From 62aee8caeeea1ba910fc7fb9e8f3fb9429b94807 Mon Sep 17 00:00:00 2001 From: Menachem Weinfeld Date: Mon, 23 Oct 2023 13:22:41 +0300 Subject: [PATCH] Fix autopep8 errors --- .../AWS_SecurityHub/AWS_SecurityHub.py | 2 +- .../AWS_SecurityHub/AWS_SecurityHub.yml | 14 +- Packs/AWS-SecurityHub/ReleaseNotes/1_3_15.md | 6 + Packs/AWS-SecurityHub/pack_metadata.json | 2 +- .../ReleaseNotes/1_1_1.md | 6 + .../Scripts/ExtFilter/ExtFilter.py | 2 +- .../Scripts/ExtFilter/ExtFilter.yml | 10 +- .../CommunityCommonScripts/pack_metadata.json | 2 +- .../Integrations/ConcentricAI/ConcentricAI.py | 2 +- .../ConcentricAI/ConcentricAI.yml | 22 +- Packs/ConcentricAI/ReleaseNotes/1_2_9.md | 6 + Packs/ConcentricAI/pack_metadata.json | 4 +- .../Integrations/Cybereason/Cybereason.py | 8 +- .../Integrations/Cybereason/Cybereason.yml | 354 +++++++++--------- Packs/Cybereason/ReleaseNotes/2_1_13.md | 6 + Packs/Cybereason/pack_metadata.json | 2 +- .../EmailCommunication/ReleaseNotes/2_0_13.md | 6 + .../Scripts/SendEmailReply/SendEmailReply.py | 4 +- .../Scripts/SendEmailReply/SendEmailReply.yml | 10 +- Packs/EmailCommunication/pack_metadata.json | 2 +- .../Integrations/McAfeeTIEV2/McAfeeTIEV2.py | 6 +- .../Integrations/McAfeeTIEV2/McAfeeTIEV2.yml | 2 +- Packs/McAfee-TIE/ReleaseNotes/2_0_15.md | 6 + Packs/McAfee-TIE/pack_metadata.json | 2 +- 24 files changed, 261 insertions(+), 225 deletions(-) create mode 100644 Packs/AWS-SecurityHub/ReleaseNotes/1_3_15.md create mode 100644 Packs/CommunityCommonScripts/ReleaseNotes/1_1_1.md create mode 100644 Packs/ConcentricAI/ReleaseNotes/1_2_9.md create mode 100644 Packs/Cybereason/ReleaseNotes/2_1_13.md create mode 100644 Packs/EmailCommunication/ReleaseNotes/2_0_13.md create mode 100644 Packs/McAfee-TIE/ReleaseNotes/2_0_15.md diff --git a/Packs/AWS-SecurityHub/Integrations/AWS_SecurityHub/AWS_SecurityHub.py b/Packs/AWS-SecurityHub/Integrations/AWS_SecurityHub/AWS_SecurityHub.py index 2350707c6e34..5fa06ff81281 100644 --- a/Packs/AWS-SecurityHub/Integrations/AWS_SecurityHub/AWS_SecurityHub.py +++ b/Packs/AWS-SecurityHub/Integrations/AWS_SecurityHub/AWS_SecurityHub.py @@ -549,7 +549,7 @@ def parse_filter_field(string_filters) -> dict: try: filters_list = string_filters.split(';') filters = {split_str[0].split('=')[1]: [{'Value': split_str[1].split('=')[1], - 'Comparison':split_str[2].split('=')[1].upper()}] + 'Comparison': split_str[2].split('=')[1].upper()}] for split_str in [filter_str.split(',') for filter_str in filters_list]} except Exception: demisto.error(f'Failed parsing filters: {string_filters}\n error: {Exception}') diff --git a/Packs/AWS-SecurityHub/Integrations/AWS_SecurityHub/AWS_SecurityHub.yml b/Packs/AWS-SecurityHub/Integrations/AWS_SecurityHub/AWS_SecurityHub.yml index 086f4d338972..cdd20390074c 100644 --- a/Packs/AWS-SecurityHub/Integrations/AWS_SecurityHub/AWS_SecurityHub.yml +++ b/Packs/AWS-SecurityHub/Integrations/AWS_SecurityHub/AWS_SecurityHub.yml @@ -236,7 +236,7 @@ script: - description: The identifier of the finding that was specified by the finding. Can be retrieved using the 'aws-securityhub-get-findings' command provider. name: finding_identifiers_id required: true - - description: The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration. Can be retrieved using the 'aws-securityhub-get-findings' command + - description: The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration. Can be retrieved using the 'aws-securityhub-get-findings' command. name: finding_identifiers_product_arn required: true - description: The updated note text. @@ -260,7 +260,7 @@ script: - TRUE_POSITIVE - FALSE_POSITIVE - BENIGN_POSITIVE - - description: "One or more finding types in the format of namespace/category/classifier that classify a finding. Valid namespace values are as follows. * Software and Configuration Checks * TTPs * Effects * Unusual Behaviors * Sensitive Data Identifications" + - description: "One or more finding types in the format of namespace/category/classifier that classify a finding. Valid namespace values are as follows. * Software and Configuration Checks * TTPs * Effects * Unusual Behaviors * Sensitive Data Identifications." name: types - description: A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. name: user_defined_fields @@ -308,7 +308,7 @@ script: name: roleSessionDuration - description: Override arguments and send a formatted JSON file. name: raw_json - - description: 'List of Tags separated by Key Value. For example: "key=key1,value=value1;key=key2,value=value2"' + - description: 'List of Tags separated by Key Value. For example: "key=key1,value=value1;key=key2,value=value2".' name: tags description: Enables Security Hub for your account in the current Region or the Region you specify in the request. Enabling Security Hub also enables the CIS AWS Foundations standard. When you enable Security Hub, you grant to Security Hub the permissions necessary to gather findings from AWS Config, Amazon GuardDuty, Amazon Inspector, and Amazon Macie. To learn more, see Setting Up AWS Security Hub. name: aws-securityhub-enable-security-hub @@ -326,7 +326,7 @@ script: - description: The string filter value. name: product_arn_value - auto: PREDEFINED - description: The condition to be applied to a string value when querying for findings + description: The condition to be applied to a string value when querying for findings. name: product_arn_comparison predefined: - EQUALS @@ -875,7 +875,7 @@ script: description: The AWS account ID that a finding is generated in. type: string - contextPath: AWS-SecurityHub.Findings.Types - description: 'One or more finding types in the format of namespace/category/classifier that classify a finding. Valid namespace values are as follows. Software and Configuration Checks, TTPs, Effects, Unusual Behaviors, Sensitive Data Identifications' + description: 'One or more finding types in the format of namespace/category/classifier that classify a finding. Valid namespace values are as follows. Software and Configuration Checks, TTPs, Effects, Unusual Behaviors, Sensitive Data Identifications.' type: Unknown - contextPath: AWS-SecurityHub.Findings.FirstObservedAt description: An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. @@ -1476,7 +1476,7 @@ script: - description: Override arguments and send a formatted JSON file. name: raw_json - auto: PREDEFINED - description:

Specifies which member accounts the response includes based on their relationship status with the master account. The default value is TRUE. If onlyAssociated is set to TRUE, the response includes member accounts whose relationship status with the master is set to ENABLED or DISABLED. If onlyAssociated is set to FALSE, the response includes all existing member accounts.

+ description:

Specifies which member accounts the response includes based on their relationship status with the master account. The default value is TRUE. If onlyAssociated is set to TRUE, the response includes member accounts whose relationship status with the master is set to ENABLED or DISABLED. If onlyAssociated is set to FALSE, the response includes all existing member accounts.

. name: only_associated predefined: - 'True' @@ -2068,7 +2068,7 @@ script: description: The UTC timestamp in seconds since the last update. The incident is only updated if it was modified after the last update time. - name: get-mapping-fields description: Returns the list of fields to map in outgoing mirroring. This command is only used for debugging purposes. - dockerimage: demisto/boto3py3:1.0.0.72851 + dockerimage: demisto/boto3py3:1.0.0.79189 isfetch: true ismappable: true isremotesyncin: true diff --git a/Packs/AWS-SecurityHub/ReleaseNotes/1_3_15.md b/Packs/AWS-SecurityHub/ReleaseNotes/1_3_15.md new file mode 100644 index 000000000000..393a6da84131 --- /dev/null +++ b/Packs/AWS-SecurityHub/ReleaseNotes/1_3_15.md @@ -0,0 +1,6 @@ + +#### Integrations + +##### AWS - Security Hub + +- Updated the Docker image to: *demisto/boto3py3:1.0.0.79189*. diff --git a/Packs/AWS-SecurityHub/pack_metadata.json b/Packs/AWS-SecurityHub/pack_metadata.json index 29c4fce7fb00..a771828d3081 100644 --- a/Packs/AWS-SecurityHub/pack_metadata.json +++ b/Packs/AWS-SecurityHub/pack_metadata.json @@ -2,7 +2,7 @@ "name": "AWS - Security Hub", "description": "Amazon Web Services Security Hub Service.", "support": "xsoar", - "currentVersion": "1.3.14", + "currentVersion": "1.3.15", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/CommunityCommonScripts/ReleaseNotes/1_1_1.md b/Packs/CommunityCommonScripts/ReleaseNotes/1_1_1.md new file mode 100644 index 000000000000..43ec6eaf0559 --- /dev/null +++ b/Packs/CommunityCommonScripts/ReleaseNotes/1_1_1.md @@ -0,0 +1,6 @@ + +#### Scripts + +##### ExtFilter + +- Updated the Docker image to: *demisto/python3:3.10.13.78960*. diff --git a/Packs/CommunityCommonScripts/Scripts/ExtFilter/ExtFilter.py b/Packs/CommunityCommonScripts/Scripts/ExtFilter/ExtFilter.py index d6e64db1a2f0..67c3d25aa5af 100644 --- a/Packs/CommunityCommonScripts/Scripts/ExtFilter/ExtFilter.py +++ b/Packs/CommunityCommonScripts/Scripts/ExtFilter/ExtFilter.py @@ -936,7 +936,7 @@ def filter_with_expressions(self, r, conds, path, True) for r in root] if v]) elif not isinstance(root, dict): return None - (parent, parent_path),\ + (parent, parent_path), \ (child, child_name) = get_parent_child(root, path) for x in self.__conds_items(conds, root): diff --git a/Packs/CommunityCommonScripts/Scripts/ExtFilter/ExtFilter.yml b/Packs/CommunityCommonScripts/Scripts/ExtFilter/ExtFilter.yml index 794458f1552b..34aefffda3c0 100644 --- a/Packs/CommunityCommonScripts/Scripts/ExtFilter/ExtFilter.yml +++ b/Packs/CommunityCommonScripts/Scripts/ExtFilter/ExtFilter.yml @@ -17,10 +17,10 @@ system: true args: - name: value required: true - description: Value to be filtered + description: Value to be filtered. isArray: true - name: path - description: Context Path to which to filter + description: Context Path to which to filter. - name: operation required: true auto: PREDEFINED @@ -149,11 +149,11 @@ args: - 'wildcard: matches caseless' - is individually transformed with - is collectively transformed with - description: 'Filter Operation: value is filtered by,is filtered by,keeps,doesn''t keep,is,isn''t,equals,doesn''t equal,greater or equal,greater than,less or equal,less than,in range,starts with,starts with caseless,doesn''t start with,doesn''t start with caseless,email-header: decode,ends with,ends with caseless,doesn''t end with,doesn''t end with caseless,includes,includes caseless,doesn''t include,doesn''t include caseless,finds,finds caseless,doesn''t find,doesn''t find caseless,matches,matches caseless,doesn''t match,doesn''t match caseless,matches wildcard,matches caseless wildcard,doesn''t match wildcard,doesn''t match caseless wildcard,matches regex,matches caseless regex,doesn''t match regex,doesn''t match caseless regex,in list,in caseless list,not in list,not in caseless list,contains,contains caseless,doesn''t contain,doesn''t contain caseless,contains any match with wildcard,contains any match with caseless wildcard,doesn''t contain any match with wildcard,doesn''t contain any match with caseless wildcard,contains any match with regex,contains any match with caseless regex,doesn''t contain any match with regex,doesn''t contain any match with caseless regex,matches wildcard,matches caseless wildcard,doesn''t match wildcard,doesn''t match caseless wildcard,matches regex,matches caseless regex,doesn''t match regex,doesn''t match caseless regex,matches any string of,matches any caseless string of,doesn''t match any string of,doesn''t match any caseless string of,,matches any line of,,matches any caseless line of,,doesn''t match any line of,,doesn''t match any caseless line of,matches any wildcard of,matches any caseless wildcard of,doesn''t match any wildcard of,doesn''t match any caseless wildcard of,matches any regex of,matches any caseless regex of,doesn''t match any regex of,doesn''t match any caseless regex of,matches conditions of,matches custom conditions of,value matches conditions of,value matches custom conditions of,===,!==,==,!=,>=,>,<=,<' + description: 'Filter Operation: value is filtered by,is filtered by,keeps,doesn''t keep,is,isn''t,equals,doesn''t equal,greater or equal,greater than,less or equal,less than,in range,starts with,starts with caseless,doesn''t start with,doesn''t start with caseless,email-header: decode,ends with,ends with caseless,doesn''t end with,doesn''t end with caseless,includes,includes caseless,doesn''t include,doesn''t include caseless,finds,finds caseless,doesn''t find,doesn''t find caseless,matches,matches caseless,doesn''t match,doesn''t match caseless,matches wildcard,matches caseless wildcard,doesn''t match wildcard,doesn''t match caseless wildcard,matches regex,matches caseless regex,doesn''t match regex,doesn''t match caseless regex,in list,in caseless list,not in list,not in caseless list,contains,contains caseless,doesn''t contain,doesn''t contain caseless,contains any match with wildcard,contains any match with caseless wildcard,doesn''t contain any match with wildcard,doesn''t contain any match with caseless wildcard,contains any match with regex,contains any match with caseless regex,doesn''t contain any match with regex,doesn''t contain any match with caseless regex,matches wildcard,matches caseless wildcard,doesn''t match wildcard,doesn''t match caseless wildcard,matches regex,matches caseless regex,doesn''t match regex,doesn''t match caseless regex,matches any string of,matches any caseless string of,doesn''t match any string of,doesn''t match any caseless string of,,matches any line of,,matches any caseless line of,,doesn''t match any line of,,doesn''t match any caseless line of,matches any wildcard of,matches any caseless wildcard of,doesn''t match any wildcard of,doesn''t match any caseless wildcard of,matches any regex of,matches any caseless regex of,doesn''t match any regex of,doesn''t match any caseless regex of,matches conditions of,matches custom conditions of,value matches conditions of,value matches custom conditions of,===,!==,==,!=,>=,>,<=,<.' isArray: true - name: filter required: true - description: Filter Value + description: Filter Value. - name: ctx_demisto description: '`demisto` context: Input . (single dot) on `From previous tasks` to enable to extract the context data.' - name: ctx_inputs @@ -164,7 +164,7 @@ args: description: '`demisto` context: Input ''incident'' (no quotation) on `From previous tasks` to enable ${incident.} expression in DT.' scripttarget: 0 subtype: python3 -dockerimage: demisto/python3:3.10.12.63474 +dockerimage: demisto/python3:3.10.13.78960 runas: DBotWeakRole fromversion: 5.0.0 tests: diff --git a/Packs/CommunityCommonScripts/pack_metadata.json b/Packs/CommunityCommonScripts/pack_metadata.json index 5ebc49e22d03..e8c8ea9afb98 100644 --- a/Packs/CommunityCommonScripts/pack_metadata.json +++ b/Packs/CommunityCommonScripts/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Community Common Scripts", "description": "A pack that contains community scripts", "support": "community", - "currentVersion": "1.1.0", + "currentVersion": "1.1.1", "author": "", "url": "https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/bd-p/Cortex_XSOAR_Discussions", "email": "", diff --git a/Packs/ConcentricAI/Integrations/ConcentricAI/ConcentricAI.py b/Packs/ConcentricAI/Integrations/ConcentricAI/ConcentricAI.py index 561c0a7943ac..52efa2bd52c7 100644 --- a/Packs/ConcentricAI/Integrations/ConcentricAI/ConcentricAI.py +++ b/Packs/ConcentricAI/Integrations/ConcentricAI/ConcentricAI.py @@ -77,7 +77,7 @@ def initialise_scrolls_and_rules(): def initialize_global_values(): - global URL, MAX_INCIDENTS_TO_FETCH, COOKIE, AUTH_HEADERS,\ + global URL, MAX_INCIDENTS_TO_FETCH, COOKIE, AUTH_HEADERS, \ CLIENT_ID, CLIENT_SECRET, AUTH_HEADERS, DOMAIN, AUTHORIZATION CLIENT_ID = demisto.getParam('client_id') diff --git a/Packs/ConcentricAI/Integrations/ConcentricAI/ConcentricAI.yml b/Packs/ConcentricAI/Integrations/ConcentricAI/ConcentricAI.yml index efd1c5dec59d..4248dfe15ebd 100644 --- a/Packs/ConcentricAI/Integrations/ConcentricAI/ConcentricAI.yml +++ b/Packs/ConcentricAI/Integrations/ConcentricAI/ConcentricAI.yml @@ -61,13 +61,13 @@ name: ConcentricAI script: commands: - arguments: - - description: Path of the file + - description: Path of the file. name: path required: true - - description: Name of File + - description: Name of File. name: file-name required: true - description: Get's file information + description: Get's file information. name: concentricai-get-file-details outputs: - contextPath: ConcentricAI.FileInfo.risk_names @@ -77,29 +77,29 @@ script: description: owner Details. type: String - contextPath: ConcentricAI.FileInfo.pii - description: PII present in file or not + description: PII present in file or not. type: String - contextPath: ConcentricAI.FileInfo.cid - description: File ID + description: File ID. type: String - arguments: - default: true defaultValue: '50' description: Maximum no. of users fetched per category. name: max_users - description: Get overview of Users involved + description: Get overview of Users involved. name: concentricai-get-users-overview - arguments: - - description: Enter user name + - description: Enter user name. name: user required: true - description: Get's user details + description: Get's user details. name: concentricai-get-user-details - arguments: - - description: File ID + - description: File ID. name: cid required: true - description: Get's file sharing details + description: Get's file sharing details. name: concentricai-get-file-sharing-details outputs: - contextPath: ConcentricAI.FileSharingInfo.type @@ -108,7 +108,7 @@ script: - contextPath: ConcentricAI.FileSharingInfo.user_name description: User name. type: Array - dockerimage: demisto/python3:3.10.12.68714 + dockerimage: demisto/python3:3.10.13.78960 isfetch: true runonce: false script: '-' diff --git a/Packs/ConcentricAI/ReleaseNotes/1_2_9.md b/Packs/ConcentricAI/ReleaseNotes/1_2_9.md new file mode 100644 index 000000000000..62a5db65458d --- /dev/null +++ b/Packs/ConcentricAI/ReleaseNotes/1_2_9.md @@ -0,0 +1,6 @@ + +#### Integrations + +##### ConcentricAI + +- Updated the Docker image to: *demisto/python3:3.10.13.78960*. diff --git a/Packs/ConcentricAI/pack_metadata.json b/Packs/ConcentricAI/pack_metadata.json index f0e710222baa..cac638f94c5f 100644 --- a/Packs/ConcentricAI/pack_metadata.json +++ b/Packs/ConcentricAI/pack_metadata.json @@ -1,8 +1,8 @@ { "name": "ConcentricAI", - "description": "Plugin for Concentric.ai Concentric\u2019s Semantic Intelligence\u2122 solution discovers and protects business critical, unstructured data.\nWe use deep learning to identify risky sharing, inappropriate third party access, assets in the wrong location, \nmis-classified documents, or lateral movement of data \u2013 all without rules or complex upfront configuration.", + "description": "Plugin for Concentric.ai Concentric’s Semantic Intelligence™ solution discovers and protects business critical, unstructured data.\nWe use deep learning to identify risky sharing, inappropriate third party access, assets in the wrong location, \nmis-classified documents, or lateral movement of data – all without rules or complex upfront configuration.", "support": "partner", - "currentVersion": "1.2.8", + "currentVersion": "1.2.9", "author": "Shams Hasan Rizvi", "url": "https://concentric.ai", "email": "shams@concentric.ai", diff --git a/Packs/Cybereason/Integrations/Cybereason/Cybereason.py b/Packs/Cybereason/Integrations/Cybereason/Cybereason.py index 90ff8e99acc0..5f21be9752e3 100644 --- a/Packs/Cybereason/Integrations/Cybereason/Cybereason.py +++ b/Packs/Cybereason/Integrations/Cybereason/Cybereason.py @@ -666,7 +666,7 @@ def malop_processes_command(client: Client, args: dict): raise DemistoException("dateTime could not be parsed. Please enter a valid time parameter.") date_time_parser = date_time_parser.timestamp() milliseconds = int(date_time_parser * 1000) - filter_input = [{"facetName": "creationTime", "filterType": "GreaterThan", "values": [milliseconds], "isResult":True}] + filter_input = [{"facetName": "creationTime", "filterType": "GreaterThan", "values": [milliseconds], "isResult": True}] if isinstance(malop_guids, str): malop_guids = malop_guids.split(',') @@ -1620,8 +1620,8 @@ def fetch_malop_processes(client: Client, malop_id: str) -> list: { "requestedType": "MalopProcess", "filters": [], - "guidList":[malop_id], - "connectionFeature":{ + "guidList": [malop_id], + "connectionFeature": { "elementInstanceType": "MalopProcess", "featureName": "suspects" } @@ -1629,7 +1629,7 @@ def fetch_malop_processes(client: Client, malop_id: str) -> list: { "requestedType": "Process", "filters": [], - "isResult":True + "isResult": True } ], "totalResultLimit": 1000, diff --git a/Packs/Cybereason/Integrations/Cybereason/Cybereason.yml b/Packs/Cybereason/Integrations/Cybereason/Cybereason.yml index 5a55fe3edd94..a4dbc7aced49 100644 --- a/Packs/Cybereason/Integrations/Cybereason/Cybereason.yml +++ b/Packs/Cybereason/Integrations/Cybereason/Cybereason.yml @@ -108,31 +108,31 @@ script: - 'true' - 'false' - auto: PREDEFINED - description: If process has external connection + description: If process has external connection. name: hasExternalConnection predefined: - 'true' - 'false' - auto: PREDEFINED - description: If process is not known to reputation services and its image file is unsigned + description: If process is not known to reputation services and its image file is unsigned. name: unsignedUnknownReputation predefined: - 'true' - 'false' - auto: PREDEFINED - description: If process is running from temporary folder + description: If process is running from temporary folder. name: fromTemporaryFolder predefined: - 