From b8187aec9354292900cb49ff596453ae51e4e277 Mon Sep 17 00:00:00 2001 From: bigeasyj Date: Wed, 26 Jun 2024 11:54:00 -0500 Subject: [PATCH 01/11] Update RankServiceOwners task to check that "accounttype" does not exist for service owners --- .../Playbooks/Cortex_ASM_-_Service_Ownership.yml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_Service_Ownership.yml b/Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_Service_Ownership.yml index e64df58a8aae..d5b55fc84bbb 100644 --- a/Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_Service_Ownership.yml +++ b/Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_Service_Ownership.yml @@ -55,14 +55,11 @@ tasks: complex: root: alert.asmserviceownerunrankedraw filters: - - - left: - iscontext: true + - - operator: isNotExists + left: value: simple: alert.asmserviceownerunrankedraw.accounttype - operator: isNotEqualString - right: - value: - simple: SERVICE-ACCOUNT + iscontext: true asmsystemids: complex: root: alert.asmsystemids From 3d3cdfa5db7c86f03a97de878061b759b8e02bb2 Mon Sep 17 00:00:00 2001 From: bigeasyj Date: Wed, 26 Jun 2024 14:23:19 -0500 Subject: [PATCH 02/11] Update release notes --- Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md | 6 ++++++ Packs/CortexAttackSurfaceManagement/pack_metadata.json | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md diff --git a/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md b/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md new file mode 100644 index 000000000000..21babebd105c --- /dev/null +++ b/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md @@ -0,0 +1,6 @@ + +#### Playbooks + +##### Cortex ASM - Service Ownership + +Fixed an issue in the playbook where service owners where not found in the inputs for RankServiceOwners script. diff --git a/Packs/CortexAttackSurfaceManagement/pack_metadata.json b/Packs/CortexAttackSurfaceManagement/pack_metadata.json index d9e1d005439a..c73bc4124b8c 100644 --- a/Packs/CortexAttackSurfaceManagement/pack_metadata.json +++ b/Packs/CortexAttackSurfaceManagement/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cortex Attack Surface Management", "description": "Content for working with Attack Surface Management (ASM).", "support": "xsoar", - "currentVersion": "1.7.41", + "currentVersion": "1.7.42", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", From 84a91f4df972428a5a3de2aee70e22ea21ce3210 Mon Sep 17 00:00:00 2001 From: bigeasyj Date: Thu, 27 Jun 2024 12:03:02 -0500 Subject: [PATCH 03/11] Update RankServiceOwners task owners argument --- .../Playbooks/Cortex_ASM_-_Service_Ownership.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_Service_Ownership.yml b/Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_Service_Ownership.yml index d5b55fc84bbb..15a57d5c3295 100644 --- a/Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_Service_Ownership.yml +++ b/Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_Service_Ownership.yml @@ -60,6 +60,14 @@ tasks: value: simple: alert.asmserviceownerunrankedraw.accounttype iscontext: true + - operator: isNotEqualString + left: + value: + simple: alert.asmserviceownerunrankedraw.accounttype + iscontext: true + right: + value: + simple: SERVICE-ACCOUNT asmsystemids: complex: root: alert.asmsystemids From ce67cef896c71a2a9629b83a1e6e8f94c06d8184 Mon Sep 17 00:00:00 2001 From: bigeasyj Date: Thu, 27 Jun 2024 17:28:05 -0500 Subject: [PATCH 04/11] Update Ranking Score key in asmserviceowner field --- .../IncidentFields/incidentfield-ASM_-_Service_Owner.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Packs/CortexAttackSurfaceManagement/IncidentFields/incidentfield-ASM_-_Service_Owner.json b/Packs/CortexAttackSurfaceManagement/IncidentFields/incidentfield-ASM_-_Service_Owner.json index c245184d174d..3bf3dfbf917f 100644 --- a/Packs/CortexAttackSurfaceManagement/IncidentFields/incidentfield-ASM_-_Service_Owner.json +++ b/Packs/CortexAttackSurfaceManagement/IncidentFields/incidentfield-ASM_-_Service_Owner.json @@ -65,7 +65,7 @@ "fieldCalcScript": "", "isDefault": true, "isReadOnly": false, - "key": "rankingscore", + "key": "ranking_score", "orgType": "shortText", "required": false, "script": "", From a6b194c613cd7e7792b4b0b779eb10e81f9fee3e Mon Sep 17 00:00:00 2001 From: bigeasyj Date: Thu, 27 Jun 2024 17:29:40 -0500 Subject: [PATCH 05/11] Update ReadMe --- Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md b/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md index 21babebd105c..df151caf7b14 100644 --- a/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md +++ b/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md @@ -4,3 +4,7 @@ ##### Cortex ASM - Service Ownership Fixed an issue in the playbook where service owners where not found in the inputs for RankServiceOwners script. + +#### Incident