-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deprecate 'Get endpoint details - Generic' Playbook #31196
Merged
TalNos
merged 6 commits into
master
from
Deprecate_the_'Get_endpoint_details_-_Generic'_Playbook
Nov 30, 2023
Merged
Deprecate 'Get endpoint details - Generic' Playbook #31196
TalNos
merged 6 commits into
master
from
Deprecate_the_'Get_endpoint_details_-_Generic'_Playbook
Nov 30, 2023
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ssokolovich
approved these changes
Nov 29, 2023
TalNos
deleted the
Deprecate_the_'Get_endpoint_details_-_Generic'_Playbook
branch
November 30, 2023 12:31
sapirshuker
pushed a commit
that referenced
this pull request
Dec 21, 2023
* Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]>
AradCarmi
added a commit
that referenced
this pull request
Dec 27, 2023
…ostname * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * Possible solution * Possible solution * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]>
maimorag
pushed a commit
that referenced
this pull request
Dec 28, 2023
…ostname * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * Possible solution * Possible solution * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]>
maimorag
pushed a commit
that referenced
this pull request
Dec 31, 2023
…ostname * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * Possible solution * Possible solution * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]>
maimorag
pushed a commit
that referenced
this pull request
Dec 31, 2023
…ostname * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * Possible solution * Possible solution * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]>
RotemAmit
added a commit
that referenced
this pull request
Jan 3, 2024
…eate it before Set-Location (#31524) * [fileResult] - fix issue with special strings (#31126) * [fileResult] - fix issue with special strings * bump rn * log if ../ is in path * validate file-name is string * add unit-test * bump rn * Rapid7 - Threat Command (IntSights) pack release 3.1.0 (#30954) (#31133) * Changes related to Rapid7 - Threat Command (IntSights) pack release: 3.1.0 * resolved validation errors * Updated the release notes as per the comments * Updated the tab name for the Threat Command Layout --------- Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Adi Daud <[email protected]> * add e2e tests for xsoar-saas (#30231) * add xsoar_ng_end_to_end_job * unify end_to_end and write edl basic test * add file * fix some rules * setup and teardown for xsoar_ng e2e * update readme * conftest changes * update end_to_end_tests script * test enhancments * fix * debug issues * lock * collect tests * lock * lock * try without xsoar * lock * enhance tests and lock * install e2e nessecary packs * add packs in shell * install only specific packs in xsoar-saas * README.md * install hardcoded packs * update * fix collect tests issues * add REASONS_ALLOWING_NO_ID_SET_OR_CONF * fix is_nightly * fail when exit code != 0 * send integration params path as input * enhance e2e echo message * lock * fix get_integration_params * lock2 * sleep * unlock machine sleep + taxii2 server * fix unlock machine * fix " * fixes * sleep in test 2 hours * poetry lock * edl size = 10 * update edl size loc * use new instance * log instance name * existing name * revert poetry * poetry based on latest master * update job to fit newer version * lock * state its long running * try with long-running=true * implement taxii2-server e2e test * pre-commit fixes * add headers * lock * move func to tools.py as its general * docstrings * add support for do_long_running in xsoar_client * docstring * slack sdk * add slack-ask test * test slack ask playbook * add qradar mirroring test * update README and add support for env vars * docstrings * enhancments * update .gitignore * do not make xsoar_ng a package * excplicit implementation * add test_xdr_env * add docstrings * pre-commit * update slackask playbook path * query qradar playbook state before closing offense * assert investigation id * increase playbook query & sleep 5 minutes taxii * merge xsoar_ng_end_to_end to test content * some fixes * make nightly * end-to-end tests inside .run-tests section * try to fix syntax issue * log playbook failure reasons * add support for sourceInstanceName * remove delete context from slack * pre commit * pre-commit * try to fix taxii2 server bug * update taxii2 server test * sleep * comment out waiting for playbook qradar * sleep in case of error taxii2 * qradar * revert taxii2 server + qradar * assert true * revert * update context managers * pre-commit fixes * add logs * create instance update * create folders for content e2e tests * make fixture named xsoar_saas_client * get integration name to func Please enter the commit message for your changes. Lines starting * fixes * pre-commit * export context managers to client_utils * update xsiam e2e to use new client * update readmes * client utils fixes * change log name * add junit support * implement results support for e2e * change name * run e2e in current branch * update job names * update collect tests for testing * do not exit if e2e tests fail * use artifacts folder * fix context * save playbook - change client name * remove playbook for testing * add fi * make e2e test summary to run * ls * try now * change path * file test name * run also playbook results * change log to error * fix syntax error * update get_file to use new file service * remove import * pre-commit * update retry import * do not skip qradar test if incident cannot be found * judah's cr * koby cr * update result names * Empty-Commit * remove irrelevant logs * cr fixes * server_test_reulst renaming * change end_to_end to e2e * revert current job names * add .e2e_test_results job * remove e2e from test_playbooks_results * filter only if nightly * try to ignore pre-commit error * change rules * fix * test * xsoar saas * try now * fix * xsoar-saas e2e job * add conftest * add conftest * add xsoar-saas readme to avoid trigger test-upload * port * Empty-Commit * test integrations * do not test qradar module * Empty-Commit * Empty-Commit * retry on different ports for taxii2-test * remove get json response from taxii2 test * adjust to nightly * pre-commit * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * minor fixes for description * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Add Symantec MSS to ignored items (#31296) * [XSUP 30870] Added full fields option for cs-actors and cs-reports commands (#31271) * Added th…
maimorag
added a commit
that referenced
this pull request
Jan 7, 2024
…eate it before Set-Location (#31524) * [fileResult] - fix issue with special strings (#31126) * [fileResult] - fix issue with special strings * bump rn * log if ../ is in path * validate file-name is string * add unit-test * bump rn * Rapid7 - Threat Command (IntSights) pack release 3.1.0 (#30954) (#31133) * Changes related to Rapid7 - Threat Command (IntSights) pack release: 3.1.0 * resolved validation errors * Updated the release notes as per the comments * Updated the tab name for the Threat Command Layout --------- Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Adi Daud <[email protected]> * add e2e tests for xsoar-saas (#30231) * add xsoar_ng_end_to_end_job * unify end_to_end and write edl basic test * add file * fix some rules * setup and teardown for xsoar_ng e2e * update readme * conftest changes * update end_to_end_tests script * test enhancments * fix * debug issues * lock * collect tests * lock * lock * try without xsoar * lock * enhance tests and lock * install e2e nessecary packs * add packs in shell * install only specific packs in xsoar-saas * README.md * install hardcoded packs * update * fix collect tests issues * add REASONS_ALLOWING_NO_ID_SET_OR_CONF * fix is_nightly * fail when exit code != 0 * send integration params path as input * enhance e2e echo message * lock * fix get_integration_params * lock2 * sleep * unlock machine sleep + taxii2 server * fix unlock machine * fix " * fixes * sleep in test 2 hours * poetry lock * edl size = 10 * update edl size loc * use new instance * log instance name * existing name * revert poetry * poetry based on latest master * update job to fit newer version * lock * state its long running * try with long-running=true * implement taxii2-server e2e test * pre-commit fixes * add headers * lock * move func to tools.py as its general * docstrings * add support for do_long_running in xsoar_client * docstring * slack sdk * add slack-ask test * test slack ask playbook * add qradar mirroring test * update README and add support for env vars * docstrings * enhancments * update .gitignore * do not make xsoar_ng a package * excplicit implementation * add test_xdr_env * add docstrings * pre-commit * update slackask playbook path * query qradar playbook state before closing offense * assert investigation id * increase playbook query & sleep 5 minutes taxii * merge xsoar_ng_end_to_end to test content * some fixes * make nightly * end-to-end tests inside .run-tests section * try to fix syntax issue * log playbook failure reasons * add support for sourceInstanceName * remove delete context from slack * pre commit * pre-commit * try to fix taxii2 server bug * update taxii2 server test * sleep * comment out waiting for playbook qradar * sleep in case of error taxii2 * qradar * revert taxii2 server + qradar * assert true * revert * update context managers * pre-commit fixes * add logs * create instance update * create folders for content e2e tests * make fixture named xsoar_saas_client * get integration name to func