'true' - 'false' - auto: PREDEFINED - description: If process was identified elevating its privileges to local system user + description: If process was identified elevating its privileges to local system user. name: privilegesEscalation predefined: - 'true' - 'false' - auto: PREDEFINED - description: If the process was executed by PsExec service and is suspicious as being executed maliciously + description: If the process was executed by PsExec service and is suspicious as being executed maliciously. name: maliciousPsExec predefined: - 'true' @@ -141,65 +141,65 @@ script: name: cybereason-query-processes outputs: - contextPath: Cybereason.Process.Name - description: The process name + description: The process name. type: Unknown - contextPath: Cybereason.Process.Malicious - description: Malicious status of the process + description: Malicious status of the process. type: Unknown - contextPath: Cybereason.Process.CreationTime - description: The process creation time + description: The process creation time. type: Unknown - contextPath: Cybereason.Process.EndTime - description: The process end time + description: The process end time. type: Unknown - contextPath: Cybereason.Process.CommandLine - description: The command line of the process + description: The command line of the process. type: Unknown - contextPath: Cybereason.Process.SignedAndVerified - description: Is the process signed and verified + description: Is the process signed and verified. type: Unknown - contextPath: Cybereason.Process.ProductType - description: The product type + description: The product type. type: Unknown - contextPath: Cybereason.Process.Children - description: Children of the process + description: Children of the process. type: Unknown - contextPath: Cybereason.Process.Parent - description: The parent process + description: The parent process. type: Unknown - contextPath: Cybereason.Process.OwnerMachine - description: The machine's hostname + description: The machine's hostname. type: Unknown - contextPath: Cybereason.Process.User - description: The user who ran the process + description: The user who ran the process. type: Unknown - contextPath: Cybereason.Process.ImageFile - description: Image file of the process + description: Image file of the process. type: Unknown - contextPath: Cybereason.Process.SHA1 - description: SHA1 of the process file + description: SHA1 of the process file. type: Unknown - contextPath: Cybereason.Process.MD5 - description: MD5 of the process file + description: MD5 of the process file. type: Unknown - contextPath: Cybereason.Process.CompanyName - description: The company's name + description: The company's name. type: Unknown - contextPath: Cybereason.Process.ProductName - description: The product's name + description: The product's name. type: Unknown - arguments: - description: The hostname of the machine to check. name: machine required: true - description: Checks if the machine is currently connected to the Cybereason server + description: Checks if the machine is currently connected to the Cybereason server. name: cybereason-is-probe-connected outputs: - contextPath: Cybereason.Machine.isConnected - description: true if machine is connected, else false + description: true if machine is connected, else false. type: boolean - contextPath: Cybereason.Machine.Name - description: Machine name + description: Machine name. type: string - arguments: - description: Filter connections which contain this IP (in or out). @@ -217,70 +217,70 @@ script: name: cybereason-query-connections outputs: - contextPath: Cybereason.Connection.Name - description: The connection's name + description: The connection's name. type: Unknown - contextPath: Cybereason.Connection.Direction - description: OUTGOING/INCOMING + description: OUTGOING/INCOMING. type: Unknown - contextPath: Cybereason.Connection.ServerAddress - description: Address of the Cybereason machine + description: Address of the Cybereason machine. type: Unknown - contextPath: Cybereason.Connection.ServerPort - description: Port of the Cybereason machine + description: Port of the Cybereason machine. type: Unknown - contextPath: Cybereason.Connection.PortType - description: Type of the connection + description: Type of the connection. type: Unknown - contextPath: Cybereason.Connection.ReceivedBytes - description: Received bytes count + description: Received bytes count. type: Unknown - contextPath: Cybereason.Connection.TransmittedBytes - description: Transmitted bytes count + description: Transmitted bytes count. type: Unknown - contextPath: Cybereason.Connection.RemoteCountry - description: The connection's remote country + description: The connection's remote country. type: Unknown - contextPath: Cybereason.Connection.OwnerMachine - description: The machine's hostname + description: The machine's hostname. type: Unknown - contextPath: Cybereason.Connection.OwnerProcess - description: The process which performed the connection + description: The process which performed the connection. type: Unknown - contextPath: Cybereason.Connection.CreationTime - description: Creation time of the connection + description: Creation time of the connection. type: Unknown - contextPath: Cybereason.Connection.EndTime - description: End time of the connection + description: End time of the connection. type: Unknown - arguments: - default: true - description: Machine name to be isolated + description: Machine name to be isolated. name: machine required: true - description: Isolates a machine that has been infected from the rest of the network + description: Isolates a machine that has been infected from the rest of the network. execution: true name: cybereason-isolate-machine outputs: - contextPath: Cybereason.Machine - description: Machine name + description: Machine name. type: string - contextPath: Cybereason.IsIsolated - description: Is the machine isolated + description: Is the machine isolated. type: boolean - arguments: - default: true - description: Machine name to be un-isolated + description: Machine name to be un-isolated. name: machine required: true - description: Stops isolation of a machine + description: Stops isolation of a machine. execution: true name: cybereason-unisolate-machine outputs: - contextPath: Cybereason.Machine - description: Machine name + description: Machine name. type: string - contextPath: Cybereason.IsIsolated - description: Is the machine isolated + description: Is the machine isolated. type: boolean - arguments: - description: Filter to filter response by, given in Cybereason API syntax. @@ -299,9 +299,9 @@ script: - CUSTOM - DETAILS - OVERVIEW - - description: Return all the malops within the last days + - description: Return all the malops within the last days. name: withinLastDays - - description: Malop GUIDs to filter by (Comma separated values supported, e.g. 11.5681864988155542407,11.1773255057963879999) + - description: Malop GUIDs to filter by (Comma separated values supported, e.g. 11.5681864988155542407,11.1773255057963879999). name: malopGuid description: Returns a list of all Malops and details on the Malops. name: cybereason-query-malops @@ -319,94 +319,94 @@ script: description: Link to the Malop on Cybereason. type: string - contextPath: Cybereason.Malops.Suspects - description: Malop suspect type and name + description: Malop suspect type and name. type: string - contextPath: Cybereason.Malops.LastUpdatedTime - description: Last updated time of malop + description: Last updated time of malop. type: string - contextPath: Cybereason.Malops.AffectedMachine - description: List of machines affected by this Malop + description: List of machines affected by this Malop. type: string - contextPath: Cybereason.Malops.InvolvedHash - description: List of file hashes involved in this Malop + description: List of file hashes involved in this Malop. type: string - contextPath: Cybereason.Malops.Status - description: Malop managemant status + description: Malop managemant status. type: string - arguments: - - description: Array of malop GUIDs separated by comma. (Malop GUID can be retrieved with the command cybereason-query-malops command) + - description: Array of malop GUIDs separated by comma. (Malop GUID can be retrieved with the command cybereason-query-malops command). name: malopGuids required: true - - description: Machine names which were affected by malop. Comma separated values supported (e.g., machine1,machine2) + - description: Machine names which were affected by malop. Comma separated values supported (e.g., machine1,machine2). name: machineName - description: Starting Date and Time to filter the Processes based on their creation date. The format for the input is ("YYYY/MM/DD HH:MM:SS"). name: dateTime - description: Returns a list of malops + description: Returns a list of malops. name: cybereason-malop-processes outputs: - contextPath: Cybereason.Process.Name - description: The process name + description: The process name. type: string - contextPath: Cybereason.Process.Malicious - description: Malicious status of the process + description: Malicious status of the process. type: Unknown - contextPath: Cybereason.Process.CreationTime - description: The process creation time + description: The process creation time. type: date - contextPath: Cybereason.Process.EndTime - description: The process end time + description: The process end time. type: date - contextPath: Cybereason.Process.CommandLine - description: The command line of the process + description: The command line of the process. type: string - contextPath: Cybereason.Process.SignedAndVerified - description: Is the process signed and verified + description: Is the process signed and verified. type: Unknown - contextPath: Cybereason.Process.ProductType - description: The product type + description: The product type. type: Unknown - contextPath: Cybereason.Process.Children - description: Children of the process + description: Children of the process. type: Unknown - contextPath: Cybereason.Process.Parent - description: The parent process + description: The parent process. type: Unknown - contextPath: Cybereason.Process.OwnerMachine - description: The machine's hostname + description: The machine's hostname. type: Unknown - contextPath: Cybereason.Process.User - description: The user who ran the process + description: The user who ran the process. type: string - contextPath: Cybereason.Process.ImageFile - description: Image file of the process + description: Image file of the process. type: Unknown - contextPath: Cybereason.Process.SHA1 - description: SHA1 of the process file + description: SHA1 of the process file. type: string - contextPath: Cybereason.Process.MD5 - description: MD5 of the process file + description: MD5 of the process file. type: string - contextPath: Cybereason.Process.CompanyName - description: The company's name + description: The company's name. type: string - contextPath: Cybereason.Process.ProductName - description: The product's name + description: The product's name. type: string - arguments: - - description: Comment to add to the malop + - description: Comment to add to the malop. name: comment required: true - - description: Malop GUID to add comment to. (Malop GUID can be retrieved with the command cybereason-query-malops command) + - description: Malop GUID to add comment to. (Malop GUID can be retrieved with the command cybereason-query-malops command). name: malopGuid required: true - description: Add new comment to malop + description: Add new comment to malop. name: cybereason-add-comment - arguments: - - description: Malop GUID to update its status + - description: Malop GUID to update its status. name: malopGuid required: true - auto: PREDEFINED - description: Status to update + description: Status to update. name: status predefined: - To Review @@ -415,312 +415,312 @@ script: - Not Relevant - Open required: true - description: Updates malop status + description: Updates malop status. name: cybereason-update-malop-status outputs: - contextPath: Cybereason.Malops.GUID - description: Malop GUID + description: Malop GUID. type: string - contextPath: Cybereason.Malops.Status - description: 'Malop status: To Review,Unread,Remediated,Not Relevant' + description: 'Malop status: To Review,Unread,Remediated,Not Relevant.' type: string - arguments: - default: true - description: Malop process file MD5 to prevent + description: Malop process file MD5 to prevent. name: md5 required: true - description: Prevent malop process file + description: Prevent malop process file. name: cybereason-prevent-file outputs: - contextPath: Cybereason.Process.MD5 - description: Process file MD5 + description: Process file MD5. type: string - contextPath: Cybereason.Process.Prevent - description: True if process file is prevented, else false + description: True if process file is prevented, else false. type: boolean - arguments: - default: true - description: Malop process file MD5 to unprevent + description: Malop process file MD5 to unprevent. name: md5 required: true - description: Unprevent malop process file + description: Unprevent malop process file. name: cybereason-unprevent-file outputs: - contextPath: Cybereason.Process.MD5 - description: Process file MD5 + description: Process file MD5. type: string - contextPath: Cybereason.Process.Prevent - description: True if process file is prevented, else false + description: True if process file is prevented, else false. type: boolean - arguments: - default: true - description: File hash (SHA-1 and MD5 supported) + description: File hash (SHA-1 and MD5 supported). name: file_hash required: true - description: Query files as part of investigation + description: Query files as part of investigation. name: cybereason-query-file outputs: - contextPath: Cybereason.File.Path - description: File path + description: File path. type: string - contextPath: Cybereason.File.SHA1 - description: File SHA-1 hash + description: File SHA-1 hash. type: string - contextPath: Cybereason.File.Machine - description: Machine name on which file is located + description: Machine name on which file is located. type: string - contextPath: Cybereason.File.SuspicionsCount - description: File suspicions count + description: File suspicions count. type: number - contextPath: Cybereason.File.Name - description: File name + description: File name. type: string - contextPath: Cybereason.File.CreationTime - description: File creation time + description: File creation time. type: date - contextPath: Cybereason.File.Suspicion - description: File suspicions object of suspicion as key and detected date as value + description: File suspicions object of suspicion as key and detected date as value. type: string - contextPath: Cybereason.File.OSVersion - description: Machine OS version on which file is located + description: Machine OS version on which file is located. type: string - contextPath: Cybereason.File.ModifiedTime - description: File modified date + description: File modified date. type: date - contextPath: Cybereason.File.Malicious - description: Is file malicious + description: Is file malicious. type: boolean - contextPath: Cybereason.File.Company - description: Company name + description: Company name. type: string - contextPath: Cybereason.File.MD5 - description: File MD5 hash + description: File MD5 hash. type: string - contextPath: Cybereason.File.IsConnected - description: Is machine connected to Cybereason + description: Is machine connected to Cybereason. type: boolean - contextPath: Cybereason.File.Signed - description: Is file signed + description: Is file signed. type: boolean - contextPath: Cybereason.File.Evidence - description: File evidences + description: File evidences. type: string - arguments: - default: true - description: Domain to query + description: Domain to query. name: domain required: true - description: Query domains as part of investigation + description: Query domains as part of investigation. name: cybereason-query-domain outputs: - contextPath: Cybereason.Domain.Name - description: Domain name + description: Domain name. type: string - contextPath: Cybereason.Domain.Malicious - description: Is domain malicious + description: Is domain malicious. type: boolean - contextPath: Cybereason.Domain.IsInternalDomain - description: Is domain internal + description: Is domain internal. type: boolean - contextPath: Cybereason.Domain.Reputation - description: Domain reputation + description: Domain reputation. type: string - contextPath: Cybereason.Domain.SuspicionsCount - description: Domain suspicions count + description: Domain suspicions count. type: number - contextPath: Cybereason.Domain.WasEverResolved - description: Was domain ever resolved + description: Was domain ever resolved. type: boolean - contextPath: Cybereason.Domain.WasEverResolvedAsASecondLevelDomain - description: Was domain ever resolved as a second level domain + description: Was domain ever resolved as a second level domain. type: boolean - arguments: - default: true - description: Username to query + description: Username to query. name: username required: true - description: Query users as part of investigation + description: Query users as part of investigation. name: cybereason-query-user outputs: - contextPath: Cybereason.User.Username - description: User name + description: User name. type: string - contextPath: Cybereason.User.Domain - description: User domain + description: User domain. type: string - contextPath: Cybereason.User.LastMachineLoggedInTo - description: Last machine which user logged in to + description: Last machine which user logged in to. type: string - contextPath: Cybereason.User.LocalSystem - description: Is local system + description: Is local system. type: boolean - contextPath: Cybereason.User.Organization - description: User organization + description: User organization. type: string - arguments: - - description: Malop GUID for fetching a file from a sensor to download + - description: Malop GUID for fetching a file from a sensor to download. name: malopGUID required: true - - description: The complete Cybereason user name string for the user performing the request + - description: The complete Cybereason user name string for the user performing the request. name: userName required: true - description: Start fetching the file to download + description: Start fetching the file to download. name: cybereason-start-fetchfile - arguments: - default: true - description: Malop GUID to know the progress for downloading a file + description: Malop GUID to know the progress for downloading a file. name: malopGuid required: true - description: Return a batch id for files waiting for download + description: Return a batch id for files waiting for download. name: cybereason-fetchfile-progress outputs: - contextPath: Cybereason.Download.Progress.fileName - description: Filename for tha given malop + description: Filename for tha given malop. type: string - contextPath: Cybereason.Download.Progress.status - description: Status for batch ID + description: Status for batch ID. type: boolean - contextPath: Cybereason.Download.Progress.batchID - description: Unique batch id + description: Unique batch id. type: Unknown - arguments: - default: true - description: The batch id for the file download operation + description: The batch id for the file download operation. name: batchID required: true - description: Downloads the actual file to the machine + description: Downloads the actual file to the machine. name: cybereason-download-file - arguments: - default: true - description: The batch id to abort a file download operation + description: The batch id to abort a file download operation. name: batchID required: true - description: Aborts a file download operation that is in progress + description: Aborts a file download operation that is in progress. name: cybereason-close-file-batch-id - arguments: - - description: The unique ID assigned by the Cybereason platform for the Malop + - description: The unique ID assigned by the Cybereason platform for the Malop. name: malopGuid required: true - description: Get all remediation action details whatever available for that malop + description: Get all remediation action details whatever available for that malop. name: cybereason-available-remediation-actions - arguments: - - description: The unique ID assigned by the Cybereason platform for the Malop + - description: The unique ID assigned by the Cybereason platform for the Malop. name: malopGuid required: true - - description: Machine name to kill the process + - description: Machine name to kill the process. name: machine required: true - - description: Target ID to kill the process + - description: Target ID to kill the process. name: targetId required: true - - description: The complete Cybereason user name string for the user performing the request + - description: The complete Cybereason user name string for the user performing the request. name: userName required: true - - description: Comment to add to the malop + - description: Comment to add to the malop. name: comment - description: Kill a processes for the malicious file. (User will get inputs by executing the 'cybereason-available-remediation-actions' command if this remediation action is available for that Malop) + description: Kill a processes for the malicious file. (User will get inputs by executing the 'cybereason-available-remediation-actions' command if this remediation action is available for that Malop). name: cybereason-kill-process - arguments: - - description: The unique ID assigned by the Cybereason platform for the Malop + - description: The unique ID assigned by the Cybereason platform for the Malop. name: malopGuid required: true - - description: Machine name to quarantine a file + - description: Machine name to quarantine a file. name: machine required: true - - description: Target ID to quarantine a file + - description: Target ID to quarantine a file. name: targetId required: true - - description: The complete Cybereason user name string for the user performing the request + - description: The complete Cybereason user name string for the user performing the request. name: userName required: true - - description: Comment to add to the malop + - description: Comment to add to the malop. name: comment - description: Quarantine the detected malicious file in a secure location. (User will get inputs by executing the 'cybereason-available-remediation-actions' command if this remediation action is available for that Malop) + description: Quarantine the detected malicious file in a secure