Fields + +Fixed an issue in **ASM - Service Owner** field where the scoring key was invalid. From 50e2f7ad955bf53b197fe42cc134628b727a2ecb Mon Sep 17 00:00:00 2001 From: bigeasyj Date: Fri, 28 Jun 2024 12:34:17 -0500 Subject: [PATCH 06/11] Update ReadMe --- Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md b/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md index df151caf7b14..a1ebf43f7054 100644 --- a/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md +++ b/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md @@ -7,4 +7,4 @@ Fixed an issue in the playbook where service owners where not found in the input #### Incident Fields -Fixed an issue in **ASM - Service Owner** field where the scoring key was invalid. +- **ASM - Service Owner** - Fixed an issue in **ASM - Service Owner** field where the scoring key was invalid. From d2768a43f102a28904463dffb30badd45ca71f21 Mon Sep 17 00:00:00 2001 From: bigeasyj Date: Tue, 2 Jul 2024 10:09:40 -0500 Subject: [PATCH 07/11] Update release notes --- Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md b/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md index a1ebf43f7054..05ace1267a05 100644 --- a/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md +++ b/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md @@ -7,4 +7,6 @@ Fixed an issue in the playbook where service owners where not found in the input #### Incident Fields -- **ASM - Service Owner** - Fixed an issue in **ASM - Service Owner** field where the scoring key was invalid. +- **ASM - Service Owner** + +- Fixed an issue in **ASM - Service Owner** field where the scoring key was invalid. From 23116699ef74e6afa35199cb83be873686a8925f Mon Sep 17 00:00:00 2001 From: John <40349459+BigEasyJ@users.noreply.github.com> Date: Tue, 9 Jul 2024 08:36:07 -0500 Subject: [PATCH 08/11] Update Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --- Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md b/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md index 05ace1267a05..a415cbd21791 100644 --- a/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md +++ b/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md @@ -3,7 +3,7 @@ ##### Cortex ASM - Service Ownership -Fixed an issue in the playbook where service owners where not found in the inputs for RankServiceOwners script. +Fixed an issue in the playbook where service owners where not found in the inputs for the RankServiceOwners script. #### Incident Fields From 421921e08d60885cdc66ce7afcb4d4624fb534f8 Mon Sep 17 00:00:00 2001 From: John <40349459+BigEasyJ@users.noreply.github.com> Date: Tue, 9 Jul 2024 08:36:45 -0500 Subject: [PATCH 09/11] Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --- Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md b/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md index a415cbd21791..fc876aad0b77 100644 --- a/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md +++ b/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md @@ -7,6 +7,6 @@ Fixed an issue in the playbook where service owners where not found in the input #### Incident Fields -- **ASM - Service Owner** +**ASM - Service Owner** -- Fixed an issue in **ASM - Service Owner** field where the scoring key was invalid. +Fixed an issue in the **ASM - Service Owner** field where the scoring key was invalid. From a1ad4e2acb784ed8175300f6484a31a8961b8be2 Mon Sep 17 00:00:00 2001 From: bigeasyj Date: Wed, 10 Jul 2024 13:59:20 -0500 Subject: [PATCH 10/11] Update release notes --- .../ReleaseNotes/{1_7_42.md => 1_7_43.md} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename Packs/CortexAttackSurfaceManagement/ReleaseNotes/{1_7_42.md => 1_7_43.md} (100%) diff --git a/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md b/Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_43.md similarity index 100% rename from Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md rename to Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_43.md From f08caa7d9ebb21a690abfcb5cf82ceab10e73bfa Mon Sep 17 00:00:00 2001 From: bigeasyj Date: Fri, 12 Jul 2024 06:12:25 -0500 Subject: [PATCH 11/11] Update Release Version --- Packs/CortexAttackSurfaceManagement/pack_metadata.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Packs/CortexAttackSurfaceManagement/pack_metadata.json b/Packs/CortexAttackSurfaceManagement/pack_metadata.json index c73bc4124b8c..28480e5698b0 100644 --- a/Packs/CortexAttackSurfaceManagement/pack_metadata.json +++ b/Packs/CortexAttackSurfaceManagement/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cortex Attack Surface Management", "description": "Content for working with Attack Surface Management (ASM).", "support": "xsoar", - "currentVersion": "1.7.42", + "currentVersion": "1.7.43", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "",