[VirusTotal] Update logos #2
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
danipv
approved these changes
Feb 20, 2023
pabloperezj
added a commit
that referenced
this pull request
Apr 17, 2023
* Update README.md * [VirusTotal] Update logos (#2) * Update ReleaseNote * Update ReleaseNote * Update ReleaseNote * Update 2_5_1.md --------- Co-authored-by: Pablo Pérez <[email protected]> Co-authored-by: Daniel Pascual <[email protected]>
danipv
pushed a commit
that referenced
this pull request
Nov 7, 2023
* [pre-commit ruff] Align the entire repo with ruff #2 * Add RN * Update the docker image
danipv
pushed a commit
that referenced
this pull request
Nov 7, 2023
* [pre-commit MyPy] Align the entire repo with MyPy #2 * Add RN * Revert changes in 1.12.26 RN * Update the docker images
danipv
pushed a commit
that referenced
this pull request
Nov 7, 2023
* add PAN-OS to xpanse MP and core (demisto#29826) * docker * RN * docker #2 --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Yehuda <[email protected]>
danipv
pushed a commit
that referenced
this pull request
Nov 7, 2023
* Update Group-IB TI APP PR from master branch (#29350) * test commit * remove bt link * Remove A in TI for yaml and md for indicator * back yaml to default * refactor yaml with cortex utils * refactor md and yaml for feed * remove bp/domain * replace git_leak with git_repository * Add new collection Fix issue with date for TI * remove changes outside the Packs * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json Co-authored-by: Mai Morag <[email protected]> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json Co-authored-by: Mai Morag <[email protected]> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <[email protected]> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <[email protected]> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <[email protected]> * update release notes * update logo * update logo * Revert "update release notes" This reverts commit fc93e44461b3085c156c42a96e3f5aaf8efbe0af. * revert microsocks * fix compromised account issue * adding RL * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/GroupIBTIA.py Co-authored-by: Mai Morag <[email protected]> * create release notes v1_3_12 * add test for compromised/account_group * refactor changes in playbook * fixed validation errors * adding pragma no cover * refactor RN * add urllib exception * fixing validation errors * adding pragma no cover * format * fix lint test errors * revert sentinel * revert changes to azure sentinel * fixing cloud machine ids processing (#29777) * fixing cloud machine ids processing * not exiting the installation script if we fail to install a pack. report an error but continue with the test playbook upload (#29759) Co-authored-by: kobymeir <[email protected]> * Microsoft DNS Parsing Rule Drop (#29765) * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * [JoeSecurity] Pre-Commit (#29717) * [pre-commit ruff] Align the entire repo with ruff #2 (#29754) * [pre-commit ruff] Align the entire repo with ruff #2 * Add RN * Update the docker image * Don't checkout build files in pre-commit (#27900) * is file up to date pre-commit * Revert changes made by mistake --------- Co-authored-by: dorschw <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks (#29774) * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks * RN * fixed RN and 'NGFW Scan playbook' * CiscoSMA- Added timeout parameter (#29372) * fix * add_tests * fix_test_description * fix_yml_add_readme * fixes - add timeout to the client * add timeout to yml * revert changes * Update CiscoSMA.py * Update CiscoSMA.py * CR review * add RN * fix CR review * update docker image * XSUP-27956/ Added EWS PS V3 Description (#29784) * updated the description * update rn * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md Co-authored-by: Dan Tavori <[email protected]> * test * test * removed import --------- Co-authored-by: Dan Tavori <[email protected]> * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 * fix minor typos and update docker image * Bump Docker version --------- Co-authored-by: Ariel Tobiana <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [ASM] - Expander - Update ASM fields (4821) (#29702) * [ASM] - Expander - Update ASM fields (4821) (#29506) * Add missing comments to grid fields - Update descriptions of fields as needed. * Add release notes * Add descriptions to two fields - asmdevcheckdetails - asmenrichmentstatus * Update release notes. * Grammar updates. * Update release notes * Add mandatory or optional in comments * Update comments with mandatory * Update pack version and release notes * Add correct 1_6_33 release notes * fix rn * fix rn --------- Co-authored-by: John <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> * Wildfire-upload-url add poling timeout argument (#29790) * save adding timeout param * new docker image * added rn * fix ruff * ruff made me to do this fixes :( not related to my changes * Update Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/2_1_35.md * poetry files (#29793) Co-authored-by: Content Bot <[email protected]> * Dra-cvss-color-fix (#29757) * Fixed a small issue when indicator had no custom fields * RN * docker bump * RN * Update CVECVSSColor.py * docker bump * RN * fixing typos in build scripts. (#29788) unremovable -> non-removable productname -> product_name testplaybook -> test_playbook changed some arg passing to use their full name: -gpidd -gpidp Co-authored-by: kobymeir <[email protected]> * mapping to standard stix values (#29785) * mapping to standard stix values * updated release notes * update docker * breaking json * add dot * Add the nightly_ruff file for run pre-commit with --all flag (#29684) * Add the nightly_ruff file for run pre-commit with --all flag * Add more rules; Add the error name * Add E501 * Add F601, F842, TID252 * XSUP-27528 (#29705) * add_tests * add_tests * add RN, fix tests, format yml * Update Packs/CommonScripts/ReleaseNotes/1_12_24.md Co-authored-by: Arad Carmi <[email protected]> * fix readme * Bump pack from version CommonScripts to 1.12.25. --------- Co-authored-by: Arad Carmi <[email protected]> Co-authored-by: Content Bot <[email protected]> * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29802) * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29625) * bumped docker version for axonius api client * docker image * remove the - --------- Co-authored-by: Yehuda <[email protected]> * format --------- Co-authored-by: Bryce Pedroza <[email protected]> Co-authored-by: Yehuda <[email protected]> * Updated native:8.4 image; Add auth-utils support (#29792) Co-authored-by: GuyAfik <[email protected]> * Fixed sc_task closing state (#29636) * Fixed sc_task closing state * Added release notes * Updated docker image * small fix * bumped dokcer * fixed rn --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> Co-authored-by: sbenyakir <[email protected]> * Private Compliance Packs (#29664) * XSUP-27936 problem with regex (#29613) * failed test * fix * rn * rn * unit test * ut * validations * fixed test and docker * fix * validation * Prisma Cloud V2 Add "usernames" Argument (#29710) * add username arg * support list * update UT * update README * docker update * update TPB * Fortinet fortigate enhancement (#29655) * Updated the readme for proofpoint fortigate. * Modified the modeling rule. * Modified the modeling rule and the schema file. * Updated the release note. * Update Packs/FortiGate/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Updated the modeling rule. * Added tags to the readme. * removed ftntfgtmastersrcmac and ftntfgtmasterdstmac from the mapping. * updated the modeling rule and the schema file. * updated the modeling rule * updated the modeling rule --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Add syslog example for War Room Actions (#29800) * Graph Security Update (#29797) * Updated MicrosoftGraphSecurity_schema * Updated ReleaseNotes * Updated ReleaseNotes * [Dataminr Pulse] Release 106 (#29805) * [Dataminr Pulse] Release 106 (#29693) * Changes related to release v1.0.6 * Changes related to release v1.0.6 * Fixing Release Note related issue --------- Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * Bump Docker version --------- Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [RecordedFuture] threat actor playbook update V2.5.1 (#29690) (#29807) * Update Threat actor search playbook. * Add release notes * Fix formatting * Change ExtractedIndicators to ExtractedIndicators\.File * Fix release notes --------- Co-authored-by: Yaroslav Nestor <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [JoeSecurity] show partial result in polling commands (#29715) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 (#29761) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 * Private Upload Mode - ThreatExchange v2 (#28249) * ThreatExchange integration * ThreatExchange updates * Added param to instance configuration * pre-commit * updated RN * RN test * CR updates * Removed Threat_Crowd * Update Packs/ThreatExchange/ReleaseNotes/2_0_12.md Co-authored-by: ShirleyDenkberg <[email protected]> * docker * format * skip tests since theres no instance * no testing instance --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: Yehuda <[email protected]> * added plus 1 for each iteration in find destination (#29811) * added plus 1 for each iteration in find destination (#29760) * added plus 1 for each iteration in find destination * added release notes * Update Packs/Cisco-umbrella-cloud-security/ReleaseNotes/2_0_2.md Co-authored-by: ShirleyDenkberg <[email protected]> * updated docker image tag to latest * updated unit test for pagination functions * removed comments --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Update 2_0_2.md --------- Co-authored-by: LiorQM <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: RotemAmit <[email protected]> * Mde list indicator filter (#29640) * Mde list indicator filter (#29338) * init indicator filter * release notes * latest docker image * updated docker image * minor fixes * reslove conflicts * resolve version conflicts * silence linter * format * docker * Apply suggestions from Shirley Co-authored-by: ShirleyDenkberg <[email protected]> * add period * change phrase * adding "is_mockable": false * docker * try change test playbook * empty line * docker * return the mock * Revert "return the mock" This reverts commit da9baeff5cadddf2cd125fb073c266c867f465a5. --------- Co-authored-by: ckaadic <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Audit Logs Endpoints Scripts Aligments for Xsoar-8 (#29781) * test * fix core api * ExportAuditLogsToFile - add support for xsoar-8 * add ExportAuditLogsToFile UTs * add forward audit logs uts * update ut * validation fixes * mypy * bump rns * update docker * update docker image * fix ut * format * Bump pack from version CommonScripts to 1.12.25. * Bump pack from version CommonScripts to 1.12.26. * cr * cr fixes * update * fix uts --------- Co-authored-by: Content Bot <[email protected]> * Add command prisma-cloud-compute-get-file-integrity-events (#29608) * Add command prisma-cloud-compute-get-file-integrity-events (#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (#29621) * [pre-commit pycln] Align the entire repo with pycln (#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (#29638) * add marketplaces to metadata (#29629) * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <[email protected]> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Content Bot <[email protected]> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <[email protected]> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <[email protected]> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <[email protected]> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> * rename image --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- Co-authored-by: Eido Epstain <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * PANOS - EXPANDR-5744 (#29223) (#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Audit alert fields fix (#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py Co-authored-by: dorschw <[email protected]> * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- Co-authored-by: maimorag <[email protected]> Co-authored-by: Randy Baldwin <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: dorschw <[email protected]> * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md Co-authored-by: dorschw <[email protected]> * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: maimorag <[email protected]> Co-authored-by: Randy Baldwin <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: dorschw <[email protected]> Co-authored-by: Content Bot <[email protected]> * Big query bug xsup 28132 (#29680) * bug fix * rn * rn * Apply suggestions from code review Co-authored-by: Dan Tavori <[email protected]> * format * pre commit --------- Co-authored-by: Dan Tavori <[email protected]> * New Prisma Cloud v2 commands (#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review Co-authored-by: ShirleyDenkberg <[email protected]> * fix test playbook * Tomer's changes --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Prisma Cloud Update (#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- Co-authored-by: Content Bot <[email protected]> * Rapid7 appsec (#29134) (#29687) * Revert "Add space to conf" This reverts commit 3a74b931d31ae2b33e0e4570c7df7d06c668e9c8. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: Ron Hadad <[email protected]> Co-authored-by: TalGumi <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: sberman <[email protected]> Co-authored-by: Guy Lichtman <[email protected]> Co-authored-by: glicht <[email protected]> Co-authored-by: Andrew Shamah <[email protected]> * Panos add param (#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml Co-authored-by: Guy Afik <[email protected]> * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- Co-authored-by: Guy Afik <[email protected]> Co-authored-by: Content Bot <[email protected]> * Fix proxy usage (#85) (#29630) * Fix proxy usage (#85) (#29181) * Fix proxy usage (#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- Co-authored-by: Felipe Garrido <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> * Missing dependencies when installing packs (#28989) * search and install packs --------- Co-authored-by: kobymeir <[email protected]> * Deprecate Picus Community (#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- Co-authored-by: RotemAmit <[email protected]> * [ASM] - Expander - GCP Hierarchy field - 4376 (#29696) (#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json Co-authored-by: John <[email protected]> * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- Co-authored-by: Ali Sawyer <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: Yaakov Praisler <[email protected]> Co-authored-by: Chait A <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> Co-authored-by: michal-dagan <[email protected]> Co-authored-by: Yaroslav Nestor <[email protected]> Co-authored-by: Ido van Dijk <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: sberman <[email protected]> Co-authored-by: DinaMeylakh <[email protected]> Co-authored-by: ilaner <[email protected]> Co-authored-by: Yehonatan Asta <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: sapir shuker <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: samuelFain <[email protected]> Co-authored-by: nkanon <[email protected]> Co-authored-by: Eido Epstain <[email protected]> Co-authored-by: Tomer Haimof <[email protected]> Co-authored-by: EyalPintzov <[email protected]> Co-authored-by: maimorag <[email protected]> Co-authored-by: Randy Baldwin <[email protected]> Co-authored-by: dorschw <[email protected]> Co-authored-by: Adi Bamberger Edri <[email protected]> Co-authored-by: eepstain <[email protected]> Co-authored-by: Ron Hadad <[email protected]> Co-authored-by: TalGumi <[email protected]> Co-authored-by: Guy Lichtman <[email protected]> Co-authored-by: glicht <[email protected]> Co-authored-by: Andrew Shamah <[email protected]> Co-authored-by: Shahaf Ben Yakir <[email protected]> Co-authored-by: Guy Afik <[email protected]> Co-authored-by: Felipe Garrido <[email protected]> Co-authored-by: Koby Meir <[email protected]> Co-authored-by: kobymeir <[email protected]> Co-authored-by: Edi Katsenelson <[email protected]> Co-authored-by: RotemAmit <[email protected]> Co-authored-by: John <[email protected]> * [Marketplace Contribution] Okta - Content Pack Update (#29650) * [Marketplace Contribution] Okta - Content Pack Update (#29303) * "contribution update to pack "Okta"" * minor fixes * add outputs and readme * add outputs description * update docker * change outputs --------- Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <[email protected]> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Content Bot <[email protected]> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <[email protected]> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <[email protected]> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <[email protected]> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> * rename image --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * update docker --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: Chait A <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> Co-authored-by: michal-dagan <[email protected]> Co-authored-by: Yaroslav Nestor <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: Ido van Dijk <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: sberman <[email protected]> Co-authored-by: DinaMeylakh <[email protected]> Co-authored-by: ilaner <[email protected]> Co-authored-by: Yehonatan Asta <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: sapir shuker <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> * If-Elif Transformer (#27763) * IfElif init * minor changes * parse single strings not json * fixed regex * fixed json bug * removed context * created eval blacklist * added json KW to eval * Update bucket-upload.yml * added ast for parsing * use hash for context grab * added value arg * quick * added unit-tests * added README.md * added RN * added flags arg; use dt for context grabbing * fixed context grabbing * added regex support * finished readme * finished readme 2 * added variables arg * changed vars to upper * changed to class * prefixed variable bug * some tests * finished unit-tests * completed tests * finished docs * finished docs in yml * new design for 'value' * unit-tests complete * docs part 1 * docs complete * added if-elif TPB * fixed TPB * fixed mypy error * fixed mypy error * fixed injection issue; added + op * name changes * added injection test in TPB * CR changes * error for unknown variables * reformat 'from_context' func * resolve conflicts * demo changes * demo changes part 2 * bug fix * updated docker * added list_compare flag * added error catcher for comp funcs * readme update; textArea for conditions * resolve conflicts * resolve conflicts * updated docker * name changes * fixed unit-tests * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * added missing flag to readme * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * name changes * added suppres_error behaviuor to docs * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * updated docker --------- Co-authored-by: ShirleyDenkberg <[email protected]> * revert removal of release notes generator (#29828) * revert * validations * rn * search_and_install_packs.py - less strict when installing packs during nightly. should be reverted in (#29806) Co-authored-by: kobymeir <[email protected]> * exit on error alignment.fixing echo message when exiting the uninstallation script. (#29821) * exit on error alignment. fixing echo message when exiting the uninstallation script. * installing specific poetry version (#29812) * installing specific poetry version - moving the logic to bootstrap * Cs falcon detections revert (#29833) * Revert "Cs falcon fetch limit issue (#29411)" This reverts commit f7b7d5c6 * Revert "Cs limit in idp detections (#29550)" This reverts commit 47738d56 * Added rn * Added rn * SQL Alchemy 2.x.x (#29436) * MySQL and Postgress works * MSSQL, My SQL and postgres works with bind_variables from the second form * resolve conflicts * fix CR's comments * pre commit * parsing the results * Add UT * same name and right docker * RN * sourcery * another docker image * revert docker image * Update Packs/GenericSQL/ReleaseNotes/1_0_25.md Co-authored-by: dorschw <[email protected]> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <[email protected]> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <[email protected]> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <[email protected]> * fix variable name * constants * mapping instead of conditions * unskip Oracle TPB * resolve conflicts * resolve conflicts * Constants * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <[email protected]> * CR fixes * Update Packs/GenericSQL/ReleaseNotes/1_1_0.md Co-authored-by: dorschw <[email protected]> * add commit after executing a query * fix UT * remove autocommit true from MSSQL * fix UT * autocommit for MSSQL, commit for the others * commit for the others DBs, since in MSSQL is automatically * docker image --------- Co-authored-by: dorschw <[email protected]> * Generic playbooks fixes (#29711) * fixes for generic playbooks * fixes for generic playbooks * fixes for generic playbooks * Use Case Builder Development stage Field update (#29771) (#29825) * pushing changes to the use case stage * adding release notes * Update pack_metadata.json * Rename 1_1_0.md to 1_0_4.md * Update 1_0_4.md * Update 1_0_4.md --------- Co-authored-by: Joe Cosgrove <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * Add mapper and disable auto extraction for ThinkstCanary (#29756) * Add Classification and Mapping to ThinkstCanary Integration * Duo Mapping Enrichment (#29139) * Updated DuoModelingRule_1_3 * Updated ModelingRules and ReleaseNotes * Updated ModelingRules and ReleaseNotes * Updated DuoModelingRule_1_3_schema and README * Rev DuoModelingRule_1_3 | add DuoModelingRule_2_0 * Updated .yml and ReleaseNotes * Updated DuoModelingRule_2_0 * Updated ReleaseNotes * Updated .yml with toversion: 8.3.0 * Updated DuoModelingRule_2_0_schema * Updated ModelingRules * Updated ReleaseNotes * Bump pack from version DuoAdminApi to 4.0.8. * Updated DuoModelingRule_1_3 * azure * Updated DuoModelingRule_2_0 * Updated DuoModelingRule_2_0 * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * Updated ReleaseNotes * Updated ReleaseNotes * Updated DuoModelingRule_2_0 * Reverted MS packs * Reverted MS packs * Updated DuoModelingRule_1_3_schema * Updated ReleaseNotes * Update Packs/DuoAdminApi/ReleaseNotes/4_0_10.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * [AWS System Manager] New Pack (#28992) * init - new pack * 2 commands * aws-ssm-inventory-entry-list * list_associations_command * remove boto stubs * remove boto stubs * improve * poetry * revert poetry * aws-ssm-association-list * aws-ssm-association-get * aws-ssm-association-get * aws-ssm-association-version-list * format * aws-ssm-document-list * ruff * ruff * ssmclient test * test * doc get * docs * Update pyproject.toml * Update poetry.lock * Update .pre-commit-config_template.yaml * regex * aws-ssm-tag-remove * improve * aws-ssm-automation-execution-list * pack * aws-ssm-command-list * aws-ssm-command-run aws-ssm-command-cancel * ruff * Apply suggestions from code review Co-authored-by: Jacob Levy <[email protected]> * Apply suggestions from code review Co-authored-by: Jacob Levy <[email protected]> * UT * UT * cr and docs * black * black and ruff * format * description * format description * pack metadata * fix ut * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * cr * cr * fix yml * add outputs * Update Packs/AWS_SystemManager/Integrations/AWSSystemManager/AWSSystemManager.py Co-authored-by: dorschw <[email protected]> * fix cr * run command and fix UT * automation run * fix output add playbook * docs * docs * docs * docs * ruff and black * fix demo * fix demo * update docker and fix line to long * Apply suggestions from code review (docs) Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: dorschw <[email protected]> * cr fix * update docker * fix line * Fix an issue * Fix an issue * Update playbook description * Update docker --------- Co-authored-by: Jacob Levy <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: dorschw <[email protected]> * Fix splunk search in incident context (#29763) * fixes * fixes * fixes * update docker * added rn * add bc rn * Empty-Commit * Test For 'WildFire Malware' Playbook (#29404) * Test For 'WildFire Malware' Playbook * PR * RN * added the "is_mockable" config to the conf file * removed the "is_mockable" config to the conf file * Bump pack from version Core to 2.0.14. * Bump pack from version Core to 2.0.15. * Increased timeout configs * Added VirusTotal to the conf file * added virustotal instance name * changed the 'AutoContainment' playbook input config to 'true' * changed 'timeout' * changed 'timeout' * changed 'timeout' to 1600 * changed the 'ShouldCloseAutomatically' playbook input to 'false' * added the test playbook name to the playbook YML file * RN * removed the close note alert field verification * added the 'marketplacev2' to the test playbook YML file * added the '000001e7a228b2a7abdf7f7e404bc8522df32b725e86907dde32176bccbbbb27' malicious file hash to secrets ignore file. the file hash is used within the test playbook for enrichment and test purposes. --------- Co-authored-by: Content Bot <[email protected]> * update docker image (#29845) * added functionallity to download index by marketplace (#29834) * added functionallity to download index by marketplace * added some logs for validation * commit * removed logs * [pre-commit MyPy] Align the entire repo with MyPy #2 (#29799) * [pre-commit MyPy] Align the entire repo with MyPy #2 * Add RN * Revert changes in 1.12.26 RN * Update the docker images * [pre-commit MyPy] Align the entire repo with MyPy #1 (#29798) * [pre-commit MyPy] Align the entire repo with MyPy #1 * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md Co-authored-by: Dan Tavori <[email protected]> * test * test * removed import --------- Co-authored-by: Dan Tavori <[email protected]> * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase re…
pabloperezj
pushed a commit
that referenced
this pull request
Nov 26, 2023
…#30900) * Group-IB hot fix integration (#30470) (#30878) * test commit * remove bt link * Remove A in TI for yaml and md for indicator * back yaml to default * refactor yaml with cortex utils * refactor md and yaml for feed * remove bp/domain * replace git_leak with git_repository * Add new collection Fix issue with date for TI * remove changes outside the Packs * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json * update release notes * update logo * update logo * Revert "update release notes" This reverts commit fc93e44461b3085c156c42a96e3f5aaf8efbe0af. * revert microsocks * fix compromised account issue * adding RL * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/GroupIBTIA.py * create release notes v1_3_12 * add test for compromised/account_group * refactor changes in playbook * fixed validation errors * adding pragma no cover * refactor RN * add urllib exception * fixing validation errors * adding pragma no cover * format * fix lint test errors * revert sentinel * revert changes to azure sentinel * fixing cloud machine ids processing (#29777) * fixing cloud machine ids processing * not exiting the installation script if we fail to install a pack. report an error but continue with the test playbook upload (#29759) * Microsoft DNS Parsing Rule Drop (#29765) * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * [JoeSecurity] Pre-Commit (#29717) * [pre-commit ruff] Align the entire repo with ruff #2 (#29754) * [pre-commit ruff] Align the entire repo with ruff #2 * Add RN * Update the docker image * Don't checkout build files in pre-commit (#27900) * is file up to date pre-commit * Revert changes made by mistake --------- * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks (#29774) * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks * RN * fixed RN and 'NGFW Scan playbook' * CiscoSMA- Added timeout parameter (#29372) * fix * add_tests * fix_test_description * fix_yml_add_readme * fixes - add timeout to the client * add timeout to yml * revert changes * Update CiscoSMA.py * Update CiscoSMA.py * CR review * add RN * fix CR review * update docker image * XSUP-27956/ Added EWS PS V3 Description (#29784) * updated the description * update rn * Apply suggestions from code review --------- * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md * test * test * removed import --------- * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 * fix minor typos and update docker image * Bump Docker version --------- * [ASM] - Expander - Update ASM fields (4821) (#29702) * [ASM] - Expander - Update ASM fields (4821) (#29506) * Add missing comments to grid fields - Update descriptions of fields as needed. * Add release notes * Add descriptions to two fields - asmdevcheckdetails - asmenrichmentstatus * Update release notes. * Grammar updates. * Update release notes * Add mandatory or optional in comments * Update comments with mandatory * Update pack version and release notes * Add correct 1_6_33 release notes * fix rn * fix rn --------- * Wildfire-upload-url add poling timeout argument (#29790) * save adding timeout param * new docker image * added rn * fix ruff * ruff made me to do this fixes :( not related to my changes * Update Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/2_1_35.md * poetry files (#29793) * Dra-cvss-color-fix (#29757) * Fixed a small issue when indicator had no custom fields * RN * docker bump * RN * Update CVECVSSColor.py * docker bump * RN * fixing typos in build scripts. (#29788) unremovable -> non-removable productname -> product_name testplaybook -> test_playbook changed some arg passing to use their full name: -gpidd -gpidp * mapping to standard stix values (#29785) * mapping to standard stix values * updated release notes * update docker * breaking json * add dot * Add the nightly_ruff file for run pre-commit with --all flag (#29684) * Add the nightly_ruff file for run pre-commit with --all flag * Add more rules; Add the error name * Add E501 * Add F601, F842, TID252 * XSUP-27528 (#29705) * add_tests * add_tests * add RN, fix tests, format yml * Update Packs/CommonScripts/ReleaseNotes/1_12_24.md * fix readme * Bump pack from version CommonScripts to 1.12.25. --------- * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29802) * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29625) * bumped docker version for axonius api client * docker image * remove the - --------- * format --------- * Updated native:8.4 image; Add auth-utils support (#29792) * Fixed sc_task closing state (#29636) * Fixed sc_task closing state * Added release notes * Updated docker image * small fix * bumped dokcer * fixed rn --------- * Private Compliance Packs (#29664) * XSUP-27936 problem with regex (#29613) * failed test * fix * rn * rn * unit test * ut * validations * fixed test and docker * fix * validation * Prisma Cloud V2 Add "usernames" Argument (#29710) * add username arg * support list * update UT * update README * docker update * update TPB * Fortinet fortigate enhancement (#29655) * Updated the readme for proofpoint fortigate. * Modified the modeling rule. * Modified the modeling rule and the schema file. * Updated the release note. * Update Packs/FortiGate/README.md * Updated the modeling rule. * Added tags to the readme. * removed ftntfgtmastersrcmac and ftntfgtmasterdstmac from the mapping. * updated the modeling rule and the schema file. * updated the modeling rule * updated the modeling rule --------- * Add syslog example for War Room Actions (#29800) * Graph Security Update (#29797) * Updated MicrosoftGraphSecurity_schema * Updated ReleaseNotes * Updated ReleaseNotes * [Dataminr Pulse] Release 106 (#29805) * [Dataminr Pulse] Release 106 (#29693) * Changes related to release v1.0.6 * Changes related to release v1.0.6 * Fixing Release Note related issue --------- * Bump Docker version --------- * [RecordedFuture] threat actor playbook update V2.5.1 (#29690) (#29807) * Update Threat actor search playbook. * Add release notes * Fix formatting * Change ExtractedIndicators to ExtractedIndicators\.File * Fix release notes --------- * [JoeSecurity] show partial result in polling commands (#29715) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 (#29761) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 * Private Upload Mode - ThreatExchange v2 (#28249) * ThreatExchange integration * ThreatExchange updates * Added param to instance configuration * pre-commit * updated RN * RN test * CR updates * Removed Threat_Crowd * Update Packs/ThreatExchange/ReleaseNotes/2_0_12.md * docker * format * skip tests since theres no instance * no testing instance --------- * added plus 1 for each iteration in find destination (#29811) * added plus 1 for each iteration in find destination (#29760) * added plus 1 for each iteration in find destination * added release notes * Update Packs/Cisco-umbrella-cloud-security/ReleaseNotes/2_0_2.md * updated docker image tag to latest * updated unit test for pagination functions * removed comments --------- * Update 2_0_2.md --------- * Mde list indicator filter (#29640) * Mde list indicator filter (#29338) * init indicator filter * release notes * latest docker image * updated docker image * minor fixes * reslove conflicts * resolve version conflicts * silence linter * format * docker * Apply suggestions from Shirley * add period * change phrase * adding "is_mockable": false * docker * try change test playbook * empty line * docker * return the mock * Revert "return the mock" This reverts commit da9baeff5cadddf2cd125fb073c266c867f465a5. --------- * Audit Logs Endpoints Scripts Aligments for Xsoar-8 (#29781) * test * fix core api * ExportAuditLogsToFile - add support for xsoar-8 * add ExportAuditLogsToFile UTs * add forward audit logs uts * update ut * validation fixes * mypy * bump rns * update docker * update docker image * fix ut * format * Bump pack from version CommonScripts to 1.12.25. * Bump pack from version CommonScripts to 1.12.26. * cr * cr fixes * update * fix uts --------- * Add command prisma-cloud-compute-get-file-integrity-events (#29608) * Add command prisma-cloud-compute-get-file-integrity-events (#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (#29621) * [pre-commit pycln] Align the entire repo with pycln (#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (#29638) * add marketplaces to metadata (#29629) * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- * Minor README fixes --------- * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md --------- * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- * rename image --------- * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- * PANOS - EXPANDR-5744 (#29223) (#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- * Audit alert fields fix (#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- * Big query bug xsup 28132 (#29680) * bug fix * rn * rn * Apply suggestions from code review * format * pre commit --------- * New Prisma Cloud v2 commands (#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review * fix test playbook * Tomer's changes --------- * Prisma Cloud Update (#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- * Rapid7 appsec (#29134) (#29687) * Revert "Add space to conf" This reverts commit 3a74b931d31ae2b33e0e4570c7df7d06c668e9c8. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- * Panos add param (#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- * Fix proxy usage (#85) (#29630) * Fix proxy usage (#85) (#29181) * Fix proxy usage (#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- * Missing dependencies when installing packs (#28989) * search and install packs --------- * Deprecate Picus Community (#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- * [ASM] - Expander - GCP Hierarchy field - 4376 (#29696) (#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- * [Marketplace Contribution] Okta - Content Pack Update (#29650) * [Marketplace Contribution] Okta - Content Pack Update (#29303) * "contribution update to pack "Okta"" * minor fixes * add outputs and readme * add outputs description * update docker * change outputs --------- * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- * Minor README fixes --------- * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md --------- * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- * rename image --------- * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * update docker --------- * If-Elif Transformer (#27763) * IfElif init * minor changes * parse single strings not json * fixed regex * fixed json bug * removed context * created eval blacklist * added json KW to eval * Update bucket-upload.yml * added ast for parsing * use hash for context grab * added value arg * quick * added unit-tests * added README.md * added RN * added flags arg; use dt for context grabbing * fixed context grabbing * added regex support * finished readme * finished readme 2 * added variables arg * changed vars to upper * changed to class * prefixed variable bug * some tests * finished unit-tests * completed tests * finished docs * finished docs in yml * new design for 'value' * unit-tests complete * docs part 1 * docs complete * added if-elif TPB * fixed TPB * fixed mypy error * fixed mypy error * fixed injection issue; added + op * name changes * added injection test in TPB * CR changes * error for unknown variables * reformat 'from_context' func * resolve conflicts * demo changes * demo changes part 2 * bug fix * updated docker * added list_compare flag * added error catcher for comp funcs * readme update; textArea for conditions * resolve conflicts * resolve conflicts * updated docker * name changes * fixed unit-tests * Apply suggestions from code review * added missing flag to readme * CR changes * Apply suggestions from code review * name changes * added suppres_error behaviuor to docs * Apply suggestions from code review * updated docker --------- * revert removal of release notes generator (#29828) * revert * validations * rn * search_and_install_packs.py - less strict when installing packs during nightly. should be reverted in (#29806) * exit on error alignment.fixing echo message when exiting the uninstallation script. (#29821) * exit on error alignment. fixing echo message when exiting the uninstallation script. * installing specific poetry version (#29812) * installing specific poetry version - moving the logic to bootstrap * Cs falcon detections revert (#29833) * Revert "Cs falcon fetch limit issue (#29411)" This reverts commit f7b7d5c6 * Revert "Cs limit in idp detections (#29550)" This reverts commit 47738d56 * Added rn * Added rn * SQL Alchemy 2.x.x (#29436) * MySQL and Postgress works * MSSQL, My SQL and postgres works with bind_variables from the second form * resolve conflicts * fix CR's comments * pre commit * parsing the results * Add UT * same name and right docker * RN * sourcery * another docker image * revert docker image * Update Packs/GenericSQL/ReleaseNotes/1_0_25.md * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * fix variable name * constants * mapping instead of conditions * unskip Oracle TPB * resolve conflicts * resolve conflicts * Constants * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * CR fixes * Update Packs/GenericSQL/ReleaseNotes/1_1_0.md * add commit after executing a query * fix UT * remove autocommit true from MSSQL * fix UT * autocommit for MSSQL, commit for the others * commit for the others DBs, since in MSSQL is automatically * docker image --------- * Generic playbooks fixes (#29711) * fixes for generic playbooks * fixes for generic playbooks * fixes for generic playbooks * Use Case Builder Development stage Field update (#29771) (#29825) * pushing changes to the use case stage * adding release notes * Update pack_metadata.json * Rename 1_1_0.md to 1_0_4.md * Update 1_0_4.md * Update 1_0_4.md --------- * Add mapper and disable auto extraction for ThinkstCanary (#29756) * Add Classification and Mapping to ThinkstCanary Integration * Duo Mapping Enrichment (#29139) * Updated DuoModelingRule_1_3 * Updated ModelingRules and ReleaseNotes * Updated ModelingRules and ReleaseNotes * Updated DuoModelingRule_1_3_schema and README * Rev DuoModelingRule_1_3 | add DuoModelingRule_2_0 * Updated .yml and ReleaseNotes * Updated DuoModelingRule_2_0 * Updated ReleaseNotes * Updated .yml with toversion: 8.3.0 * Updated DuoModelingRule_2_0_schema * Updated ModelingRules * Updated ReleaseNotes * Bump pack from version DuoAdminApi to 4.0.8. * Updated DuoModelingRule_1_3 * azure * Updated DuoModelingRule_2_0 * Updated DuoModelingRule_2_0 * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * Updated ReleaseNotes * Updated ReleaseNotes * Updated DuoModelingRule_2_0 * Reverted MS packs * Reverted MS packs * Updated DuoModelingRule_1_3_schema * Updated ReleaseNotes * Update Packs/DuoAdminApi/ReleaseNotes/4_0_10.md --------- * [AWS System Manager] New Pack (#28992) * init - new pack * 2 commands * aws-ssm-inventory-entry-list * list_associations_command * remove boto stubs * remove boto stubs * improve * poetry * revert poetry * aws-ssm-association-list * aws-ssm-association-get * aws-ssm-association-get * aws-ssm-association-version-list * format * aws-ssm-document-list * ruff * ruff * ssmclient test * test * doc get * docs * Update pyproject.toml * Update poetry.lock * Update .pre-commit-config_template.yaml * regex * aws-ssm-tag-remove * improve * aws-ssm-automation-execution-list * pack * aws-ssm-command-list * aws-ssm-command-run aws-ssm-command-cancel * ruff * Apply suggestions from code review * Apply suggestions from code review * UT * UT * cr and docs * black * black and ruff * format * description * format description * pack metadata * fix ut * Apply suggestions from code review * Apply suggestions from code review * cr * cr * fix yml * add outputs * Update Packs/AWS_SystemManager/Integrations/AWSSystemManager/AWSSystemManager.py * fix cr * run command and fix UT * automation run * fix output add playbook * docs * docs * docs * docs * ruff and black * fix demo * fix demo * update docker and fix line to long * Apply suggestions from code review (docs) * cr fix * update docker * fix line * Fix an issue * Fix an issue * Update playbook description * Update docker --------- * Fix splunk search in incident context (#29763) * fixes * fixes * fixes * update docker * added rn * add bc rn * Empty-Commit * Test For 'WildFire Malware' Playbook (#29404) * Test For 'WildFire Malware' Playbook * PR * RN * added the "is_mockable" config to the conf file * removed the "is_mockable" config to the conf file * Bump pack from version Core to 2.0.14. * Bump pack from version Core to 2.0.15. * Increased timeout configs * Added VirusTotal to the conf file * added virustotal instance name * changed the 'AutoContainment' playbook input config to 'true' * changed 'timeout' * changed 'timeout' * changed 'timeout' to 1600 * changed the 'ShouldCloseAutomatically' playbook input to 'false' * added the test playbook name to the playbook YML file * RN * removed the close note alert field verification * added the 'marketplacev2' to the test playbook YML file * added the '000001e7a228b2a7abdf7f7e404bc8522df32b725e86907dde32176bccbbbb27' malicious file hash to secrets ignore file. the file hash is used within the test playbook for enrichment and test purposes. --------- * update docker image (#29845) * added functionallity to download index by marketplace (#29834) * added functionallity to download index by marketplace * added some logs for validation * commit * removed logs * [pre-commit MyPy] Align the entire repo with MyPy #2 (#29799) * [pre-commit MyPy] Align the entire repo with MyPy #2 * Add RN * Revert changes in 1.12.26 RN * Update the docker images * [pre-commit MyPy] Align the entire repo with MyPy #1 (#29798) * [pre-commit MyPy] Align the entire repo with MyPy #1 * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md * test * test * removed import --------- * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 … Co-authored-by: Daniil Lanskoy <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: maimorag <[email protected]> Co-authored-by: Koby Meir <[email protected]> Co-authored-by: kobymeir <[email protected]> Co-authored-by: eepstain <[email protected]> Co-authored-by: ilaner <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> Co-authored-by: dorschw <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> Co-authored-by: TalNos <[email protected]> Co-authored-by: sapir shuker <[email protected]> Co-authored-by: Arad Carmi <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: EyalPintzov <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: Ariel Tobiana <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> Co-authored-by: John <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: Darya Koval <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dror Avrahami <[email protected]> Co-authored-by: Judah Schwartz <[email protected]> Co-authored-by: Bryce Pedroza <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: samuelFain <[email protected]> Co-authored-by: GuyAfik <[email protected]> Co-authored-by: Shelly Tzohar <[email protected]> Co-authored-by: Shahaf Ben Yakir <[email protected]> Co-authored-by: sbenyakir <[email protected]> Co-authored-by: tkatzir <[email protected]> Co-authored-by: Adi Bamberger Edri <[email protected]> Co-authored-by: yasta5 <[email protected]> Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Yaroslav Nestor <[email protected]> Co-authored-by: darkushin <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: LiorQM <[email protected]> Co-authored-by: RotemAmit <[email protected]> Co-authored-by: ckaadic <[email protected]> Co-authored-by: Guy Afik <[email protected]> Co-authored-by: Ali Sawyer <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: Yaakov Praisler <[email protected]> Co-authored-by: Chait A <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: michal-dagan <[email protected]> Co-authored-by: Ido van Dijk <[email protected]> Co-authored-by: sberman <[email protected]> Co-authored-by: DinaMeylakh <[email protected]> Co-authored-by: Yehonatan Asta <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: nkanon <[email protected]> Co-authored-by: Eido Epstain <[email protected]> Co-authored-by: Tomer Haimof <[email protected]> Co-authored-by: Randy Baldwin <[email protected]> Co-authored-by: Ron Hadad <[email protected]> Co-authored-by: TalGumi <[email protected]> Co-authored-by: Guy Lichtman <[email protected]> Co-authored-by: glicht <[email protected]> Co-authored-by: Andrew Shamah <[email protected]> Co-authored-by: Felipe Garrido <[email protected]> Co-authored-by: Edi Katsenelson <[email protected]> Co-authored-by: Jacob Levy <[email protected]> Co-authored-by: Yuval Cohen <[email protected]> Co-authored-by: rshunim <[email protected]> Co-authored-by: OmriItzhak <[email protected]> Co-authored-by: Joe Cosgrove <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: Israel Lappe <[email protected]> Co-authored-by: Erez FelmanDar <[email protected]> Co-authored-by: israelpolishook <[email protected]> Co-authored-by: ArikDay <[email protected]> Co-authored-by: Christopher Hultin <[email protected]> Co-authored-by: Mike Beauchamp <[email protected]> Co-authored-by: Moshe Galitzky <[email protected]> * revert * revert * fixes * fixes * docker * Mypy * RN * str * Docker --------- Co-authored-by: Daniil Lanskoy <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: maimorag <[email protected]> Co-authored-by: Koby Meir <[email protected]> Co-authored-by: kobymeir <[email protected]> Co-authored-by: eepstain <[email protected]> Co-authored-by: ilaner <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> Co-authored-by: dorschw <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> Co-authored-by: TalNos <[email protected]> Co-authored-by: sapir shuker <[email protected]> Co-authored-by: Arad Carmi <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: EyalPintzov <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: Ariel Tobiana <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> Co-authored-by: John <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: Darya Koval <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dror Avrahami <[email protected]> Co-authored-by: Judah Schwartz <[email protected]> Co-authored-by: Bryce Pedroza <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: samuelFain <[email protected]> Co-authored-by: GuyAfik <[email protected]> Co-authored-by: Shelly Tzohar <[email protected]> Co-authored-by: Shahaf Ben Yakir <[email protected]> Co-authored-by: sbenyakir <[email protected]> Co-authored-by: tkatzir <[email protected]> Co-authored-by: Adi Bamberger Edri <[email protected]> Co-authored-by: yasta5 <[email protected]> Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Yaroslav Nestor <[email protected]> Co-authored-by: darkushin <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: LiorQM <[email protected]> Co-authored-by: RotemAmit <[email protected]> Co-authored-by: ckaadic <[email protected]> Co-authored-by: Guy Afik <[email protected]> Co-authored-by: Ali Sawyer <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: Yaakov Praisler <[email protected]> Co-authored-by: Chait A <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: michal-dagan <[email protected]> Co-authored-by: Ido van Dijk <[email protected]> Co-authored-by: sberman <[email protected]> Co-authored-by: DinaMeylakh <[email protected]> Co-authored-by: Yehonatan Asta <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: nkanon <[email protected]> Co-authored-by: Eido Epstain <[email protected]> Co-authored-by: Tomer Haimof <[email protected]> Co-authored-by: Randy Baldwin <[email protected]> Co-authored-by: Ron Hadad <[email protected]> Co-authored-by: TalGumi <[email protected]> Co-authored-by: Guy Lichtman <[email protected]> Co-authored-by: glicht <[email protected]> Co-authored-by: Andrew Shamah <[email protected]> Co-authored-by: Felipe Garrido <[email protected]> Co-authored-by: Edi Katsenelson <[email protected]> Co-authored-by: Jacob Levy <[email protected]> Co-authored-by: Yuval Cohen <[email protected]> Co-authored-by: rshunim <[email protected]> Co-authored-by: OmriItzhak <[email protected]> Co-authored-by: Joe Cosgrove <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: Israel Lappe <[email protected]> Co-authored-by: Erez FelmanDar <[email protected]> Co-authored-by: israelpolishook <[email protected]> Co-authored-by: ArikDay <[email protected]> Co-authored-by: Christopher Hultin <[email protected]> Co-authored-by: Mike Beauchamp <[email protected]> Co-authored-by: Moshe Galitzky <[email protected]>
pabloperezj
pushed a commit
that referenced
this pull request
Feb 1, 2024
…eate it before Set-Location (demisto#31524) * [fileResult] - fix issue with special strings (#31126) * [fileResult] - fix issue with special strings * bump rn * log if ../ is in path * validate file-name is string * add unit-test * bump rn * Rapid7 - Threat Command (IntSights) pack release 3.1.0 (#30954) (#31133) * Changes related to Rapid7 - Threat Command (IntSights) pack release: 3.1.0 * resolved validation errors * Updated the release notes as per the comments * Updated the tab name for the Threat Command Layout --------- Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Adi Daud <[email protected]> * add e2e tests for xsoar-saas (#30231) * add xsoar_ng_end_to_end_job * unify end_to_end and write edl basic test * add file * fix some rules * setup and teardown for xsoar_ng e2e * update readme * conftest changes * update end_to_end_tests script * test enhancments * fix * debug issues * lock * collect tests * lock * lock * try without xsoar * lock * enhance tests and lock * install e2e nessecary packs * add packs in shell * install only specific packs in xsoar-saas * README.md * install hardcoded packs * update * fix collect tests issues * add REASONS_ALLOWING_NO_ID_SET_OR_CONF * fix is_nightly * fail when exit code != 0 * send integration params path as input * enhance e2e echo message * lock * fix get_integration_params * lock2 * sleep * unlock machine sleep + taxii2 server * fix unlock machine * fix " * fixes * sleep in test 2 hours * poetry lock * edl size = 10 * update edl size loc * use new instance * log instance name * existing name * revert poetry * poetry based on latest master * update job to fit newer version * lock * state its long running * try with long-running=true * implement taxii2-server e2e test * pre-commit fixes * add headers * lock * move func to tools.py as its general * docstrings * add support for do_long_running in xsoar_client * docstring * slack sdk * add slack-ask test * test slack ask playbook * add qradar mirroring test * update README and add support for env vars * docstrings * enhancments * update .gitignore * do not make xsoar_ng a package * excplicit implementation * add test_xdr_env * add docstrings * pre-commit * update slackask playbook path * query qradar playbook state before closing offense * assert investigation id * increase playbook query & sleep 5 minutes taxii * merge xsoar_ng_end_to_end to test content * some fixes * make nightly * end-to-end tests inside .run-tests section * try to fix syntax issue * log playbook failure reasons * add support for sourceInstanceName * remove delete context from slack * pre commit * pre-commit * try to fix taxii2 server bug * update taxii2 server test * sleep * comment out waiting for playbook qradar * sleep in case of error taxii2 * qradar * revert taxii2 server + qradar * assert true * revert * update context managers * pre-commit fixes * add logs * create instance update * create folders for content e2e tests * make fixture named xsoar_saas_client * get integration name to func Please enter the commit message for your changes. Lines starting * fixes * pre-commit * export context managers to client_utils * update xsiam e2e to use new client * update readmes * client utils fixes * change log name * add junit support * implement results support for e2e * change name * run e2e in current branch * update job names * update collect tests for testing * do not exit if e2e tests fail * use artifacts folder * fix context * save playbook - change client name * remove playbook for testing * add fi * make e2e test summary to run * ls * try now * change path * file test name * run also playbook results * change log to error * fix syntax error * update get_file to use new file service * remove import * pre-commit * update retry import * do not skip qradar test if incident cannot be found * judah's cr * koby cr * update result names * Empty-Commit * remove irrelevant logs * cr fixes * server_test_reulst renaming * change end_to_end to e2e * revert current job names * add .e2e_test_results job * remove e2e from test_playbooks_results * filter only if nightly * try to ignore pre-commit error * change rules * fix * test * xsoar saas * try now * fix * xsoar-saas e2e job * add conftest * add conftest * add xsoar-saas readme to avoid trigger test-upload * port * Empty-Commit * test integrations * do not test qradar module * Empty-Commit * Empty-Commit * retry on different ports for taxii2-test * remove get json response from taxii2 test * adjust to nightly * pre-commit * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * minor fixes for description * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Add Symantec MSS to ignored items (#31296) * [XSUP 30870] Added full fields option for cs-actors and cs-reports commands (#31271) * Added th…
pabloperezj
pushed a commit
that referenced
this pull request
Feb 1, 2024
* Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * minor fixes for description * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Add Symantec MSS to ignored items (#31296) * [XSUP 30870] Added full fields option for cs-actors and cs-reports commands (#31271) * Added the display_full_fields argument * pre-commit * release notes * tests and CR fixes * resolve conflict * pre-commit * CR fixes * docker * pre-commit * add myself as codeowner (#31314) * ORKL Feed Integration 1.0.0 Initial Release (#31166) * ORKL Feed Integration 1.0.0 Initial Release (#31101) Co-authored-by: Martin Ohl <[email protected]> * [VirusTotal] Add suspicious threshold (#31220) * [VirusTotal] Add suspicious threshold (#31021) * fixing CimTrak_test.py unit tests (#31308) fixing CimTrak_test.py unit tests #31308 * Add new command and bug fix. (#31311) * Anomali ThreatStream v3 - Fix threatstream-get-indicators command (#31269) * fix get_indicators method * update RN * update docker * update test * update test * update get_indicators method * update RN * Update Packs/Anomali_ThreatStream/ReleaseNotes/2_2_9.md Co-authored-by: ShirleyDenkberg <[email protected]> * update docker * update docker --------- Co-authored-by: ShirleyDenkberg <[email protected]> * SentinelOne v2: Add 2 new commands (#31312) * fixing jira file attachments (#31297) fixing jira file attachments, fixing mapping of newly created tickets #31297 * CiscoSMA Update (#31315) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * updated docs (#31192) * updated docs * running pre-commit and docker * docker update * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * remove package-lock file * cr note * Update Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_20.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: EyalPintzov <[email protected]> * Fix an issue when there is only one incident in fetch_incidents powershell (#31267) * added -AsArray * updated the docker image and added . * RN * unit tests and docker image * rn * docker image and release notes * Update Packs/Base/ReleaseNotes/1_32_53.md Co-authored-by: EyalPintzov <[email protected]> * updated the unit tests --------- Co-authored-by: EyalPintzov <[email protected]> * Get Entity Alerts by MITRE Tactics - Performance Improvements (Refactor) (#31232) * Added playbooks * New playbooks images, formatted playbooks, and added RN * Updated pb image to be in light mode * Further improvements to playbooks, updated docs, and updated playbook images * Bump pack from version CortexXDR to 6.0.6. * Changed alert to incident to fix validation * Descriptions --------- Co-authored-by: Content Bot <[email protected]> * fix for sdk nightly e2e tests (#31310) * [qradar-v3] - handle connection errors (#31246) * [qradar-v3] - handle connection errors * add uts * bump rn * remove irrelevant imports * update code * timeout = 300 * bump rn * update implementation * docker image * fixes * remove imports * rn * update debug-message * update log * fix docker-image * fix ut * oncall-sdk-nightly-create-xsoar-instance (#31300) * overwrite the filter env file * remove space * remove print * Update .gitlab/ci/.gitlab-ci.on-push.yml Co-authored-by: Koby Meir <[email protected]> --------- Co-authored-by: Koby Meir <[email protected]> * [ASM] - EXPANDER 7238 - Jira Playbook Support for V2 and V3 Project Key (#31273) (#31322) * Add support V2 and V3, remove default project key - Add data collection task for customer - Leave Jira Project Key input as blank - Add support for project key passed into Jira V2 and V3 integrations * Add release notes * Update Playbook ReadMe * Add task description * Update release notes Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Support contributions when the name of the repo isn't content (#31320) * update handle_external_pr.py * set repo_name arg as optional * Oncall sdk nightly create xsoar instance (#31324) Oncall sdk nightly create xsoar instance #31324 * CIAC-4556/xdr-remote-psexec-lolbin-command-execution-playbook (#29092) * Add playbook and readme files * Add updated files * Add playbook image * Update release notes * Fix validation error * Bump pack from version CortexXDR to 5.1.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add CommandLine verdict to layout * Update according to demo review comments * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add field for cmd line verdict * Update layout * Fix review comments * Update from master * Update Packs/CortexXDR/ReleaseNotes/5_2_0.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/5_2_0.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Fix review comments and validations * Apply suggestions from code review Fix docs review Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Fix review comments * Remove duplicate task for alert details, update playbook image * Fix skipifunavailable validations and update release notes * Fix review comments * Update release notes * Update release notes * Bump pack from version CortexXDR to 5.2.0. * Fix review comments * Update release notes * Bump pack from version CortexXDR to 5.2.2. * Bump pack from version CortexXDR to 5.2.3. * Fix review comments * Fix validation error * Fix validation errors * Update release notes * Fix conflicts * removed already added incident field * Update release notes * Fix validation errors * Fix validation errors * revert file changes * Fix validation errors * Fix validation errors * Bump pack from version CortexXDR to 6.0.4. * Fix review comments * Fix review comments * Update to correct playbook image * Bump pack from version CortexXDR to 6.0.5. * Update 6_0_5.md * Update release notes * Update 6_0_5.md * Bump pack from version CortexXDR to 6.0.7. * Fix precommit errors --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update README.md (#31299) * Last Mirrored New Field & Qradar fix (#31251) * add field * Bump pack from version CommonTypes to 3.3.95. * fix * review fix --------- Co-authored-by: Content Bot <[email protected]> * Update native candidate to py3-native:8.4.0.82817 (#31319) * SplunkPy missing incidents (#30783) * Used exclusion of even ids * Reverted changes in unit tests * Fixed unbound issue * Added last fetched notables * Added potential solution * Comments in UTs * Added UTs * Added UTs with explanation * Added RNs * Fixed UTs and updated how we exclude ids * Fixed conflicts * Fixed CR * Fixed conflicts * Updated docker image * Fixed pre-commit in test file * Removed second pytest * Fixed comments in test file * MATI - Supporting multiple inputs for generic enrichment commands (#30940) (#31334) * Supporting multiple inputs for generic enrichment commands * Return list of CommandResults * Re-adding rawJSON * Bumping docker version * Relesase Notes * Tests * Tests * Adding details to contexts * Fixing tests * Bumping docker * Bumping docker * Fixing spacing * Fixing spacing * Fixing fetch --------- Co-authored-by: Christopher Hultin <[email protected]> Co-authored-by: MLainer1 <[email protected]> * [Cortex Data Lake] Update the Docker Image (#31337) * Support Threat Assessment functionality in MS Graph Security (#30110) * added yml and the first command in code * added commands * added to description in yml * added readme for first command * added readme to second command * added third command to readme * added url command to readme * added list command to readme * added tests files * minor edits * added unittests * added unittest * updated docker image * added rn * edited readme * edit * fixed lint errors * fixed validation errors * fixed rn * edits precommits errors * fixed unittest for test auth code * edited tpb * added unittests * to revert some of these changes * update after doc review * added unittests * removed checking server version in CSP * updated docker image * added rn * Bump pack from version Base to 1.32.41. * reverted changes for csp * reveeted changes * deleted rn * added fromversion field * added unittest * updated for pre commit * updated for pre commit * edits after build failed * removed file * edits * added the tpb * fixed tpb * edited the list command * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/ReleaseNotes/2_2_5.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml Co-authored-by: ShirleyDenkberg <[email protected]> * updated docker image * edited after build failed * reverted changes * updated do * added arg * added rn * updated docker image * edit * edits after cr * updated do * edited the get user call * checked the 2 other commands * edited yml * updated do * edited test * removed comments * updated do * edit * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * incident field helloworld onprem (#31340) * update ParseEmailFilesV2 to 0.1.19 (#31331) * update Docker image and added bcc * update rn * update tests * Update Packs/CommonScripts/ReleaseNotes/1_12_55.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * update readme (#31343) * [CommonServer.js] Update emailRegex (#31148) change email regex * Ciac 3790/add auto determine LDAP vendor (#31124) * Added auto determine LDAP vendor * Added test and RN * fix lint and rn * added to readme * docker * changed default vendor param to auto * [Versa Director] Update response data formats (#31327) * Remove accept: application/xml from get requests * Remove redundant get() from request responses * Update UTs * Release notes; pre-commit updates * Update UTs; Revert relevant get() functions * Revert relevant get() functions * Fix syntax error * Update Packs/VersaDirector/ReleaseNotes/1_0_7.md Co-authored-by: Jasmine Beilin <[email protected]> * Update 1_0_7.md --------- Co-authored-by: Jasmine Beilin <[email protected]> * Replace LastMirroredInTime incident field with Last Mirrored Time Stamp incident field in QRadar (#31281) * add field * Last Mirrored Time Stamp * fix unrelated release notes * RN * docker image and release notes * rn * rn * docker image and release notes * RN * updates * update * unit tests for the script * update rn and bc * docstring for the ubit tests --------- Co-authored-by: arikday <[email protected]> Co-authored-by: ArikDay <[email protected]> * Tessian integration setup (#31350) * Tessian integration setup (#31028) * revert package-lock.json --------- Co-authored-by: NicBunn-PlutoFlume <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Kiteworks Modeling CIAC-6377 (#31230) * init-pack * parsing-rules * json-format-modeling * README.md * modeling-rules * refactor-modeling-rules * fix-modeling-rules-issues * single-line-format-modeling * activity-group-type-modeling * refactor-modeling-rules * refactor-modeling-rules * Update Packs/Kiteworks/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * refactor-modeling-rules * refactor-modeling-rules * modeling-rules-json-fix * modeling-rules-json-refactor * modeling-rules-remove-unused-field --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Prisma SASE - Quarantine Host With Active Threat (#31346) * New playbook for Prisma SASE * update RN * update RN * update playbook description * update playbook readme * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * update RN * update playbook readme * update RN --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Symantec web security service pack long running (#30990) * first commit * commit * commit * first commit * update pack_metadata file * extract_logs_from_response changes * get_events_command changes * commit * commit * add logs * commit * commit * commit * commit * commit * commit * commit * commit * commit * commit * commit * commit * commit * Fixed the memory load on Docker * commit * first commit for rewrite * commit * commit * add UT and finish implementation * design * Change pack name * add-modeling-rules * add-parsing-rules * siem-content-minor-fixes * add UT and docstring * add-siem-documentation * update-siem-documentation * update-siem-documentation * commit * Change readme file * fix UT and add description to pack_metadata * commit * fix mypy flake8 * add UT * refactor-siem-content * Apply suggestions from code review Comment corrections Co-authored-by: ShirleyDenkberg <[email protected]> * comment corrections * comment corrections and add UT for it * comment correction * mypy * update Docker * comment corrections * comment corrections * update docker * fix UT and pre-commit * commit * commit * fix pre commit * commit --------- Co-authored-by: Chanan Welt <[email protected]> Co-authored-by: cweltPA <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * FireEye ETP Event Collector fixes (#30819) * Fixed date parsing * format and tests * fixed date parsing from and to the api * fixed tests * fixed invalid date order * fetch in asc order * fetch in asc order * fix unitesing * fix potential formatting issue * change first_run * change first_run * Fix RN * Fix lint * Fix lint * added unitests * added unitests * CR fixes * CR fixes * Update Docker Image To demisto/accessdata (#31373) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31372) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * [ASM] - EXPANDER 3741 - XSIAM Layout and Rule (#31352) * [ASM] - EXPANDER 3741 - XSIAM Layout and Rule (#31212) * Update Rem. Guidance Playbook, add new fields Created fields: - "ASM - Attack Surface Rule Category" - "ASM - Attack Surface Rule Description" - "ASM - Attack Surface Rule Priority" - "ASM - Attack Surface Rule Remediation Guidance" Set fields in Remediation Guidance playbook * Update release notes * Update field descriptions * Format JSON files * update unsearchable and fromVersion * Add ASM layout and rule * Add release notes * Update pack ReadMe * Update server content items * Add marketplace to layout * Update release notes version * Add AlertType to server content items * Add IncidentType to server content items * update ASM.json layout * remove ASM from server_content_items.json --------- Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: adi88d <[email protected]> * Feed Recorded Future download all compressed data on disk bug (#30981) * Hint for solution * Potential solution * Tried solution, did not work * Added potential solution * Added RNs and updated docker image * Added debug logs * Resolved conflicts * Added handling of cut-off bytes while streaming * Added unit tests and test data * Outsourced decoder * Went over CR comments * Fixed Chunk Size * Added description to fixture * Ran pre-commit * Refactored decoding mechanism * Fix chunk size * Update FeedRecordedFuture.yml * Update 1_0_32.md * CISCO SMA u200b Update (#31349) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules logic * [e2e xsoar-saas] - fix issue with taxii2-server test (#31362) * Update Docker Image To demisto/crypto (#31368) * Updated Metadata Of Pack MicrosoftDefenderAdvancedThreatProtection * Added release notes to pack MicrosoftDefenderAdvancedThreatProtection * Packs/MicrosoftDefenderAdvancedThreatProtection/Integrations/MicrosoftDefenderAdvancedThreatProtection/MicrosoftDefenderAdvancedThreatProtection.yml Docker image update * Updated Metadata Of Pack AzureSecurityCenter * Added release notes to pack AzureSecurityCenter * Packs/AzureSecurityCenter/Integrations/AzureSecurityCenter_v2/AzureSecurityCenter_v2.yml Docker image update * Update Docker Image To demisto/armorblox (#31376) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/pymisp2 (#31369) * Updated Metadata Of Pack MISP * Added release notes to pack MISP * Packs/MISP/Integrations/MISPV3/MISPV3.yml Docker image update * Update Docker Image To demisto/genericsql (#31370) * Updated Metadata Of Pack GenericSQL * Added release notes to pack GenericSQL * Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.yml Docker image update * MS IIS Update3 (#31385) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Add a manual fatch once in 12 hours (#31123) * fixes * http module * CSV * common server * tests * RN * link * RN * change RN * one more * pre commit * update base version * [known_words] * removing typing * swap the known words * RN * fix RN * Bump pack from version FeedMalwareBazaar to 1.0.30. * Bump pack from version AccentureCTI_Feed to 1.1.27. * Bump pack from version FeedGCPWhitelist to 2.0.30. * Bump pack from version Base to 1.32.52. * make it better * docs * CR * cr * Fixing dirty merge #1 * fixing dirty merge #2 * fix dirty merge #3 * more * fox dirty merge #4 * common * poetry * fix dirty merge #5 * fix test date * base rn * RN * fix common docstring * fix rn * fix errors in build * shirley * Bump pack from version Base to 1.32.54. * RN * mypy * fix common server * ignore type error * skip test * fix test name * add import * remove the import, test is failing * fixed function and test * space * conf * add a test for a uniq time zone * fix test * move the import into the function * move the import from the test as well * replace timezone with pytz, to fit python 2 * Bump pack from version Base to 1.33.1. * fix test comment --------- Co-authored-by: Content Bot <[email protected]> * Fix gmail get mail context output (#31342) * update context path * added RN * updated readme * update docker * added run get attachments argument * pre commit fixes * pre commit fixes * cr fixes * cr fixes * cr fixes * update RN * update docker * Updated README.md (#31347) (#31363) * [Zscaler] Add URLs to Retaining Parent Category (#30637) * add retaining parent url * Update retaining_parent_category_url argument * Add retaining-parent-category-ip to yml * Add retaining-parent-category-ip logic * ip argument no longer marked required * url argument no longer marked required * retaining_parent_category args are None by default * Add retaining-parent-category-url to remove-url * Add retaining-parent-category-ip to remove-ip * UT fix; ruff updates * Remove redundant context output * Update release notes * FIx Failed UTs * Case of only one ip argument in remove commands * pre-commit updates * Update release notes * Change display value to original value * Update release notes * UT Coverage * Add UTs; Remove redundant debug logs * Update release notes * Apply suggestions from code review Co-authored-by: Jasmine Beilin <[email protected]> * Remove "pragma no cover" from unrelated UTs * Revert open function's default 'r' value for readability --------- Co-authored-by: Jasmine Beilin <[email protected]> * Update Docker Image To demisto/python3 (#31371) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack QualysFIM * Updated Metadata Of Pack QualysFIM * [Marketplace Contribution] MicrosoftGraphTeams - Content Pack Update (#31097) (#31387) * "contribution update to pack "MicrosoftGraphTeams"" * Update MicrosoftGraphTeams.py uncomment 'topic' to allow subject for group type chat. * Update MicrosoftGraphTeams.yml fixed validation error for descriptions. * Update Packs/MicrosoftGraphTeams/Integrations/MicrosoftGraphTeams/MicrosoftGraphTeams.py done * cr * Update 1_1_0.md * Update MicrosoftGraphTeams.yml * Update 1_1_0.md * Update 1_1_0.md * Update MicrosoftGraphTeams.yml --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Vipul Kaneriya <[email protected]> Co-authored-by: MLainer1 <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Cybersixgill alerts typosquatting (#31386) * Cybersixgill alerts typosquatting (#30787) * Added mapper for 2 custom incident fields * Updated release notes. * Added typosquatting to known words * new Incident fields and incomming mapper formated * Release notes reviewed. * setting unseachable to true. * Suspicious and Triggered domain as tables. * Moved 3 mappings from code to mapper. * Updated test case * Updated test case * Added default mapper and updated docker image version * Added breaking change note * Removed breaking change note * Renamed files as per suggestion * renamed mapper as per suggestion * Added new release note. * Changed id and name for incident fields and updated docker image name * update RN * update RN, update fields names, update mapper * update id, update RN * Update 1_2_10.md * Update incidentfield-Cybersixgill_Triggered_Domain.json * update docker * ID value contained invalid caps character. * changing type in fields to tagselect --------- Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: sapirshuker <[email protected]> * docker image update --------- Co-authored-by: syed-loginsoft <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: sapirshuker <[email protected]> * Armis …
pabloperezj
pushed a commit
that referenced
this pull request
Feb 1, 2024
* [GCP-IAM] - fix proxy issues (#31076) * sent proxy to test-module & log exception * fix proxy issue * remove None * fix * rn * auto pep8 * rn typo * uts * pre-commit * Update Packs/GCP-IAM/ReleaseNotes/1_0_22.md Co-authored-by: Judah Schwartz <[email protected]> * cr fixes --------- Co-authored-by: Judah Schwartz <[email protected]> * Release notes tag parser for all xsoar mp. (#31090) * added xsoar_saas xsoar_on_prem functionallity to the release notes tag parser * pre commit changes * fixed lint whitespace error * Fix EntryID-related issue for scripts (#30979) * Fix zip file issue using polling * Add release-notes * Fix validation errors * Minor fixes and improvements * Update IAMInitADUser automation * Add a warning if `ZipProtectWithPassword` parameter is not being used * Fix typo * `IAMInitADUser` fixes * Bump Docker versions * Apply code review suggestions * Bump Docker version * Remove timeout value from polling parameters (so that the default value will be used) * [CommonServerPython] Fix Polling Failure If `polling` Parameter is Missing (#31111) * Add default value to `args.get()` * Bump version * Update release-notes message * jira ticket creation impovements (#31105) jira ticket creation improvements #31105 * Added Support for Microsoft Graph Single User integration (#30967) * Added Support for Microsoft Graph Single User integration * fix validation * Update 2_0_15.md * Update Packs/EmailCommunication/ReleaseNotes/2_0_15.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: EyalPintzov <[email protected]> * Xdr ioc to keep troubleshoting (#30163) * trouble shooting version * fixed new command yml * some comments * trouble shooting version * fixed new command yml * new ioc_to_keep schedule method * some comments * fix tz error * added RN * fix validation errors * fixup! fix validation errors * added UT * added UT and log * improved path * fixup! improved path * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.py * Added some documentation * Bump pack from version CortexXDR to 6.0.3. * format the yml and update the docker * fixed the bug when updating an already running integration that does not have the key next_icos_to_keep_time in the integration context * docs * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_3.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.yml Co-authored-by: ShirleyDenkberg <[email protected]> * fixed the unit test acording to change in code * fixed the unit test * trim whitespaces --------- Co-authored-by: darbel <[email protected]> Co-authored-by: esharf <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update README.md (#31129) fixed external link * [fileResult] - fix issue with special strings (#31126) * [fileResult] - fix issue with special strings * bump rn * log if ../ is in path * validate file-name is string * add unit-test * bump rn * Rapid7 - Threat Command (IntSights) pack release 3.1.0 (#30954) (#31133) * Changes related to Rapid7 - Threat Command (IntSights) pack release: 3.1.0 * resolved validation errors * Updated the release notes as per the comments * Updated the tab name for the Threat Command Layout --------- Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Adi Daud <[email protected]> * add e2e tests for xsoar-saas (#30231) * add xsoar_ng_end_to_end_job * unify end_to_end and write edl basic test * add file * fix some rules * setup and teardown for xsoar_ng e2e * update readme * conftest changes * update end_to_end_tests script * test enhancments * fix * debug issues * lock * collect tests * lock * lock * try without xsoar * lock * enhance tests and lock * install e2e nessecary packs * add packs in shell * install only specific packs in xsoar-saas * README.md * install hardcoded packs * update * fix collect tests issues * add REASONS_ALLOWING_NO_ID_SET_OR_CONF * fix is_nightly * fail when exit code != 0 * send integration params path as input * enhance e2e echo message * lock * fix get_integration_params * lock2 * sleep * unlock machine sleep + taxii2 server * fix unlock machine * fix " * fixes * sleep in test 2 hours * poetry lock * edl size = 10 * update edl size loc * use new instance * log instance name * existing name * revert poetry * poetry based on latest master * update job to fit newer version * lock * state its long running * try with long-running=true * implement taxii2-server e2e test * pre-commit fixes * add headers * lock * move func to tools.py as its general * docstrings * add support for do_long_running in xsoar_client * docstring * slack sdk * add slack-ask test * test slack ask playbook * add qradar mirroring test * update README and add support for env vars * docstrings * enhancments * update .gitignore * do not make xsoar_ng a package * excplicit implementation * add test_xdr_env * add docstrings * pre-commit * update slackask playbook path * query qradar playbook state before closing offense * assert investigation id * increase playbook query & sleep 5 minutes taxii * merge xsoar_ng_end_to_end to test content * some fixes * make nightly * end-to-end tests inside .run-tests section * try to fix syntax issue * log playbook failure reasons * add support for sourceInstanceName * remove delete context from slack * pre commit * pre-commit * try to fix taxii2 server bug * update taxii2 server test * sleep * comment out waiting for playbook qradar * sleep in case of error taxii2 * qradar * revert taxii2 server + qradar * assert true * revert * update context managers * pre-commit fixes * add logs * create instance update * create folders for content e2e tests * make fixture named xsoar_saas_client * get integration name to func Please enter the commit message for your changes. Lines starting * fixes * pre-commit * export context managers to client_utils * update xsiam e2e to use new client * update readmes * client utils fixes * change log name * add junit support * implement results support for e2e * change name * run e2e in current branch * update job names * update collect tests for testing * do not exit if e2e tests fail * use artifacts folder * fix context * save playbook - change client name * remove playbook for testing * add fi * make e2e test summary to run * ls * try now * change path * file test name * run also playbook results * change log to error * fix syntax error * update get_file to use new file service * remove import * pre-commit * update retry import * do not skip qradar test if incident cannot be found * judah's cr * koby cr * update result names * Empty-Commit * remove irrelevant logs * cr fixes * server_test_reulst renaming * change end_to_end to e2e * revert current job names * add .e2e_test_results job * remove e2e from test_playbooks_results * filter only if nightly * try to ignore pre-commit error * change rules * fix * test * xsoar saas * try now * fix * xsoar-saas e2e job * add conftest * add conftest * add xsoar-saas readme to avoid trigger test-upload * port * Empty-Commit * test integrations * do not test qradar module * Empty-Commit * Empty-Commit * retry on different ports for taxii2-test * remove get json response from taxii2 test * adjust to nightly * pre-commit * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-a…
pabloperezj
pushed a commit
that referenced
this pull request
Feb 1, 2024
* fixed HR * empty * file exists in context (#32396) * fixed (#32322) * fixed * test * fixed * Update Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/README.md * Update Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/README.md * Apply suggestions from code review * YR/Add-mapping-and-different-authors/CIAC-9166 (#31519) * [GCP-IAM] - fix proxy issues (#31076) * sent proxy to test-module & log exception * fix proxy issue * remove None * fix * rn * auto pep8 * rn typo * uts * pre-commit * Update Packs/GCP-IAM/ReleaseNotes/1_0_22.md Co-authored-by: Judah Schwartz <[email protected]> * cr fixes --------- Co-authored-by: Judah Schwartz <[email protected]> * Release notes tag parser for all xsoar mp. (#31090) * added xsoar_saas xsoar_on_prem functionallity to the release notes tag parser * pre commit changes * fixed lint whitespace error * Fix EntryID-related issue for scripts (#30979) * Fix zip file issue using polling * Add release-notes * Fix validation errors * Minor fixes and improvements * Update IAMInitADUser automation * Add a warning if `ZipProtectWithPassword` parameter is not being used * Fix typo * `IAMInitADUser` fixes * Bump Docker versions * Apply code review suggestions * Bump Docker version * Remove timeout value from polling parameters (so that the default value will be used) * [CommonServerPython] Fix Polling Failure If `polling` Parameter is Missing (#31111) * Add default value to `args.get()` * Bump version * Update release-notes message * jira ticket creation impovements (#31105) jira ticket creation improvements #31105 * Added Support for Microsoft Graph Single User integration (#30967) * Added Support for Microsoft Graph Single User integration * fix validation * Update 2_0_15.md * Update Packs/EmailCommunication/ReleaseNotes/2_0_15.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: EyalPintzov <[email protected]> * Xdr ioc to keep troubleshoting (#30163) * trouble shooting version * fixed new command yml * some comments * trouble shooting version * fixed new command yml * new ioc_to_keep schedule method * some comments * fix tz error * added RN * fix validation errors * fixup! fix validation errors * added UT * added UT and log * improved path * fixup! improved path * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.py * Added some documentation * Bump pack from version CortexXDR to 6.0.3. * format the yml and update the docker * fixed the bug when updating an already running integration that does not have the key next_icos_to_keep_time in the integration context * docs * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_3.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.yml Co-authored-by: ShirleyDenkberg <[email protected]> * fixed the unit test acording to change in code * fixed the unit test * trim whitespaces --------- Co-authored-by: darbel <[email protected]> Co-authored-by: esharf <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update README.md (#31129) fixed external link * [fileResult] - fix issue with special strings (#31126) * [fileResult] - fix issue with special strings * bump rn * log if ../ is in path * validate file-name is string * add unit-test * bump rn * Rapid7 - Threat Command (IntSights) pack release 3.1.0 (#30954) (#31133) * Changes related to Rapid7 - Threat Command (IntSights) pack release: 3.1.0 * resolved validation errors * Updated the release notes as per the comments * Updated the tab name for the Threat Command Layout --------- Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Adi Daud <[email protected]> * add e2e tests for xsoar-saas (#30231) * add xsoar_ng_end_to_end_job * unify end_to_end and write edl basic test * add file * fix some rules * setup and teardown for xsoar_ng e2e * update readme * conftest changes * update end_to_end_tests script * test enhancments * fix * debug issues * lock * collect tests * lock * lock * try without xsoar * lock * enhance tests and lock * install e2e nessecary packs * add packs in shell * install only specific packs in xsoar-saas * README.md * install hardcoded packs * update * fix collect tests issues * add REASONS_ALLOWING_NO_ID_SET_OR_CONF * fix is_nightly * fail when exit code != 0 * send integration params path as input * enhance e2e echo message * lock * fix get_integration_params * lock2 * sleep * unlock machine sleep + taxii2 server * fix unlock machine * fix " * fixes * sleep in test 2 hours * poetry lock * edl size = 10 * update edl size loc * use new instance * log instance name * existing name * revert poetry * poetry based on latest master * update job to fit newer version * lock * state its long running * try with long-running=true * implement taxii2-server e2e test * pre-commit fixes * add headers * lock * move func to tools.py as its general * docstrings * add support for do_long_running in xsoar_client * docstring * slack sdk * add slack-ask test * test slack ask playbook * add qradar mirroring test * update README and add support for env vars * docstrings * enhancments * update .gitignore * do not make xsoar_ng a package * excplicit implementation * add test_xdr_env * add docstrings * pre-commit * update slackask playbook path * query qradar playbook state before closing offense * assert investigation id * increase playbook query & sleep 5 minutes taxii * merge xsoar_ng_end_to_end to test content * some fixes * make nightly * end-to-end tests inside .run-tests section * try to fix syntax issue * log playbook failure reasons * add support for sourceInstanceName * remove delete context from slack * pre commit * pre-commit * try to fix taxii2 server bug * update taxii2 server test * sleep * comment out waiting for playbook qradar * sleep in case of error taxii2 * qradar * revert taxii2 server + qradar * assert true * revert * update context managers * pre-commit fixes * add logs * create instance update * create folders for content e2e tests * make fixture named xsoar_saas_client * get integration name to func Please enter the commit message for your changes. Lines starting * fixes * pre-commit * export context managers to client_utils * update xsiam e2e to use new client * update readmes * client utils fixes * change log name * add junit support * implement results support for e2e * change name * run e2e in current branch * update job names * update collect tests for testing * do not exit if e2e tests fail * use artifacts folder * fix context * save playbook - change client name * remove playbook for testing * add fi * make e2e test summary to run * ls * try now * change path * file test name * run also playbook results * change log to error * fix syntax error * update get_file to use new file service * remove import * pre-commit * update retry import * do not skip qradar test if incident cannot be found * judah's cr * koby cr * update result names * Empty-Commit * remove irrelevant logs * cr fixes * server_test_reulst renaming * change end_to_end to e2e * revert current job names * add .e2e_test_results job * remove e2e from test_playbooks_results * filter only if nightly * try to ignore pre-commit error * change rules * fix * test * xsoar saas * try now * fix * xsoar-saas e2e job * add conftest * add conftest * add xsoar-saas readme to avoid trigger test-upload * port * Empty-Commit * test integrations * do not test qradar module * Empty-Commit * Empty-Commit * retry on different ports for taxii2-test * remove get json response from taxii2 test * adjust to nightly * pre-commit * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Up…
danipv
pushed a commit
that referenced
this pull request
Feb 20, 2024
…9386 (demisto#32462) * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * minor fixes for description * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Add Symantec MSS to ignored items (#31296) * [XSUP 30870] Added full fields option for cs-actors and cs-reports commands (#31271) * Added the display_full_fields argument * pre-commit * release notes * tests and CR fixes * resolve conflict * pre-commit * CR fixes * docker * pre-commit * add myself as codeowner (#31314) * ORKL Feed Integration 1.0.0 Initial Release (#31166) * ORKL Feed Integration 1.0.0 Initial Release (#31101) Co-authored-by: Martin Ohl <[email protected]> * [VirusTotal] Add suspicious threshold (#31220) * [VirusTotal] Add suspicious threshold (#31021) * fixing CimTrak_test.py unit tests (#31308) fixing CimTrak_test.py unit tests #31308 * Add new command and bug fix. (#31311) * Anomali ThreatStream v3 - Fix threatstream-get-indicators command (#31269) * fix get_indicators method * update RN * update docker * update test * update test * update get_indicators method * update RN * Update Packs/Anomali_ThreatStream/ReleaseNotes/2_2_9.md Co-authored-by: ShirleyDenkberg <[email protected]> * update docker * update docker --------- Co-authored-by: ShirleyDenkberg <[email protected]> * SentinelOne v2: Add 2 new commands (#31312) * fixing jira file attachments (#31297) fixing jira file attachments, fixing mapping of newly created tickets #31297 * CiscoSMA Update (#31315) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * updated docs (#31192) * updated docs * running pre-commit and docker * docker update * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * remove package-lock file * cr note * Update Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_20.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: EyalPintzov <[email protected]> * Fix an issue when there is only one incident in fetch_incidents powershell (#31267) * added -AsArray * updated the docker image and added . * RN * unit tests and docker image * rn * docker image and release notes * Update Packs/Base/ReleaseNotes/1_32_53.md Co-authored-by: EyalPintzov <[email protected]> * updated the unit tests --------- Co-authored-by: EyalPintzov <[email protected]> * Get Entity Alerts by MITRE Tactics - Performance Improvements (Refactor) (#31232) * Added playbooks * New playbooks images, formatted playbooks, and added RN * Updated pb image to be in light mode * Further improvements to playbooks, updated docs, and updated playbook images * Bump pack from version CortexXDR to 6.0.6. * Changed alert to incident to fix validation * Descriptions --------- Co-authored-by: Content Bot <[email protected]> * fix for sdk nightly e2e tests (#31310) * [qradar-v3] - handle connection errors (#31246) * [qradar-v3] - handle connection errors * add uts * bump rn * remove irrelevant imports * update code * timeout = 300 * bump rn * update implementation * docker image * fixes * remove imports * rn * update debug-message * update log * fix docker-image * fix ut * oncall-sdk-nightly-create-xsoar-instance (#31300) * overwrite the filter env file * remove space * remove print * Update .gitlab/ci/.gitlab-ci.on-push.yml Co-authored-by: Koby Meir <[email protected]> --------- Co-authored-by: Koby Meir <[email protected]> * [ASM] - EXPANDER 7238 - Jira Playbook Support for V2 and V3 Project Key (#31273) (#31322) * Add support V2 and V3, remove default project key - Add data collection task for customer - Leave Jira Project Key input as blank - Add support for project key passed into Jira V2 and V3 integrations * Add release notes * Update Playbook ReadMe * Add task description * Update release notes Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Support contributions when the name of the repo isn't content (#31320) * update handle_external_pr.py * set repo_name arg as optional * Oncall sdk nightly create xsoar instance (#31324) Oncall sdk nightly create xsoar instance #31324 * CIAC-4556/xdr-remote-psexec-lolbin-command-execution-playbook (#29092) * Add playbook and readme files * Add updated files * Add playbook image * Update release notes * Fix validation error * Bump pack from version CortexXDR to 5.1.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add CommandLine verdict to layout * Update according to demo review comments * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add field for cmd line verdict * Update layout * Fix review comments * Update from master * Update Packs/CortexXDR/ReleaseNot…
danipv
pushed a commit
that referenced
this pull request
Mar 12, 2024
* fix * fix fetch using timestamp * cr notes * adding unify * cr * after meeting with the client fix * after meeting with the client fixing tests 2 * fixing fetching above 2000 indicators * fixing fetching * fixing fetching * adding unify for customer * Bump gitpython from 3.1.40 to 3.1.41 (#32119) * Bump gitpython from 3.1.40 to 3.1.41 Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.40 to 3.1.41. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.40...3.1.41) --- updated-dependencies: - dependency-name: gitpython dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * update pre-commit dependencies --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dorschw <[email protected]> * Bump pillow from 10.1.0 to 10.2.0 (#32356) Bumps [pillow](https://github.com/python-pillow/Pillow) from 10.1.0 to 10.2.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](https://github.com/python-pillow/Pillow/compare/10.1.0...10.2.0) --- updated-dependencies: - dependency-name: pillow dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dorschw <[email protected]> * Notify External PR Merge (#32349) * added new action * Test SK (#32350) * Jira bugfix in edit issue - xsup 31954 (#32041) * Added tests * Updated RNs * Updated docstrings * Updated TPB * Updated command description * Updated RNs --------- Co-authored-by: Anas Yousef <[email protected]> * Update AMPv2.yml --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: Anas Yousef <[email protected]> * Revert "Test SK" (#32352) * Fixed * Update .github/workflows/create-internal-pr-from-external.yml Co-authored-by: RotemAmit <[email protected]> * Update .github/workflows/create-internal-pr-from-external.yml Co-authored-by: RotemAmit <[email protected]> --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: Anas Yousef <[email protected]> Co-authored-by: RotemAmit <[email protected]> * added 'W291, # trailing-whitespace' to pyproject.toml and nightly (#32862) * [greynoise-266] New Pack - FeedGreyNoiseIndicator (#32514) (#32942) * updates * pre-commit and readme * pre-commit * updates * more updates * fix tests * fix tests * fix formatting * fix pack ver check * update tests * fix flake8 and secrets * feedback * updates * feedback updates * fix default feedRep * add notes to docs * update docker image num Co-authored-by: Brad Chiappetta <[email protected]> * Fix CommonServerPython mypy (#32931) * Update docker images of `CommonScript` items (#32938) * Update `demisto/xslxwriter` 70-100 coverage rate (#32763) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/xml-feed` 70-100 coverage rate (#32762) * upgrade images * revert * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/bs4-py3` 70-100 coverage rate (#32741) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version FiltersAndTransformers to 1.2.59. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/bs4-tld` 0-10 coverage rate (#32744) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/btfl-soup` 70-100 coverage rate (#32745) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/netutils` 70-100 coverage rate (#32752) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/nltk` 70-100 coverage rate (#32753) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/pcap-http-extractor` 70-100 coverage rate (#32754) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/python3-deb` 70-100 coverage rate (#32759) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/unzip` 40-55 coverage rate (#32761) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * update RN * Bump pack from version FiltersAndTransformers to 1.2.60. --------- Co-authored-by: Content Bot <[email protected]> * [ASM] EXPANDR-3608: store potential offending firewall rules (#32721) (#32940) * update GCP enrich play * RN * Apply suggestions from code review * update field name and bump ver --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * XSUP-31342 - XDR mirroring changes incident resolution (#32359) * added more debug logs to the mirroring process * more debug logs * updated the schema * added ckose_reason * updated the schema name * updated the outgoing mapper and some debug logs * added RN * Bump pack from version CortexXDR to 6.1.14. * Bump pack from version CortexXDR to 6.1.15. * updated test_get_mapping_fields_command * updated handle_outgoing_issue_closure to use close_reason or closeReason * updated RN and docker image * added a unit test test_handle_outgoing_issue_closure * added RN to core pack and ctf01 pack * Bump pack from version CortexXDR to 6.1.16. * updated the RN * added an incident type to the outgoing mapper and updated the RN --------- Co-authored-by: Content Bot <[email protected]> * Domaintools iris release v2.0.1 (#32880) (#32946) * first pass at fixing proxy use * don't use empty strings * avoid empty string * fix docker tag, add release notes * update release notes with docker image * Update Packs/DomainTools_Iris/ReleaseNotes/2_0_1.md --------- Co-authored-by: Wesley Agena <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> * revert docker changes (#32944) * AWS Require Region (#32687) * init * update docker * update docker * update docker * RN * fix conflicts * update docker * fix conflicts * Update `demisto/fastapi` 70-100 coverage rate (#32573) * upgrade images * update RN * fix pb parser (#32826) * fix pb parser - test * change xpanse stuff * remove poetry changes * more xpanse changes * fix gr103 * YR/Handle long running pipelines, and commits with no pipelines/CIAC-9386 (#32462) * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image …
pabloperezj
pushed a commit
that referenced
this pull request
Apr 16, 2024
* Revert "Sanitize Curl Logs (demisto#31702)" This reverts commit 60a9393. * init * more * try * try * fixes * add tests * more * RN * RN * fix * pre commit * fix tests * fix * fixes * fixes * add test * pre commit * python 2 * Python 2 #2 * Update Packs/Base/Scripts/CommonServerPython/CommonServerPython_test.py Co-authored-by: Jasmine Beilin <[email protected]> * add description * pre commit --------- Co-authored-by: Jasmine Beilin <[email protected]>
pabloperezj
added a commit
that referenced
this pull request
Apr 16, 2024
* Mcafee WebGW Mapping (#32709) * Updated ModelingRules ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated README * Updated README * Updated yml name and id * Updated README * Reverted RN * Updated ReleaseNotes * Updated ReleaseNotes * [SevriceManager] better error message (#32742) * better error message * Update Packs/HPE_Service_Manager/ReleaseNotes/1_0_6.md * fix validate * Update pack_metadata.json (#32725) * Update pack_metadata.json Added missing word in the description * Update Packs/DragosWorldview/pack_metadata.json Co-authored-by: Israel Lappe <[email protected]> --------- Co-authored-by: Israel Lappe <[email protected]> * [VirusTotal] Return DBotScore and fix suspicious threshold (#32677) (#32740) * fix(commands): Always return score * Add error file output * Fix test * Update pack_metadata * Update docker image * Add tests * Update Packs/VirusTotal/ReleaseNotes/2_6_17.md * Update Packs/VirusTotal/ReleaseNotes/2_6_17.md * given-when-then docs --------- Co-authored-by: Pablo Pérez <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> * JSON Feed - Remove ports from IPv4s Indicators (#32223) * add parameter * Parameter to remove ports * RN * yml fixes * RN * small fix * RN * cover * Apply suggestions from code review Co-authored-by: Arad Carmi <[email protected]> * Bump pack from version FeedMalwareBazaar to 1.0.38. * Bump pack from version FeedGCPWhitelist to 2.0.38. * Bump pack from version AccentureCTI_Feed to 1.1.35. * Bump pack from version FeedAWS to 1.1.49. * Update FeedJSON.yml * docker bump * RN * Apply suggestions from code review Doc review Co-authored-by: ShirleyDenkberg <[email protected]> * Fixed test PB * RN --------- Co-authored-by: Arad Carmi <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * MS Teams send-notification command bug (#32531) * fixed a bug in teams where send-notification failed to send messages in GUID format * added rn * updated docker, added unit test * added doc * m * added unit test * added unittest in ms teams * uodated the code * removed comment * added test to ms teams ask * fixed tests * removed comment * minor doc update * update after build failed * Update Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.py Co-authored-by: dorschw <[email protected]> * Update Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py Co-authored-by: dorschw <[email protected]> * Update Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py Co-authored-by: dorschw <[email protected]> * Update Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py Co-authored-by: dorschw <[email protected]> * Apply suggestions from code review * updated do * fixed precommit issues --------- Co-authored-by: dorschw <[email protected]> * New pack for Ivanti vulnerabilities (#32703) * New pack for Ivanti vulnerabilities * New pack for Ivanti vulnerabilities * update RN of the main Rapid pack * review fixes * add the UseReputationCommand input * review fixes * review fixes * review fixes * update RN * review fix * update RN * update RN * update RN * update RN * update RN * update RN * Improve create clickable URL (#31584) * Add the ability to create a clickable url with different text than the link * RN * revert * added a modeling rule (#22875) * added a modeling rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * Update README.md (#23810) Edit the file to remove duplication of command names in the right pane. * Modeling rules fixes (#24259) * save * save no exit_code * save not fail on test-modeling-rules * remove ciscoasa changes * Update Docker Image To demisto/chromium (#24291) * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml Docker image update * Deprecated GitHub TestData (#31573) * CR fixes * UT fixes * revert f-string * conflicts * pack version * conflicts * doc * conflicts * Bump pack from version Base to 1.34.0. * conflicts * RN * remove parameterize * Bump pack from version Base to 1.33.26. * pre-commit fixes --------- Co-authored-by: guytamir10 <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Darya Koval <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: eepstain <[email protected]> Co-authored-by: Content Bot <[email protected]> * XSUP 31502 - Gmail - Update the time parsing during the fetch-incidents process (#32431) * updated get_occurred_date to return the smaller of the header time and internalDate in utc * base_time to occured * added more debug logs for the body of the msg * RN and pack version update * updated the failing tests * pre-commit updates * docker image update * updated the unit test test_get_occurred_date * pre-commit updates * cr updates * Bambenek Consulting Adoption (#32738) (#32743) * Bambenek Consulting Adoption * Update 1_2_1.md * update releasnotes.md file Co-authored-by: Rambatla Venkat Rao <[email protected]> Co-authored-by: Yuval Cohen <[email protected]> * fix * fix * Fix an issue on AWS-GuardDuty (#32685) * fix bug * update RN * add UT * update docker * fix UT * update RN * Update Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty_test.py --------- Co-authored-by: dorschw <[email protected]> * CIAC-8712/generic-sql (#32729) * playbook fixes * fix CR * cr review * cr review * Add pyzbar to ReadQRCode (#32556) * init * multiple codes * working * update docker * CR changes * added pipe redirect * RN * update gitignore * Web file repository - Updated the UI (#32731) (#32773) * Merge * revert package-lock.json * Updated the UI to improve security for priventing cross site scripting. * Update RN * Update RN * Update 1_0_25.md --------- Co-authored-by: Masahiko Inoue <[email protected]> Co-authored-by: Yuval Cohen <[email protected]> * CIAC-9020 adding 3 new commands to prisma cloud compute (#32303) * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * fix * fix files * fix files * add docstring * Bump pack from version CortexXDR to 6.1.14. * Bump pack from version CortexXDR to 6.1.15. * cr without dups fix * cr fixing tests * Bump pack from version CortexXDR to 6.1.16. * fix * fix * fix_unit tests * remove null * fix * fix * fix * demo notes * cr * cr * Fix type issue in CommandResult input tags (#32794) * Fixed type error * Updated the RN * updated RN * Aws data lake fix yml (#32870) * fixed path yml * fix * fix * breaking * rn * Fixing Mandiant ASM Issue Status Sync (#32767) (#32920) * Fixing ASM issue status not syncing from ASM into XSOAR * Bumping version * Metadata * Punctuation * Update Packs/MandiantAdvantageAttackSurfaceManagement/ReleaseNotes/1_0_5.md * docker update --------- Co-authored-by: Christopher Hultin <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: YuvHayun <[email protected]> * GCP-EXPANDR-3608: Determine potential offending firewall rules (#32795) * GCP-EXPANDR-3608: Determine potential offending firewall rules (#32678) * dl script * GCP-Enrich play * formatting and start unittest * more tests and RN * add screenshot * update pack README * increase test coverage * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Apply suggestions from code review Co-authored-by: Shmuel Kroizer <[email protected]> * update function names * pre-commit changes * Update Packs/GCP-Enrichment-Remediation/Scripts/GCPOffendingFirewallRule/GCPOffendingFirewallRule.py Co-authored-by: Shmuel Kroizer <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> * update docker * some improve * revert * Update Packs/GCP-Enrichment-Remediation/Scripts/GCPOffendingFirewallRule/GCPOffendingFirewallRule.py --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> * Dev Container and Codespace - fix docker in docker (#32863) * Taxii 2 feed bug (#32783) * added logs * added logs * logs * applied a fix to duplicates * fixed the fix * added unittests * reverted changed id * reverted changes in api module * added rn * fixes for the logs * added typing hints * updated docker image * updated docker image * changed the lasted_indicators to contain only the id and the modified date * fixed the unittests and handled dummy indicators * added log * fixed unittest * fixed unittest * revert * Bump pack from version FeedTAXII to 1.2.6. * editd after cr * rn * fixed for flake8 --------- Co-authored-by: Content Bot <[email protected]> * removed files (#32937) * [Marketplace Contribution] Common Scripts - New Script IsNotInCidrRanges (#32854) * [Marketplace Contribution] Common Scripts - New Script IsNotInCidrRanges (#32120) * "contribution update to pack "Common Scripts"" * Update Packs/CommonScripts/ReleaseNotes/1_14_0.md * Updated based on recommendations * chmode +x ping file * revert * revert * revert * move the PR to filters and transformers * move RN * Update Packs/FiltersAndTransformers/Scripts/IsNotInCidrRanges/IsNotInCidrRanges.yml * update docker * revert yml * add docstring * fix RN * change the docker to python3:3.10 * update the description that the script support only ipv4 * update docker to demisto/python3:3.10.12.63474 * added UT * update docker to demisto/python3:3.10.13.87159 * added test playbook * demisto-sdk format * Update Packs/FiltersAndTransformers/ReleaseNotes/1_2_58.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/FiltersAndTransformers/Scripts/IsNotInCidrRanges/IsNotInCidrRanges.yml Co-authored-by: ShirleyDenkberg <[email protected]> * update version * revert conf.json * update RN --------- Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: amontminypa <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * conf.json added test playbook * "fromversion": "6.10.0" * revert * Update Packs/FiltersAndTransformers/TestPlaybooks/playbook-TestIsNotInCidrRanges.yml --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: amontminypa <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * [TestIsNotInCidrRanges] Added Test Playbook To The Conf File (#32919) * added test playbook to conf.json * Update Tests/conf.json * Unisolate generic playbook enhancement (#32873) * added inputs * RN update * edited the description of the input * RN update * [IBM QRadar] Fix W291 Trailing whitespace (#32855) * fix w291 * added RN * Bump gitpython from 3.1.40 to 3.1.41 (#32119) * Bump gitpython from 3.1.40 to 3.1.41 Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.40 to 3.1.41. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.40...3.1.41) --- updated-dependencies: - dependency-name: gitpython dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * update pre-commit dependencies --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dorschw <[email protected]> * Bump pillow from 10.1.0 to 10.2.0 (#32356) Bumps [pillow](https://github.com/python-pillow/Pillow) from 10.1.0 to 10.2.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](https://github.com/python-pillow/Pillow/compare/10.1.0...10.2.0) --- updated-dependencies: - dependency-name: pillow dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dorschw <[email protected]> * Notify External PR Merge (#32349) * added new action * Test SK (#32350) * Jira bugfix in edit issue - xsup 31954 (#32041) * Added tests * Updated RNs * Updated docstrings * Updated TPB * Updated command description * Updated RNs --------- Co-authored-by: Anas Yousef <[email protected]> * Update AMPv2.yml --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: Anas Yousef <[email protected]> * Revert "Test SK" (#32352) * Fixed * Update .github/workflows/create-internal-pr-from-external.yml Co-authored-by: RotemAmit <[email protected]> * Update .github/workflows/create-internal-pr-from-external.yml Co-authored-by: RotemAmit <[email protected]> --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: Anas Yousef <[email protected]> Co-authored-by: RotemAmit <[email protected]> * added 'W291, # trailing-whitespace' to pyproject.toml and nightly (#32862) * [greynoise-266] New Pack - FeedGreyNoiseIndicator (#32514) (#32942) * updates * pre-commit and readme * pre-commit * updates * more updates * fix tests * fix tests * fix formatting * fix pack ver check * update tests * fix flake8 and secrets * feedback * updates * feedback updates * fix default feedRep * add notes to docs * update docker image num Co-authored-by: Brad Chiappetta <[email protected]> * Fix CommonServerPython mypy (#32931) * Update docker images of `CommonScript` items (#32938) * Update `demisto/xslxwriter` 70-100 coverage rate (#32763) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/xml-feed` 70-100 coverage rate (#32762) * upgrade images * revert * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/bs4-py3` 70-100 coverage rate (#32741) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version FiltersAndTransformers to 1.2.59. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/bs4-tld` 0-10 coverage rate (#32744) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/btfl-soup` 70-100 coverage rate (#32745) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/netutils` 70-100 coverage rate (#32752) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/nltk` 70-100 coverage rate (#32753) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/pcap-http-extractor` 70-100 coverage rate (#32754) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/python3-deb` 70-100 coverage rate (#32759) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/unzip` 40-55 coverage rate (#32761) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * update RN * Bump pack from version FiltersAndTransformers to 1.2.60. --------- Co-authored-by: Content Bot <[email protected]> * [ASM] EXPANDR-3608: store potential offending firewall rules (#32721) (#32940) * update GCP enrich play * RN * Apply suggestions from code review * update field name and bump ver --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * XSUP-31342 - XDR mirroring changes incident resolution (#32359) * added more debug logs to the mirroring process * more debug logs * updated the schema * added ckose_reason * updated the schema name * updated the outgoing mapper and some debug logs * added RN * Bump pack from version CortexXDR to 6.1.14. * Bump pack from version CortexXDR to 6.1.15. * updated test_get_mapping_fields_command * updated handle_outgoing_issue_closure to use close_reason or closeReason * updated RN and docker image * added a unit test test_handle_outgoing_issue_closure * added RN to core pack and ctf01 pack * Bump pack from version CortexXDR to 6.1.16. * updated the RN * added an incident type to the outgoing mapper and updated the RN --------- Co-authored-by: Content Bot <[email protected]> * Domaintools iris release v2.0.1 (#32880) (#32946) * first pass at fixing proxy use * don't use empty strings * avoid empty string * fix docker tag, add release notes * update release notes with docker image * Update Packs/DomainTools_Iris/ReleaseNotes/2_0_1.md --------- Co-authored-by: Wesley Agena <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> * revert docker changes (#32944) * AWS Require Region (#32687) * init * update docker * update docker * update docker * RN * fix conflicts * update docker * fix conflicts * Update `demisto/fastapi` 70-100 coverage rate (#32573) * upgrade images * update RN * fix pb parser (#32826) * fix pb parser - test * change xpanse stuff * remove poetry changes * more xpanse changes * fix gr103 * YR/Handle long running pipelines, and commits with no pipelines/CIAC-9386 (#32462) * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkber…
pabloperezj
pushed a commit
that referenced
this pull request
May 27, 2024
* add comment * fix * fix * tests * mirroring alerts * fixe get alerts * DELETE DEBUG * SPACE * del,ete dev * fix * tests * pre-commit * pre-commit * fix params close * RN * fix readme * add test * fix * Updated docker image to demisto/pcap-miner:1.0.0.91369. PR batch #1/3 (demisto#33830) * Updated docker image to demisto/pcap-miner:1.0.0.91369. PR batch #2/3 (demisto#33831) Co-authored-by: Tal Zichlinsky <[email protected]> * fix rn * fix merge of auto docker * fix merge docker related * add test * pre-commit * cr * FIX CR * fix * revert * fix * fix tests * remove dev * fix raw * fix * fix comment * fix dev * Bump pack from version CortexXDR to 6.1.29. * fix after alerts changed * Apply suggestions from code review doc review Co-authored-by: ShirleyDenkberg <[email protected]> * Merge remote-tracking branch 'origin' into xdr_alert_mrroring * Apply suggestions from code review docs and adi Co-authored-by: Adi Bamberger Edri <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * cr * fix * fix test * assign params * fix debug * FIX PALYBOOK * fix test * delete informatinal * 6_1_30 * fix playbook * add version * rn31 * Bump pack from version CortexXDR to 6.1.32. * fix rn * fix * fix 33 * fix * Bump pack from version CortexXDR to 6.1.35. * Bump pack from version CortexXDR to 6.1.36. * Bump pack from version CortexXDR to 6.1.37. * docker image --------- Co-authored-by: samuelFain <[email protected]> Co-authored-by: Tal Zichlinsky <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Adi Bamberger Edri <[email protected]>
pabloperezj
pushed a commit
that referenced
this pull request
Jun 3, 2024
* demisto/python3:3.10.14.92207 | 0-100 | PR batch #6/6 (demisto#34076) * Updated docker image to demisto/python3:3.10.14.92207. PR batch #6/6 * fix period * fix . --------- Co-authored-by: Tal Carmeli <[email protected]> Co-authored-by: Tal <[email protected]> * demisto/python3:3.10.14.92207 | 0-100 | PR batch #4/6 (demisto#34074) * Updated docker image to demisto/python3:3.10.14.92207. PR batch #4/6 * fix . --------- Co-authored-by: Tal Carmeli <[email protected]> Co-authored-by: Tal <[email protected]> * demisto/python3:3.10.14.92207 | 0-100 | PR batch #5/6 (demisto#34075) * Updated docker image to demisto/python3:3.10.14.92207. PR batch #5/6 * fix . --------- Co-authored-by: Tal Carmeli <[email protected]> Co-authored-by: Tal <[email protected]> * Updated docker image to demisto/python3:3.10.14.92207. PR batch #1/6 (demisto#34071) Co-authored-by: Tal Zichlinsky <[email protected]> * Updated docker image to demisto/python3:3.10.14.92207. PR batch #2/6 (demisto#34072) Co-authored-by: Tal Zichlinsky <[email protected]> * Updated docker image to demisto/python3:3.10.14.92207. PR batch #3/6 (demisto#34073) Co-authored-by: Tal Zichlinsky <[email protected]> * Add release notes * revert auto changes related to escape characters * pre-commit * Update release notes * Fix Packs/Gurucul/ReleaseNotes/2_0_4.md --------- Co-authored-by: anas-yousef <[email protected]> Co-authored-by: Tal Carmeli <[email protected]> Co-authored-by: Tal <[email protected]> Co-authored-by: Tal Zichlinsky <[email protected]>
pabloperezj
pushed a commit
that referenced
this pull request
Jun 3, 2024
* Updated docker image to demisto/pcap-miner:1.0.0.91369. PR batch #1/3 (demisto#33830) * Updated docker image to demisto/pcap-miner:1.0.0.91369. PR batch #2/3 (demisto#33831) Co-authored-by: Tal Zichlinsky <[email protected]> * demisto/paho-mqtt:1.0.0.56447 | 0-100 | PR batch #1/1 (demisto#33828) * Updated docker image to demisto/paho-mqtt:1.0.0.56447. PR batch #1/1 * Revert ZipFile image (demisto#33825) * revert docker image and added the TPB to the yml * updated release notes * pre-commit fixes * updated release notes * Docker Hardening test - fix flaky test (demisto#33805) * Revert "Merge branch 'auto_update_docker_staging_branch' into AUD-demisto/paho-mqtt-1.0.0.56447-pr-batch-1" This reverts commit c5dffd6, reversing changes made to d9ce372. * add space * delete space * version 29 --------- Co-authored-by: Arad Carmi <[email protected]> Co-authored-by: ilaner <[email protected]> Co-authored-by: Tal <[email protected]> Co-authored-by: Tal Carmeli <[email protected]> * Fix conflict * Updated docker image to demisto/py3-tools:1.0.0.91908. PR batch #1/3 (demisto#33871) * Update release notes * Validate * pre-commit * Fix RN for Anomali ThreatStream v3 * Fix PcapAnalysis.yml file * update devdemisto/polyswarm * dockerImage uploaded to docker hub * revert pcap-minor related changes * Resolve Packs/CommonScripts merge conflict * Resolve Packs/CommonScripts merge conflict * Remove pcap-minor RN file * Update release notes * Update release notes * Update UBIRCH to use demisto/py3-tools instead of demisto/paho-mqtt * Resolve Packs/CommonScripts merge conflict * Resolve Packs/Anomali_ThreatStream merge conflict --------- Co-authored-by: Tal Zichlinsky <[email protected]> Co-authored-by: Arad Carmi <[email protected]> Co-authored-by: ilaner <[email protected]> Co-authored-by: Tal <[email protected]> Co-authored-by: Tal Carmeli <[email protected]> Co-authored-by: TalZich <[email protected]>
pabloperezj
pushed a commit
that referenced
this pull request
Jul 10, 2024
…emisto#35310) * Updated docker image to demisto/python3:3.10.14.100715. PR batch #1/19 (demisto#35234) * Updated docker image to demisto/python3:3.10.14.100715. PR batch #9/19 (demisto#35242) * Updated docker image to demisto/python3:3.10.14.100715. PR batch #8/19 (demisto#35241) * Updated docker image to demisto/python3:3.10.14.100715. PR batch #7/19 (demisto#35240) * Updated docker image to demisto/python3:3.10.14.100715. PR batch #4/19 (demisto#35237) * Updated docker image to demisto/python3:3.10.14.100715. PR batch #11/19 (demisto#35244) * Updated docker image to demisto/python3:3.10.14.100715. PR batch #19/19 (demisto#35252) * Updated docker image to demisto/python3:3.10.14.100715. PR batch #3/19 (demisto#35236) * Updated docker image to demisto/python3:3.10.14.100715. PR batch #10/19 (demisto#35243) * Updated docker image to demisto/python3:3.10.14.100715. PR batch #12/19 (demisto#35245) Co-authored-by: Tal Zichlinsky <[email protected]> * Updated docker image to demisto/python3:3.10.14.100715. PR batch #13/19 (demisto#35246) Co-authored-by: Tal Zichlinsky <[email protected]> * Updated docker image to demisto/python3:3.10.14.100715. PR batch #14/19 (demisto#35247) Co-authored-by: Tal Zichlinsky <[email protected]> * Updated docker image to demisto/python3:3.10.14.100715. PR batch #17/19 (demisto#35250) Co-authored-by: Tal Zichlinsky <[email protected]> * demisto/python3:3.10.14.100715 | 0-100 | PR batch #15/19 (demisto#35248) * Updated docker image to demisto/python3:3.10.14.100715. PR batch #15/19 * Fix text encoding * Update Pulsedive.yml --------- Co-authored-by: Tal Zichlinsky <[email protected]> * demisto/python3:3.10.14.100715 | 0-100 | PR batch #16/19 (demisto#35249) * Updated docker image to demisto/python3:3.10.14.100715. PR batch #16/19 * Update ThousandEyes.yml --------- Co-authored-by: Tal Zichlinsky <[email protected]> * demisto/python3:3.10.14.100715 | 0-100 | PR batch #2/19 (demisto#35235) * Updated docker image to demisto/python3:3.10.14.100715. PR batch #2/19 * pre-commit fixes * fix --------- Co-authored-by: [email protected] <[email protected]> * demisto/python3:3.10.14.100715 | 0-100 | PR batch #6/19 (demisto#35239) * Updated docker image to demisto/python3:3.10.14.100715. PR batch #6/19 * Empty commit * fixes * fix * space * fix --------- Co-authored-by: [email protected] <[email protected]> * demisto/python3:3.10.14.100715 | 0-100 | PR batch #5/19 (demisto#35238) * Updated docker image to demisto/python3:3.10.14.100715. PR batch #5/19 * fixes * Empty commit * Empty commit * Empty commit * Empty commit --------- Co-authored-by: [email protected] <[email protected]> Co-authored-by: inbalapt1 <[email protected]> * Updated docker image to demisto/python3:3.10.14.100715. PR batch #18/19 (demisto#35251) Co-authored-by: Tal Zichlinsky <[email protected]> * Update RN * Empty commit to re-trigger build pipeline --------- Co-authored-by: Tal Zichlinsky <[email protected]> Co-authored-by: [email protected] <[email protected]> Co-authored-by: inbalapt1 <[email protected]>
pabloperezj
pushed a commit
that referenced
this pull request
Jul 11, 2024
…demisto#35346) * demisto/powershell:7.4.0.80528 | 0-100 | PR batch #1/1 (demisto#35333) * Updated docker image to demisto/powershell:7.4.0.80528. PR batch #1/1 * fixes --------- Co-authored-by: [email protected] <[email protected]> * demisto/py3-tools:1.0.0.102774 | 0-100 | PR batch #2/2 (demisto#35335) * Updated docker image to demisto/py3-tools:1.0.0.102774. PR batch #2/2 * fixes --------- Co-authored-by: [email protected] <[email protected]> * demisto/py3-tools:1.0.0.102774 | 0-100 | PR batch #1/2 (demisto#35334) * Updated docker image to demisto/py3-tools:1.0.0.102774. PR batch #1/2 * fixes * fix * fix --------- Co-authored-by: [email protected] <[email protected]> * Updated docker image to demisto/python3-deb:3.11.9.102626. PR batch #1/1 (demisto#35336) * Update release notes --------- Co-authored-by: [email protected] <[email protected]>
pabloperezj
pushed a commit
that referenced
this pull request
Jul 25, 2024
* configuration changes * rn * deprecation * readme deprecation * resolve-identity-detection * test * fix conflict * cs-falcon-search-detection * unit test * !cs-falcon-resolve-detection * cs-falcon-list-detection-summaries * fix the filter * fix * fix tests * fixes * fix * add CrowdStrike.Detections.behaviors.behavior_id * fix outputs of list-detection-summaries * finally outputs for cs-falcon-list-detection-summaries * test * fetch * mirroring * existing fetch * new fetch * add tests * revert unnecessary changes in the mapper * fix the query * fix * fis tests * last mapper * fix mapper * mirroring of new type * fixes from cr * fix * remove the raptor from the tests * fix tests * fixes * fix old mapper * legacy * RN * rn * metadata * pre commit * build fixes * build fixes #2 * Apply suggestions from code review Shirley fixes Co-authored-by: ShirleyDenkberg <[email protected]> * More from Shirley Co-authored-by: ShirleyDenkberg <[email protected]> * cr * cr * format * adding testing the parameters * Bump pack from version CommonTypes to 3.5.8. * fix test * cr * logs * fix a mistake * pre commit * RN * fix rn * fix rn * fix validate errors * fix test playbook * pre commit * format * RN * change output * fix test playbook --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Content Bot <[email protected]>
pabloperezj
added a commit
that referenced
this pull request
Jul 25, 2024
* change path to relative md files integrations A-D * fix docker * fix docker * fix docker * fix DS108 * ignore rm112 * fix ds108 * type annotation fix (demisto#35317) * type annotation fix * RN * revert pack version bump * BmcITSM- fix duplicate incidents (demisto#35192) * adding logs * adding a fix to the last ticket create time * adding unit test to demonstrate the bug * adding the fix+precommit_rn * adding reason * docker fix * add to known words * Update Packs/BmcITSM/ReleaseNotes/1_0_23.md Co-authored-by: Dan Tavori <[email protected]> * cr fix * cr note * cr note --------- Co-authored-by: Dan Tavori <[email protected]> * [CortexXpanse] Option to add tags to assets (demisto#35111) (demisto#35316) * change content * RN * update play * fix val error * Apply suggestions from code review * Apply suggestions from code review * John feedback * sasha recommendations * bump ver * removed (s) in survey title * update screenshot --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Anomali bug (demisto#35060) * updated the authentication process, due to api changes * added rn * updated unit test * removed comment * updated do * Aws waf regions (demisto#35276) * added more regions to the region param * added rn * added regions as args as well * updated docker image * Fix Fetch-Alerts Microsoft Defender for Cloud Apps (demisto#35083) * fix the fetches issue * fix the fetches issue * RN * Update Packs/MicrosoftCloudAppSecurity/ReleaseNotes/2_2_1.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Bump google-cloud-compute from 1.19.0 to 1.19.1 (demisto#35314) Bumps [google-cloud-compute](https://github.com/googleapis/google-cloud-python) from 1.19.0 to 1.19.1. - [Release notes](https://github.com/googleapis/google-cloud-python/releases) - [Changelog](https://github.com/googleapis/google-cloud-python/blob/main/packages/google-cloud-documentai/CHANGELOG.md) - [Commits](googleapis/google-cloud-python@google-cloud-compute-v1.19.0...google-cloud-compute-v1.19.1) --- updated-dependencies: - dependency-name: google-cloud-compute dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Skip python2 not support csp test (demisto#35328) * Skip python2 not supported test * [ASM] EXPANDR-9733 Cortex ASM Patching files (demisto#35114) (demisto#35332) * Patching ASM files * read me fix * add description * fixes * fixes * fixes * updated version * updated version * core pack dependency * added misc suggestions * added misc suggestions Co-authored-by: Chait A <[email protected]> * fix-ews-get-attachment (demisto#35315) * fix-ews-get-attachment * add RN * rn * Fix for XSOAR automation insights dashboard (demisto#35292) * added the relevant script to the metrics * added rn * fix * pre commit * fix * updated RN after revert * Update Packs/CommonDashboards/ReleaseNotes/1_7_4.md Co-authored-by: Sasha Sokolovich <[email protected]> --------- Co-authored-by: Sasha Sokolovich <[email protected]> * Fix modify edl playbook (demisto#35338) * fix modify edl playbook * added rn * fixes * add type to set incident * fixes * Update Packs/EDL/Playbooks/Modify_EDL.yml * Update Packs/EDL/Playbooks/Modify_EDL.yml * fix * fix * fix * fix * fix * fix * Zimperuim_v2_playbook (demisto#35259) * support for zimperium v2 * RN * update mapper * rn conflict * update docker ver * Fix misslocated images (demisto#35339) * moved doc files * relocate * relocate * update readme * update dockers * added rn * fixes * update contribution team members. (demisto#35330) * Update 1_34_26.md (demisto#35343) * ipv6 regex fix (demisto#35279) * ipv6 fix * docker * RN * RN * Bump pack from version CommonScripts to 1.15.23. * Bump pack from version CommonScripts to 1.15.24. * tests playbook * Update Packs/CommonScripts/ReleaseNotes/1_15_24.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CommonTypes/ReleaseNotes/3_5_7.md Co-authored-by: ShirleyDenkberg <[email protected]> * pb fix * Bump pack from version CommonScripts to 1.15.25. --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * [Auto Update Docker] AUD-demisto/auto_update_docker_staging_branch_5 (demisto#35344) * Updated docker image to demisto/ansible-runner:1.0.0.102086. PR batch #1/1 (demisto#35324) * Updated docker image to demisto/chromium:126.0.6478.102778. PR batch #1/1 (demisto#35325) * Update release notes * [Auto Update Docker] AUD-demisto/auto_update_docker_staging_branch_10 (demisto#35346) * demisto/powershell:7.4.0.80528 | 0-100 | PR batch #1/1 (demisto#35333) * Updated docker image to demisto/powershell:7.4.0.80528. PR batch #1/1 * fixes --------- Co-authored-by: [email protected] <[email protected]> * demisto/py3-tools:1.0.0.102774 | 0-100 | PR batch #2/2 (demisto#35335) * Updated docker image to demisto/py3-tools:1.0.0.102774. PR batch #2/2 * fixes --------- Co-authored-by: [email protected] <[email protected]> * demisto/py3-tools:1.0.0.102774 | 0-100 | PR batch #1/2 (demisto#35334) * Updated docker image to demisto/py3-tools:1.0.0.102774. PR batch #1/2 * fixes * fix * fix --------- Co-authored-by: [email protected] <[email protected]> * Updated docker image to demisto/python3-deb:3.11.9.102626. PR batch #1/1 (demisto#35336) * Update release notes --------- Co-authored-by: [email protected] <[email protected]> * Tenable fetch bug (demisto#35327) * fixed an issue with 404 error status code * added rn * Update Packs/Tenable_io/ReleaseNotes/2_2_5.md * Ciac 9706 (demisto#34564) * Test for CIAC 10315 * Test for CIAC 10315 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * Ciac 9706 * [CoreRESTApi] Fix httpMultipart loop (demisto#35265) * init * bump version * [Auto Update Docker] AUD-demisto/auto_update_docker_staging_branch_11 (demisto#35352) * Replace PopularNews docker image to demisto/bs4-py3 * Update RN * increased the memo for EWS Public Folders Test (demisto#35320) * CIAC-10305 Fortinet Fortigate XDM Modeling Enhancement (demisto#35311) * sort xdm fields * sort schema fields * enrich modeling rules * update release notes * fix release notes * fix schema * update schema * fixes and refactoring * fix schema * remove source application mapping * update release-notes * update release-notes * update README.md * reformat fields on release notes * concise release note * fix schema * Rewrite Whois (demisto#35050) * first commit * add yaml config * create test playbook, update docs, add ReleaseNotes * fix doc-review issues * demo issues * Change instance name for old test playbooks * update test playbook * cr issues * add abuse felid * Doc review * Akamai waf event collector missing and duplicated events issue (demisto#35350) * fixes * added rn * fixes * test fixes * Update Packs/Akamai_SIEM/ReleaseNotes/1_1_5.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * [Marketplace Contribution] - EXPANDR-7038 - Azure Resource Graph (demisto#35326) * [Marketplace Contribution] - EXPANDR-7038 - Azure Resource Graph (demisto#32121) * Add Pack ReadMe * Add integration * Add integration description, image, and secrets ignore file * Add metadata file and pack ignore * Add test files and tests first * Add Integration ReadMe * Update marketplaces * Update commands descriptions and output * Update secrets ignore * Resize image * Update integration yml commands * Update integration readme * Resize image * Address doc review and some design review comments * Update client credential flow section of ReadMe * Update list_operations_command to support a limit argument * Update azure-rg-list-operations in ReadMe * Update azure-rg-list-operations to support paging * Update azure-rg-query to support paging * Update tests * Remove Comments * Update integration configuration yml settings * Add management_groups & subscriptions parameters for query command * Add suggested changes from second review * Update Readme and Description from code review * Update integration files with code review suggestions * Update defaultValue key in YAML and docker version * Update section titles in YAML * Remove subscription_id from client and format - Subscription ID is not used during configuration - Fixed usage of wrong variable in query command * Remove DefaultValues - The default values are not necessary and would make the conditionals for limits and paging more complex * Update ReadMe * Formatting * Remove subscription_id from client in test file * Update tests and fix mypy errors * Update address mypy errors * Update README.md * Apply suggestions from code review * Update README.md --------- Co-authored-by: John <[email protected]> Co-authored-by: Jasmine Beilin <[email protected]> * DisplyHTMLWIthImages: fix embeded images (demisto#35135) * potential fix * update RN * Bump pack from version CommonScripts to 1.15.20. * Bump pack from version CommonScripts to 1.15.21. * Bump pack from version CommonScripts to 1.15.22. * Bump pack from version CommonScripts to 1.15.23. * Bump pack from version CommonScripts to 1.15.24. * Bump pack from version CommonScripts to 1.15.25. * fix * pre commit fix * Bump pack from version CommonScripts to 1.15.26. * cr changes * CR changes --------- Co-authored-by: Content Bot <[email protected]> * Update docker ml (demisto#35081) * updated docker * added the rest * devdemisto/ml:1.0.0.100486 * fix tpb * return on no incidents * remove runonce * remove space * fixed * fix create incidents script * new docker * revert: fix create incidents script * add outputs to DBotFindSimilarIncidents * new tpb DBotFindSimilarIncidents-test * new docker * bump transformers * Empty-Commit * fix conf.json * more fixes * more fixes * new docker * RN * new docker * revert dockers * more stuff * redirect stderr * docker * format * format * RN * more stuff * build fixes * build fixes * fix unit-tests * more docker changes * more docker changes * build fixes * suppress logger * build fixes * build fixes * Fix ruff in CofenseTriage (demisto#35373) * fix ruff in CofenseTriage * test with infra * revert infra test * revert infra test * Raise armis event collector default limit (demisto#35371) * raise limit * update rn * Update Packs/Armis/Integrations/ArmisEventCollector/ArmisEventCollector_description.md Co-authored-by: Judah Schwartz <[email protected]> * fixes * fixes * fixes * update docker --------- Co-authored-by: Judah Schwartz <[email protected]> * Fix for 'Search For Hash In Sandbox - Generic' playbook (demisto#35354) * Fix for 'Search For Hash In Sandbox - Generic' playbook * revert unnecessary changes made by 'generate-docs' command * Update playbook-Search_For_Hash_In_Sandbox_-_Generic.yml revert unnecessary changes made by 'format' command * Update playbook-Search_For_Hash_In_Sandbox_-_Generic.yml revert unnecessary changes made by 'format' command * RN * changed the context path checked in task number 45 * CrowdStrike Falcon - Raptor release (demisto#34805) * configuration changes * rn * deprecation * readme deprecation * resolve-identity-detection * test * fix conflict * cs-falcon-search-detection * unit test * !cs-falcon-resolve-detection * cs-falcon-list-detection-summaries * fix the filter * fix * fix tests * fixes * fix * add CrowdStrike.Detections.behaviors.behavior_id * fix outputs of list-detection-summaries * finally outputs for cs-falcon-list-detection-summaries * test * fetch * mirroring * existing fetch * new fetch * add tests * revert unnecessary changes in the mapper * fix the query * fix * fis tests * last mapper * fix mapper * mirroring of new type * fixes from cr * fix * remove the raptor from the tests * fix tests * fixes * fix old mapper * legacy * RN * rn * metadata * pre commit * build fixes * build fixes #2 * Apply suggestions from code review Shirley fixes Co-authored-by: ShirleyDenkberg <[email protected]> * More from Shirley Co-authored-by: ShirleyDenkberg <[email protected]> * cr * cr * format * adding testing the parameters * Bump pack from version CommonTypes to 3.5.8. * fix test * cr * logs * fix a mistake * pre commit * RN * fix rn * fix rn * fix validate errors * fix test playbook * pre commit * format * RN * change output * fix test playbook --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Content Bot <[email protected]> * [Google Threat Intelligence] Add curated collections commands and improve polling commands (demisto#35376) * [Google Threat Intelligence] Add curated collections commands and improve polling commands (demisto#35348) * [GoogleThreatIntelligence] Add GTI assessment to polling commands * Lint * Add curated collections commands * Add test * Lint * Lint * Update release note * Add Feed Integration * Lint * Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds.py Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds.yml Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/CategorizedFeeds_description.md Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/README.md Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/CategorizedFeeds/README.md Co-authored-by: Daniel Pascual <[email protected]> * Include feed type in table * Incremental feed * Delete feed integration * Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md Co-authored-by: Daniel Pascual <[email protected]> * Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md Co-authored-by: Daniel Pascual <[email protected]> * Update yml * Update Packs/GoogleThreatIntelligence/ReleaseNotes/1_0_1.md Co-authored-by: israelpoli <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/GoogleThreatIntelligence/GoogleThreatIntelligence.py Co-authored-by: israelpoli <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/GoogleThreatIntelligence/GoogleThreatIntelligence.py Co-authored-by: israelpoli <[email protected]> * Update Packs/GoogleThreatIntelligence/Integrations/GoogleThreatIntelligence/GoogleThreatIntelligence.py Co-authored-by: israelpoli <[email protected]> --------- Co-authored-by: Daniel Pascual <[email protected]> Co-authored-by: israelpoli <[email protected]> * add docs for commands --------- Co-authored-by: Pablo Pérez <[email protected]> Co-authored-by: Daniel Pascual <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: ipolishuk <[email protected]> * Fix SNOW files mirroring issue (demisto#35298) * fix XSUP-37069 * fix XSUP-37069 * fix * CR fix * remove prints * docker update * XSUP-38544/DisplayHtmlWithImages/fix_text_color (demisto#35367) * Updated the html text color to black * updated release notes * ruff on test file * Update Packs/CommonScripts/ReleaseNotes/1_15_26.md Co-authored-by: Binat Ziser <[email protected]> * fixed cr notes * fix conflicts * updated RN * updated RN * updated RN * updated RN --------- Co-authored-by: Binat Ziser <[email protected]> * remove IN150 from validation_config.toml (demisto#35378) * remove IN150 and IN161 from validation_config.toml * bring IN161 back * Update docker mlurlphishing (demisto#35272) * init * new docker * add tpb * update docker * update RN * Bump pack from version CommonScripts to 1.15.28. --------- Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: Content Bot <[email protected]> * Ciac 10278 pat enhancement (demisto#35345) * Fix fields * Add docs * Revert docs * Update README.md * Address pre-commit * Address validations * Remove redundant field * Address pre-commit * Fix imports * Fix imports * Ignore ruff * [Demisto Lock] add `polling_interval` to `demisto-lock-get` command (demisto#35374) * Add new polling_interval * Update RN * Add Wizard for Prisma Compliance usecase (demisto#35296) * Add Wizard for Prisma Compliance usecase * Update wizard name * Add second playbook * Update wizard json * Remove sandbox section * Update min_required dependency * Update supporting integrations * Update release notes * Update fetching integration name * Fix integration name in description * Add support for [Get/Export/Release]-QuarantineMessage to EWSO PS v3 (demisto#35267) (demisto#35387) * Add support for [Get/Export/Release]-QuarantineMessage to EWSO PS v3 * Remove unused params from EwsExtensionEXOPowershellV3 * Convert true/false values to boolean for *-QuarantineMessage commands in EWSOv3 * Streamline outputs of *-QuarantineMessage for EwsExtensionEXOPowershellV3 * Update EWSOv3 README.md * Disallow PSObjects to return $null * Fix context path in README.md * Fix table in README.md * Standardise quotes in EwsExtensionEXOPowershellV3.yml * Update EWSOv3 README.md * Update documentation * Exit ExoReleaseQuarantineMessage when identity or identities not present * Update content pack to 1.4.0 * Fix integration name in 1_4_0.md Co-authored-by: Aster Bandis <[email protected]> * PrismaCloud V2 dashboard update (demisto#35106) (demisto#35369) * prismaCloud dashboard update adding sourcebrand for prismacloud v2 to the dashboard to include incidents from that integration. * Update 4_3_7.md updating to catch the syntax issues in release notes * Update 4_3_7.md updated release notes * Update 4_3_7.md release notes update * Update Packs/PrismaCloud/ReleaseNotes/4_3_7.md --------- Co-authored-by: epartington <[email protected]> Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: samuelFain <[email protected]> * Ciac 5471 exabeam fetch users (demisto#34900) * add section to yml * add command fetch_notable_users * fix referenced before assignment * format * fix fetch_notable_users * fix set_integration_context * clear TODO * add reset-notable-users-cached and classifier * add Exabeam Notable User to IncidentFields * add incident layout mapper and type * add limit to context * pre commit * rename pack & integration * add incidentType to mapping * update layout * rename incident field * add UT * update dockerimage * update layout & release note * Merge branch 'master' of github.com:demisto/content into ciac-5471-exabeam-fetch-users * add checkbox fetch_user_duplicates * replace name parameter Fetch user duplicates * release notes * fix name of filed * fix incidentfield * ReleaseNotes * IncidentFields * peck metadata * ReleaseNotes * rename incident fide in mapper * return name incident fide * mapping * ReleaseNotes * add filed to mapping * add Multi Select type fetch * fix UT * save in last run instead of context * - dev * fix layout * try to fix GR103 * fix in ReleaseNotes * ReleaseNotes * document review * Bump pack from version CommonTypes to 3.5.7. * document review * remove command reset-notable-users-cached * update readme about the fetch * Fix from CR * Add validation for interval * update docker * Updated Docker image in ReleaseNotes * Bump pack from version CommonTypes to 3.5.8. * add test to test_module * Bump pack from version CommonTypes to 3.5.9. * fix time_period --------- Co-authored-by: Content Bot <[email protected]> * [Marketplace Contribution] Common Scripts - Content Pack Update (demisto#35178) * [Marketplace Contribution] Common Scripts - Content Pack Update (demisto#35115) * "contribution update to pack 'Common Scripts'" * pack resubmitted --------- Co-authored-by: Jacob Levy <[email protected]> * add typing * add typing * more fixes * more fixes * more fixes * more fixes * more stuff * build fixes * build fixes * UTs complete * docs * marketplace selection * RN * docker * Bump pack from version CommonScripts to 1.15.29. --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Jacob Levy <[email protected]> Co-authored-by: jlevypaloalto <[email protected]> Co-authored-by: Content Bot <[email protected]> * Xsup 39381 joesecurity file value (demisto#35408) * Changed indicator to be sha256 * fixed ut * added rn * Bumped docker * Bumped RN * Bumped dicker * Update Packs/JoeSecurity/ReleaseNotes/1_1_23.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Fix CS Falcon Reopen Statuses parameter doesn't have any value (demisto#35366) * allow empty reopen status list * RN * fixed a test * Update Packs/CrowdStrikeFalcon/ReleaseNotes/1_13_14.md Co-authored-by: Shelly Tzohar <[email protected]> --------- Co-authored-by: Shelly Tzohar <[email protected]> * Revert "checking ignore rm108 (demisto#35291)" (demisto#35318) This reverts commit 238b27d. * poetry files (demisto#35419) Co-authored-by: Content Bot <[email protected]> * remove /n in html (demisto#35381) * fix * rn_pa * reply fix * fix rn * Bump pack from version MicrosoftExchangeOnline to 1.4.1. * docker-image * rn --------- Co-authored-by: Content Bot <[email protected]> * [Marketplace Contribution] Common Scripts - Content Pack Update (demisto#35407) * [Marketplace Contribution] Common Scripts - Content Pack Update (demisto#35297) * "contribution update to pack 'Common Scripts'" * resolved rebase conflicts --------- Co-authored-by: israelpoli <[email protected]> * add TPB * resolve conflicts * add TPB to conf.json and yml file * Bump pack from version CommonScripts to 1.15.30. * commit * remove new tpb from conf json --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: ipolishuk <[email protected]> Co-authored-by: Content Bot <[email protected]> * SplunkPy: fix bug in drilldown enrichemnt (demisto#35368) * fix + RN * fix pre commit * Apply suggestions from code review Co-authored-by: Shachar Kidor <[email protected]> --------- Co-authored-by: Shachar Kidor <[email protected]> * Cisco ASA CRTX-121323 Invert Peer Direction Roles on relevant Teardown Events (demisto#35380) * apply network peers direction swap on teardown * minor-fixes * update release-notes * update release-notes * reformat README.md * Update Packs/CiscoASA/ReleaseNotes/1_1_7.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Un-skip the ruff hook for autoupdate docker PRs (demisto#35413) * Un-skipped the ruff hook for autoupdate docker PRs * Un-skipped the pytest-network-in-docker hook for autoupdate docker prs * added to pack ignore the validation MR108 for Tenable_io.yml (demisto#35415) * added to pack ignore the validation MR108 for Tenable_io.yml --------- Co-authored-by: noy <nodavidi.paloaltonetworks.com> * update feed-performance-test docker (demisto#35423) * update feed-performance-test docker * fix DS108 * Lookup CSV output fix (demisto#35418) * Added the outputs LookupCSV.Result * Added release notes * Updated readme file * Fixed validation * CR Fix * Bump pack from version CommonScripts to 1.15.31. * CR Fix --------- Co-authored-by: Content Bot <[email protected]> * Ewso365 bug (demisto#35351) * fixed an issue where re-registering a header failed * added rn * edited the unittest * Bump pack from version MicrosoftExchangeOnline to 1.4.1. * fixed conflict in rn --------- Co-authored-by: Content Bot <[email protected]> * CIAC-9928 - OpenLDAP ad-entries-search (demisto#35165) * started implementing ad-entries-search * yml and finished implemntation * finished implementing ad-entries-search * finished implementing ad-entries-search * and for provided filters * updated yml * readme * pr comments * pr comments * pr comments * pr comments * pr comments * unitests * readme * Update Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenLDAP/Integrations/OpenLDAP/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenLDAP/Integrations/OpenLDAP/OpenLDAP.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/OpenLDAP/Integrations/OpenLDAP/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * added doc string to tests --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> * Update ml dockers (demisto#35422) * update ml dockers * bump RN * fix_azure_sc_tpb (demisto#35428) * fixed the tpb * fixed the names * sdk format * bug - MD EC added debug logs (demisto#35425) * bug - MD EC added debug logs * fix pre-commit * more logs * fix logs * Update MicrosoftDefenderEventCollector.py --------- Co-authored-by: rshunim <[email protected]> Co-authored-by: rshunim <[email protected]> * Yc/carbon black/ciac 9132 (demisto#35202) * Existing commands migration to the new endpoints * cbd-find-processes polling command added * added cbd-find-observation-details polling command * new version all existing commands including polling commands * added validations for required args, and cleaning * device commands added * added docs string in client functions * added docs string to all comands * description file added * mapper updated to the new response format * docs and type ignore * update and set policy commands added * done * readme file added for all commands * Migration notes added * removed -dev * test file with all commands tests * fixed build * added RN and tests * pre-commit * pre commit * format * added release note and updated docker image * rewrite * handle priority_level in CamelCase arg * docs review * docs review * deleted unneeded duplicates * Update Packs/CarbonBlackDefense/ReleaseNotes/4_0_0.md Co-authored-by: JudithB <[email protected]> * format fixed --------- Co-authored-by: JudithB <[email protected]> * add ThreatCrowd to skipped (demisto#35433) * Update logo to align to common prisma cloud logo (demisto#35322) * Update logo to align to common prisma cloud logo (demisto#35113) Updated logo to align to common prisma cloud logo * bump docker version. * RN change. * Bump pack from version PrismaCloud to 4.3.8. --------- Co-authored-by: epartington <[email protected]> Co-authored-by: Danny_Fried <[email protected]> Co-authored-by: Content Bot <[email protected]> * Impartner community pack (demisto#35430) * [ThreatConnectV3] Support Python 3.11 (demisto#35432) * fix * RN * Adding a command to add VM to cleanroom recovery group and changing the integration name (demisto#35229) (demisto#35411) * Changes * Add VM to cleanroom recovery group Adding command to add VM to cleanroom recovery group * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Add files via upload * Update pack_metadata.json * remove commented code Co-authored-by: Cv-securityIQ <[email protected]> * Add new parameters for Sophos Central API (demisto#35357) (demisto#35412) * Add new parameters for Sophos Central API * Add contributors file * Increase version and add release notes * Update docker image * Optimize ip address parameter routine * Use argToList function * Update release notes to represent changes * Use argToBoolean for boolean parameter * Set default value for argToBoolean Co-authored-by: Nik Stuckenbrock <[email protected]> * Fix dynammo tpb (demisto#35406) * fix-tpb * delete-from-skipped-tests * delete hard coded * Update Packs/AWS_DynamoDB/TestPlaybooks/playbook-AWS-DynamoDB-Test.yml Co-authored-by: tkatzir <[email protected]> --------- Co-authored-by: tkatzir <[email protected]> * CIAC-10816-Bitwarden-Password-Manager-Event-Collector (demisto#35191) * init * stash * auth, fetch events * wip * wip * add fetch, and get with start and end * update yml file * add comment * fix main function * Update Packs/BitwardenPasswordManager/pack_metadata.json Co-authored-by: Dan Tavori <[email protected]> * wip * wip * Update Packs/BitwardenPasswordManager/pack_metadata.json Co-authored-by: Dan Tavori <[email protected]> * Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManagerEventCollector/BitwardenPasswordManagerEventCollector.yml Co-authored-by: Dan Tavori <[email protected]> * Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManagerEventCollector/BitwardenPasswordManagerEventCollector.yml Co-authored-by: Dan Tavori <[email protected]> * add readme and description * remove end date, update category * combine get_events to fetch_events * wip * remove logs * update readme * add image * fixing readability * use last fetch as start time * add end time to params * add end time to params * fix start+end time * remove event collector naming * add get_unique_events * fix types * wip * wip * wip * pr fixes * wip * add docstring to fetch_events * add pack readme * update readme * add unit tests * fix defaults dates format * pre commit changes * ignore IN150 validation * upgrade docker image * add nmock api url to secret ignore * ran format * add debug command * pre-commit changes * remove debug command * Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/BitwardenPasswordManager.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/BitwardenPasswordManager_description.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/Integrations/BitwardenPasswordManager/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/BitwardenPasswordManager/README.md Co-authored-by: Dan Tavori <[email protected]> * change category * fix pack readme --------- Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * fix fetch-incidents returns duplicates bug (demisto#35424) * fix bug and testing and readme * readme * release notes * change argument name * pre commit * code review fixes * more code review fixes * limit+1 * shirly fixes and changed sort field * remove the dev * run pre commit * last fixes * typo fixes * rename splunk host display name (demisto#35431) * rename splunk host display name * update code and readme * test * bug - ansible dockerimage revert (demisto#35442) * bug - ansible dockerimage revert * format * Update 1_0_7.md * fix (demisto#35414) Co-authored-by: Yuval Hayun <[email protected]> * [ASM] - EXPANDER - 10154 Service Ownership Playbook ASM ServiceOwners and Ranking Score Fix (demisto#35388) * [ASM] - EXPANDER - 10154 Service Ownership Playbook ASM ServiceOwners and Ranking Score Fix (demisto#35091) * Update RankServiceOwners task to check that "accounttype" does not exist for service owners * Update release notes * Update RankServiceOwners task owners argument * Update Ranking Score key in asmserviceowner field * Update ReadMe * Update ReadMe * Update release notes * Update Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_42.md Co-authored-by: ShirleyDenkberg <[email protected]> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update release notes * Update Release Version --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * RN add desc under Incident Fields --------- Co-authored-by: John <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Danny_Fried <[email protected]> * Cyberark Endpoint bug (demisto#35275) * added logs * edit * added support to platform url * removed test integration * fixed applying the update * edited unittests --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: barryyosi-panw <[email protected]> Co-authored-by: darbel <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: rshunim <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Chait A <[email protected]> Co-authored-by: Tal Carmeli <[email protected]> Co-authored-by: Karina Fishman <[email protected]> Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: OmriItzhak <[email protected]> Co-authored-by: Danny Fried <[email protected]> Co-authored-by: Dror Avrahami <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: samuelFain <[email protected]> Co-authored-by: [email protected] <[email protected]> Co-authored-by: Edi Katsenelson <[email protected]> Co-authored-by: Jacob Levy <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: cweltPA <[email protected]> Co-authored-by: azonenfeld <[email protected]> Co-authored-by: John <[email protected]> Co-authored-by: Jasmine Beilin <[email protected]> Co-authored-by: Israel Lappe <[email protected]> Co-authored-by: Yaakov Praisler <[email protected]> Co-authored-by: Judah Schwartz <[email protected]> Co-authored-by: TalNos <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: Pablo Pérez <[email protected]> Co-authored-by: Daniel Pascual <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: ipolishuk <[email protected]> Co-authored-by: Arad Carmi <[email protected]> Co-authored-by: Binat Ziser <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: Tal Zichlinsky <[email protected]> Co-authored-by: Erez FelmanDar <[email protected]> Co-authored-by: Aster Bandis <[email protected]> Co-authored-by: epartington <[email protected]> Co-authored-by: YairGlik <[email protected]> Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: jlevypaloalto <[email protected]> Co-authored-by: Shahaf Ben Yakir <[email protected]> Co-authored-by: RotemAmit <[email protected]> Co-authored-by: Shelly Tzohar <[email protected]> Co-authored-by: Shachar Kidor <[email protected]> Co-authored-by: noydavidi <[email protected]> Co-authored-by: Maya Goldman <[email protected]> Co-authored-by: MLainer1 <[email protected]> Co-authored-by: rshunim <[email protected]> Co-authored-by: yedidyacohenpalo <[email protected]> Co-authored-by: JudithB <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: Cv-securityIQ <[email protected]> Co-authored-by: Nik Stuckenbrock <[email protected]> Co-authored-by: tkatzir <[email protected]> Co-authored-by: ilaredo <[email protected]> Co-authored-by: Yael Shamai <[email protected]>
danipv
pushed a commit
that referenced
this pull request
Nov 19, 2024
* Updated docker image to demisto/smbprotocol:1.0.0.112286. PR batch #1/1 (demisto#36482) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/stringsifter:3.20230711.112287. PR batch #1/1 (demisto#36481) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/yarapy:1.0.0.112291. PR batch #1/1 (demisto#36480) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/snowflake:1.0.0.112285. PR batch #1/1 (demisto#36479) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/ansible-runner:1.0.0.112234. PR batch #2/2 (demisto#36478) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/ansible-runner:1.0.0.112234. PR batch #1/2 (demisto#36477) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/netmiko:1.0.0.112262. PR batch #1/1 (demisto#36476) Co-authored-by: root <root@1e2de18e0cc3> --------- Co-authored-by: content-bot <[email protected]> Co-authored-by: root <root@1e2de18e0cc3>
danipv
pushed a commit
that referenced
this pull request
Nov 19, 2024
* Updated docker image to demisto/py3ews:5.4.3.112092. PR batch #1/1 (demisto#36622) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/crypto:1.0.0.111961. PR batch #1/4 (demisto#36623) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/crypto:1.0.0.111961. PR batch #2/4 (demisto#36624) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/crypto:1.0.0.111961. PR batch #3/4 (demisto#36625) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/crypto:1.0.0.111961. PR batch #4/4 (demisto#36626) Co-authored-by: root <root@1e2de18e0cc3> --------- Co-authored-by: content-bot <[email protected]> Co-authored-by: root <root@1e2de18e0cc3>
danipv
pushed a commit
that referenced
this pull request
Nov 19, 2024
* Updated docker image to demisto/googleapi-python3:1.0.0.112316. PR batch #2/2 (demisto#36495) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/googleapi-python3:1.0.0.112316. PR batch #1/2 (demisto#36494) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/google-cloud-translate:1.0.0.112239. PR batch #1/1 (demisto#36493) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/pcap-http-extractor:1.0.0.112272. PR batch #1/1 (demisto#36492) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/xpanse-ml-ev2:1.0.0.112461. PR batch #1/1 (demisto#36491) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/readpdf:1.0.0.112283. PR batch #1/1 (demisto#36490) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/unzip:1.0.0.112289. PR batch #1/1 (demisto#36489) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/bigquery:1.0.0.112225. PR batch #1/1 (demisto#36486) Co-authored-by: root <root@1e2de18e0cc3> Co-authored-by: Maya Goldman <[email protected]> * Updated docker image to demisto/google-kms:1.0.0.112242. PR batch #1/1 (demisto#36485) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/ssdeep:1.0.0.112284. PR batch #1/1 (demisto#36484) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/qrcode:1.0.0.112357. PR batch #1/1 (demisto#36483) Co-authored-by: root <root@1e2de18e0cc3> * demisto/python3-deb:3.11.10.112166 | 0-100 | PR batch #1/1 (demisto#36488) * Updated docker image to demisto/python3-deb:3.11.10.112166. PR batch #1/1 * ruff py datetime-timezone-utc (UP017) * ruff py datetime-timezone-utc (UP017) * ruff py datetime-timezone-utc (UP017) * exclude from native --------- Co-authored-by: root <root@1e2de18e0cc3> Co-authored-by: mayagoldman <[email protected]> Co-authored-by: Maya Goldman <[email protected]> * demisto/google-api-py3:1.0.0.112317 | 0-100 | PR batch #1/1 (demisto#36487) * Updated docker image to demisto/google-api-py3:1.0.0.112317. PR batch #1/1 * ruff py datetime-timezone-utc (UP017) * ruff py datetime-timezone-utc (UP017) * exclude from native --------- Co-authored-by: root <root@1e2de18e0cc3> Co-authored-by: mayagoldman <[email protected]> Co-authored-by: Maya Goldman <[email protected]> * updated release notes * Update 1_15_73.md * remove palce holder --------- Co-authored-by: content-bot <[email protected]> Co-authored-by: root <root@1e2de18e0cc3>
danipv
pushed a commit
that referenced
this pull request
Nov 19, 2024
* Updated docker image to demisto/googleapi-python3:1.0.0.113882. PR batch #1/2 (demisto#36788) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/googleapi-python3:1.0.0.113882. PR batch #2/2 (demisto#36789) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/exodusintelligence:1.0.0.113866. PR batch #1/1 (demisto#36793) Co-authored-by: root <root@1e2de18e0cc3> * demisto/devo:1.0.0.113864 | 0-100 | PR batch #1/1 (demisto#36792) * Updated docker image to demisto/devo:1.0.0.113864. PR batch #1/1 * ruff-py3.11 * RN --------- Co-authored-by: root <root@1e2de18e0cc3> Co-authored-by: mayagoldman <[email protected]> * Updated docker image to demisto/google-api-py3:1.0.0.114199. PR batch #1/1 (demisto#36787) Co-authored-by: root <root@1e2de18e0cc3> * RN --------- Co-authored-by: content-bot <[email protected]> Co-authored-by: root <root@1e2de18e0cc3>
danipv
pushed a commit
that referenced
this pull request
Nov 19, 2024
* Updated docker image to demisto/python3:3.11.10.113941. PR batch #4/7 (demisto#36995) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/python3:3.11.10.113941. PR batch #3/7 (demisto#36994) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/python3:3.11.10.113941. PR batch #7/7 (demisto#36998) Co-authored-by: root <root@1e2de18e0cc3> * demisto/python3:3.11.10.113941 | 0-100 | PR batch #2/7 (demisto#36993) * Updated docker image to demisto/python3:3.11.10.113941. PR batch #2/7 * Update IPNetwork.yml --------- Co-authored-by: root <root@1e2de18e0cc3> Co-authored-by: inbalapt1 <[email protected]> * Updated docker image to demisto/python3:3.11.10.113941. PR batch #1/7 (demisto#36992) Co-authored-by: root <root@1e2de18e0cc3> * demisto/python3:3.11.10.113941 | 0-100 | PR batch #6/7 (demisto#36997) * Updated docker image to demisto/python3:3.11.10.113941. PR batch #6/7 * fix UTC * remove paloaltonetworks_iot --------- Co-authored-by: root <root@1e2de18e0cc3> Co-authored-by: [email protected] <[email protected]> * update release notes * Bump pack from version MicrosoftExchangeOnline to 1.5.13. --------- Co-authored-by: content-bot <[email protected]> Co-authored-by: root <root@1e2de18e0cc3> Co-authored-by: Content Bot <[email protected]>
danipv
pushed a commit
that referenced
this pull request
Nov 19, 2024
* Updated docker image to demisto/py3-tools:1.0.0.114656. PR batch #2/2 (demisto#37052) Co-authored-by: root <root@1e2de18e0cc3> * update-release-notes * demisto/py3-tools:1.0.0.114656 | 0-100 | PR batch #1/2 (demisto#37051) * Updated docker image to demisto/py3-tools:1.0.0.114656. PR batch #1/2 * Update RSSWidget.yml * update release notes * Update 1_0_3.md * Update 1_0_6.md * Update 1_0_3.md * Update 1_0_1.md * Update 1_0_8.md * release notes remove UPDATE_RN --------- Co-authored-by: root <root@1e2de18e0cc3> Co-authored-by: inbalapt1 <[email protected]> Co-authored-by: [email protected] <[email protected]> * Bump pack from version Mimecast to 2.5.3. * Bump pack from version Core to 3.0.88. * Bump pack from version Core to 3.0.89. * Bump pack from version Core to 3.0.90. * Bump pack from version FiltersAndTransformers to 1.2.81. --------- Co-authored-by: content-bot <[email protected]> Co-authored-by: root <root@1e2de18e0cc3> Co-authored-by: Content Bot <[email protected]>
danipv
pushed a commit
that referenced
this pull request
Nov 19, 2024
* Updated docker image to demisto/python3:3.11.10.115186. PR batch #2/5 (demisto#37137) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/python3:3.11.10.115186. PR batch #1/5 (demisto#37136) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/python3:3.11.10.115186. PR batch #5/5 (demisto#37140) Co-authored-by: root <root@1e2de18e0cc3> * Updated docker image to demisto/python3:3.11.10.115186. PR batch #3/5 (demisto#37138) Co-authored-by: root <root@1e2de18e0cc3> Co-authored-by: inbalapt1 <[email protected]> * demisto/python3:3.11.10.115186 | 70-100 | PR batch #4/5 (demisto#37139) * Updated docker image to demisto/python3:3.11.10.115186. PR batch #4/5 * Update CortexXDRIR.yml * Update XQLQueryingEngine.yml * Update PaloAltoNetworksAIOps.yml --------- Co-authored-by: root <root@1e2de18e0cc3> Co-authored-by: inbalapt1 <[email protected]> * update release-notes * Bump pack from version CommonScripts to 1.15.88. * Bump pack from version SplunkPy to 3.1.44. * Bump pack from version Phishing to 3.6.27. * Bump pack from version CortexXDR to 6.1.89. --------- Co-authored-by: content-bot <[email protected]> Co-authored-by: root <root@1e2de18e0cc3> Co-authored-by: Content Bot <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
fixes: link to the issue
Description
A few sentences describing the overall goals of the pull request's commits.
Screenshots
Paste here any images that will help the reviewer
Minimum version of Cortex XSOAR
Does it break backward compatibility?
Must have