location. (User will get inputs by executing the 'cybereason-available-remediation-actions' command if this remediation action is available for that Malop). name: cybereason-quarantine-file - arguments: - - description: The unique ID assigned by the Cybereason platform for the Malop + - description: The unique ID assigned by the Cybereason platform for the Malop. name: malopGuid required: true - - description: Machine name to unquarantine a file + - description: Machine name to unquarantine a file. name: machine required: true - - description: Target ID to unquarantine a file + - description: Target ID to unquarantine a file. name: targetId required: true - - description: The complete Cybereason user name string for the user performing the request + - description: The complete Cybereason user name string for the user performing the request. name: userName required: true - - description: Comment to add to the malop + - description: Comment to add to the malop. name: comment - description: Unquarantine the detected malicious file in a secure location. (User will get inputs by executing the 'cybereason-available-remediation-actions' command if this remediation action is available for that Malop) + description: Unquarantine the detected malicious file in a secure location. (User will get inputs by executing the 'cybereason-available-remediation-actions' command if this remediation action is available for that Malop). name: cybereason-unquarantine-file - arguments: - - description: The unique ID assigned by the Cybereason platform for the Malop + - description: The unique ID assigned by the Cybereason platform for the Malop. name: malopGuid required: true - - description: Machine name whose files needs to be blocked + - description: Machine name whose files needs to be blocked. name: machine required: true - - description: Target ID of file to be blocked + - description: Target ID of file to be blocked. name: targetId required: true - - description: The complete Cybereason user name string for the user performing the request + - description: The complete Cybereason user name string for the user performing the request. name: userName required: true - - description: Comment to add to the malop + - description: Comment to add to the malop. name: comment - description: Block a file only in particular machine. (User will get inputs by executing the 'cybereason-available-remediation-actions' command if this remediation action is available for that Malop) + description: Block a file only in particular machine. (User will get inputs by executing the 'cybereason-available-remediation-actions' command if this remediation action is available for that Malop). name: cybereason-block-file - arguments: - - description: The unique ID assigned by the Cybereason platform for the Malop + - description: The unique ID assigned by the Cybereason platform for the Malop. name: malopGuid required: true - - description: Machine name to delete the registry key + - description: Machine name to delete the registry key. name: machine required: true - - description: Target ID to delete the registry key + - description: Target ID to delete the registry key. name: targetId required: true - - description: The complete Cybereason user name string for the user performing the request + - description: The complete Cybereason user name string for the user performing the request. name: userName required: true - - description: Comment to add to the malop + - description: Comment to add to the malop. name: comment - description: Delete a registry entry associated with a malicious process. (User will get inputs by executing the 'cybereason-available-remediation-actions' command if this remediation action is available for that Malop) + description: Delete a registry entry associated with a malicious process. (User will get inputs by executing the 'cybereason-available-remediation-actions' command if this remediation action is available for that Malop). name: cybereason-delete-registry-key - arguments: - - description: The unique ID assigned by the Cybereason platform for the Malop + - description: The unique ID assigned by the Cybereason platform for the Malop. name: malopGuid required: true - - description: Machine name to prevent detected ransomware from running on the machine + - description: Machine name to prevent detected ransomware from running on the machine. name: machine required: true - - description: Target ID to prevent detected ransomware from running on the machine + - description: Target ID to prevent detected ransomware from running on the machine. name: targetId required: true - - description: The complete Cybereason user name string for the user performing the request + - description: The complete Cybereason user name string for the user performing the request. name: userName required: true - - description: Comment to add to the malop + - description: Comment to add to the malop. name: comment - description: Prevent detected ransomware from running on the machine. (User will get inputs by executing the 'cybereason-available-remediation-actions' command if this remediation action is available for that Malop) + description: Prevent detected ransomware from running on the machine. (User will get inputs by executing the 'cybereason-available-remediation-actions' command if this remediation action is available for that Malop). name: cybereason-kill-prevent-unsuspend - arguments: - - description: The unique ID assigned by the Cybereason platform for the Malop + - description: The unique ID assigned by the Cybereason platform for the Malop. name: malopGuid required: true - - description: Machine name to prevent a file associated with ransomware + - description: Machine name to prevent a file associated with ransomware. name: machine required: true - - description: Target ID to prevent a file associated with ransomware + - description: Target ID to prevent a file associated with ransomware. name: targetId required: true - - description: The complete Cybereason user name string for the user performing the request + - description: The complete Cybereason user name string for the user performing the request. name: userName required: true - - description: Comment to add to the malop + - description: Comment to add to the malop. name: comment - description: Prevent a file associated with ransomware. (User will get inputs by executing the 'cybereason-available-remediation-actions' command if this remediation action is available for that Malop) + description: Prevent a file associated with ransomware. (User will get inputs by executing the 'cybereason-available-remediation-actions' command if this remediation action is available for that Malop). name: cybereason-unsuspend-process - arguments: - description: Filter for Fetching Malwares by Malware needsAttention. @@ -738,7 +738,7 @@ script: - description: Filter for Fetching Malwares by Malware Limit. name: limit required: true - description: Malware query with options and values to filter + description: Malware query with options and values to filter. name: cybereason-malware-query - arguments: - description: Sensor ID of a sensor. (Comma separated values supported.) @@ -770,7 +770,7 @@ script: script: '-' type: python subtype: python3 - dockerimage: demisto/python3:3.10.13.72123 + dockerimage: demisto/python3:3.10.13.78960 tests: - Cybereason Test fromversion: 5.0.0 diff --git a/Packs/Cybereason/ReleaseNotes/2_1_13.md b/Packs/Cybereason/ReleaseNotes/2_1_13.md new file mode 100644 index 000000000000..5d2108352e2e --- /dev/null +++ b/Packs/Cybereason/ReleaseNotes/2_1_13.md @@ -0,0 +1,6 @@ + +#### Integrations + +##### Cybereason + +- Updated the Docker image to: *demisto/python3:3.10.13.78960*. diff --git a/Packs/Cybereason/pack_metadata.json b/Packs/Cybereason/pack_metadata.json index 82f7a6e2b7ea..0dc29ce6aca9 100644 --- a/Packs/Cybereason/pack_metadata.json +++ b/Packs/Cybereason/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Cybereason", "description": "Endpoint detection and response to manage and query malops, connections and processes.", "support": "partner", - "currentVersion": "2.1.12", + "currentVersion": "2.1.13", "author": "Cybereason", "url": "https://nest.cybereason.com/", "email": "support@cybereason.com", diff --git a/Packs/EmailCommunication/ReleaseNotes/2_0_13.md b/Packs/EmailCommunication/ReleaseNotes/2_0_13.md new file mode 100644 index 000000000000..bcdaefee798a --- /dev/null +++ b/Packs/EmailCommunication/ReleaseNotes/2_0_13.md @@ -0,0 +1,6 @@ + +#### Scripts + +##### SendEmailReply + +- Updated the Docker image to: *demisto/python3:3.10.13.78960*. diff --git a/Packs/EmailCommunication/Scripts/SendEmailReply/SendEmailReply.py b/Packs/EmailCommunication/Scripts/SendEmailReply/SendEmailReply.py index 73e3c40ca0be..75a4dc7d34af 100644 --- a/Packs/EmailCommunication/Scripts/SendEmailReply/SendEmailReply.py +++ b/Packs/EmailCommunication/Scripts/SendEmailReply/SendEmailReply.py @@ -812,7 +812,7 @@ def collect_thread_details(incident_email_threads, email_selected_thread): # Keep track of the last processed list position last_thread_processed = idx - return thread_found, reply_to_message_id, outbound_only, reply_code, reply_subject, reply_recipients,\ + return thread_found, reply_to_message_id, outbound_only, reply_code, reply_subject, reply_recipients, \ reply_mailbox, thread_cc, thread_bcc, last_thread_processed @@ -870,7 +870,7 @@ def multi_thread_reply(new_email_body, incident_id, email_selected_thread, new_e elif type(incident_email_threads) == list: # Process existing thread entries in this email chain to gather re-usable data for new message thread_found, reply_to_message_id, outbound_only, reply_code, reply_subject, reply_recipients, \ - reply_mailbox, thread_cc, thread_bcc,\ + reply_mailbox, thread_cc, thread_bcc, \ last_thread_processed = collect_thread_details(incident_email_threads, email_selected_thread) if thread_found is False: diff --git a/Packs/EmailCommunication/Scripts/SendEmailReply/SendEmailReply.yml b/Packs/EmailCommunication/Scripts/SendEmailReply/SendEmailReply.yml index 3258519738cf..07197f6586ab 100644 --- a/Packs/EmailCommunication/Scripts/SendEmailReply/SendEmailReply.yml +++ b/Packs/EmailCommunication/Scripts/SendEmailReply/SendEmailReply.yml @@ -1,17 +1,17 @@ args: - defaultValue: ${File} - description: Files + description: Files. isArray: true name: files - defaultValue: ${incident.attachment} - description: Attachment + description: Attachment. isArray: true name: attachment - defaultValue: description: The mailbox from which emails are sent from the 3rd party integration. name: service_mail - name: mail_sender_instance - description: Name of the mail sender instance name for transmitting emails + description: Name of the mail sender instance name for transmitting emails. defaultValue: - name: new_thread auto: PREDEFINED @@ -19,7 +19,7 @@ args: - 'true' - 'false' - n/a - description: Specify whether to reply to an existing thread or start a new one. Default value of 'n/a' is for 'Email Communication' type incidents only + description: Specify whether to reply to an existing thread or start a new one. Default value of 'n/a' is for 'Email Communication' type incidents only. defaultValue: n/a - name: subject_include_incident_id description: Include the Incident ID within the email subject. @@ -46,7 +46,7 @@ subtype: python3 system: true type: python fromversion: 5.0.0 -dockerimage: demisto/python3:3.10.12.68300 +dockerimage: demisto/python3:3.10.13.78960 tests: - No tests (auto formatted) contentitemexportablefields: diff --git a/Packs/EmailCommunication/pack_metadata.json b/Packs/EmailCommunication/pack_metadata.json index d34a39203c2c..e4336a6b903d 100644 --- a/Packs/EmailCommunication/pack_metadata.json +++ b/Packs/EmailCommunication/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Email Communication", "description": "Do you have to send multiple emails to end users? This content pack helps you streamline the process and automate updates, notifications and more.\n", "support": "xsoar", - "currentVersion": "2.0.12", + "currentVersion": "2.0.13", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "videos": [ diff --git a/Packs/McAfee-TIE/Integrations/McAfeeTIEV2/McAfeeTIEV2.py b/Packs/McAfee-TIE/Integrations/McAfeeTIEV2/McAfeeTIEV2.py index 3c96e1ce6092..a1369765b695 100644 --- a/Packs/McAfee-TIE/Integrations/McAfeeTIEV2/McAfeeTIEV2.py +++ b/Packs/McAfee-TIE/Integrations/McAfeeTIEV2/McAfeeTIEV2.py @@ -7,7 +7,7 @@ from dxlclient.broker import Broker from dxltieclient import TieClient from typing import NamedTuple -from dxltieclient.constants import FileReputationProp, FileGtiAttrib, FileEnterpriseAttrib, AtdAttrib, TrustLevel,\ +from dxltieclient.constants import FileReputationProp, FileGtiAttrib, FileEnterpriseAttrib, AtdAttrib, TrustLevel, \ HashType, EnterpriseAttrib, FileProvider, FirstRefProp, AtdTrustLevel VENDOR_NAME = 'McAfee Threat Intelligence Exchange' @@ -520,8 +520,8 @@ def create_temp_credentials(temp_file: tempfile._TemporaryFileWrapper, data_to_w @contextlib.contextmanager def create_dxl_config(instance_cert: InstanceCertificates) -> DxlClientConfig: - with tempfile.NamedTemporaryFile(mode='w+', dir='./', suffix='.crt') as broker_certs_file,\ - tempfile.NamedTemporaryFile(mode='w+', dir='./', suffix='.crt') as client_cert_file,\ + with tempfile.NamedTemporaryFile(mode='w+', dir='./', suffix='.crt') as broker_certs_file, \ + tempfile.NamedTemporaryFile(mode='w+', dir='./', suffix='.crt') as client_cert_file, \ tempfile.NamedTemporaryFile(mode='w+', dir='./', suffix='.key') as private_key_file: broker_certs_file.delete create_temp_credentials(broker_certs_file, instance_cert.broker_ca_bundle) diff --git a/Packs/McAfee-TIE/Integrations/McAfeeTIEV2/McAfeeTIEV2.yml b/Packs/McAfee-TIE/Integrations/McAfeeTIEV2/McAfeeTIEV2.yml index 00ddd33a77f9..cb17fba190f9 100644 --- a/Packs/McAfee-TIE/Integrations/McAfeeTIEV2/McAfeeTIEV2.yml +++ b/Packs/McAfee-TIE/Integrations/McAfeeTIEV2/McAfeeTIEV2.yml @@ -272,7 +272,7 @@ script: - contextPath: McAfee.TIE.FilesReferences.Hash description: The value of the hash. type: String - dockerimage: demisto/dxl:1.0.0.73187 + dockerimage: demisto/dxl:1.0.0.78624 runonce: false script: "-" subtype: python3 diff --git a/Packs/McAfee-TIE/ReleaseNotes/2_0_15.md b/Packs/McAfee-TIE/ReleaseNotes/2_0_15.md new file mode 100644 index 000000000000..cda894f42552 --- /dev/null +++ b/Packs/McAfee-TIE/ReleaseNotes/2_0_15.md @@ -0,0 +1,6 @@ + +#### Integrations + +##### McAfee Threat Intelligence Exchange v2 + +- Updated the Docker image to: *demisto/dxl:1.0.0.78624*. diff --git a/Packs/McAfee-TIE/pack_metadata.json b/Packs/McAfee-TIE/pack_metadata.json index bb342e576d47..45f2496d690c 100644 --- a/Packs/McAfee-TIE/pack_metadata.json +++ b/Packs/McAfee-TIE/pack_metadata.json @@ -2,7 +2,7 @@ "name": "McAfee Threat Intelligence Exchange", "description": "Connect to McAfee TIE using the McAfee DXL client.", "support": "xsoar", - "currentVersion": "2.0.14", + "currentVersion": "2.0.15", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "",