Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Git lab add trigger pipeline command (demisto#27544)
* add command * fixes * change client function name * RN * Cloud Incident Response pack and Cloud Token Theft playbook (#27331) * new pack for Cloud Incident Response playbooks * new pack for Cloud Incident Response playbooks * updates common playbooks RN * updates common playbooks RN * Added scripts * Added trigger * Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CommonPlaybooks/Playbooks/playbook-Cloud_Enrichment_-_Generic_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CommonPlaybooks/Playbooks/playbook-Cloud_Enrichment_-_Generic_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CommonPlaybooks/ReleaseNotes/2_3_74.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CommonPlaybooks/ReleaseNotes/2_3_74.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Token_Theft_-_Set_Verdict.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Threat_Hunting_-_Persistence.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Token_Theft_-_Set_Verdict.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Token_Theft_-_Set_Verdict.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CloudIncidentResponse/Playbooks/playbook-Cloud_Token_Theft_-_Set_Verdict.yml Co-authored-by: ShirleyDenkberg <[email protected]> * fixes the Hunting Results section in the layout * Added the pack and scripts readme * updates pack meta-data * Review fixes * PBs screenshot * removes quiet mode * removes quiet mode * fixes shared sub-playbooks. * inputs validation * fixes tasks description * Added playbook outputs * update RN and PBs description * changes to MP2 only * new script * review fixes * update RN * fix typo * updates the readme png links * unit test and fixes * fix layout * added pack ignore for the dynamic sections unit tests * secrets * fixes * fixes * pack ignore * fixes * docker image version * fix flake errors * remove trigger due to sdk bug * added unit test * fix unit test coverage * fix unit test coverage --------- Co-authored-by: ShirleyDenkberg <[email protected]> * [ASM] - Expander - Update Service Ownership (#27140) (#27522) * Update Cortex ASM - Service Ownership - Updated Cortex ASM - GCP Enrichment playbook to retrieve the service account on the instance and writes it to incident field **asmserviceownerunrankedraw** for use by the **Cortex ASM - Service Ownership** playbook. - Updated the Service Ownership playbook to run for all cloud service providers and added support for retrieving GCP project owners from user-managed, cross-project service accounts. - Add script GetProjectOwners which prses a GCP service account email for the project ID, then looks up the project owners and adds them to a list of potential service owners for ranking. - Updated script RankServiceOwners to no longer limit to the top-5 service owners Test plan: pytest + tested in callu tenant on AWS and GCP alerts, verified the expected owners were written to `asmserviceowner` * Mark GetProjectOwners task as skip unavailable since it depends on GCP-IAM integration * Revert change to fromversion in RankServiceOwners * Bump pack version * Use regex to validate user-managed service account * Raise/catch exceptions rather than using nested if statements * Update docker image. * exclude GCP-IAM core-pack dependency * Update GCP Enrichment playbook with service account * Update pack README with new script * Update release notes * Add unit tests for error handling in GetProjectOwners - Validate error message on existing tests - Add unit test for get_iam_policy * Add tests to verify exception handling in main * Revert to ' | ' delimiter for Source field * Move up check for Cortex ASM integration * Update docker images * Update release notes * Update Packs/CortexAttackSurfaceManagement/README.md * Update docker image and release notes --------- Co-authored-by: kball-pa <[email protected]> Co-authored-by: Danny_Fried <[email protected]> Co-authored-by: John <[email protected]> * [VMRay] fix encoding of file names (#27429) (#27527) * fix encoding of file names * update docker image * add given, when, then to test * updated docker image --------- Co-authored-by: Jens Thom <[email protected]> Co-authored-by: RotemAmit <[email protected]> * Xsoar file management (#26455) * commonserver.js * working * ok * fileDeleteAttachmentCommand * read me * removing examples file * removing changes * rl update * small fixes * removing extra space * RL * remove RL * adding version * RL base * commit * temp * coreApiFileCheckCommand fix * fixing fileDeleteCommand * fileUploadCommand fix * rl * Bump pack from version Base to 1.32.5. * after conflicts * Rl * xsoar concate bug fix * docstring * undo changes in unrelevant files * removing _mm * Bump pack from version Base to 1.32.6. * Bump pack from version Base to 1.32.7. * val changes * removing notes * small fixes * cr fixes * fileUploadCommand fix * small update * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/ReleaseNotes/1_3_26.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/ReleaseNotes/1_3_26.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/ReleaseNotes/1_3_26.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/ReleaseNotes/1_3_26.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/ReleaseNotes/1_3_26.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/CoreRESTAPI.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DemistoRESTAPI/Integrations/CoreRESTAPI/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * specifying what the FileResult function does * RL * known word * ignore word * adding to read me * Update Packs/Base/ReleaseNotes/1_32_7.md Co-authored-by: Shelly Tzohar <[email protected]> * removed from read me old demisto command * adding to ignore * ignore * Bump pack from version Base to 1.32.8. * m * Bump pack from version Base to 1.32.9. * Bump pack from version Base to 1.32.10. * Bump pack from version Base to 1.32.11. * Bump pack from version Base to 1.32.12. * demo fixes * Bump pack from version Base to 1.32.15. --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Shelly Tzohar <[email protected]> * [VirusTotal] Fix only_stats default value (#27454) * [VirusTotal] Fix only_stats default value (#27428) * Fix only_stats default value * Made the change in the code instead yaml * fix * restore yaml defailtValue * fixed rn * updated docker --------- Co-authored-by: Daniel Pascual <[email protected]> Co-authored-by: michal-dagan <[email protected]> Co-authored-by: michal-dagan <[email protected]> * [Marketplace Contribution] Community Common Scripts - Content Pack Update (#27457) (#27532) * "contribution update to pack "Community Common Scripts"" * Add README * Move to version upgrade to revision. Concise RN. Move desc to README * Bump docker version. --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Danny_Fried <[email protected]> * [Jira v2] Added 3 new commands (#27523) * [Jira v2] Added 3 new commands (#27431) * master * jira command * reverting headers * reverting union option * reverted the latest message * reverting debug message * get_organization_name * reverting update_issue_assignee_command * moving up the update_issue_assignee_command * git user * issue assign * command * customfields removed * jirav2copy * rmed jirav2copy * jira * format * jirav2 * reverted defaultmapperin * reverted hidden marketplace * jira * moved down edit-issue * wrong command * jira * replaced a line * Readme * watchers * added release notes * revert CrowdStrike * typo * test get_organizations * added a unit test * mocker error * fixing unit test * rmed 1_* * unit testing for organizations * removed .gitignore * taking care of comments * rmed 1_* files * new commands into README * Update Packs/Jira/Integrations/JiraV2/JiraV2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Jira/Integrations/JiraV2/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Jira/ReleaseNotes/3_0_3.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Jira/ReleaseNotes/3_0_3.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Jira/ReleaseNotes/3_0_3.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker image. --------- Co-authored-by: Enes Özdemir <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Danny_Fried <[email protected]> * Updated description (#27524) * Updated description (#27440) * Updated description * Updated docker image version * Updated docker image version - update * updated docker image --------- Co-authored-by: grzegorzpapkala <[email protected]> Co-authored-by: RotemAmit <[email protected]> * Added new fields to context output and UI (#27069) * added new fields * separated context and UI * updated human readable * fixed "cannot concatenate dict" bug * fixed the mess in profiles * updated tests * location now appears in UI * removed field restrictions for panorama * Updated yml * updated readme * updated release notes * added docs to xml_get * fixed test errors * Apply suggestions from code review Co-authored-by: Guy Afik <[email protected]> * post CR commit * Update 1_17_4.md * Update Packs/PAN-OS/ReleaseNotes/1_17_4.md Co-authored-by: Guy Afik <[email protected]> * CR changes * merged context/pretty rules to single dict * added test jsons * cleaned tests; added dict_test (dummy) * added unsafe_dict_get * added docs to unsafe_dict_get * unsafe_dict_get is now dict_recursive_get with changes * updated yml * fixed UI not showing all bug * updated readme * solved release notes conflict * CR changes * update release notes * Update 1_17_7.md * removed dict_recursive_get * updated release notes * Apply suggestions from code review Co-authored-by: Guy Afik <[email protected]> * removed pylint ignore * added known words * removed unrelated release notes * added pylint ignore * return string by default * ignore pylint false positives * added defaults for profiles * added defaults for profiles 2 * ignore pylint * updated docker * resolve conflicts --------- Co-authored-by: Guy Afik <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Fix small grammar typos in documentation (#27489) (#27533) * Fix small grammar typos in documentation * Update docker image. Update RN and versions. * Update Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.py --------- Co-authored-by: Peter Elmers <[email protected]> Co-authored-by: Danny_Fried <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Support level tags for external contributions bug fix (#27167) * fix bug on new files * add existing file path change * add new partner pack for testing * update test * update * add python to pipenv * test change cwd works * remove panorama * check if works without change-cwd * add the option to checkout branch * try to see behaivor with checkout * comment out * fix import issue * search in paranets path * fixes * align the print * update * remove test files * remove pipfile * handle bug * add support to checkout forked branches * test * add support for checking out forked branches * add print * pragma no cover * small fix * enhancments * bug fix * remove unused imports * add forked repo even if not content * uncomment main code * always checkout to the branch * remove copy * cr fixes * cr fixes * empty packs support level in case of exception * Ivanti Pulse Secure Mapping (#27407) * Created IvantiPulseSecureVTM pack * Updated README * Updated README * Updated README * Updated README * Updated README * Update Packs/IvantiPulseSecureVTM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/IvantiPulseSecureVTM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/IvantiPulseSecureVTM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/IvantiPulseSecureVTM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/IvantiPulseSecureVTM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/IvantiPulseSecureVTM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/IvantiPulseSecureVTM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Update README.md * Update README.md * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Updated the pack name in pack_metadata * Updated ParsingRules --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Aws iam enhancement (#27271) * in progress * added rn * added put role policy command * added put_user_policy_command * added put_user_policy_command * done * readme update * pre-commit fixes * rn fix * improvments * update tpb * update rn * readme fix * cr fix * pre-commit fixes * cr fix * fixes * docs addition * docs addition * docs addition * docker update * Align credentials stores part 18 (#27441) * Align credentials part 18 * MxToolBox * RM110 * fix * Cs falcon enhancement (#26136) * initial branch commit; first command ready * 'build_cs_falcon_filter' gets kwargs instead of dict * added stubs for all seven commands, not tested * finished up to pending design functions * updated user response when no IDs match the filter * fixed scheduled scan validation bug * fixed scheduled scan validation bug * added commands to README; fixed create scans bug * ready for CR * added ODS to description * added cancel scan to readme; improved UI * beautified create scan output * beautified create scan output * beautified create scan output * updated release notes * updated release notes * fixed tests * fixed tests (v2) * shortened readme * test commit * removed cancel-scan command * removed unified yml * updated release notes * reset yml * possible solution for test fails * real solution to test fail * removed irrelevant files * update ReadNetstatFile * fixed error fails * formatted pack * updated docker image * fixed ruff errors * updated release notes * fixed pylint errors * added tests * fixed flake8 errors * fixed ruff errors * updated descriptions; changed start_timestamp * added create scheduled scan command * added polling to create/query scan * added polling to arg to yml * removed demo function * fixed 404 bug * func is now defined * fixed bug * corrected scan_in_progress * changed default cpu_priority * fixed bugs, now works * added new args * updated yml with new args * fixed dict_safe_get bug * fixed tests; added outputs to yml * human readable for scheduled scan only * updated readme * updated release notes * fixed backwards compatibility * fixed backwards compatibility 2 * Update examples.txt * capitalized descriptions * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * update examples.txt * regenerated readme * updated tests * removed blank lines * added tests; duration is now in hours * atempt at no return polling (NOT TESTED) * atempt at no return polling * hide polling results * added tests * added tests for polling * removed temporary comments * updated examples * added test playbook * resolve conflicts * added fromversion field * improved playbook * update docker; improve UI * fixed unit tests * fixed unit tests * update docker in RN --------- Co-authored-by: ShirleyDenkberg <[email protected]> * pan-os-edit-rule command: Added support for removing and adding group profile settings (#27449) * add support for remove profile setting group * commit * add and replace same behavior * RN * Resolve conflict * add comment * add UT * fix a comment CR * fix the UT * mypy error * RN resolve conflict * [Marketplace Contribution] Generic Export Indicators Service - Content Pack Update (#27540) * [Marketplace Contribution] Generic Export Indicators Service - Content Pack Update (#27338) * "contribution update to pack "Generic Export Indicators Service"" * Revert changes to yml and description. Add RN Add known words. * Revert unnecessary changes. * Long line. --------- Co-authored-by: Danny_Fried <[email protected]> * Bump docker verion. * Remove comment. * fix known_words section --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Danny_Fried <[email protected]> * Update Docker Image To demisto/python3 (#27554) * Updated Metadata Of Pack URLHaus * Added release notes to pack URLHaus * Packs/URLHaus/Integrations/URLHaus/URLHaus.yml Docker image update * Updated Metadata Of Pack CrowdStrikeIntel * Added release notes to pack CrowdStrikeIntel * Packs/CrowdStrikeIntel/Integrations/CrowdStrikeFalconIntel_v2/CrowdStrikeFalconIntel_v2.yml Docker image update * Updated Metadata Of Pack Shodan * Added release notes to pack Shodan * Packs/Shodan/Integrations/Shodan_v2/Shodan_v2.yml Docker image update * Updated Metadata Of Pack FeedOffice365 * Added release notes to pack FeedOffice365 * Packs/FeedOffice365/Integrations/FeedOffice365/FeedOffice365.yml Docker image update * Updated Metadata Of Pack PrismaCloud * Added release notes to pack PrismaCloud * Packs/PrismaCloud/Integrations/PrismaCloudV2/PrismaCloudV2.yml Docker image update * Update Docker Image To demisto/py3-tools (#27553) * Updated Metadata Of Pack Active_Directory_Query * Added release notes to pack Active_Directory_Query * Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.yml Docker image update * Wildfire v2 - fix an issue in the wildfire-report command (#27547) * fixes * bump rn * revert irrelevent changes * update rn * update test-playbook * update docker image * Azure Active Directory Identity: added test-module handling for client_credentials mode (#27462) * added test-module handling in client_credentials mode * fixed cr comments and added rn * fixed rn * update version * revert * Incident context core pb fix (#27546) * change setparentincident tasks to skipunavailable:true * RN after changed setparentincident tasks to skipunavailable:true * fix for validation errors * RN after fix for validation errors * fix for validation error * Fixed empty installation (#27541) * fix empty installation * Update Tests/Marketplace/search_and_install_packs.py Co-authored-by: Yaakov Praisler <[email protected]> --------- Co-authored-by: Yaakov Praisler <[email protected]> * Fixes for 'CrowdStrike Falcon - False Positive Incident Handling' pla… (#27453) * Fixes for 'CrowdStrike Falcon - False Positive Incident Handling' playbbok * Updated README file and generated RN * Bump pack from version CrowdStrikeFalcon to 1.10.22. * Added playbook PNG file * Removed the 'Test - CrowdStrike Falcon' and changed the 'completeafterv2' conf of task number 2 to 'false'. * Bump pack from version CrowdStrikeFalcon to 1.10.23. --------- Co-authored-by: Content Bot <[email protected]> * Add retries to Trigger Test Upload Flow (#27537) * add retries to Trigger Test Upload Flow * add comment * revert lock_cloud_machines.py * Tenable sc enhancment (#26319) * code improvments * in progress * in progress * in progress * in progress * in progress * in progress * in progress * in progress * fix * fixes * fixes * fixes * fixes * deprecate playbook * update list-zones * added tenable-sc-list-groups command * adding tenable-sc-create-user command * in progress * finish create-user command * finish update-user command * in progress * added command results * add dock strings * added rn * all commands developed * validate fixes and added RN * generated readme * pre-commit fixes * adding unit tests * fixes * tests * pre-commit fixes * tests * more test cases * tests * add more tests * docker update * docker update * added tests * changes * updated readme * cr and validation fixes * validation fixes * added tpb * added tpb * fixes * fixes * fixes * fixes * fix tpb issues * revers * fixes * fixes * fixes * fixes * fixes * update * pre-commit fixes * pre-commit fixes * fix tpb * docs fix * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * cr fix * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/ReleaseNotes/1_0_10.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/ReleaseNotes/1_0_10.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/ReleaseNotes/1_0_10.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/ReleaseNotes/1_0_10.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/ReleaseNotes/1_0_10.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/ReleaseNotes/1_0_10.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Tenable_sc/Integrations/Tenable_sc/Tenable_sc.yml Co-authored-by: ShirleyDenkberg <[email protected]> * dor review * doc review * fixes * fixes * in progress * demo fixes * demo fixes * readme update * update tpb * revert * fixes * fixes * transfer password to secret * revert tpb * fixes * fixes * update docker * Test fix * Test fix * add more tests * add more tests * docker update * add more tests * add more tests * add more tests * add more tests * add more tests * fixes --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Align Credentials Part 2 (#27350) * Attlasian_IAM complete * C2sec complete * Tidy complete * CircleCI complete * update release notes * Update .pack-ignore * update docker * updated know words * updated release notes * removed CJ105 from .pack-ignore * FreeEnrichers Pack - small fix to pack names that were wrong (#27445) * small fix to related packs * Update Packs/FreeEnrichers/pack_metadata.json Co-authored-by: Sasha Sokolovich <[email protected]> --------- Co-authored-by: Sasha Sokolovich <[email protected]> * add readme to Zscaler (#27465) * update modeling rules * add readme to the pack * Update Packs/Zscaler/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Zscaler/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Zscaler/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Zscaler/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Zscaler/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Zscaler/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Zscaler/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Zscaler/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * add readme to the pack * add readme to the pack * add readme to the pack --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Skyhigh SWG init (#27526) * Skyhigh SWG init (#27060) * Skyhigh SWG init * fix validation errors * fix mypy typing issues with ET * changes following the review * get method args and default empty string for mypy * changed doc review suggestions * Context rework * doc review * changed integration directory * rn * deprecation info and docker * rn * rn --------- Co-authored-by: ckaadic <[email protected]> Co-authored-by: epintzov <[email protected]> * [DBotPredictURLPhishing] - fix bug with None entires (#27563) * [DBotPredictURLPhishing] - fix issue bug with None entires * add retry mechanisem to tpb in case of failure * bump rn * pre-commit fixes * Align Credentials for GoogleCloudTranslate, Google Vision API, Google Resource Manager (#27560) * GoogleCloudTranslate complete * GoogleVisionAPI complete * GoogleResourceManager complete * GoogleResourceManager complete * Fixed GoogleVisionAPI.py * Versioned core packs (#25989) * Versioned Corepacks files * Changed content pack to triger an upload * flake8 * test upload to target bucket from prepare_content_packs_for_testing.sh * added versions-metadata.json file * cleaned code * uploading versions-metadata.json to bucket * copy versions-metadata to bucket * upload versions-metadata to artifacts * upload versions-metadata to production bucket * fix validations * copy with blob * corepacks upload and versions-metadata logic working, before relative paths * changed corepack file contents to relative paths * fixed validations * Cleand code * Test adding another version to the versions-metadata * changed corepacks.json file back to full paths * test multiple unlocked files * cleaned code * Fixed parameter name * fixed corepacks if * added UT for versions-metadata file format * pre-commit hooks * UT for upload_packs.py * CR updates * First commit for corepacks hotfix * pre-commit * pre-commit * test - should not override 8.2.0 * removed UT * CR updates * Added UTs for the hotfix part * Added UTs for copy_and_upload_packs * Updates * Added MP to versions-metadata. should upload 6.11.0 and 8.3.0 * Added MP to override. should upload 6.11.0 to xpanse only and override 8.2.0 in marketplacev2 only * flake8 * cleaned code and fixed UT * Cleaned versions-metadata.json file * CR updates * fixed UTs * fixed lint * CR updates * Ivanti Update (#27564) * Updated Ivanti * Updated ReleaseNotes * Updated ReleaseNotes * RTIR: fix add-comment (#27549) * remove more `encode`s * update image * Update Packs/RTIR/ReleaseNotes/1_0_16.md Co-authored-by: yuvalbenshalom <[email protected]> --------- Co-authored-by: yuvalbenshalom <[email protected]> * move pre-commit template to content (#27535) * Fix packs with demisto-sdk lint issues (#27392) * Added the missing defaultValue arg in the yml files (#27443) * added the missing default value * Bump pack from version CrowdStrikeFalcon to 1.10.22. * update docker * update release notes with docker update * fix docker image issue * fix validation * update docker * update RN after merge master * fix duplicate field * fix rn --------- Co-authored-by: Content Bot <[email protected]> * Fix For ADFS ModelingRules (#27568) * Update Docker Image To demisto/python3 (#27577) * Updated Metadata Of Pack PrismaCloudCompute * Added release notes to pack PrismaCloudCompute * Packs/PrismaCloudCompute/Integrations/PaloAltoNetworks_PrismaCloudCompute/PaloAltoNetworks_PrismaCloudCompute.yml Docker image update * Packs/PrismaCloudCompute/Scripts/PrismaCloudComputeParseVulnerabilityAlert/PrismaCloudComputeParseVulnerabilityAlert.yml Docker image update * Updated Metadata Of Pack PrismaSaasSecurity * Added release notes to pack PrismaSaasSecurity * Packs/PrismaSaasSecurity/Integrations/SaasSecurity/SaasSecurity.yml Docker image update * Updated Metadata Of Pack AbuseDB * Added release notes to pack AbuseDB * Packs/AbuseDB/Scripts/AbuseIPDBPopulateIndicators/AbuseIPDBPopulateIndicators.yml Docker image update * Updated Metadata Of Pack PANWComprehensiveInvestigation * Added release notes to pack PANWComprehensiveInvestigation * Packs/PANWComprehensiveInvestigation/Scripts/PanwIndicatorCreateQueries/PanwIndicatorCreateQueries.yml Docker image update * GsuiteAdmin empty page token error (#27481) * Fixed an issue where an empty page_token would sometimes be sent * Updated RNs * Updated docker image * Added ruff suggestions --------- Co-authored-by: Content Bot <[email protected]> * import-indicator-commands (#27558) * import-indicator-commands * fix doc review CR * Update carbon black deprecated content (#27100) * update content on playbook-Block_Endpoint_-_Carbon_Black_Response.yml * updated sub-playbook playbook-Block_Endpoint_-_Carbon_Black_Response_2_1 instead playbook-Block_Endpoint_-_Carbon_Black_Response * RN after create new playbook for block endpoint carbon black v2.1 * RN after replaced sub-playbook `Block Endpoint - Carbon Black Response V2` with sub-playbook `Block Endpoint - Carbon Black Response V2.1` on isolated endpoint - generic v2 * replace extrha hop deprecated command and update carbon black command on Endpoint Enrichment v2.1 * RN after replace extrha hop deprecated command and update carbon black command on Endpoint Enrichment v2.1 * Bump pack from version CommonPlaybooks to 2.3.73. * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * the playbook Block IP Generic v2 was deprecated * the playbook Block IP Generic v2 was deprecated * RN after playbook Block IP Generic v2 was deprecated * fix validation errors and change skipunavailable to true on isolated endpoint - generic v2 * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CommonPlaybooks/Playbooks/playbook-Endpoint_Enrichment_-_Generic_v2.1_6_8.yml Co-authored-by: ShirleyDenkberg <[email protected]> * fix validation errors add missing png and edit RN for pack EOL date * Update Packs/Carbon_Black_Enterprise_Response/Playbooks/playbook-Block_Endpoint_-_Carbon_Black_Response_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CommonPlaybooks/Playbooks/playbook-Isolate_Endpoint_-_Generic_V2_6_8_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * fix Conflicting files * Bump pack from version Carbon_Black_Enterprise_Response to 2.1.35. * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * fix for conflict --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: altmannyarden <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Remove unnecessary troubleshooting from README.md (#27531) * remove troubleshooting from README.md * generated README --------- Co-authored-by: xsoar-bot <[email protected]> * Fix python 3 incompatibility for McAfee MAR (#27576) * CVE command (#27580) * CVE command (#27241) * Add ctix-get-vulnerability-data and cve commands * Add extra_data parameter for new cve-command * Update documentation for fields that are required in commands that already exist * Minor improvements/simplifications from code review * Remove required attribute that makes the changes backwards incompatible Replace with defaultValue * Update docker to latest version * Updating README to reflect default value added for optional arguments * Update docker image. --------- Co-authored-by: Corey Bodendein <[email protected]> Co-authored-by: Danny_Fried <[email protected]> * Remove redundant assignment of var (#27571) * Remove redundant amount_of_events assignments. * Update RN. Update docker. Update version. * Fix unit tests * Feature/threatgrid add commands arguments (#27468) (#27590) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * Update the sample-upload command with arguments: vm and playbook * Add missing arguments * update docker image * update docker image in release note Co-authored-by: TalGumi <[email protected]> * Partner otrs ag adoption start (#27256) (#27592) * OTRS AG Pack Adoption * Update pack_metadata.json * update release notes Co-authored-by: jensoliver <[email protected]> * Snow Transformer Error (#27479) * Fixed transformer in incoming mapper * Added RNs --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Content Bot <[email protected]> * Domain extracted from a file with an extension as part of a URL (#27569) * Fix for domain regex and formatter to avoid catching files as domains * RN * docker bump * RN * Test playbook for 'CrowdStrike Falcon - Get Detections by Incident' (#27186) * Test playbook for 'CrowdStrike Falcon - Get Detections by Incident' * RN * Bump pack from version CrowdStrikeFalcon to 1.10.21. * Deleted duplicated tasks and added validation for CrowdStrike Falcon live incidents * Bump pack from version CrowdStrikeFalcon to 1.10.22. * added validations for the existence of CrowdStrike Falcon incidents and detections * Removed unnecessary 'print error' messages * Bump pack from version CrowdStrikeFalcon to 1.10.23. * Bump pack from version CrowdStrikeFalcon to 1.10.24. * Replaced the 'is not empty' condition with the 'Is defined' condition for tasks 324 and 318 * changed the 'fromversion' to 6.5.0 * RN --------- Co-authored-by: Content Bot <[email protected]> * [TestIsMaliciousIndicatorFound] - add sleep for indexing indicators (#27584) * Microsoft usgov support (#27025) https://jira-hq.paloaltonetworks.local/browse/CIAC-818 Adding support for All Azure clouds in Azure Key Vault, Azure Sentinel, Azure Kubernetes Service Adding support for all endpoints in Microsoft Defender for Endpoints * Generic Webhook enhancements (#27478) (#27596) * Added request header information to the rawJSON output. Restructures the rawJSON output to include header and body details. * Updated Release notes and pack_metadata.json * Updated Release notes. * Updated Release notes. * Updated Release notes. Updated docker version. * Adjusted raw_json output. Aligned README.md and release note. * Updated Docker Image * Update Packs/GenericWebhook/ReleaseNotes/1_0_25.md * Remove Authorization header details. * Updated Known_Words in .pack-ignore * Fixed header_name * fixed secret_header --------- Co-authored-by: Martin Ohl <[email protected]> Co-authored-by: michal-dagan <[email protected]> * Update Docker Image To demisto/pymisp2 (#27607) * Updated Metadata Of Pack MISP * Added release notes to pack MISP * Packs/MISP/Integrations/MISPV3/MISPV3.yml Docker image update * Ciac 3134 workday logs (#27055) * new pack * unit tests * added logic, readme and unit tests. also modeling rules. * removed test data * format and pre-commit fixes * validations and pre commit fixes * rn * test * test * schema and from version * docker * modeling rules and demo rejects * display name of params * CR fixes * build fix * build fix * test * test * readme fix * docker * bug fix * rn * rn * Apply suggestions from code review Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Workday/ReleaseNotes/1_3_1.md Co-authored-by: Dan Tavori <[email protected]> * Bump pack from version Workday to 1.3.2. * add logs and fixed a bug with duplications * added max fetch * added support for duplications and fix bugs * rn * rn and changed last run to contain all log * rn and docker * unit test fix * CR fixes * pre commit changes --------- Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Content Bot <[email protected]> * CrowdStrike Falcon - Search endpoints by hash enchantment (#27594) * Added a condition -> "IsIntegrationEnabled" * Updated RN * Removed un-required tests * Bump pack from version CrowdStrikeFalcon to 1.10.26. * Update 1_10_26.md Updated RN * Update 1_10_26.md --------- Co-authored-by: Content Bot <[email protected]> * MacOS Update (#27608) * Updated MacOS vendor product * Updated RN * Updated ReleaseNotes * fix workday parsing rule id (#27615) * fix workday parsing rule id * rn * move a line in the yml to the correct position (#27610) * move the line * RN * remove the Dev * docker image * remove the Dev * Barracuda Update (#27545) * Updated the ParsingRules logic * Updated ReleaseNotes * Updated ReleaseNotes * Updated .yml configs for IvantiPulseSecureVTM * Reverted Ivanti VTM changes * IvantiPulseSecureVTM .yml update * Delete IvantiPulseSecureVTM_ParsingRules.yml * Delete IvantiPulseSecureVTM_ModelingRules.yml * Updated ReleaseNotes * Updated ReleaseNotes * Reverted changed to Ivanti * Reverted IvantiPulseSecureVTM RN * Align credentials stores integrations- part 20 (#27534) * lign credentials stores integrations- part 20 * Carbon Black Live Response Cloud * added '.' * fix rl * fix unit tests * raise exception * SMB - fix path concatenation (#27604) * SMB - fix wrong path concatenation * added RNs * fixed RNs * updated docker image * Moved path creation to function * Updated func * updated RN * removed yml rename * 1.17.0 sdk release (#27618) * Update ewsv2 exc2019 (#26670) * update * test * changes * changes * final commands changes * clean code * update TPBs * rvert name change * revert name change * cr changes * fix name * fix TPBs * remove skip of perm_set field * fix tpb and validations * revert arg removal * remove added tpb * update memory threshold * fix ut * fix ut * Fix urllib.parse import in CommonServerPython (#27252) * Allow applying a new profile over an existing one in ***pan-os-apply-security-profile*** command (#27237) * Add XSOAR support for updating existing profile types * RN * fix UT * Update Packs/PAN-OS/ReleaseNotes/1_17_5.md Co-authored-by: Guy Afik <[email protected]> * fix CR * RN * UT was added * Update Packs/PAN-OS/Integrations/Panorama/Panorama.py Co-authored-by: Guy Afik <[email protected]> * Update Packs/PAN-OS/Integrations/Panorama/Panorama.py Co-authored-by: Guy Afik <[email protected]> * Update Packs/PAN-OS/Integrations/Panorama/Panorama.py Co-authored-by: Guy Afik <[email protected]> * Update Packs/PAN-OS/Integrations/Panorama/Panorama.py Co-authored-by: Guy Afik <[email protected]> * Update Packs/PAN-OS/Integrations/Panorama/Panorama.py Co-authored-by: Guy Afik <[email protected]> * fix * flake8 * UT stability --------- Co-authored-by: Guy Afik <[email protected]> * Update Docker Image To demisto/splunksdk-py3 (#27263) * Updated Metadata Of Pack SplunkPy * Added release notes to pack SplunkPy * Packs/SplunkPy/Integrations/SplunkPy/SplunkPy.yml Docker image update * Updated domain extraction playbook - changing .zip to a valid TLD (#27264) * Updated domain extraction playbook * some formatting. * Update playbook-Domain_extraction_test.yml * Update playbook-Domain_extraction_test.yml * Update Docker Image To demisto/duoadmin3 (#27268) * Updated Metadata Of Pack DuoAdminApi * Added release notes to pack DuoAdminApi * Packs/DuoAdminApi/Integrations/DuoEventCollector/DuoEventCollector.yml Docker image update * Packs/DuoAdminApi/Integrations/DuoAdminApi/DuoAdminApi.yml Docker image update * Update Docker Image To demisto/googleapi-python3 (#27267) * Updated Metadata Of Pack GoogleDrive * Added release notes to pack GoogleDrive * Packs/GoogleDrive/Integrations/GoogleDrive/GoogleDrive.yml Docker image update * Update Docker Image To demisto/python3 (#27266) * Updated Metadata Of Pack Darktrace * Added release notes to pack Darktrace * Packs/Darktrace/Integrations/DarktraceMBs/DarktraceMBs.yml Docker image update * Packs/Darktrace/Integrations/DarktraceAIA/DarktraceAIA.yml Docker image update * Updated Metadata Of Pack CybleEvents * Added release notes to pack CybleEvents * Packs/CybleEvents/Integrations/CybleEvents/CybleEvents.yml Docker image update * Updated Metadata Of Pack Censys * Added release notes to pack Censys * Packs/Censys/Integrations/CensysV2/CensysV2.yml Docker image update * Updated Metadata Of Pack VirusTotal * Added release notes to pack VirusTotal * Packs/VirusTotal/Integrations/FeedLivehunt/FeedLivehunt.yml Docker image update * Packs/VirusTotal/Integrations/FeedRetrohunt/FeedRetrohunt.yml Docker image update * Updated Metadata Of Pack CofenseIntelligenceV2 * Added release notes to pack CofenseIntelligenceV2 * Packs/CofenseIntelligenceV2/Integrations/CofenseIntelligenceV2/CofenseIntelligenceV2.yml Docker image update * Updated Metadata Of Pack CheckPointDome9 * Added release notes to pack CheckPointDome9 * Packs/CheckPointDome9/Integrations/CheckPointDome9/CheckPointDome9.yml Docker image update * Updated Metadata Of Pack Reco * Added release notes to pack Reco * Packs/Reco/Integrations/Reco/Reco.yml Docker image update * Updated Metadata Of Pack CimTrak-SystemIntegrityAssurance * Added release notes to pack CimTrak-SystemIntegrityAssurance * Packs/CimTrak-SystemIntegrityAssurance/Integrations/CimTrak/CimTrak.yml Docker image update * Update Docker Image To demisto/python3 (#27272) * Updated Metadata Of Pack FeedProofpoint * Added release notes to pack FeedProofpoint * Packs/FeedProofpoint/Integrations/FeedProofpoint/FeedProofpoint.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEM/FortiSIEM.yml Docker image update * Updated Metadata Of Pack Ipstack * Added release notes to pack Ipstack * Packs/Ipstack/Integrations/Ipstack/Ipstack.yml Docker image update * Updated Metadata Of Pack SafeBreach * Added release notes to pack SafeBreach * Packs/SafeBreach/Integrations/SafeBreach_v2/SafeBreach_v2.yml Docker image update * Updated Metadata Of Pack RedCanary * Added release notes to pack RedCanary * Packs/RedCanary/Integrations/RedCanary/RedCanary.yml Docker image update * Updated Metadata Of Pack PiHole * Added release notes to pack PiHole * Packs/PiHole/Integrations/PiHole/PiHole.yml Docker image update * Updated Metadata Of Pack FeedDShield * Added release notes to pack FeedDShield * Packs/FeedDShield/Integrations/FeedDShield/FeedDShield.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccess/SafeNetTrustedAccess.yml Docker image update * Updated Metadata Of Pack OpenPhish * Added release notes to pack OpenPhish * Packs/OpenPhish/Integrations/OpenPhish_v2/OpenPhish_v2.yml Docker image update * Updated Metadata Of Pack NistNVD * Added release notes to pack NistNVD * Packs/NistNVD/Integrations/NistNVD/NistNVD.yml Docker image update * Updated Metadata Of Pack Cognni * Added release notes to pack Cognni * Packs/Cognni/Integrations/Cognni/Cognni.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Packs/DeveloperTools/Integrations/CustomIndicatorDemo/CustomIndicatorDemo.yml Docker image update * Packs/DeveloperTools/Integrations/APIMetricsValidation/APIMetricsValidation.yml Docker image update * Updated Metadata Of Pack NozomiNetworks * Added release notes to pack NozomiNetworks * Packs/NozomiNetworks/Integrations/NozomiNetworks/NozomiNetworks.yml Docker image update * Updated Metadata Of Pack ANYRUN * Added release notes to pack ANYRUN * Packs/ANYRUN/Integrations/ANYRUN/ANYRUN.yml Docker image update * Updated Metadata Of Pack Carbon_Black_Enterprise_Response * Added release notes to pack Carbon_Black_Enterprise_Response * Packs/Carbon_Black_Enterprise_Response/Integrations/CarbonBlackResponseV2/CarbonBlackResponseV2.yml Docker image update * Updated Metadata Of Pack Absolute * Added release notes to pack Absolute * Packs/Absolute/Integrations/Absolute/Absolute.yml Docker image update * Updated Metadata Of Pack Ironscales * Added release notes to pack Ironscales * Packs/Ironscales/Integrations/Ironscales/Ironscales.yml Docker image update * Updated Metadata Of Pack FeedURLhaus * Added release notes to pack FeedURLhaus * Packs/FeedURLhaus/Integrations/FeedURLhaus/FeedURLhaus.yml Docker image update * Updated Metadata Of Pack Lokpath_Keylight * Added release notes to pack Lokpath_Keylight * Packs/Lokpath_Keylight/Integrations/Lockpath_KeyLight_v2/Lockpath_KeyLight_v2.yml Docker image update * Updated Metadata Of Pack FeedMISP * Added release notes to pack FeedMISP * Packs/FeedMISP/Integrations/FeedMISP/FeedMISP.yml Docker image update * Updated Metadata Of Pack FraudWatch * Added release notes to pack FraudWatch * Packs/FraudWatch/Integrations/FraudWatch/FraudWatch.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurityEventCollector/AbnormalSecurityEventCollector.yml Docker image update * Updated Metadata Of Pack CovalenceManagedSecurity * Added release notes to pack CovalenceManagedSecurity * Packs/CovalenceManagedSecurity/Integrations/CovalenceManagedSecurity/CovalenceManagedSecurity.yml Docker image update * Updated Metadata Of Pack IllusiveNetworks * Added release notes to pack IllusiveNetworks * Packs/IllusiveNetworks/Integrations/IllusiveNetworks/IllusiveNetworks.yml Docker image update * Updated Metadata Of Pack Edgescan * Added release notes to pack Edgescan * Packs/Edgescan/Integrations/Edgescan/Edgescan.yml Docker image update * Updated Metadata Of Pack PerceptionPoint * Added release notes to pack PerceptionPoint * Packs/PerceptionPoint/Integrations/PerceptionPoint/PerceptionPoint.yml Docker image update * Updated Metadata Of Pack Druva * Added release notes to pack Druva * Packs/Druva/Integrations/Druva/Druva.yml Docker image update * Updated Metadata Of Pack APIVoid * Added release notes to pack APIVoid * Packs/APIVoid/Integrations/APIVoid/APIVoid.yml Docker image update * Updated Metadata Of Pack PingIdentity * Added release notes to pack PingIdentity * Packs/PingIdentity/Integrations/PingOne/PingOne.yml Docker image update * Updated Metadata Of Pack cisco-ise * Added release notes to pack cisco-ise * Packs/cisco-ise/Integrations/cisco-ise/cisco-ise.yml Docker image update * Updated Metadata Of Pack SailPointIdentityIQ * Added release notes to pack SailPointIdentityIQ * Packs/SailPointIdentityIQ/Integrations/SailPointIdentityIQ/SailPointIdentityIQ.yml Docker image update * Updated Metadata Of Pack Cymulate * Added release notes to pack Cymulate * Packs/Cymulate/Integrations/Cymulate/Cymulate.yml Docker image update * Packs/Cymulate/Integrations/Cymulate_v2/Cymulate_v2.yml Docker image update * Updated Metadata Of Pack XSOARmirroring * Added release notes to pack XSOARmirroring * Packs/XSOARmirroring/Integrations/XSOARmirroring/XSOARmirroring.yml Docker image update * Updated Metadata Of Pack XMatters * Added release notes to pack XMatters * Packs/XMatters/Integrations/xMatters/xMatters.yml Docker image update * Updated Metadata Of Pack Zimperium * Added release notes to pack Zimperium * Packs/Zimperium/Integrations/Zimperium/Zimperium.yml Docker image update * Updated Metadata Of Pack RSANetWitnessEndpoint * Added release notes to pack RSANetWitnessEndpoint * Packs/RSANetWitnessEndpoint/Integrations/RSANetWitnessEndpoint/RSANetWitnessEndpoint.yml Docker image update * Updated Metadata Of Pack SymantecBlueCoatMalwareAnalysis * Added release notes to pack SymantecBlueCoatMalwareAnalysis * Packs/SymantecBlueCoatMalwareAnalysis/Integrations/SymantecBlueCoatMalwareAnalysis/SymantecBlueCoatMalwareAnalysis.yml Docker image update * Updated Metadata Of Pack InfoArmor_VigilanteATI * Added release notes to pack InfoArmor_VigilanteATI * Packs/InfoArmor_VigilanteATI/Integrations/InfoArmorVigilanteATI/InfoArmorVigilanteATI.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIVulnerabilityQuery/ACTIVulnerabilityQuery.yml Docker image update * Updated Metadata Of Pack PingCastle * Added release notes to pack PingCastle * Packs/PingCastle/Integrations/PingCastle/PingCastle.yml Docker image update * Updated Metadata Of Pack MaxMind_GeoIP2 * Added release notes to pack MaxMind_GeoIP2 * Packs/MaxMind_GeoIP2/Integrations/MaxMind_GeoIP2/MaxMind_GeoIP2.yml Docker image update * Updated Metadata Of Pack Maltiverse * Added release notes to pack Maltiverse * Packs/Maltiverse/Integrations/Maltiverse/Maltiverse.yml Docker image update * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackEndpointStandard/CarbonBlackEndpointStandard.yml Docker image update * Updated Metadata Of Pack AlienVault_USM_Anywhere * Added release notes to pack AlienVault_USM_Anywhere * Packs/AlienVault_USM_Anywhere/Integrations/AlienVault_USM_Anywhere/AlienVault_USM_Anywhere.yml Docker image update * Updated Metadata Of Pack ProofpointServerProtection * Added release notes to pack ProofpointServerProtection * Packs/ProofpointServerProtection/Integrations/ProofpointProtectionServerV2/ProofpointProtectionServerV2.yml Docker image update * Updated Metadata Of Pack OpsGenie * Added release notes to pack OpsGenie * Packs/OpsGenie/Integrations/OpsGenieV3/OpsGenieV3.yml Docker image update * Fixed lint and validate --------- Co-authored-by: sberman <[email protected]> * Ignore modeling/parsing rules suffix error (#27274) * [EDL] Fixed a typo in the description (#27269) * Fixed a typo in the description * Update the docker image * Macos Regex Fix (#27270) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Cs falcon add tags to cs-falcon-upload-custom-ioc command (#27234) * CS Flacon add tags to upload-custom-ioc command * added RNs * Align credentials stores part 11 (#27253) * Align credentials part 11 * Trend Micro Apex * ignore * adding tests to hostlo * Trend Micro Apex tests * trend more test * change test * Syslogv2 was removed from xsiam marketplace (#27278) * remove Syslogv2 from xsiam marketplace * RN * known_words * Update Packs/Syslog/ReleaseNotes/2_0_16.md Co-authored-by: dorschw <[email protected]> * DO --------- Co-authored-by: dorschw <[email protected]> * Microsoft Graph Single User - Edit documentation (#27275) * edit documentation * edit documentation * RN and DO * fix doc * mistake * ExtraHop release v2.1.0 (#27056) (#27279) * Update .devcontainer.json name * added changes related to ExtrHop 2.1.0 release --------- Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> * Recordedfuture listapi v1.0.0 (#26996) (#27281) * First version/implementation of new List Integration * Added new List integration * Updated validation step requirements and fixed tests to be working as expected * Updated test Coverage * Version bump and fixed frombersion for list app * Added custom content, incident type and classifier for coderepo leakage * Updated some documentation and fixed dockerimages * Bumped version of playbook alert app * Fixed changelog for 1.6.0 to not include an old change * fixed type0 in changelog * removed base64 import * Updated release notes * Update based on review * Removed references to old playbook alerts documentation from creation of integration --------- Co-authored-by: recordedfuture-simonhornestedt <109588368+recordedfuture-simonhornestedt@users.noreply.github.com> Co-authored-by: michal-dagan <[email protected]> * fix bug by convert the password to bytes (#27283) * fix bug by convert the password to bytes * commit * update RN and Docker * comment corrections * commit * [greynoise-266] - Add greynoise-similar and greynoise-timeline commands (#27067) (#27291) * add sim and timeline updates * fix test file prints * update readme fix tests * updates to readme for pre-commit * updates from pre-commit run * more linting updates * update secrets * fix url in timeline Co-authored-by: Brad Chiappetta <[email protected]> * [ASM] - Expandr 4075 (#27258) (#27287) * init * RN * fix RN * Apply suggestions from code review -----…
- Loading branch information