Please enter the commit message for your changes. Lines starting * fixes * pre-commit * export context managers to client_utils * update xsiam e2e to use new client * update readmes * client utils fixes * change log name * add junit support * implement results support for e2e * change name * run e2e in current branch * update job names * update collect tests for testing * do not exit if e2e tests fail * use artifacts folder * fix context * save playbook - change client name * remove playbook for testing * add fi * make e2e test summary to run * ls * try now * change path * file test name * run also playbook results * change log to error * fix syntax error * update get_file to use new file service * remove import * pre-commit * update retry import * do not skip qradar test if incident cannot be found * judah's cr * koby cr * update result names * Empty-Commit * remove irrelevant logs * cr fixes * server_test_reulst renaming * change end_to_end to e2e * revert current job names * add .e2e_test_results job * remove e2e from test_playbooks_results * filter only if nightly * try to ignore pre-commit error * change rules * fix * test * xsoar saas * try now * fix * xsoar-saas e2e job * add conftest * add conftest * add xsoar-saas readme to avoid trigger test-upload * port * Empty-Commit * test integrations * do not test qradar module * Empty-Commit * Empty-Commit * retry on different ports for taxii2-test * remove get json response from taxii2 test * adjust to nightly * pre-commit * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * minor fixes for description * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Add Symantec MSS to ignored items (#31296) * [XSUP 30870] Added full fields option for cs-actors and cs-reports commands (#31271) * Added th…
RosenbergYehuda
added a commit
that referenced
this pull request
Jan 24, 2024
* [GCP-IAM] - fix proxy issues (#31076) * sent proxy to test-module & log exception * fix proxy issue * remove None * fix * rn * auto pep8 * rn typo * uts * pre-commit * Update Packs/GCP-IAM/ReleaseNotes/1_0_22.md Co-authored-by: Judah Schwartz <[email protected]> * cr fixes --------- Co-authored-by: Judah Schwartz <[email protected]> * Release notes tag parser for all xsoar mp. (#31090) * added xsoar_saas xsoar_on_prem functionallity to the release notes tag parser * pre commit changes * fixed lint whitespace error * Fix EntryID-related issue for scripts (#30979) * Fix zip file issue using polling * Add release-notes * Fix validation errors * Minor fixes and improvements * Update IAMInitADUser automation * Add a warning if `ZipProtectWithPassword` parameter is not being used * Fix typo * `IAMInitADUser` fixes * Bump Docker versions * Apply code review suggestions * Bump Docker version * Remove timeout value from polling parameters (so that the default value will be used) * [CommonServerPython] Fix Polling Failure If `polling` Parameter is Missing (#31111) * Add default value to `args.get()` * Bump version * Update release-notes message * jira ticket creation impovements (#31105) jira ticket creation improvements #31105 * Added Support for Microsoft Graph Single User integration (#30967) * Added Support for Microsoft Graph Single User integration * fix validation * Update 2_0_15.md * Update Packs/EmailCommunication/ReleaseNotes/2_0_15.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: EyalPintzov <[email protected]> * Xdr ioc to keep troubleshoting (#30163) * trouble shooting version * fixed new command yml * some comments * trouble shooting version * fixed new command yml * new ioc_to_keep schedule method * some comments * fix tz error * added RN * fix validation errors * fixup! fix validation errors * added UT * added UT and log * improved path * fixup! improved path * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.py * Added some documentation * Bump pack from version CortexXDR to 6.0.3. * format the yml and update the docker * fixed the bug when updating an already running integration that does not have the key next_icos_to_keep_time in the integration context * docs * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_3.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.yml Co-authored-by: ShirleyDenkberg <[email protected]> * fixed the unit test acording to change in code * fixed the unit test * trim whitespaces --------- Co-authored-by: darbel <[email protected]> Co-authored-by: esharf <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update README.md (#31129) fixed external link * [fileResult] - fix issue with special strings (#31126) * [fileResult] - fix issue with special strings * bump rn * log if ../ is in path * validate file-name is string * add unit-test * bump rn * Rapid7 - Threat Command (IntSights) pack release 3.1.0 (#30954) (#31133) * Changes related to Rapid7 - Threat Command (IntSights) pack release: 3.1.0 * resolved validation errors * Updated the release notes as per the comments * Updated the tab name for the Threat Command Layout --------- Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Adi Daud <[email protected]> * add e2e tests for xsoar-saas (#30231) * add xsoar_ng_end_to_end_job * unify end_to_end and write edl basic test * add file * fix some rules * setup and teardown for xsoar_ng e2e * update readme * conftest changes * update end_to_end_tests script * test enhancments * fix * debug issues * lock * collect tests * lock * lock * try without xsoar * lock * enhance tests and lock * install e2e nessecary packs * add packs in shell * install only specific packs in xsoar-saas * README.md * install hardcoded packs * update * fix collect tests issues * add REASONS_ALLOWING_NO_ID_SET_OR_CONF * fix is_nightly * fail when exit code != 0 * send integration params path as input * enhance e2e echo message * lock * fix get_integration_params * lock2 * sleep * unlock machine sleep + taxii2 server * fix unlock machine * fix " * fixes * sleep in test 2 hours * poetry lock * edl size = 10 * update edl size loc * use new instance * log instance name * existing name * revert poetry * poetry based on latest master * update job to fit newer version * lock * state its long running * try with long-running=true * implement taxii2-server e2e test * pre-commit fixes * add headers * lock * move func to tools.py as its general * docstrings * add support for do_long_running in xsoar_client * docstring * slack sdk * add slack-ask test * test slack ask playbook * add qradar mirroring test * update README and add support for env vars * docstrings * enhancments * update .gitignore * do not make xsoar_ng a package * excplicit implementation * add test_xdr_env * add docstrings * pre-commit * update slackask playbook path * query qradar playbook state before closing offense * assert investigation id * increase playbook query & sleep 5 minutes taxii * merge xsoar_ng_end_to_end to test content * some fixes * make nightly * end-to-end tests inside .run-tests section * try to fix syntax issue * log playbook failure reasons * add support for sourceInstanceName * remove delete context from slack * pre commit * pre-commit * try to fix taxii2 server bug * update taxii2 server test * sleep * comment out waiting for playbook qradar * sleep in case of error taxii2 * qradar * revert taxii2 server + qradar * assert true * revert * update context managers * pre-commit fixes * add logs * create instance update * create folders for content e2e tests * make fixture named xsoar_saas_client * get integration name to func Please enter the commit message for your changes. Lines starting * fixes * pre-commit * export context managers to client_utils * update xsiam e2e to use new client * update readmes * client utils fixes * change log name * add junit support * implement results support for e2e * change name * run e2e in current branch * update job names * update collect tests for testing * do not exit if e2e tests fail * use artifacts folder * fix context * save playbook - change client name * remove playbook for testing * add fi * make e2e test summary to run * ls * try now * change path * file test name * run also playbook results * change log to error * fix syntax error * update get_file to use new file service * remove import * pre-commit * update retry import * do not skip qradar test if incident cannot be found * judah's cr * koby cr * update result names * Empty-Commit * remove irrelevant logs * cr fixes * server_test_reulst renaming * change end_to_end to e2e * revert current job names * add .e2e_test_results job * remove e2e from test_playbooks_results * filter only if nightly * try to ignore pre-commit error * change rules * fix * test * xsoar saas * try now * fix * xsoar-saas e2e job * add conftest * add conftest * add xsoar-saas readme to avoid trigger test-upload * port * Empty-Commit * test integrations * do not test qradar module * Empty-Commit * Empty-Commit * retry on different ports for taxii2-test * remove get json response from taxii2 test * adjust to nightly * pre-commit * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-a…
maimorag
added a commit
that referenced
this pull request
Jan 24, 2024
* [GCP-IAM] - fix proxy issues (#31076) * sent proxy to test-module & log exception * fix proxy issue * remove None * fix * rn * auto pep8 * rn typo * uts * pre-commit * Update Packs/GCP-IAM/ReleaseNotes/1_0_22.md Co-authored-by: Judah Schwartz <[email protected]> * cr fixes --------- Co-authored-by: Judah Schwartz <[email protected]> * Release notes tag parser for all xsoar mp. (#31090) * added xsoar_saas xsoar_on_prem functionallity to the release notes tag parser * pre commit changes * fixed lint whitespace error * Fix EntryID-related issue for scripts (#30979) * Fix zip file issue using polling * Add release-notes * Fix validation errors * Minor fixes and improvements * Update IAMInitADUser automation * Add a warning if `ZipProtectWithPassword` parameter is not being used * Fix typo * `IAMInitADUser` fixes * Bump Docker versions * Apply code review suggestions * Bump Docker version * Remove timeout value from polling parameters (so that the default value will be used) * [CommonServerPython] Fix Polling Failure If `polling` Parameter is Missing (#31111) * Add default value to `args.get()` * Bump version * Update release-notes message * jira ticket creation impovements (#31105) jira ticket creation improvements #31105 * Added Support for Microsoft Graph Single User integration (#30967) * Added Support for Microsoft Graph Single User integration * fix validation * Update 2_0_15.md * Update Packs/EmailCommunication/ReleaseNotes/2_0_15.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: EyalPintzov <[email protected]> * Xdr ioc to keep troubleshoting (#30163) * trouble shooting version * fixed new command yml * some comments * trouble shooting version * fixed new command yml * new ioc_to_keep schedule method * some comments * fix tz error * added RN * fix validation errors * fixup! fix validation errors * added UT * added UT and log * improved path * fixup! improved path * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.py * Added some documentation * Bump pack from version CortexXDR to 6.0.3. * format the yml and update the docker * fixed the bug when updating an already running integration that does not have the key next_icos_to_keep_time in the integration context * docs * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_3.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.yml Co-authored-by: ShirleyDenkberg <[email protected]> * fixed the unit test acording to change in code * fixed the unit test * trim whitespaces --------- Co-authored-by: darbel <[email protected]> Co-authored-by: esharf <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update README.md (#31129) fixed external link * [fileResult] - fix issue with special strings (#31126) * [fileResult] - fix issue with special strings * bump rn * log if ../ is in path * validate file-name is string * add unit-test * bump rn * Rapid7 - Threat Command (IntSights) pack release 3.1.0 (#30954) (#31133) * Changes related to Rapid7 - Threat Command (IntSights) pack release: 3.1.0 * resolved validation errors * Updated the release notes as per the comments * Updated the tab name for the Threat Command Layout --------- Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Adi Daud <[email protected]> * add e2e tests for xsoar-saas (#30231) * add xsoar_ng_end_to_end_job * unify end_to_end and write edl basic test * add file * fix some rules * setup and teardown for xsoar_ng e2e * update readme * conftest changes * update end_to_end_tests script * test enhancments * fix * debug issues * lock * collect tests * lock * lock * try without xsoar * lock * enhance tests and lock * install e2e nessecary packs * add packs in shell * install only specific packs in xsoar-saas * README.md * install hardcoded packs * update * fix collect tests issues * add REASONS_ALLOWING_NO_ID_SET_OR_CONF * fix is_nightly * fail when exit code != 0 * send integration params path as input * enhance e2e echo message * lock * fix get_integration_params * lock2 * sleep * unlock machine sleep + taxii2 server * fix unlock machine * fix " * fixes * sleep in test 2 hours * poetry lock * edl size = 10 * update edl size loc * use new instance * log instance name * existing name * revert poetry * poetry based on latest master * update job to fit newer version * lock * state its long running * try with long-running=true * implement taxii2-server e2e test * pre-commit fixes * add headers * lock * move func to tools.py as its general * docstrings * add support for do_long_running in xsoar_client * docstring * slack sdk * add slack-ask test * test slack ask playbook * add qradar mirroring test * update README and add support for env vars * docstrings * enhancments * update .gitignore * do not make xsoar_ng a package * excplicit implementation * add test_xdr_env * add docstrings * pre-commit * update slackask playbook path * query qradar playbook state before closing offense * assert investigation id * increase playbook query & sleep 5 minutes taxii * merge xsoar_ng_end_to_end to test content * some fixes * make nightly * end-to-end tests inside .run-tests section * try to fix syntax issue * log playbook failure reasons * add support for sourceInstanceName * remove delete context from slack * pre commit * pre-commit * try to fix taxii2 server bug * update taxii2 server test * sleep * comment out waiting for playbook qradar * sleep in case of error taxii2 * qradar * revert taxii2 server + qradar * assert true * revert * update context managers * pre-commit fixes * add logs * create instance update * create folders for content e2e tests * make fixture named xsoar_saas_client * get integration name to func Please enter the commit message for your changes. Lines starting * fixes * pre-commit * export context managers to client_utils * update xsiam e2e to use new client * update readmes * client utils fixes * change log name * add junit support * implement results support for e2e * change name * run e2e in current branch * update job names * update collect tests for testing * do not exit if e2e tests fail * use artifacts folder * fix context * save playbook - change client name * remove playbook for testing * add fi * make e2e test summary to run * ls * try now * change path * file test name * run also playbook results * change log to error * fix syntax error * update get_file to use new file service * remove import * pre-commit * update retry import * do not skip qradar test if incident cannot be found * judah's cr * koby cr * update result names * Empty-Commit * remove irrelevant logs * cr fixes * server_test_reulst renaming * change end_to_end to e2e * revert current job names * add .e2e_test_results job * remove e2e from test_playbooks_results * filter only if nightly * try to ignore pre-commit error * change rules * fix * test * xsoar saas * try now * fix * xsoar-saas e2e job * add conftest * add conftest * add xsoar-saas readme to avoid trigger test-upload * port * Empty-Commit * test integrations * do not test qradar module * Empty-Commit * Empty-Commit * retry on different ports for taxii2-test * remove get json response from taxii2 test * adjust to nightly * pre-commit * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-a…
maimorag
added a commit
that referenced
this pull request
Jan 25, 2024
* fixed HR * empty * file exists in context (#32396) * fixed (#32322) * fixed * test * fixed * Update Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/README.md * Update Packs/MicrosoftGraphFiles/Integrations/MicrosoftGraphFiles/README.md * Apply suggestions from code review * YR/Add-mapping-and-different-authors/CIAC-9166 (#31519) * [GCP-IAM] - fix proxy issues (#31076) * sent proxy to test-module & log exception * fix proxy issue * remove None * fix * rn * auto pep8 * rn typo * uts * pre-commit * Update Packs/GCP-IAM/ReleaseNotes/1_0_22.md Co-authored-by: Judah Schwartz <[email protected]> * cr fixes --------- Co-authored-by: Judah Schwartz <[email protected]> * Release notes tag parser for all xsoar mp. (#31090) * added xsoar_saas xsoar_on_prem functionallity to the release notes tag parser * pre commit changes * fixed lint whitespace error * Fix EntryID-related issue for scripts (#30979) * Fix zip file issue using polling * Add release-notes * Fix validation errors * Minor fixes and improvements * Update IAMInitADUser automation * Add a warning if `ZipProtectWithPassword` parameter is not being used * Fix typo * `IAMInitADUser` fixes * Bump Docker versions * Apply code review suggestions * Bump Docker version * Remove timeout value from polling parameters (so that the default value will be used) * [CommonServerPython] Fix Polling Failure If `polling` Parameter is Missing (#31111) * Add default value to `args.get()` * Bump version * Update release-notes message * jira ticket creation impovements (#31105) jira ticket creation improvements #31105 * Added Support for Microsoft Graph Single User integration (#30967) * Added Support for Microsoft Graph Single User integration * fix validation * Update 2_0_15.md * Update Packs/EmailCommunication/ReleaseNotes/2_0_15.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: EyalPintzov <[email protected]> * Xdr ioc to keep troubleshoting (#30163) * trouble shooting version * fixed new command yml * some comments * trouble shooting version * fixed new command yml * new ioc_to_keep schedule method * some comments * fix tz error * added RN * fix validation errors * fixup! fix validation errors * added UT * added UT and log * improved path * fixup! improved path * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.py * Added some documentation * Bump pack from version CortexXDR to 6.0.3. * format the yml and update the docker * fixed the bug when updating an already running integration that does not have the key next_icos_to_keep_time in the integration context * docs * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_3.