diff --git a/Packs/PAN-OS/Integrations/Panorama/Panorama.py b/Packs/PAN-OS/Integrations/Panorama/Panorama.py index 1ecf7629bf2e..2f4297ffd8f0 100644 --- a/Packs/PAN-OS/Integrations/Panorama/Panorama.py +++ b/Packs/PAN-OS/Integrations/Panorama/Panorama.py @@ -2227,11 +2227,16 @@ def panorama_edit_address_group_command(args: dict): addresses_param: str addresses_path: str result: Any + addresses = [] if type_ == 'dynamic': if not match: raise Exception('To edit a Dynamic Address group, Please provide a match.') match_param = add_argument_open(match, 'filter', False) match_path = f"{XPATH_OBJECTS}address-group/entry[@name=\'{address_group_name}\']/dynamic/filter" + else: + match_param = "" + match_path = "" + demisto.debug(f"{type_=} -> {match_param=} {match_path=}") if type_ == 'static': if (element_to_add and element_to_remove) or (not element_to_add and not element_to_remove): @@ -2253,6 +2258,10 @@ def panorama_edit_address_group_command(args: dict): ) addresses_param = add_argument_list(addresses, 'member', False) addresses_path = f"{XPATH_OBJECTS}address-group/entry[@name=\'{address_group_name}\']/static" + else: + addresses_param = "" + addresses_path = "" + demisto.debug(f"{type_=} -> {addresses_param=} {addresses_path=}") description = args.get('description') tags = argToList(args['tags']) if 'tags' in args else None @@ -2270,6 +2279,7 @@ def panorama_edit_address_group_command(args: dict): if DEVICE_GROUP: address_group_output['DeviceGroup'] = DEVICE_GROUP + result = None if type_ == 'dynamic' and match: params['xpath'] = match_path params['element'] = match_param @@ -14354,6 +14364,9 @@ def profile_exception_crud_requests(args: dict, action_type: str) -> Any: 'xpath': xpath, 'key': API_KEY, } + else: + params = {} + demisto.debug(f"{action_type=} -> {params=}") try: raw_response = http_request(URL, 'GET', params=params) diff --git a/Packs/PAN-OS/ReleaseNotes/2_3_3.md b/Packs/PAN-OS/ReleaseNotes/2_3_3.md new file mode 100644 index 000000000000..016b5aabf87d --- /dev/null +++ b/Packs/PAN-OS/ReleaseNotes/2_3_3.md @@ -0,0 +1,4 @@ +#### Integrations + +##### Palo Alto Networks PAN-OS +Code functionality improvements. \ No newline at end of file diff --git a/Packs/PAN-OS/pack_metadata.json b/Packs/PAN-OS/pack_metadata.json index c62a8079cb43..3ea77c6b2f1a 100644 --- a/Packs/PAN-OS/pack_metadata.json +++ b/Packs/PAN-OS/pack_metadata.json @@ -2,7 +2,7 @@ "name": "PAN-OS by Palo Alto Networks", "description": "Manage Palo Alto Networks Firewall and Panorama. Use this pack to manage Prisma Access through Panorama. For more information see Panorama documentation.", "support": "xsoar", - "currentVersion": "2.3.2", + "currentVersion": "2.3.3", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/PaloAltoNetworks_SecurityAdvisories/ReleaseNotes/1_0_9.md b/Packs/PaloAltoNetworks_SecurityAdvisories/ReleaseNotes/1_0_9.md new file mode 100644 index 000000000000..fec86a040642 --- /dev/null +++ b/Packs/PaloAltoNetworks_SecurityAdvisories/ReleaseNotes/1_0_9.md @@ -0,0 +1,5 @@ +#### Scripts + +##### CheckPanosVersionAffected +- Code functionality improvements. +- Updated the Docker image to: *demisto/python3:3.11.11.1940698*. \ No newline at end of file diff --git a/Packs/PaloAltoNetworks_SecurityAdvisories/Scripts/CheckPanosVersionAffected/CheckPanosVersionAffected.py b/Packs/PaloAltoNetworks_SecurityAdvisories/Scripts/CheckPanosVersionAffected/CheckPanosVersionAffected.py index 17df26e2bffd..b12c0451bc48 100644 --- a/Packs/PaloAltoNetworks_SecurityAdvisories/Scripts/CheckPanosVersionAffected/CheckPanosVersionAffected.py +++ b/Packs/PaloAltoNetworks_SecurityAdvisories/Scripts/CheckPanosVersionAffected/CheckPanosVersionAffected.py @@ -50,6 +50,12 @@ def return_result_dataclass(result: list[Advisory]): summary_list = [vars(x) for x in result] title = result[0]._title output_prefix = result[0]._output_prefix + else: + title = '' + summary_list = [] + outputs = [] + output_prefix = '' + demisto.debug(f"The result isn't of type list. {title=} {summary_list=} {outputs=} {output_prefix=}") readable_output = tableToMarkdown(title, summary_list) command_result = CommandResults( diff --git a/Packs/PaloAltoNetworks_SecurityAdvisories/Scripts/CheckPanosVersionAffected/CheckPanosVersionAffected.yml b/Packs/PaloAltoNetworks_SecurityAdvisories/Scripts/CheckPanosVersionAffected/CheckPanosVersionAffected.yml index 1b8d5fac5ef9..7b23bea7fe8f 100644 --- a/Packs/PaloAltoNetworks_SecurityAdvisories/Scripts/CheckPanosVersionAffected/CheckPanosVersionAffected.yml +++ b/Packs/PaloAltoNetworks_SecurityAdvisories/Scripts/CheckPanosVersionAffected/CheckPanosVersionAffected.yml @@ -43,7 +43,7 @@ script: '-' subtype: python3 timeout: '0' type: python -dockerimage: demisto/python3:3.11.10.115186 +dockerimage: demisto/python3:3.11.11.1940698 fromversion: 5.5.0 tests: - No tests (auto formatted) diff --git a/Packs/PaloAltoNetworks_SecurityAdvisories/pack_metadata.json