
* Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json
* fixes
* change name
* folder name
* file names
* version
* rename sub folder
* remove (DNSSense) from the integration name
* rename folder
* docker
* replace image
* fix image name
---------
* rename image
---------
* add unstuck fetch stream command (#29646)
* add unstuck fetch stream command
* added RN
* fixes
* add note
* cr fixes
* fix conflicts
* reverts
* [pre-commit pycln] Align the entire repo with pycln #4 (#29665)
* Fix pycln errors
* Update the docker images
* Run demisto-sdk pre-commit
* update docker
---------
* If-Elif Transformer (#27763)
* IfElif init
* minor changes
* parse single strings not json
* fixed regex
* fixed json bug
* removed context
* created eval blacklist
* added json KW to eval
* Update bucket-upload.yml
* added ast for parsing
* use hash for context grab
* added value arg
* quick
* added unit-tests
* added README.md
* added RN
* added flags arg; use dt for context grabbing
* fixed context grabbing
* added regex support
* finished readme
* finished readme 2
* added variables arg
* changed vars to upper
* changed to class
* prefixed variable bug
* some tests
* finished unit-tests
* completed tests
* finished docs
* finished docs in yml
* new design for 'value'
* unit-tests complete
* docs part 1
* docs complete
* added if-elif TPB
* fixed TPB
* fixed mypy error
* fixed mypy error
* fixed injection issue; added + op
* name changes
* added injection test in TPB
* CR changes
* error for unknown variables
* reformat 'from_context' func
* resolve conflicts
* demo changes
* demo changes part 2
* bug fix
* updated docker
* added list_compare flag
* added error catcher for comp funcs
* readme update; textArea for conditions
* resolve conflicts
* resolve conflicts
* updated docker
* name changes
* fixed unit-tests
* Apply suggestions from code review
* added missing flag to readme
* CR changes
* Apply suggestions from code review
* name changes
* added suppres_error behaviuor to docs
* Apply suggestions from code review
* updated docker
---------
* revert removal of release notes generator (#29828)
* revert
* validations
* rn
* search_and_install_packs.py - less strict when installing packs during nightly. should be reverted in (#29806)
* exit on error alignment.fixing echo message when exiting the uninstallation script. (#29821)
* exit on error alignment.
fixing echo message when exiting the uninstallation script.
* installing specific poetry version (#29812)
* installing specific poetry version - moving the logic to bootstrap
* Cs falcon detections revert (#29833)
* Revert "Cs falcon fetch limit issue (#29411)"
This reverts commit f7b7d5c6
* Revert "Cs limit in idp detections (#29550)"
This reverts commit 47738d56
* Added rn
* Added rn
* SQL Alchemy 2.x.x (#29436)
* MySQL and Postgress works
* MSSQL, My SQL and postgres works with bind_variables from the second form
* resolve conflicts
* fix CR's comments
* pre commit
* parsing the results
* Add UT
* same name and right docker
* RN
* sourcery
* another docker image
* revert docker image
* Update Packs/GenericSQL/ReleaseNotes/1_0_25.md
* Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py
* Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py
* Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py
* fix variable name
* constants
* mapping instead of conditions
* unskip Oracle TPB
* resolve conflicts
* resolve conflicts
* Constants
* Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py
* CR fixes
* Update Packs/GenericSQL/ReleaseNotes/1_1_0.md
* add commit after executing a query
* fix UT
* remove autocommit true from MSSQL
* fix UT
* autocommit for
MSSQL, commit for the others
* commit for the others DBs, since in MSSQL is automatically
* docker image
---------
* Generic playbooks fixes (#29711)
* fixes for generic playbooks
* fixes for generic playbooks
* fixes for generic playbooks
* Use Case Builder Development stage Field update (#29771) (#29825)
* pushing changes to the use case stage
* adding release notes
* Update pack_metadata.json
* Rename 1_1_0.md to 1_0_4.md
* Update 1_0_4.md
* Update 1_0_4.md
---------
* Add mapper and disable auto extraction for ThinkstCanary (#29756)
* Add Classification and Mapping to ThinkstCanary Integration
* Duo Mapping Enrichment (#29139)
* Updated DuoModelingRule_1_3
* Updated ModelingRules and ReleaseNotes
* Updated ModelingRules and ReleaseNotes
* Updated DuoModelingRule_1_3_schema and README
* Rev DuoModelingRule_1_3 | add DuoModelingRule_2_0
* Updated .yml and ReleaseNotes
* Updated DuoModelingRule_2_0
* Updated ReleaseNotes
* Updated .yml with toversion: 8.3.0
* Updated DuoModelingRule_2_0_schema
* Updated ModelingRules
* Updated ReleaseNotes
* Bump pack from version DuoAdminApi to 4.0.8.
* Updated DuoModelingRule_1_3
* azure
* Updated DuoModelingRule_2_0
* Updated DuoModelingRule_2_0
* Updated ParsingRules
* Updated ReleaseNotes
* Updated ReleaseNotes
* Updated ReleaseNotes
* Updated pack_metadata
* Updated pack_metadata
* Updated pack_metadata
* Updated README
* Updated README
* Updated README
* Updated ReleaseNotes
* Updated ReleaseNotes
* Updated DuoModelingRule_2_0
* Reverted MS packs
* Reverted MS packs
* Updated DuoModelingRule_1_3_schema
* Updated ReleaseNotes
* Update Packs/DuoAdminApi/ReleaseNotes/4_0_10.md
---------
* [AWS System Manager] New Pack (#28992)
* init - new pack
* 2 commands
* aws-ssm-inventory-entry-list
* list_associations_command
* remove boto stubs
* remove boto stubs
* improve
* poetry
* revert poetry
* aws-ssm-association-list
* aws-ssm-association-get
* aws-ssm-association-get
* aws-ssm-association-version-list
* format
* aws-ssm-document-list
* ruff
* ruff
* ssmclient test
* test
* doc get
* docs
* Update pyproject.toml
* Update poetry.lock
* Update .pre-commit-config_template.yaml
* regex
* aws-ssm-tag-remove
* improve
* aws-ssm-automation-execution-list
* pack
* aws-ssm-command-list
* aws-ssm-command-run aws-ssm-command-cancel
* ruff
* Apply suggestions from code review
* Apply suggestions from code review
* UT
* UT
* cr and docs
* black
* black and ruff
* format
* description
* format description
* pack metadata
* fix ut
* Apply suggestions from code review
* Apply suggestions from code review
* cr
* cr
* fix yml
* add outputs
* Update Packs/AWS_SystemManager/Integrations/AWSSystemManager/AWSSystemManager.py
* fix cr
* run command and fix UT
* automation run
* fix output add playbook
* docs
* docs
* docs
* docs
* ruff and black
* fix demo
* fix demo
* update docker and fix line to long
* Apply suggestions from code review (docs)
* cr fix
* update docker
* fix line
* Fix an issue
* Fix an issue
* Update playbook description
* Update docker
---------
* Fix splunk search in incident context (#29763)
* fixes
* fixes
* fixes
* update docker
* added rn
* add bc rn
* Empty-Commit
* Test For 'WildFire Malware' Playbook (#29404)
* Test For 'WildFire Malware' Playbook
* PR
* RN
* added the "is_mockable" config to the conf file
* removed the "is_mockable" config to the conf file
* Bump pack from version Core to 2.0.14.
* Bump pack from version Core to 2.0.15.
* Increased timeout configs
* Added VirusTotal to the conf file
* added virustotal instance name
* changed the 'AutoContainment' playbook input config to 'true'
* changed 'timeout'
* changed 'timeout'
* changed 'timeout' to 1600
* changed the 'ShouldCloseAutomatically' playbook input to 'false'
* added the test playbook name to the playbook YML file
* RN
* removed the close note alert field verification
* added the 'marketplacev2' to the test playbook YML file
* added the '000001e7a228b2a7abdf7f7e404bc8522df32b725e86907dde32176bccbbbb27' malicious file hash to secrets ignore file. the file hash is used within the test playbook for enrichment and test purposes.
---------
* update docker image (#29845)
* added functionallity to download index by marketplace (#29834)
* added functionallity to download index by marketplace
* added some logs for validation
* commit
* removed logs
* [pre-commit MyPy] Align the entire repo with MyPy #2 (#29799)
* [pre-commit MyPy] Align the entire repo with MyPy #2
* Add RN
* Revert changes in 1.12.26 RN
* Update the docker images
* [pre-commit MyPy] Align the entire repo with MyPy #1 (#29798)
* [pre-commit MyPy] Align the entire repo with MyPy #1
* Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701)
* failed ut
* fix
* rn
* pre-commit
* pre commit
* just the fix
* fix description in yml
* fix
* docker
* Update Packs/Base/ReleaseNotes/1_32_34.md
* test
* test
* removed import
---------
* Wiz v1 2 11 (#29719)
* Wiz v1 2 11 (#29688)
* remove redundant parenthesis
* ../Packs/Wiz/Integrations/Wiz/Wiz.py
* add Wiz user agent
* rephrase release notes
* update pack metadata json
* rephrase release notes v2
…
Co-authored-by: Daniil Lanskoy <[email protected]>
Co-authored-by: Mai Morag <[email protected]>
Co-authored-by: maimorag <[email protected]>
Co-authored-by: Koby Meir <[email protected]>
Co-authored-by: kobymeir <[email protected]>
Co-authored-by: eepstain <[email protected]>
Co-authored-by: ilaner <[email protected]>
Co-authored-by: Menachem Weinfeld <[email protected]>
Co-authored-by: dorschw <[email protected]>
Co-authored-by: Menachem Weinfeld <[email protected]>
Co-authored-by: TalNos <[email protected]>
Co-authored-by: sapir shuker <[email protected]>
Co-authored-by: Arad Carmi <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: EyalPintzov <[email protected]>
Co-authored-by: Dan Tavori <[email protected]>
Co-authored-by: content-bot <[email protected]>
Co-authored-by: Ariel Tobiana <[email protected]>
Co-authored-by: Michael Yochpaz <[email protected]>
Co-authored-by: John <[email protected]>
Co-authored-by: ostolero <[email protected]>
Co-authored-by: ostolero <[email protected]>
Co-authored-by: Darya Koval <[email protected]>
Co-authored-by: Content Bot <[email protected]>
Co-authored-by: Dror Avrahami <[email protected]>
Co-authored-by: Judah Schwartz <[email protected]>
Co-authored-by: Bryce Pedroza <[email protected]>
Co-authored-by: Yehuda <[email protected]>
Co-authored-by: samuelFain <[email protected]>
Co-authored-by: GuyAfik <[email protected]>
Co-authored-by: Shelly Tzohar <[email protected]>
Co-authored-by: Shahaf Ben Yakir <[email protected]>
Co-authored-by: sbenyakir <[email protected]>
Co-authored-by: tkatzir <[email protected]>
Co-authored-by: Adi Bamberger Edri <[email protected]>
Co-authored-by: yasta5 <[email protected]>
Co-authored-by: Crest Data Systems <[email protected]>
Co-authored-by: crestdatasystems <[email protected]>
Co-authored-by: Yaroslav Nestor <[email protected]>
Co-authored-by: darkushin <[email protected]>
Co-authored-by: Yehuda Rosenberg <[email protected]>
Co-authored-by: LiorQM <[email protected]>
Co-authored-by: RotemAmit <[email protected]>
Co-authored-by: ckaadic <[email protected]>
Co-authored-by: Guy Afik <[email protected]>
Co-authored-by: Ali Sawyer <[email protected]>
Co-authored-by: omerKarkKatz <[email protected]>
Co-authored-by: Yaakov Praisler <[email protected]>
Co-authored-by: Chait A <[email protected]>
Co-authored-by: johnnywilkes <[email protected]>
Co-authored-by: michal-dagan <[email protected]>
Co-authored-by: Ido van Dijk <[email protected]>
Co-authored-by: sberman <[email protected]>
Co-authored-by: DinaMeylakh <[email protected]>
Co-authored-by: Yehonatan Asta <[email protected]>
Co-authored-by: israelpoli <[email protected]>
Co-authored-by: xsoar-bot <[email protected]>
Co-authored-by: asimsarpkurt <[email protected]>
Co-authored-by: Yuval Hayun <[email protected]>
Co-authored-by: nkanon <[email protected]>
Co-authored-by: Eido Epstain <[email protected]>
Co-authored-by: Tomer Haimof <[email protected]>
Co-authored-by: Randy Baldwin <[email protected]>
Co-authored-by: Ron Hadad <[email protected]>
Co-authored-by: TalGumi <[email protected]>
Co-authored-by: Guy Lichtman <[email protected]>
Co-authored-by: glicht <[email protected]>
Co-authored-by: Andrew Shamah <[email protected]>
Co-authored-by: Felipe Garrido <[email protected]>
Co-authored-by: Edi Katsenelson <[email protected]>
Co-authored-by: Jacob Levy <[email protected]>
Co-authored-by: Yuval Cohen <[email protected]>
Co-authored-by: rshunim <[email protected]>
Co-authored-by: OmriItzhak <[email protected]>
Co-authored-by: Joe Cosgrove <[email protected]>
Co-authored-by: Shmuel Kroizer <[email protected]>
Co-authored-by: Israel Lappe <[email protected]>
Co-authored-by: Erez FelmanDar <[email protected]>
Co-authored-by: israelpolishook <[email protected]>
Co-authored-by: ArikDay <[email protected]>
Co-authored-by: Christopher Hultin <[email protected]>
Co-authored-by: Mike Beauchamp <[email protected]>
Co-authored-by: Moshe Galitzky <[email protected]>
* revert
* revert
* fixes
* fixes
* docker
* Mypy
* RN
* str
* Docker
---------
Co-authored-by: Daniil Lanskoy <[email protected]>
Co-authored-by: Mai Morag <[email protected]>
Co-authored-by: maimorag <[email protected]>
Co-authored-by: Koby Meir <[email protected]>
Co-authored-by: kobymeir <[email protected]>
Co-authored-by: eepstain <[email protected]>
Co-authored-by: ilaner <[email protected]>
Co-authored-by: Menachem Weinfeld <[email protected]>
Co-authored-by: dorschw <[email protected]>
Co-authored-by: Menachem Weinfeld <[email protected]>
Co-authored-by: TalNos <[email protected]>
Co-authored-by: sapir shuker <[email protected]>
Co-authored-by: Arad Carmi <[email protected]>
Co-authored-by: ShirleyDenkberg <[email protected]>
Co-authored-by: EyalPintzov <[email protected]>
Co-authored-by: Dan Tavori <[email protected]>
Co-authored-by: content-bot <[email protected]>
Co-authored-by: Ariel Tobiana <[email protected]>
Co-authored-by: Michael Yochpaz <[email protected]>
Co-authored-by: John <[email protected]>
Co-authored-by: ostolero <[email protected]>
Co-authored-by: ostolero <[email protected]>
Co-authored-by: Darya Koval <[email protected]>
Co-authored-by: Content Bot <[email protected]>
Co-authored-by: Dror Avrahami <[email protected]>
Co-authored-by: Judah Schwartz <[email protected]>
Co-authored-by: Bryce Pedroza <[email protected]>
Co-authored-by: Yehuda <[email protected]>
Co-authored-by: samuelFain <[email protected]>
Co-authored-by: GuyAfik <[email protected]>
Co-authored-by: Shelly Tzohar <[email protected]>
Co-authored-by: Shahaf Ben Yakir <[email protected]>
Co-authored-by: sbenyakir <[email protected]>
Co-authored-by: tkatzir <[email protected]>
Co-authored-by: Adi Bamberger Edri <[email protected]>
Co-authored-by: yasta5 <[email protected]>
Co-authored-by: Crest Data Systems <[email protected]>
Co-authored-by: crestdatasystems <[email protected]>
Co-authored-by: Yaroslav Nestor <[email protected]>
Co-authored-by: darkushin <[email protected]>
Co-authored-by: Yehuda Rosenberg <[email protected]>
Co-authored-by: LiorQM <[email protected]>
Co-authored-by: RotemAmit <[email protected]>
Co-authored-by: ckaadic <[email protected]>
Co-authored-by: Guy Afik <[email protected]>
Co-authored-by: Ali Sawyer <[email protected]>
Co-authored-by: omerKarkKatz <[email protected]>
Co-authored-by: Yaakov Praisler <[email protected]>
Co-authored-by: Chait A <[email protected]>
Co-authored-by: johnnywilkes <[email protected]>
Co-authored-by: michal-dagan <[email protected]>
Co-authored-by: Ido van Dijk <[email protected]>
Co-authored-by: sberman <[email protected]>
Co-authored-by: DinaMeylakh <[email protected]>
Co-authored-by: Yehonatan Asta <[email protected]>
Co-authored-by: israelpoli <[email protected]>
Co-authored-by: xsoar-bot <[email protected]>
Co-authored-by: asimsarpkurt <[email protected]>
Co-authored-by: Yuval Hayun <[email protected]>
Co-authored-by: nkanon <[email protected]>
Co-authored-by: Eido Epstain <[email protected]>
Co-authored-by: Tomer Haimof <[email protected]>
Co-authored-by: Randy Baldwin <[email protected]>
Co-authored-by: Ron Hadad <[email protected]>
Co-authored-by: TalGumi <[email protected]>
Co-authored-by: Guy Lichtman <[email protected]>
Co-authored-by: glicht <[email protected]>
Co-authored-by: Andrew Shamah <[email protected]>
Co-authored-by: Felipe Garrido <[email protected]>
Co-authored-by: Edi Katsenelson <[email protected]>
Co-authored-by: Jacob Levy <[email protected]>
Co-authored-by: Yuval Cohen <[email protected]>
Co-authored-by: rshunim <[email protected]>
Co-authored-by: OmriItzhak <[email protected]>
Co-authored-by: Joe Cosgrove <[email protected]>
Co-authored-by: Shmuel Kroizer <[email protected]>
Co-authored-by: Israel Lappe <[email protected]>
Co-authored-by: Erez FelmanDar <[email protected]>
Co-authored-by: israelpolishook <[email protected]>
Co-authored-by: ArikDay <[email protected]>
Co-authored-by: Christopher Hultin <[email protected]>
Co-authored-by: Mike Beauchamp <[email protected]>
Co-authored-by: Moshe Galitzky <[email protected]>
1 parent 4954b34 commit 3e22990Copy full SHA for 3e22990
File tree
15 files changed
+454
-805
lines changedFilter options
- Packs/GroupIB_ThreatIntelligenceAttribution
- IncidentTypes
- Integrations
- GroupIBTIA
- GroupIB_TIA_Feed
- Layouts
- Playbooks
- ReleaseNotes
- Scripts
- GIBIncidentUpdate
- GIBIncidentUpdateIncludingClosed
15 files changed
+454
-805
lines changedPacks/GroupIB_ThreatIntelligenceAttribution/IncidentTypes/incidenttype-GIB_Brand_Protection_Domain.json
Copy file name to clipboardExpand all lines: Packs/GroupIB_ThreatIntelligenceAttribution/IncidentTypes/incidenttype-GIB_Brand_Protection_Domain.json-44
This file was deleted.
Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/GroupIBTIA.py
Copy file name to clipboardExpand all lines: Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/GroupIBTIA.py+8-8
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
40 | 40 | | |
41 | 41 | | |
42 | 42 | | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
43 | 46 | | |
44 | 47 | | |
45 | 48 | | |
| |||
437 | 440 | | |
438 | 441 | | |
439 | 442 | | |
440 | | - | |
| 443 | + | |
441 | 444 | | |
442 | 445 | | |
443 | 446 | | |
| |||
839 | 842 | | |
840 | 843 | | |
841 | 844 | | |
842 | | - | |
| 845 | + | |
843 | 846 | | |
844 | 847 | | |
845 | 848 | | |
| |||
904 | 907 | | |
905 | 908 | | |
906 | 909 | | |
907 | | - | |
908 | | - | |
| 910 | + | |
| 911 | + | |
909 | 912 | | |
910 | 913 | | |
911 | 914 | | |
| |||
1032 | 1035 | | |
1033 | 1036 | | |
1034 | 1037 | | |
1035 | | - | |
| 1038 | + | |
1036 | 1039 | | |
1037 | 1040 | | |
1038 | 1041 | | |
1039 | 1042 | | |
1040 | 1043 | | |
1041 | 1044 | | |
1042 | | - | |
1043 | | - | |
1044 | | - | |
1045 | 1045 | | |
1046 | 1046 | | |
1047 | 1047 | | |
| |||
0 commit comments