b/Packs/PaloAltoNetworks_SecurityAdvisories/pack_metadata.json index 49ab19444d90..88fa7274280b 100644 --- a/Packs/PaloAltoNetworks_SecurityAdvisories/pack_metadata.json +++ b/Packs/PaloAltoNetworks_SecurityAdvisories/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Security Advisories by Palo Alto Networks", "description": "Search CVE details from the Palo Alto Security Advisories website.", "support": "xsoar", - "currentVersion": "1.0.8", + "currentVersion": "1.0.9", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/PaloAltoNetworks_Threat_Vault/Integrations/ThreatVaultv2/ThreatVaultv2.py b/Packs/PaloAltoNetworks_Threat_Vault/Integrations/ThreatVaultv2/ThreatVaultv2.py index c537e239da0b..8d9c6beb7ab4 100644 --- a/Packs/PaloAltoNetworks_Threat_Vault/Integrations/ThreatVaultv2/ThreatVaultv2.py +++ b/Packs/PaloAltoNetworks_Threat_Vault/Integrations/ThreatVaultv2/ThreatVaultv2.py @@ -560,7 +560,8 @@ def file_command(client: Client, args: Dict) -> List[CommandResults]: """ Get the reputation of a sha256 or a md5 representing an antivirus """ - + readable_output = "" + file_info: dict = {} hashes = argToList(args.get("file")) command_results_list: List[CommandResults] = [] dbot_reliability = DBotScoreReliability.get_dbot_score_reliability_from_str( @@ -592,7 +593,7 @@ def file_command(client: Client, args: Dict) -> List[CommandResults]: readable_output = ( f"Hash {_hash} antivirus reputation is unknown to Threat Vault." ) - file_info = None + file_info = {} else: raise @@ -622,6 +623,9 @@ def file_command(client: Client, args: Dict) -> List[CommandResults]: headers=HEADERS_FILE, removeNull=True, ) + else: + file = Common.File(dbot_score=0) + demisto.debug("No response. Initialized file variable.") command_results = CommandResults( readable_output=readable_output, @@ -636,7 +640,8 @@ def file_command(client: Client, args: Dict) -> List[CommandResults]: def cve_command(client: Client, args: Dict) -> List[CommandResults]: - + readable_output = "" + _cve = None cves = argToList(args.get("cve")) command_results_list: List[CommandResults] = [] diff --git a/Packs/PaloAltoNetworks_Threat_Vault/Integrations/ThreatVaultv2/ThreatVaultv2.yml b/Packs/PaloAltoNetworks_Threat_Vault/Integrations/ThreatVaultv2/ThreatVaultv2.yml index 212faba0d6b5..15822d208fcb 100644 --- a/Packs/PaloAltoNetworks_Threat_Vault/Integrations/ThreatVaultv2/ThreatVaultv2.yml +++ b/Packs/PaloAltoNetworks_Threat_Vault/Integrations/ThreatVaultv2/ThreatVaultv2.yml @@ -1295,7 +1295,7 @@ script: - contextPath: ThreatVault.ATP.PCAP.Name description: Threatvault ATP PCAP name. type: string - dockerimage: demisto/crypto:1.0.0.114611 + dockerimage: demisto/crypto:1.0.0.117163 isfetch: true script: '' subtype: python3 diff --git a/Packs/PaloAltoNetworks_Threat_Vault/ReleaseNotes/2_0_17.md b/Packs/PaloAltoNetworks_Threat_Vault/ReleaseNotes/2_0_17.md new file mode 100644 index 000000000000..9b40d7cd8a91 --- /dev/null +++ b/Packs/PaloAltoNetworks_Threat_Vault/ReleaseNotes/2_0_17.md @@ -0,0 +1,5 @@ +#### Integrations + +##### Palo Alto Networks Threat Vault v2 +- Code functionality improvements. +- Updated the Docker image to: *demisto/crypto:1.0.0.117163*. \ No newline at end of file diff --git a/Packs/PaloAltoNetworks_Threat_Vault/pack_metadata.json b/Packs/PaloAltoNetworks_Threat_Vault/pack_metadata.json index 1da800b5675c..709b5a677d5d 100644 --- a/Packs/PaloAltoNetworks_Threat_Vault/pack_metadata.json +++ b/Packs/PaloAltoNetworks_Threat_Vault/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Threat Vault by Palo Alto Networks", "description": "Use the Palo Alto Networks Threat Vault to research the latest threats (vulnerabilities/exploits, viruses, and spyware) that Palo Alto Networks next-generation firewalls can detect and prevent.", "support": "xsoar", - "currentVersion": "2.0.16", + "currentVersion": "2.0.17", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/Palo_Alto_Networks_Enterprise_DLP/ReleaseNotes/2_0_15.md b/Packs/Palo_Alto_Networks_Enterprise_DLP/ReleaseNotes/2_0_15.md new file mode 100644 index 000000000000..9d653a43fbe7 --- /dev/null +++ b/Packs/Palo_Alto_Networks_Enterprise_DLP/ReleaseNotes/2_0_15.md @@ -0,0 +1,5 @@ +#### Scripts + +##### DlpAskFeedback +- Code functionality improvements. +- Updated the Docker image to: *demisto/python3:3.11.11.1940698*. \ No newline at end of file diff --git a/Packs/Palo_Alto_Networks_Enterprise_DLP/Scripts/DlpAskFeedback/DlpAskFeedback.py b/Packs/Palo_Alto_Networks_Enterprise_DLP/Scripts/DlpAskFeedback/DlpAskFeedback.py index c97658d722c6..80174d8fa5cd 100644 --- a/Packs/Palo_Alto_Networks_Enterprise_DLP/Scripts/DlpAskFeedback/DlpAskFeedback.py +++ b/Packs/Palo_Alto_Networks_Enterprise_DLP/Scripts/DlpAskFeedback/DlpAskFeedback.py @@ -59,8 +59,7 @@ def create_blocks(message: str, entitlement: str, reply: str) -> list: def send_slack_message(entitlement, task, user_id, message): lifetime = '1 day' expiry_date = dateparser.parse('in ' + lifetime, settings={'TIMEZONE': 'UTC'}) - if expiry_date: - expiry = datetime.strftime(expiry_date, DATE_FORMAT) + expiry = datetime.strftime(expiry_date, DATE_FORMAT) if expiry_date else None entitlement_string = f'{entitlement}@{demisto.investigation().get("id")}' if task: diff --git a/Packs/Palo_Alto_Networks_Enterprise_DLP/Scripts/DlpAskFeedback/DlpAskFeedback.yml b/Packs/Palo_Alto_Networks_Enterprise_DLP/Scripts/DlpAskFeedback/DlpAskFeedback.yml index 2fe411365328..3ab349641b14 100644 --- a/Packs/Palo_Alto_Networks_Enterprise_DLP/Scripts/DlpAskFeedback/DlpAskFeedback.yml +++ b/Packs/Palo_Alto_Networks_Enterprise_DLP/Scripts/DlpAskFeedback/DlpAskFeedback.yml @@ -58,7 +58,7 @@ dependson: should: - SlackV3|||send-notification runonce: false -dockerimage: demisto/python3:3.11.10.115186 +dockerimage: demisto/python3:3.11.11.1940698 runas: DBotWeakRole fromversion: 5.5.0 tests: diff --git a/Packs/Palo_Alto_Networks_Enterprise_DLP/pack_metadata.json b/Packs/Palo_Alto_Networks_Enterprise_DLP/pack_metadata.json index b32632997cc8..1061af8c1044 100644 --- a/Packs/Palo_Alto_Networks_Enterprise_DLP/pack_metadata.json +++ b/Packs/Palo_Alto_Networks_Enterprise_DLP/pack_metadata.json @@ -5,7 +5,7 @@ "support": "xsoar", "author": "Palo Alto Networks Enterprise DLP", "url": "https://www.paloaltonetworks.com/enterprise-data-loss-prevention", - "currentVersion": "2.0.14", + "currentVersion": "2.0.15", "categories": [ "Network Security" ], diff --git a/Packs/PicusAutomation/Integrations/Picus/Picus.py b/Packs/PicusAutomation/Integrations/Picus/Picus.py index 29ce6b5e8bf5..9f90da058f85 100644 --- a/Packs/PicusAutomation/Integrations/Picus/Picus.py +++ b/Packs/PicusAutomation/Integrations/Picus/Picus.py @@ -295,6 +295,8 @@ def getThreatResults(): vector_name = attacker_peer + " - " + victim_peer vectors_results = picus_threat_json_result["vectors"] + threat_result = "" + last_time = "" for i in range(len(vectors_results)): if vectors_results[i]["name"] == vector_name: variants_results = vectors_results[i]["variants"] diff --git a/Packs/PicusAutomation/Integrations/Picus/Picus.yml b/Packs/PicusAutomation/Integrations/Picus/Picus.yml index 2821056e00b0..d4fbba8a5865 100644 --- a/Packs/PicusAutomation/Integrations/Picus/Picus.yml +++ b/Packs/PicusAutomation/Integrations/Picus/Picus.yml @@ -36,7 +36,7 @@ script: name: picus-get-vector-list outputs: - contextPath: Picus.vectorlist.description - description: Description info of the vector + description: Description info of the vector. type: String - contextPath: Picus.vectorlist.heartbeat_results.is_successful description: Was the heartbeat end successfully? @@ -45,7 +45,7 @@ script: description: On which module did the heartbeat executed? type: String - contextPath: Picus.vectorlist.heartbeat_results.result_time - description: When the heartbeat is executed? (End time) + description: When the heartbeat is executed? (End time). type: Date - contextPath: Picus.vectorlist.heartbeat_results.variant description: On which variant did the heartbeat executed? @@ -54,19 +54,19 @@ script: description: Is the vector status disabled? type: Boolean - contextPath: Picus.vectorlist.name - description: Name of the vector + description: Name of the vector. type: String - contextPath: Picus.vectorlist.trusted - description: Trusted peer name + description: Trusted peer name. type: String - contextPath: Picus.vectorlist.type - description: 'Type of the vector, if error is encountered, "Unknown" is returned. Other valid values are: "Network", "Email, "Endpoint"' + description: 'Type of the vector, if error is encountered, "Unknown" is returned. Other valid values are: "Network", "Email, "Endpoint".' type: String - contextPath: Picus.vectorlist.untrusted - description: Untrusted peer name + description: Untrusted peer name. type: String - contextPath: Picus.vectorlist.users - description: Users assigned to this vector + description: Users assigned to this vector. type: Unknown - description: Returns the peer list with current statuses. name: picus-get-peer-list @@ -75,16 +75,16 @@ script: description: Is Peer Alive? type: Boolean - contextPath: Picus.peerlist.latest_attack - description: Latest Attack Time of the Peer + description: Latest Attack Time of the Peer. type: Date - contextPath: Picus.peerlist.name - description: Peer Name + description: Peer Name. type: String - contextPath: Picus.peerlist.registered_ip - description: IP of the peer + description: IP of the peer. type: String - contextPath: Picus.peerlist.type - description: Peer's Type + description: Peer's Type. type: String - arguments: - description: Untrusted peer name. @@ -103,64 +103,64 @@ script: name: picus-get-attack-results outputs: - contextPath: Picus.attackresults.results.threat_ids - description: Threat ID List + description: Threat ID List. type: String - contextPath: Picus.attackresults.results.begin_time - description: begin time of the attack + description: begin time of the attack. type: Date - contextPath: Picus.attackresults.results.destination_port - description: Value "0" indicates it is not applicable such as all vector types except network + description: Value "0" indicates it is not applicable such as all vector types except network. type: Number - contextPath: Picus.attackresults.results.end_time - description: end time of the attack + description: end time of the attack. type: Date - contextPath: Picus.attackresults.results.id - description: id + description: id. type: Number - contextPath: Picus.attackresults.results.l1_category_name - description: Level 1 Category Name of the attack + description: Level 1 Category Name of the attack. type: String - contextPath: Picus.attackresults.results.scenario_details.action_id - description: Action ID of the threat scenario action + description: Action ID of the threat scenario action. type: Number - contextPath: Picus.attackresults.results.scenario_details.action_name - description: Action Name of the threat scenario action + description: Action Name of the threat scenario action. type: String - contextPath: Picus.attackresults.results.scenario_details.end - description: The time attack ended + description: The time attack ended. type: Date - contextPath: Picus.attackresults.results.scenario_details.id - description: Primary key + description: Primary key. type: Number - contextPath: Picus.attackresults.results.scenario_details.process_results - description: ' Process Results(play and rewind)' + description: 'Process Results(play and rewind).' type: Unknown - contextPath: Picus.attackresults.results.scenario_details.result - description: Final result of the scenario action + description: Final result of the scenario action. type: String - contextPath: Picus.attackresults.results.scenario_details.technique_id - description: Technique ID of the threat scenario action + description: Technique ID of the threat scenario action. type: String - contextPath: Picus.attackresults.results.source_port - description: Value "0" indicates it is not applicable such as all vector types except network and wats attacks + description: Value "0" indicates it is not applicable such as all vector types except network and wats attacks. type: Number - contextPath: Picus.attackresults.results.string - description: Attack Result + description: Attack Result. type: String - contextPath: Picus.attackresults.results.threat_id - description: Threat ID of the attack + description: Threat ID of the attack. type: Number - contextPath: Picus.attackresults.results.threat_name - description: Threat Name of the attack + description: Threat Name of the attack. type: String - contextPath: Picus.attackresults.results.trusted - description: Trusted peer name + description: Trusted peer name. type: String - contextPath: Picus.attackresults.results.untrusted - description: Untrusted peer name + description: Untrusted peer name. type: String - contextPath: Picus.attackresults.results.variant - description: Variant info + description: Variant info. type: String - arguments: - description: Threat ID list ("111,222,333,...") or single threat ID can be given. @@ -173,7 +173,7 @@ script: name: victim_peer required: true - auto: PREDEFINED - description: This parameter can be HTTP or HTTPS. Example variant=HTTP + description: This parameter can be HTTP or HTTPS. Example variant=HTTP. name: variant predefined: - HTTP @@ -183,7 +183,7 @@ script: name: picus-run-attacks outputs: - contextPath: Picus.runattacks - description: IDs of the assessed attacks + description: IDs of the assessed attacks. type: String - arguments: - description: Threat ID list ("111,222,333,...") or single threat ID can be given. @@ -196,7 +196,7 @@ script: name: victim_peer required: true - auto: PREDEFINED - description: This parameter can be HTTP or HTTPS. Example variant=HTTP + description: This parameter can be HTTP or HTTPS. Example variant=HTTP. name: variant predefined: - HTTP @@ -206,22 +206,22 @@ script: name: picus-get-threat-results outputs: - contextPath: Picus.threatresults.results.threat_results - description: Threat Results(ID and result combination) + description: Threat Results(ID and result combination). type: String - contextPath: Picus.threatresults.results.l1_category - description: Level 1 Category Name of the attack + description: Level 1 Category Name of the attack. type: String - contextPath: Picus.threatresults.results.last_time - description: Last Threat Result Time + description: Last Threat Result Time. type: Date - contextPath: Picus.threatresults.results.result - description: Threat Result + description: Threat Result. type: String - contextPath: Picus.threatresults.results.status - description: Status + description: Status. type: String - contextPath: Picus.threatresults.results.threat_id - description: Threat ID of the attack + description: Threat ID of the attack. type: Number - arguments: - description: Untrusted peer name. @@ -231,7 +231,7 @@ script: name: victim_peer required: true - auto: PREDEFINED - description: This parameter can be HTTP or HTTPS. Example variant=HTTP + description: This parameter can be HTTP or HTTPS. Example variant=HTTP. name: variant predefined: - HTTP @@ -243,33 +243,33 @@ script: - defaultValue: '3' description: Set days parameter. name: days - description: Set parameter on playbook. (This command is only used on playbook) + description: Set parameter on playbook. (This command is only used on playbook). name: picus-set-paramPB outputs: - contextPath: Picus.param.attacker_peer - description: Untrusted peer name + description: Untrusted peer name. type: String - contextPath: Picus.param.days - description: days + description: days. type: Number - contextPath: Picus.param.mitigation_product - description: Products info of the mitigation + description: Products info of the mitigation. type: String - contextPath: Picus.param.variant - description: This parameter can be HTTP or HTTPS. Example variant=HTTP + description: This parameter can be HTTP or HTTPS. Example variant=HTTP. type: String - contextPath: Picus.param.victim_peer - description: Trusted peer name + description: Trusted peer name. type: String - arguments: - description: Threat id and result combine. Used for playbook. name: threatinfo required: true - description: Filter insecure attacks on playbook. (This command is only used on playbook) + description: Filter insecure attacks on playbook. (This command is only used on playbook). name: picus-filter-insecure-attacks outputs: - contextPath: Picus.filterinsecure - description: Insecure Attack List + description: Insecure Attack List. type: String - arguments: - description: Threat ID list ("111,222,333,...") or single threat ID can be given. @@ -282,16 +282,16 @@ script: name: picus-get-mitigation-list outputs: - contextPath: Picus.mitigationresults.signature_id - description: ID of the signature + description: ID of the signature. type: String - contextPath: Picus.mitigationresults.signature_name - description: Name of the signature + description: Name of the signature. type: String - contextPath: Picus.mitigationresults.threat_id - description: Threat ID of Picus Attack + description: Threat ID of Picus Attack. type: Number - contextPath: Picus.mitigationresults.vendor - description: Product name of the mitigation + description: Product name of the mitigation. type: String - arguments: - description: Untrusted peer name. @@ -307,13 +307,13 @@ script: name: picus-get-vector-compare outputs: - contextPath: Picus.vectorresults.name - description: Name of Picus Attack + description: Name of Picus Attack. type: String - contextPath: Picus.vectorresults.status - description: Compare Result + description: Compare Result. type: String - contextPath: Picus.vectorresults.threat_id - description: Threat ID of Picus Attack + description: Threat ID of Picus Attack. type: String - description: Returns the current Picus version and the update time config. name: picus-version @@ -325,20 +325,20 @@ script: description: When to update? type: Number - contextPath: Picus.versioninfo.version - description: Current version + description: Current version. type: Number - description: Triggers the Picus product update mechanism manually. name: picus-trigger-update outputs: - contextPath: Picus.triggerupdate.data - description: Collected data that will be returned + description: Collected data that will be returned. type: Boolean - contextPath: Picus.triggerupdate.success description: Is the operation Succeed? type: Boolean - description: Generates an access token for api usage. Looks for X-Refresh-Token on header or refresh-token cookie. name: picus-get-access-token - dockerimage: demisto/python3:3.11.10.115186 + dockerimage: demisto/python3:3.11.11.1940698 runonce: false script: '-' subtype: python3 diff --git a/Packs/PicusAutomation/ReleaseNotes/1_1_4.md b/Packs/PicusAutomation/ReleaseNotes/1_1_4.md new file mode 100644 index 000000000000..addb4ff7eea0 --- /dev/null +++ b/Packs/PicusAutomation/ReleaseNotes/1_1_4.md @@ -0,0 +1,5 @@ +#### Integrations + +##### Picus Security +- Code functionality improvements. +- Updated the Docker image to: *demisto/python3:3.11.11.1940698*. \ No newline at end of file diff --git a/Packs/PicusAutomation/pack_metadata.json b/Packs/PicusAutomation/pack_metadata.json index 781f7ce35fde..52dd0b2316da 100644 --- a/Packs/PicusAutomation/pack_metadata.json +++ b/Packs/PicusAutomation/pack_metadata.json @@ -2,7 +2,7 @@ "name": "PicusAutomation", "description": "Run commands on Picus and automate security validation with playbooks.", "support": "partner", - "currentVersion": "1.1.3", + "currentVersion": "1.1.4", "author": "Picus Security", "url": "http://support.picussecurity.com", "email": "blueteam@picussecurity.com", diff --git a/Packs/PolySwarm/Integrations/PolySwarmV2/PolySwarmV2.py b/Packs/PolySwarm/Integrations/PolySwarmV2/PolySwarmV2.py index 3eebb757fac1..299790903699 100644 --- a/Packs/PolySwarm/Integrations/PolySwarmV2/PolySwarmV2.py +++ b/Packs/PolySwarm/Integrations/PolySwarmV2/PolySwarmV2.py @@ -279,6 +279,10 @@ def url_reputation(self, elif artifact_type == 'domain': object_name = 'Domain' dbot_score_type = DBotScoreType.DOMAIN + else: + dbot_score_type = '' + object_name = '' + demisto.debug(f" {artifact_type=} -> {dbot_score_type=} {object_name=}") dbot_score = Common.DBotScore(indicator=artifact, indicator_type=dbot_score_type, diff --git a/Packs/PolySwarm/Integrations/PolySwarmV2/PolySwarmV2.yml b/Packs/PolySwarm/Integrations/PolySwarmV2/PolySwarmV2.yml index a86698e96b6b..9de5943b59ac 100644 --- a/Packs/PolySwarm/Integrations/PolySwarmV2/PolySwarmV2.yml +++ b/Packs/PolySwarm/Integrations/PolySwarmV2/PolySwarmV2.yml @@ -405,5 +405,7 @@ script: script: '-' subtype: python3 type: python - dockerimage: demisto/polyswarm:1.0.0.96224 + dockerimage: demisto/polyswarm:1.0.0.102568 fromversion: 5.0.0 +tests: +- No tests (auto formatted) diff --git a/Packs/PolySwarm/ReleaseNotes/2_0_7.md b/Packs/PolySwarm/ReleaseNotes/2_0_7.md new file mode 100644 index 000000000000..8891ad424253 --- /dev/null +++ b/Packs/PolySwarm/ReleaseNotes/2_0_7.md @@ -0,0 +1,5 @@ +#### Integrations + +##### PolySwarm +- Code functionality improvements. +- Updated the Docker image to: *demisto/polyswarm:1.0.0.102568*. \ No newline at end of file diff --git a/Packs/PolySwarm/pack_metadata.json b/Packs/PolySwarm/pack_metadata.json index 7595f21a8e56..27bc101b8e95 100644 --- a/Packs/PolySwarm/pack_metadata.json +++ b/Packs/PolySwarm/pack_metadata.json @@ -2,7 +2,7 @@ "name": "PolySwarm", "description": "Real-time threat intelligence from a crowdsourced network of security experts and antivirus companies.", "support": "partner", - "currentVersion": "2.0.6", + "currentVersion": "2.0.7", "author": "PolySwarm", "url": "", "email": "support@polyswarm.io", diff --git a/Packs/PrismaAccess/Integrations/PrismaAccess/PrismaAccess.py b/Packs/PrismaAccess/Integrations/PrismaAccess/PrismaAccess.py index ec2f2fc336c4..037af66da5dc 100644 --- a/Packs/PrismaAccess/Integrations/PrismaAccess/PrismaAccess.py +++ b/Packs/PrismaAccess/Integrations/PrismaAccess/PrismaAccess.py @@ -230,7 +230,7 @@ def http_request(uri: str, method: str, headers: dict = {}, uri, headers=headers, data=body, - verify=USE_SSL, + verify=USE_SSL, # pylint: disable=E0606 params=params, files=files ) @@ -327,11 +327,11 @@ def prisma_access_test(): params = { 'type': 'op', 'cmd': '', - 'key': API_KEY + 'key': API_KEY # pylint: disable=E0606 } http_request( - URL, + URL, # pylint: disable=E0606 'GET', params=params ) diff --git a/Packs/PrismaAccess/Integrations/PrismaAccess/PrismaAccess.yml b/Packs/PrismaAccess/Integrations/PrismaAccess/PrismaAccess.yml index 1679275e2c3d..ce1adebd4403 100644 --- a/Packs/PrismaAccess/Integrations/PrismaAccess/PrismaAccess.yml +++ b/Packs/PrismaAccess/Integrations/PrismaAccess/PrismaAccess.yml @@ -60,7 +60,7 @@ script: - name: user required: true default: true - description: Username to logout. (Without domain name - e.g. jsmith) + description: Username to logout. (Without domain name - e.g. jsmith). - name: domain description: Domain name of the user to logout. For some users, this field is required. - name: computer @@ -70,24 +70,24 @@ script: description: The tenant name. outputs: - contextPath: PrismaAccess.LogoutUser - description: LogoutUser command results - description: Force logout a specific user from Prisma Access + description: LogoutUser command results. + description: Force logout a specific user from Prisma Access. - name: prisma-access-query arguments: - name: query required: true - description: 'Query to run. Example input: querystring limit=2000 action getGPaaSLast90DaysUniqueUsers' + description: 'Query to run. Example input: querystring limit=2000 action getGPaaSLast90DaysUniqueUsers.' outputs: - contextPath: PrismaAccess.QueryResults - description: Query results - description: Run a query via the Prisma Access CLI + description: Query results. + description: Run a query via the Prisma Access CLI. deprecated: true - name: prisma-access-cli-command arguments: - name: cmd required: true - description: CLI command to run (e.g. debug plugins cloud_services gpcs query querystring limit=9000 action getGPaaSLast90DaysUniqueUsers) - description: Run a custom CLI command on Prisma Access + description: CLI command to run (e.g. debug plugins cloud_services gpcs query querystring limit=9000 action getGPaaSLast90DaysUniqueUsers). + description: Run a custom CLI command on Prisma Access. deprecated: true - name: prisma-access-active-users arguments: @@ -96,10 +96,10 @@ script: defaultValue: '20' outputs: - contextPath: PrismaAccess.ActiveUsers - description: Active Users on Prisma Access + description: Active Users on Prisma Access. description: Query currently active users. deprecated: true - dockerimage: demisto/netmiko:1.0.0.114712 + dockerimage: demisto/netmiko:1.0.0.117495 subtype: python3 fromversion: 5.0.0 tests: diff --git a/Packs/PrismaAccess/ReleaseNotes/2_1_13.md b/Packs/PrismaAccess/ReleaseNotes/2_1_13.md new file mode 100644 index 000000000000..f5b62ba520c7 --- /dev/null +++ b/Packs/PrismaAccess/ReleaseNotes/2_1_13.md @@ -0,0 +1,4 @@ +#### Integrations +##### Prisma Access +- Code functionality improvements. +- Updated the Docker image to: *demisto/netmiko:1.0.0.117495*. \ No newline at end of file diff --git a/Packs/PrismaAccess/pack_metadata.json b/Packs/PrismaAccess/pack_metadata.json index 805ba0a07300..c232bb5257a9 100644 --- a/Packs/PrismaAccess/pack_metadata.json +++ b/Packs/PrismaAccess/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Palo Alto Networks - Strata Cloud Manager", "description": "Integrate with Palo Alto Networks Prisma SASE to query activity and take actions.", "support": "xsoar", - "currentVersion": "2.1.12", + "currentVersion": "2.1.13", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/PrismaCloudCompute/Integrations/PaloAltoNetworks_PrismaCloudCompute/PaloAltoNetworks_PrismaCloudCompute.py b/Packs/PrismaCloudCompute/Integrations/PaloAltoNetworks_PrismaCloudCompute/PaloAltoNetworks_PrismaCloudCompute.py index 0bb882c94144..a7bb322d299a 100644 --- a/Packs/PrismaCloudCompute/Integrations/PaloAltoNetworks_PrismaCloudCompute/PaloAltoNetworks_PrismaCloudCompute.py +++ b/Packs/PrismaCloudCompute/Integrations/PaloAltoNetworks_PrismaCloudCompute/PaloAltoNetworks_PrismaCloudCompute.py @@ -2256,6 +2256,7 @@ def get_ci_scan_results_list(client: PrismaCloudComputeClient, args: dict) -> Co params["from"] = parse_date_string_format(_from, "%Y-%m-%dT%H:%M:%SZ") if ci_scan_results := client.get_ci_scan_results(all_results=all_results, params=params): + table = "" if not verbose: ci_scan_results = reduce_ci_scan_results(ci_scan_results) if all_results: diff --git a/Packs/PrismaCloudCompute/Integrations/PaloAltoNetworks_PrismaCloudCompute/PaloAltoNetworks_PrismaCloudCompute.yml b/Packs/PrismaCloudCompute/Integrations/PaloAltoNetworks_PrismaCloudCompute/PaloAltoNetworks_PrismaCloudCompute.yml index faa8b7b3fe98..af440809303c 100644 --- a/Packs/PrismaCloudCompute/Integrations/PaloAltoNetworks_PrismaCloudCompute/PaloAltoNetworks_PrismaCloudCompute.yml +++ b/Packs/PrismaCloudCompute/Integrations/PaloAltoNetworks_PrismaCloudCompute/PaloAltoNetworks_PrismaCloudCompute.yml @@ -74,7 +74,7 @@ description: Use the Prisma Cloud Compute integration to fetch incidents from yo display: Palo Alto Networks - Prisma Cloud Compute name: PaloAltoNetworks_PrismaCloudCompute script: - dockerimage: demisto/python3:3.11.10.115186 + dockerimage: demisto/python3:3.11.11.1940698 isfetch: true runonce: false script: "-" diff --git a/Packs/PrismaCloudCompute/ReleaseNotes/1_7_11.md b/Packs/PrismaCloudCompute/ReleaseNotes/1_7_11.md new file mode 100644 index 000000000000..26ca3a336cc3 --- /dev/null +++ b/Packs/PrismaCloudCompute/ReleaseNotes/1_7_11.md @@ -0,0 +1,5 @@ +#### Integrations + +##### Palo Alto Networks - Prisma Cloud Compute +- Code functionality improvements. +- Updated the Docker image to: *demisto/python3:3.11.11.1940698*. \ No newline at end of file diff --git a/Packs/PrismaCloudCompute/pack_metadata.json b/Packs/PrismaCloudCompute/pack_metadata.json index 6dd62a8c8637..0ec945028dea 100644 --- a/Packs/PrismaCloudCompute/pack_metadata.json +++ b/Packs/PrismaCloudCompute/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Prisma Cloud Compute by Palo Alto Networks", "description": "Use the Prisma Cloud Compute integration to fetch incidents from your Prisma Cloud Compute environment.", "support": "xsoar", - "currentVersion": "1.7.10", + "currentVersion": "1.7.11", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/ProofpointThreatResponse/Integrations/ProofpointThreatResponse/ProofpointThreatResponse.py b/Packs/ProofpointThreatResponse/Integrations/ProofpointThreatResponse/ProofpointThreatResponse.py index b236ee594287..8c16a152d5f6 100644 --- a/Packs/ProofpointThreatResponse/Integrations/ProofpointThreatResponse/ProofpointThreatResponse.py +++ b/Packs/ProofpointThreatResponse/Integrations/ProofpointThreatResponse/ProofpointThreatResponse.py @@ -793,6 +793,7 @@ def close_incident_command(): def search_quarantine(): arg_time = dateparser.parse(demisto.args().get('time')) + emailTAPtime = 0 if isinstance(arg_time, datetime): emailTAPtime = int(arg_time.timestamp()) else: diff --git a/Packs/ProofpointThreatResponse/Integrations/ProofpointThreatResponse/ProofpointThreatResponse.yml b/Packs/ProofpointThreatResponse/Integrations/ProofpointThreatResponse/ProofpointThreatResponse.yml index b15c26725179..4147ba666be9 100644 --- a/Packs/ProofpointThreatResponse/Integrations/ProofpointThreatResponse/ProofpointThreatResponse.yml +++ b/Packs/ProofpointThreatResponse/Integrations/ProofpointThreatResponse/ProofpointThreatResponse.yml @@ -723,7 +723,7 @@ script: script: '-' subtype: python3 type: python - dockerimage: demisto/python3:3.11.10.115186 + dockerimage: demisto/python3:3.11.11.1940698 tests: - No test - beta_integration beta: true diff --git a/Packs/ProofpointThreatResponse/ReleaseNotes/2_0_21.md b/Packs/ProofpointThreatResponse/ReleaseNotes/2_0_21.md new file mode 100644 index 000000000000..39d824686373 --- /dev/null +++ b/Packs/ProofpointThreatResponse/ReleaseNotes/2_0_21.md @@ -0,0 +1,4 @@ +#### Integrations +##### Proofpoint Threat Response (Beta) +- Code functionality improvements. +- Updated the Docker image to: *demisto/python3:3.11.11.1940698*. \ No newline at end of file diff --git a/Packs/ProofpointThreatResponse/pack_metadata.json b/Packs/ProofpointThreatResponse/pack_metadata.json index 0aece6b18d2b..0dc3a3ccc99b 100644 --- a/Packs/ProofpointThreatResponse/pack_metadata.json +++ b/Packs/ProofpointThreatResponse/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Proofpoint Threat Response", "description": "Use the Proofpoint Threat Response integration to orchestrate and automate incident response.", "support": "xsoar", - "currentVersion": "2.0.20", + "currentVersion": "2.0.21", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Tests/conf.json b/Tests/conf.json index f1ca8038da89..f6a350f2da00 100644 --- a/Tests/conf.json +++ b/Tests/conf.json @@ -1301,41 +1301,47 @@ "playbookID": "Panorama Query Logs - Test", "fromversion": "6.1.0", "timeout": 1500, - "nightly": true + "nightly": true, + "memory_threshold": 200 }, { "integrations": "Panorama", "instance_names": "palo_alto_firewall_9.1", "playbookID": "palo_alto_firewall_test_pb", "fromversion": "6.1.0", - "timeout": 1000 + "timeout": 1000, + "memory_threshold": 200 }, { "integrations": "Panorama", "instance_names": "palo_alto_panorama_9.1", "playbookID": "PAN-OS-panorama-topology-test-pb", "fromversion": "6.1.0", - "timeout": 1000 + "timeout": 1000, + "memory_threshold": 200 }, { "integrations": "Panorama", "instance_names": "palo_alto_firewall_9.1", "playbookID": "PAN-OS-firewall-topology-test-pb", "fromversion": "6.1.0", - "timeout": 1000 + "timeout": 1000, + "memory_threshold": 200 }, { "integrations": "Panorama", "instance_names": "palo_alto_panorama_9.1", "playbookID": "palo_alto_panorama_test_pb", "fromversion": "6.1.0", - "timeout": 2400 + "timeout": 2400, + "memory_threshold": 200 }, { "integrations": "Panorama", "instance_names": "palo_alto_firewall_9.0", "playbookID": "PAN-OS URL Filtering enrichment - Test", - "fromversion": "6.1.0" + "fromversion": "6.1.0", + "memory_threshold": 200 }, { "integrations": "Panorama", @@ -1354,7 +1360,8 @@ "integrations": "Panorama", "instance_names": "panorama_instance_best_practice", "playbookID": "Panorama Best Practise - Test", - "fromversion": "6.1.0" + "fromversion": "6.1.0", + "memory_threshold": 200 }, { "integrations": "Tenable.io", @@ -1417,7 +1424,8 @@ "palo_alto_networks_pan_os_edl_management" ], "instance_names": "palo_alto_firewall_9.0", - "fromversion": "6.1.0" + "fromversion": "6.1.0", + "memory_threshold": 200 }, { "playbookID": "Test_EDL", @@ -1453,13 +1461,15 @@ "playbookID": "PAN-OS - Block IP - Custom Block Rule Test", "integrations": "Panorama", "instance_names": "panorama_instance_security_team", - "fromversion": "6.1.0" + "fromversion": "6.1.0", + "memory_threshold": 200 }, { "playbookID": "PAN-OS - Block IP - Static Address Group Test", "integrations": "Panorama", "instance_names": "panorama_instance_security_team", - "fromversion": "6.1.0" + "fromversion": "6.1.0", + "memory_threshold": 200 }, { "playbookID": "Block IP - Generic V3_Test", @@ -1469,7 +1479,8 @@ "playbookID": "PAN-OS - Block URL - Custom URL Category Test", "integrations": "Panorama", "instance_names": "panorama_instance_security_team", - "fromversion": "6.1.0" + "fromversion": "6.1.0", + "memory_threshold": 200 }, { "playbookID": "Endpoint Malware Investigation - Generic - Test", @@ -2997,7 +3008,8 @@ "playbookID": "PAN-OS DAG Configuration Test", "integrations": "Panorama", "instance_names": "palo_alto_panorama_9.0", - "timeout": 1500 + "timeout": 1500, + "memory_threshold": 200 }, { "playbookID": "PAN-OS EDL Setup v3 Test", @@ -3006,7 +3018,8 @@ "palo_alto_networks_pan_os_edl_management" ], "instance_names": "palo_alto_firewall_9.0", - "timeout": 300 + "timeout": 300, + "memory_threshold": 200 }, { "integrations": "Snowflake", @@ -3335,7 +3348,8 @@ "fromversion": "5.5.0", "timeout": 1500, "integrations": "Panorama", - "instance_names": "palo_alto_panorama" + "instance_names": "palo_alto_panorama", + "memory_threshold": 200 }, { "integrations": "Elasticsearch v2", @@ -5688,7 +5702,8 @@ "playbookID": "PAN-OS - Add Anti-Spyware Security Profile To Rule - Test", "integrations": "Panorama", "instance_names": "palo_alto_firewall_9.1", - "fromversion": "6.9.0" + "fromversion": "6.9.0", + "memory_threshold": 200 }, { "integrations": "Secneurx Analysis",