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.yml Co-authored-by: ShirleyDenkberg <[email protected]> * fixed the unit test acording to change in code * fixed the unit test * trim whitespaces --------- Co-authored-by: darbel <[email protected]> Co-authored-by: esharf <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update README.md (#31129) fixed external link * [fileResult] - fix issue with special strings (#31126) * [fileResult] - fix issue with special strings * bump rn * log if ../ is in path * validate file-name is string * add unit-test * bump rn * Rapid7 - Threat Command (IntSights) pack release 3.1.0 (#30954) (#31133) * Changes related to Rapid7 - Threat Command (IntSights) pack release: 3.1.0 * resolved validation errors * Updated the release notes as per the comments * Updated the tab name for the Threat Command Layout --------- Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Adi Daud <[email protected]> * add e2e tests for xsoar-saas (#30231) * add xsoar_ng_end_to_end_job * unify end_to_end and write edl basic test * add file * fix some rules * setup and teardown for xsoar_ng e2e * update readme * conftest changes * update end_to_end_tests script * test enhancments * fix * debug issues * lock * collect tests * lock * lock * try without xsoar * lock * enhance tests and lock * install e2e nessecary packs * add packs in shell * install only specific packs in xsoar-saas * README.md * install hardcoded packs * update * fix collect tests issues * add REASONS_ALLOWING_NO_ID_SET_OR_CONF * fix is_nightly * fail when exit code != 0 * send integration params path as input * enhance e2e echo message * lock * fix get_integration_params * lock2 * sleep * unlock machine sleep + taxii2 server * fix unlock machine * fix " * fixes * sleep in test 2 hours * poetry lock * edl size = 10 * update edl size loc * use new instance * log instance name * existing name * revert poetry * poetry based on latest master * update job to fit newer version * lock * state its long running * try with long-running=true * implement taxii2-server e2e test * pre-commit fixes * add headers * lock * move func to tools.py as its general * docstrings * add support for do_long_running in xsoar_client * docstring * slack sdk * add slack-ask test * test slack ask playbook * add qradar mirroring test * update README and add support for env vars * docstrings * enhancments * update .gitignore * do not make xsoar_ng a package * excplicit implementation * add test_xdr_env * add docstrings * pre-commit * update slackask playbook path * query qradar playbook state before closing offense * assert investigation id * increase playbook query & sleep 5 minutes taxii * merge xsoar_ng_end_to_end to test content * some fixes * make nightly * end-to-end tests inside .run-tests section * try to fix syntax issue * log playbook failure reasons * add support for sourceInstanceName * remove delete context from slack * pre commit * pre-commit * try to fix taxii2 server bug * update taxii2 server test * sleep * comment out waiting for playbook qradar * sleep in case of error taxii2 * qradar * revert taxii2 server + qradar * assert true * revert * update context managers * pre-commit fixes * add logs * create instance update * create folders for content e2e tests * make fixture named xsoar_saas_client * get integration name to func Please enter the commit message for your changes. Lines starting * fixes * pre-commit * export context managers to client_utils * update xsiam e2e to use new client * update readmes * client utils fixes * change log name * add junit support * implement results support for e2e * change name * run e2e in current branch * update job names * update collect tests for testing * do not exit if e2e tests fail * use artifacts folder * fix context * save playbook - change client name * remove playbook for testing * add fi * make e2e test summary to run * ls * try now * change path * file test name * run also playbook results * change log to error * fix syntax error * update get_file to use new file service * remove import * pre-commit * update retry import * do not skip qradar test if incident cannot be found * judah's cr * koby cr * update result names * Empty-Commit * remove irrelevant logs * cr fixes * server_test_reulst renaming * change end_to_end to e2e * revert current job names * add .e2e_test_results job * remove e2e from test_playbooks_results * filter only if nightly * try to ignore pre-commit error * change rules * fix * test * xsoar saas * try now * fix * xsoar-saas e2e job * add conftest * add conftest * add xsoar-saas readme to avoid trigger test-upload * port * Empty-Commit * test integrations * do not test qradar module * Empty-Commit * Empty-Commit * retry on different ports for taxii2-test * remove get json response from taxii2 test * adjust to nightly * pre-commit * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Up…
RosenbergYehuda
added a commit
that referenced
this pull request
Feb 15, 2024
…9386 (#32462) * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * minor fixes for description * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Add Symantec MSS to ignored items (#31296) * [XSUP 30870] Added full fields option for cs-actors and cs-reports commands (#31271) * Added the display_full_fields argument * pre-commit * release notes * tests and CR fixes * resolve conflict * pre-commit * CR fixes * docker * pre-commit * add myself as codeowner (#31314) * ORKL Feed Integration 1.0.0 Initial Release (#31166) * ORKL Feed Integration 1.0.0 Initial Release (#31101) Co-authored-by: Martin Ohl <[email protected]> * [VirusTotal] Add suspicious threshold (#31220) * [VirusTotal] Add suspicious threshold (#31021) * fixing CimTrak_test.py unit tests (#31308) fixing CimTrak_test.py unit tests #31308 * Add new command and bug fix. (#31311) * Anomali ThreatStream v3 - Fix threatstream-get-indicators command (#31269) * fix get_indicators method * update RN * update docker * update test * update test * update get_indicators method * update RN * Update Packs/Anomali_ThreatStream/ReleaseNotes/2_2_9.md Co-authored-by: ShirleyDenkberg <[email protected]> * update docker * update docker --------- Co-authored-by: ShirleyDenkberg <[email protected]> * SentinelOne v2: Add 2 new commands (#31312) * fixing jira file attachments (#31297) fixing jira file attachments, fixing mapping of newly created tickets #31297 * CiscoSMA Update (#31315) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * updated docs (#31192) * updated docs * running pre-commit and docker * docker update * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * remove package-lock file * cr note * Update Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_20.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: EyalPintzov <[email protected]> * Fix an issue when there is only one incident in fetch_incidents powershell (#31267) * added -AsArray * updated the docker image and added . * RN * unit tests and docker image * rn * docker image and release notes * Update Packs/Base/ReleaseNotes/1_32_53.md Co-authored-by: EyalPintzov <[email protected]> * updated the unit tests --------- Co-authored-by: EyalPintzov <[email protected]> * Get Entity Alerts by MITRE Tactics - Performance Improvements (Refactor) (#31232) * Added playbooks * New playbooks images, formatted playbooks, and added RN * Updated pb image to be in light mode * Further improvements to playbooks, updated docs, and updated playbook images * Bump pack from version CortexXDR to 6.0.6. * Changed alert to incident to fix validation * Descriptions --------- Co-authored-by: Content Bot <[email protected]> * fix for sdk nightly e2e tests (#31310) * [qradar-v3] - handle connection errors (#31246) * [qradar-v3] - handle connection errors * add uts * bump rn * remove irrelevant imports * update code * timeout = 300 * bump rn * update implementation * docker image * fixes * remove imports * rn * update debug-message * update log * fix docker-image * fix ut * oncall-sdk-nightly-create-xsoar-instance (#31300) * overwrite the filter env file * remove space * remove print * Update .gitlab/ci/.gitlab-ci.on-push.yml Co-authored-by: Koby Meir <[email protected]> --------- Co-authored-by: Koby Meir <[email protected]> * [ASM] - EXPANDER 7238 - Jira Playbook Support for V2 and V3 Project Key (#31273) (#31322) * Add support V2 and V3, remove default project key - Add data collection task for customer - Leave Jira Project Key input as blank - Add support for project key passed into Jira V2 and V3 integrations * Add release notes * Update Playbook ReadMe * Add task description * Update release notes Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Support contributions when the name of the repo isn't content (#31320) * update handle_external_pr.py * set repo_name arg as optional * Oncall sdk nightly create xsoar instance (#31324) Oncall sdk nightly create xsoar instance #31324 * CIAC-4556/xdr-remote-psexec-lolbin-command-execution-playbook (#29092) * Add playbook and readme files * Add updated files * Add playbook image * Update release notes * Fix validation error * Bump pack from version CortexXDR to 5.1.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add CommandLine verdict to layout * Update according to demo review comments * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add field for cmd line verdict * Update layout * Fix review comments * Update from master * Update Packs/CortexXDR/ReleaseNot…
dantavori
added a commit
that referenced
this pull request
Feb 21, 2024
* Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * minor fixes for description * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Add Symantec MSS to ignored items (#31296) * [XSUP 30870] Added full fields option for cs-actors and cs-reports commands (#31271) * Added the display_full_fields argument * pre-commit * release notes * tests and CR fixes * resolve conflict * pre-commit * CR fixes * docker * pre-commit * add myself as codeowner (#31314) * ORKL Feed Integration 1.0.0 Initial Release (#31166) * ORKL Feed Integration 1.0.0 Initial Release (#31101) Co-authored-by: Martin Ohl <[email protected]> * [VirusTotal] Add suspicious threshold (#31220) * [VirusTotal] Add suspicious threshold (#31021) * fixing CimTrak_test.py unit tests (#31308) fixing CimTrak_test.py unit tests #31308 * Add new command and bug fix. (#31311) * Anomali ThreatStream v3 - Fix threatstream-get-indicators command (#31269) * fix get_indicators method * update RN * update docker * update test * update test * update get_indicators method * update RN * Update Packs/Anomali_ThreatStream/ReleaseNotes/2_2_9.md Co-authored-by: ShirleyDenkberg <[email protected]> * update docker * update docker --------- Co-authored-by: ShirleyDenkberg <[email protected]> * SentinelOne v2: Add 2 new commands (#31312) * fixing jira file attachments (#31297) fixing jira file attachments, fixing mapping of newly created tickets #31297 * CiscoSMA Update (#31315) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * updated docs (#31192) * updated docs * running pre-commit and docker * docker update * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * remove package-lock file * cr note * Update Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_20.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: EyalPintzov <[email protected]> * Fix an issue when there is only one incident in fetch_incidents powershell (#31267) * added -AsArray * updated the docker image and added . * RN * unit tests and docker image * rn * docker image and release notes * Update Packs/Base/ReleaseNotes/1_32_53.md Co-authored-by: EyalPintzov <[email protected]> * updated the unit tests --------- Co-authored-by: EyalPintzov <[email protected]> * Get Entity Alerts by MITRE Tactics - Performance Improvements (Refactor) (#31232) * Added playbooks * New playbooks images, formatted playbooks, and added RN * Updated pb image to be in light mode * Further improvements to playbooks, updated docs, and updated playbook images * Bump pack from version CortexXDR to 6.0.6. * Changed alert to incident to fix validation * Descriptions --------- Co-authored-by: Content Bot <[email protected]> * fix for sdk nightly e2e tests (#31310) * [qradar-v3] - handle connection errors (#31246) * [qradar-v3] - handle connection errors * add uts * bump rn * remove irrelevant imports * update code * timeout = 300 * bump rn * update implementation * docker image * fixes * remove imports * rn * update debug-message * update log * fix docker-image * fix ut * oncall-sdk-nightly-create-xsoar-instance (#31300) * overwrite the filter env file * remove space * remove print * Update .gitlab/ci/.gitlab-ci.on-push.yml Co-authored-by: Koby Meir <[email protected]> --------- Co-authored-by: Koby Meir <[email protected]> * [ASM] - EXPANDER 7238 - Jira Playbook Support for V2 and V3 Project Key (#31273) (#31322) * Add support V2 and V3, remove default project key - Add data collection task for customer - Leave Jira Project Key input as blank - Add support for project key passed into Jira V2 and V3 integrations * Add release notes * Update Playbook ReadMe * Add task description * Update release notes Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Support contributions when the name of the repo isn't content (#31320) * update handle_external_pr.py * set repo_name arg as optional * Oncall sdk nightly create xsoar instance (#31324) Oncall sdk nightly create xsoar instance #31324 * CIAC-4556/xdr-remote-psexec-lolbin-command-execution-playbook (#29092) * Add playbook and readme files * Add updated files * Add playbook image * Update release notes * Fix validation error * Bump pack from version CortexXDR to 5.1.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add CommandLine verdict to layout * Update according to demo review comments * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add field for cmd line verdict * Update layout * Fix review comments * Update from master * Update Packs/CortexXDR/ReleaseNotes/5_2_0.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/5_2_0.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Fix review comments and validations * Apply suggestions from code review Fix docs review Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Fix review comments * Remove duplicate task for alert details, update playbook image * Fix skipifunavailable validations and update release notes * Fix review comments * Update release notes * Update release notes * Bump pack from version CortexXDR to 5.2.0. * Fix review comments * Update release notes * Bump pack from version CortexXDR to 5.2.2. * Bump pack from version CortexXDR to 5.2.3. * Fix review comments …
maimorag
added a commit
that referenced
this pull request
Feb 22, 2024
…9386 (#32462) * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * minor fixes for description * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Add Symantec MSS to ignored items (#31296) * [XSUP 30870] Added full fields option for cs-actors and cs-reports commands (#31271) * Added the display_full_fields argument * pre-commit * release notes * tests and CR fixes * resolve conflict * pre-commit * CR fixes * docker * pre-commit * add myself as codeowner (#31314) * ORKL Feed Integration 1.0.0 Initial Release (#31166) * ORKL Feed Integration 1.0.0 Initial Release (#31101) Co-authored-by: Martin Ohl <[email protected]> * [VirusTotal] Add suspicious threshold (#31220) * [VirusTotal] Add suspicious threshold (#31021) * fixing CimTrak_test.py unit tests (#31308) fixing CimTrak_test.py unit tests #31308 * Add new command and bug fix. (#31311) * Anomali ThreatStream v3 - Fix threatstream-get-indicators command (#31269) * fix get_indicators method * update RN * update docker * update test * update test * update get_indicators method * update RN * Update Packs/Anomali_ThreatStream/ReleaseNotes/2_2_9.md Co-authored-by: ShirleyDenkberg <[email protected]> * update docker * update docker --------- Co-authored-by: ShirleyDenkberg <[email protected]> * SentinelOne v2: Add 2 new commands (#31312) * fixing jira file attachments (#31297) fixing jira file attachments, fixing mapping of newly created tickets #31297 * CiscoSMA Update (#31315) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * updated docs (#31192) * updated docs * running pre-commit and docker * docker update * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * remove package-lock file * cr note * Update Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_20.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: EyalPintzov <[email protected]> * Fix an issue when there is only one incident in fetch_incidents powershell (#31267) * added -AsArray * updated the docker image and added . * RN * unit tests and docker image * rn * docker image and release notes * Update Packs/Base/ReleaseNotes/1_32_53.md Co-authored-by: EyalPintzov <[email protected]> * updated the unit tests --------- Co-authored-by: EyalPintzov <[email protected]> * Get Entity Alerts by MITRE Tactics - Performance Improvements (Refactor) (#31232) * Added playbooks * New playbooks images, formatted playbooks, and added RN * Updated pb image to be in light mode * Further improvements to playbooks, updated docs, and updated playbook images * Bump pack from version CortexXDR to 6.0.6. * Changed alert to incident to fix validation * Descriptions --------- Co-authored-by: Content Bot <[email protected]> * fix for sdk nightly e2e tests (#31310) * [qradar-v3] - handle connection errors (#31246) * [qradar-v3] - handle connection errors * add uts * bump rn * remove irrelevant imports * update code * timeout = 300 * bump rn * update implementation * docker image * fixes * remove imports * rn * update debug-message * update log * fix docker-image * fix ut * oncall-sdk-nightly-create-xsoar-instance (#31300) * overwrite the filter env file * remove space * remove print * Update .gitlab/ci/.gitlab-ci.on-push.yml Co-authored-by: Koby Meir <[email protected]> --------- Co-authored-by: Koby Meir <[email protected]> * [ASM] - EXPANDER 7238 - Jira Playbook Support for V2 and V3 Project Key (#31273) (#31322) * Add support V2 and V3, remove default project key - Add data collection task for customer - Leave Jira Project Key input as blank - Add support for project key passed into Jira V2 and V3 integrations * Add release notes * Update Playbook ReadMe * Add task description * Update release notes Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Support contributions when the name of the repo isn't content (#31320) * update handle_external_pr.py * set repo_name arg as optional * Oncall sdk nightly create xsoar instance (#31324) Oncall sdk nightly create xsoar instance #31324 * CIAC-4556/xdr-remote-psexec-lolbin-command-execution-playbook (#29092) * Add playbook and readme files * Add updated files * Add playbook image * Update release notes * Fix validation error * Bump pack from version CortexXDR to 5.1.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add CommandLine verdict to layout * Update according to demo review comments * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add field for cmd line verdict * Update layout * Fix review comments * Update from master * Update Packs/CortexXDR/ReleaseNot…
maimorag
added a commit
that referenced
this pull request
Feb 22, 2024
* Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * minor fixes for description * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Add Symantec MSS to ignored items (#31296) * [XSUP 30870] Added full fields option for cs-actors and cs-reports commands (#31271) * Added the display_full_fields argument * pre-commit * release notes * tests and CR fixes * resolve conflict * pre-commit * CR fixes * docker * pre-commit * add myself as codeowner (#31314) * ORKL Feed Integration 1.0.0 Initial Release (#31166) * ORKL Feed Integration 1.0.0 Initial Release (#31101) Co-authored-by: Martin Ohl <[email protected]> * [VirusTotal] Add suspicious threshold (#31220) * [VirusTotal] Add suspicious threshold (#31021) * fixing CimTrak_test.py unit tests (#31308) fixing CimTrak_test.py unit tests #31308 * Add new command and bug fix. (#31311) * Anomali ThreatStream v3 - Fix threatstream-get-indicators command (#31269) * fix get_indicators method * update RN * update docker * update test * update test * update get_indicators method * update RN * Update Packs/Anomali_ThreatStream/ReleaseNotes/2_2_9.md Co-authored-by: ShirleyDenkberg <[email protected]> * update docker * update docker --------- Co-authored-by: ShirleyDenkberg <[email protected]> * SentinelOne v2: Add 2 new commands (#31312) * fixing jira file attachments (#31297) fixing jira file attachments, fixing mapping of newly created tickets #31297 * CiscoSMA Update (#31315) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * updated docs (#31192) * updated docs * running pre-commit and docker * docker update * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * remove package-lock file * cr note * Update Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_20.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: EyalPintzov <[email protected]> * Fix an issue when there is only one incident in fetch_incidents powershell (#31267) * added -AsArray * updated the docker image and added . * RN * unit tests and docker image * rn * docker image and release notes * Update Packs/Base/ReleaseNotes/1_32_53.md Co-authored-by: EyalPintzov <[email protected]> * updated the unit tests --------- Co-authored-by: EyalPintzov <[email protected]> * Get Entity Alerts by MITRE Tactics - Performance Improvements (Refactor) (#31232) * Added playbooks * New playbooks images, formatted playbooks, and added RN * Updated pb image to be in light mode * Further improvements to playbooks, updated docs, and updated playbook images * Bump pack from version CortexXDR to 6.0.6. * Changed alert to incident to fix validation * Descriptions --------- Co-authored-by: Content Bot <[email protected]> * fix for sdk nightly e2e tests (#31310) * [qradar-v3] - handle connection errors (#31246) * [qradar-v3] - handle connection errors * add uts * bump rn * remove irrelevant imports * update code * timeout = 300 * bump rn * update implementation * docker image * fixes * remove imports * rn * update debug-message * update log * fix docker-image * fix ut * oncall-sdk-nightly-create-xsoar-instance (#31300) * overwrite the filter env file * remove space * remove print * Update .gitlab/ci/.gitlab-ci.on-push.yml Co-authored-by: Koby Meir <[email protected]> --------- Co-authored-by: Koby Meir <[email protected]> * [ASM] - EXPANDER 7238 - Jira Playbook Support for V2 and V3 Project Key (#31273) (#31322) * Add support V2 and V3, remove default project key - Add data collection task for customer - Leave Jira Project Key input as blank - Add support for project key passed into Jira V2 and V3 integrations * Add release notes * Update Playbook ReadMe * Add task description * Update release notes Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Support contributions when the name of the repo isn't content (#31320) * update handle_external_pr.py * set repo_name arg as optional * Oncall sdk nightly create xsoar instance (#31324) Oncall sdk nightly create xsoar instance #31324 * CIAC-4556/xdr-remote-psexec-lolbin-command-execution-playbook (#29092) * Add playbook and readme files * Add updated files * Add playbook image * Update release notes * Fix validation error * Bump pack from version CortexXDR to 5.1.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add CommandLine verdict to layout * Update according to demo review comments * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add field for cmd line verdict * Update layout * Fix review comments * Update from master * Update Packs/CortexXDR/ReleaseNotes/5_2_0.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/5_2_0.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Fix review comments and validations * Apply suggestions from code review Fix docs review Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Fix review comments * Remove duplicate task for alert details, update playbook image * Fix skipifunavailable validations and update release notes * Fix review comments * Update release notes * Update release notes * Bump pack from version CortexXDR to 5.2.0. * Fix review comments * Update release notes * Bump pack from version CortexXDR to 5.2.2. * Bump pack from version CortexXDR to 5.2.3. * Fix review comments …
maimorag
added a commit
that referenced
this pull request
Feb 28, 2024
…9386 (#32462) * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * minor fixes for description * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Add Symantec MSS to ignored items (#31296) * [XSUP 30870] Added full fields option for cs-actors and cs-reports commands (#31271) * Added the display_full_fields argument * pre-commit * release notes * tests and CR fixes * resolve conflict * pre-commit * CR fixes * docker * pre-commit * add myself as codeowner (#31314) * ORKL Feed Integration 1.0.0 Initial Release (#31166) * ORKL Feed Integration 1.0.0 Initial Release (#31101) Co-authored-by: Martin Ohl <[email protected]> * [VirusTotal] Add suspicious threshold (#31220) * [VirusTotal] Add suspicious threshold (#31021) * fixing CimTrak_test.py unit tests (#31308) fixing CimTrak_test.py unit tests #31308 * Add new command and bug fix. (#31311) * Anomali ThreatStream v3 - Fix threatstream-get-indicators command (#31269) * fix get_indicators method * update RN * update docker * update test * update test * update get_indicators method * update RN * Update Packs/Anomali_ThreatStream/ReleaseNotes/2_2_9.md Co-authored-by: ShirleyDenkberg <[email protected]> * update docker * update docker --------- Co-authored-by: ShirleyDenkberg <[email protected]> * SentinelOne v2: Add 2 new commands (#31312) * fixing jira file attachments (#31297) fixing jira file attachments, fixing mapping of newly created tickets #31297 * CiscoSMA Update (#31315) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * updated docs (#31192) * updated docs * running pre-commit and docker * docker update * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * remove package-lock file * cr note * Update Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_20.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: EyalPintzov <[email protected]> * Fix an issue when there is only one incident in fetch_incidents powershell (#31267) * added -AsArray * updated the docker image and added . * RN * unit tests and docker image * rn * docker image and release notes * Update Packs/Base/ReleaseNotes/1_32_53.md Co-authored-by: EyalPintzov <[email protected]> * updated the unit tests --------- Co-authored-by: EyalPintzov <[email protected]> * Get Entity Alerts by MITRE Tactics - Performance Improvements (Refactor) (#31232) * Added playbooks * New playbooks images, formatted playbooks, and added RN * Updated pb image to be in light mode * Further improvements to playbooks, updated docs, and updated playbook images * Bump pack from version CortexXDR to 6.0.6. * Changed alert to incident to fix validation * Descriptions --------- Co-authored-by: Content Bot <[email protected]> * fix for sdk nightly e2e tests (#31310) * [qradar-v3] - handle connection errors (#31246) * [qradar-v3] - handle connection errors * add uts * bump rn * remove irrelevant imports * update code * timeout = 300 * bump rn * update implementation * docker image * fixes * remove imports * rn * update debug-message * update log * fix docker-image * fix ut * oncall-sdk-nightly-create-xsoar-instance (#31300) * overwrite the filter env file * remove space * remove print * Update .gitlab/ci/.gitlab-ci.on-push.yml Co-authored-by: Koby Meir <[email protected]> --------- Co-authored-by: Koby Meir <[email protected]> * [ASM] - EXPANDER 7238 - Jira Playbook Support for V2 and V3 Project Key (#31273) (#31322) * Add support V2 and V3, remove default project key - Add data collection task for customer - Leave Jira Project Key input as blank - Add support for project key passed into Jira V2 and V3 integrations * Add release notes * Update Playbook ReadMe * Add task description * Update release notes Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Support contributions when the name of the repo isn't content (#31320) * update handle_external_pr.py * set repo_name arg as optional * Oncall sdk nightly create xsoar instance (#31324) Oncall sdk nightly create xsoar instance #31324 * CIAC-4556/xdr-remote-psexec-lolbin-command-execution-playbook (#29092) * Add playbook and readme files * Add updated files * Add playbook image * Update release notes * Fix validation error * Bump pack from version CortexXDR to 5.1.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add CommandLine verdict to layout * Update according to demo review comments * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add field for cmd line verdict * Update layout * Fix review comments * Update from master * Update Packs/CortexXDR/ReleaseNot…
maimorag
added a commit
that referenced
this pull request
Feb 28, 2024
* Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * minor fixes for description * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Add Symantec MSS to ignored items (#31296) * [XSUP 30870] Added full fields option for cs-actors and cs-reports commands (#31271) * Added the display_full_fields argument * pre-commit * release notes * tests and CR fixes * resolve conflict * pre-commit * CR fixes * docker * pre-commit * add myself as codeowner (#31314) * ORKL Feed Integration 1.0.0 Initial Release (#31166) * ORKL Feed Integration 1.0.0 Initial Release (#31101) Co-authored-by: Martin Ohl <[email protected]> * [VirusTotal] Add suspicious threshold (#31220) * [VirusTotal] Add suspicious threshold (#31021) * fixing CimTrak_test.py unit tests (#31308) fixing CimTrak_test.py unit tests #31308 * Add new command and bug fix. (#31311) * Anomali ThreatStream v3 - Fix threatstream-get-indicators command (#31269) * fix get_indicators method * update RN * update docker * update test * update test * update get_indicators method * update RN * Update Packs/Anomali_ThreatStream/ReleaseNotes/2_2_9.md Co-authored-by: ShirleyDenkberg <[email protected]> * update docker * update docker --------- Co-authored-by: ShirleyDenkberg <[email protected]> * SentinelOne v2: Add 2 new commands (#31312) * fixing jira file attachments (#31297) fixing jira file attachments, fixing mapping of newly created tickets #31297 * CiscoSMA Update (#31315) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * updated docs (#31192) * updated docs * running pre-commit and docker * docker update * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * remove package-lock file * cr note * Update Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_20.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: EyalPintzov <[email protected]> * Fix an issue when there is only one incident in fetch_incidents powershell (#31267) * added -AsArray * updated the docker image and added . * RN * unit tests and docker image * rn * docker image and release notes * Update Packs/Base/ReleaseNotes/1_32_53.md Co-authored-by: EyalPintzov <[email protected]> * updated the unit tests --------- Co-authored-by: EyalPintzov <[email protected]> * Get Entity Alerts by MITRE Tactics - Performance Improvements (Refactor) (#31232) * Added playbooks * New playbooks images, formatted playbooks, and added RN * Updated pb image to be in light mode * Further improvements to playbooks, updated docs, and updated playbook images * Bump pack from version CortexXDR to 6.0.6. * Changed alert to incident to fix validation * Descriptions --------- Co-authored-by: Content Bot <[email protected]> * fix for sdk nightly e2e tests (#31310) * [qradar-v3] - handle connection errors (#31246) * [qradar-v3] - handle connection errors * add uts * bump rn * remove irrelevant imports * update code * timeout = 300 * bump rn * update implementation * docker image * fixes * remove imports * rn * update debug-message * update log * fix docker-image * fix ut * oncall-sdk-nightly-create-xsoar-instance (#31300) * overwrite the filter env file * remove space * remove print * Update .gitlab/ci/.gitlab-ci.on-push.yml Co-authored-by: Koby Meir <[email protected]> --------- Co-authored-by: Koby Meir <[email protected]> * [ASM] - EXPANDER 7238 - Jira Playbook Support for V2 and V3 Project Key (#31273) (#31322) * Add support V2 and V3, remove default project key - Add data collection task for customer - Leave Jira Project Key input as blank - Add support for project key passed into Jira V2 and V3 integrations * Add release notes * Update Playbook ReadMe * Add task description * Update release notes Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Support contributions when the name of the repo isn't content (#31320) * update handle_external_pr.py * set repo_name arg as optional * Oncall sdk nightly create xsoar instance (#31324) Oncall sdk nightly create xsoar instance #31324 * CIAC-4556/xdr-remote-psexec-lolbin-command-execution-playbook (#29092) * Add playbook and readme files * Add updated files * Add playbook image * Update release notes * Fix validation error * Bump pack from version CortexXDR to 5.1.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add CommandLine verdict to layout * Update according to demo review comments * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add field for cmd line verdict * Update layout * Fix review comments * Update from master * Update Packs/CortexXDR/ReleaseNotes/5_2_0.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/5_2_0.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Fix review comments and validations * Apply suggestions from code review Fix docs review Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Fix review comments * Remove duplicate task for alert details, update playbook image * Fix skipifunavailable validations and update release notes * Fix review comments * Update release notes * Update release notes * Bump pack from version CortexXDR to 5.2.0. * Fix review comments * Update release notes * Bump pack from version CortexXDR to 5.2.2. * Bump pack from version CortexXDR to 5.2.3. * Fix review comments …
maimorag
added a commit
that referenced
this pull request
Mar 6, 2024
* fix * fix fetch using timestamp * cr notes * adding unify * cr * after meeting with the client fix * after meeting with the client fixing tests 2 * fixing fetching above 2000 indicators * fixing fetching * fixing fetching * adding unify for customer * Bump gitpython from 3.1.40 to 3.1.41 (#32119) * Bump gitpython from 3.1.40 to 3.1.41 Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.40 to 3.1.41. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.40...3.1.41) --- updated-dependencies: - dependency-name: gitpython dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * update pre-commit dependencies --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dorschw <[email protected]> * Bump pillow from 10.1.0 to 10.2.0 (#32356) Bumps [pillow](https://github.com/python-pillow/Pillow) from 10.1.0 to 10.2.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](https://github.com/python-pillow/Pillow/compare/10.1.0...10.2.0) --- updated-dependencies: - dependency-name: pillow dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dorschw <[email protected]> * Notify External PR Merge (#32349) * added new action * Test SK (#32350) * Jira bugfix in edit issue - xsup 31954 (#32041) * Added tests * Updated RNs * Updated docstrings * Updated TPB * Updated command description * Updated RNs --------- Co-authored-by: Anas Yousef <[email protected]> * Update AMPv2.yml --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: Anas Yousef <[email protected]> * Revert "Test SK" (#32352) * Fixed * Update .github/workflows/create-internal-pr-from-external.yml Co-authored-by: RotemAmit <[email protected]> * Update .github/workflows/create-internal-pr-from-external.yml Co-authored-by: RotemAmit <[email protected]> --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: Anas Yousef <[email protected]> Co-authored-by: RotemAmit <[email protected]> * added 'W291, # trailing-whitespace' to pyproject.toml and nightly (#32862) * [greynoise-266] New Pack - FeedGreyNoiseIndicator (#32514) (#32942) * updates * pre-commit and readme * pre-commit * updates * more updates * fix tests * fix tests * fix formatting * fix pack ver check * update tests * fix flake8 and secrets * feedback * updates * feedback updates * fix default feedRep * add notes to docs * update docker image num Co-authored-by: Brad Chiappetta <[email protected]> * Fix CommonServerPython mypy (#32931) * Update docker images of `CommonScript` items (#32938) * Update `demisto/xslxwriter` 70-100 coverage rate (#32763) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/xml-feed` 70-100 coverage rate (#32762) * upgrade images * revert * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/bs4-py3` 70-100 coverage rate (#32741) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version FiltersAndTransformers to 1.2.59. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/bs4-tld` 0-10 coverage rate (#32744) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/btfl-soup` 70-100 coverage rate (#32745) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/netutils` 70-100 coverage rate (#32752) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/nltk` 70-100 coverage rate (#32753) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/pcap-http-extractor` 70-100 coverage rate (#32754) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/python3-deb` 70-100 coverage rate (#32759) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/unzip` 40-55 coverage rate (#32761) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * update RN * Bump pack from version FiltersAndTransformers to 1.2.60. --------- Co-authored-by: Content Bot <[email protected]> * [ASM] EXPANDR-3608: store potential offending firewall rules (#32721) (#32940) * update GCP enrich play * RN * Apply suggestions from code review * update field name and bump ver --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * XSUP-31342 - XDR mirroring changes incident resolution (#32359) * added more debug logs to the mirroring process * more debug logs * updated the schema * added ckose_reason * updated the schema name * updated the outgoing mapper and some debug logs * added RN * Bump pack from version CortexXDR to 6.1.14. * Bump pack from version CortexXDR to 6.1.15. * updated test_get_mapping_fields_command * updated handle_outgoing_issue_closure to use close_reason or closeReason * updated RN and docker image * added a unit test test_handle_outgoing_issue_closure * added RN to core pack and ctf01 pack * Bump pack from version CortexXDR to 6.1.16. * updated the RN * added an incident type to the outgoing mapper and updated the RN --------- Co-authored-by: Content Bot <[email protected]> * Domaintools iris release v2.0.1 (#32880) (#32946) * first pass at fixing proxy use * don't use empty strings * avoid empty string * fix docker tag, add release notes * update release notes with docker image * Update Packs/DomainTools_Iris/ReleaseNotes/2_0_1.md --------- Co-authored-by: Wesley Agena <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> * revert docker changes (#32944) * AWS Require Region (#32687) * init * update docker * update docker * update docker * RN * fix conflicts * update docker * fix conflicts * Update `demisto/fastapi` 70-100 coverage rate (#32573) * upgrade images * update RN * fix pb parser (#32826) * fix pb parser - test * change xpanse stuff * remove poetry changes * more xpanse changes * fix gr103 * YR/Handle long running pipelines, and commits with no pipelines/CIAC-9386 (#32462) * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image …
RosenbergYehuda
added a commit
that referenced
this pull request
Mar 6, 2024
* Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * minor fixes for description * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Add Symantec MSS to ignored items (#31296) * [XSUP 30870] Added full fields option for cs-actors and cs-reports commands (#31271) * Added the display_full_fields argument * pre-commit * release notes * tests and CR fixes * resolve conflict * pre-commit * CR fixes * docker * pre-commit * add myself as codeowner (#31314) * ORKL Feed Integration 1.0.0 Initial Release (#31166) * ORKL Feed Integration 1.0.0 Initial Release (#31101) Co-authored-by: Martin Ohl <[email protected]> * [VirusTotal] Add suspicious threshold (#31220) * [VirusTotal] Add suspicious threshold (#31021) * fixing CimTrak_test.py unit tests (#31308) fixing CimTrak_test.py unit tests #31308 * Add new command and bug fix. (#31311) * Anomali ThreatStream v3 - Fix threatstream-get-indicators command (#31269) * fix get_indicators method * update RN * update docker * update test * update test * update get_indicators method * update RN * Update Packs/Anomali_ThreatStream/ReleaseNotes/2_2_9.md Co-authored-by: ShirleyDenkberg <[email protected]> * update docker * update docker --------- Co-authored-by: ShirleyDenkberg <[email protected]> * SentinelOne v2: Add 2 new commands (#31312) * fixing jira file attachments (#31297) fixing jira file attachments, fixing mapping of newly created tickets #31297 * CiscoSMA Update (#31315) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * updated docs (#31192) * updated docs * running pre-commit and docker * docker update * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * remove package-lock file * cr note * Update Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_20.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: EyalPintzov <[email protected]> * Fix an issue when there is only one incident in fetch_incidents powershell (#31267) * added -AsArray * updated the docker image and added . * RN * unit tests and docker image * rn * docker image and release notes * Update Packs/Base/ReleaseNotes/1_32_53.md Co-authored-by: EyalPintzov <[email protected]> * updated the unit tests --------- Co-authored-by: EyalPintzov <[email protected]> * Get Entity Alerts by MITRE Tactics - Performance Improvements (Refactor) (#31232) * Added playbooks * New playbooks images, formatted playbooks, and added RN * Updated pb image to be in light mode * Further improvements to playbooks, updated docs, and updated playbook images * Bump pack from version CortexXDR to 6.0.6. * Changed alert to incident to fix validation * Descriptions --------- Co-authored-by: Content Bot <[email protected]> * fix for sdk nightly e2e tests (#31310) * [qradar-v3] - handle connection errors (#31246) * [qradar-v3] - handle connection errors * add uts * bump rn * remove irrelevant imports * update code * timeout = 300 * bump rn * update implementation * docker image * fixes * remove imports * rn * update debug-message * update log * fix docker-image * fix ut * oncall-sdk-nightly-create-xsoar-instance (#31300) * overwrite the filter env file * remove space * remove print * Update .gitlab/ci/.gitlab-ci.on-push.yml Co-authored-by: Koby Meir <[email protected]> --------- Co-authored-by: Koby Meir <[email protected]> * [ASM] - EXPANDER 7238 - Jira Playbook Support for V2 and V3 Project Key (#31273) (#31322) * Add support V2 and V3, remove default project key - Add data collection task for customer - Leave Jira Project Key input as blank - Add support for project key passed into Jira V2 and V3 integrations * Add release notes * Update Playbook ReadMe * Add task description * Update release notes Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Support contributions when the name of the repo isn't content (#31320) * update handle_external_pr.py * set repo_name arg as optional * Oncall sdk nightly create xsoar instance (#31324) Oncall sdk nightly create xsoar instance #31324 * CIAC-4556/xdr-remote-psexec-lolbin-command-execution-playbook (#29092) * Add playbook and readme files * Add updated files * Add playbook image * Update release notes * Fix validation error * Bump pack from version CortexXDR to 5.1.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add CommandLine verdict to layout * Update according to demo review comments * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add field for cmd line verdict * Update layout * Fix review comments * Update from master * Update Packs/CortexXDR/ReleaseNotes/5_2_0.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/5_2_0.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Fix review comments and validations * Apply suggestions from code review Fix docs review Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Fix review comments * Remove duplicate task for alert details, update playbook image * Fix skipifunavailable validations and update release notes * Fix review comments * Update release notes * Update release notes * Bump pack from version CortexXDR to 5.2.0. * Fix review comments * Update release notes * Bump pack from ve…
dantavori
added a commit
that referenced
this pull request
Mar 21, 2024
* Mcafee WebGW Mapping (#32709) * Updated ModelingRules ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated README * Updated README * Updated yml name and id * Updated README * Reverted RN * Updated ReleaseNotes * Updated ReleaseNotes * [SevriceManager] better error message (#32742) * better error message * Update Packs/HPE_Service_Manager/ReleaseNotes/1_0_6.md * fix validate * Update pack_metadata.json (#32725) * Update pack_metadata.json Added missing word in the description * Update Packs/DragosWorldview/pack_metadata.json Co-authored-by: Israel Lappe <[email protected]> --------- Co-authored-by: Israel Lappe <[email protected]> * [VirusTotal] Return DBotScore and fix suspicious threshold (#32677) (#32740) * fix(commands): Always return score * Add error file output * Fix test * Update pack_metadata * Update docker image * Add tests * Update Packs/VirusTotal/ReleaseNotes/2_6_17.md * Update Packs/VirusTotal/ReleaseNotes/2_6_17.md * given-when-then docs --------- Co-authored-by: Pablo Pérez <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> * JSON Feed - Remove ports from IPv4s Indicators (#32223) * add parameter * Parameter to remove ports * RN * yml fixes * RN * small fix * RN * cover * Apply suggestions from code review Co-authored-by: Arad Carmi <[email protected]> * Bump pack from version FeedMalwareBazaar to 1.0.38. * Bump pack from version FeedGCPWhitelist to 2.0.38. * Bump pack from version AccentureCTI_Feed to 1.1.35. * Bump pack from version FeedAWS to 1.1.49. * Update FeedJSON.yml * docker bump * RN * Apply suggestions from code review Doc review Co-authored-by: ShirleyDenkberg <[email protected]> * Fixed test PB * RN --------- Co-authored-by: Arad Carmi <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * MS Teams send-notification command bug (#32531) * fixed a bug in teams where send-notification failed to send messages in GUID format * added rn * updated docker, added unit test * added doc * m * added unit test * added unittest in ms teams * uodated the code * removed comment * added test to ms teams ask * fixed tests * removed comment * minor doc update * update after build failed * Update Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.py Co-authored-by: dorschw <[email protected]> * Update Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py Co-authored-by: dorschw <[email protected]> * Update Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py Co-authored-by: dorschw <[email protected]> * Update Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py Co-authored-by: dorschw <[email protected]> * Apply suggestions from code review * updated do * fixed precommit issues --------- Co-authored-by: dorschw <[email protected]> * New pack for Ivanti vulnerabilities (#32703) * New pack for Ivanti vulnerabilities * New pack for Ivanti vulnerabilities * update RN of the main Rapid pack * review fixes * add the UseReputationCommand input * review fixes * review fixes * review fixes * update RN * review fix * update RN * update RN * update RN * update RN * update RN * update RN * Improve create clickable URL (#31584) * Add the ability to create a clickable url with different text than the link * RN * revert * added a modeling rule (#22875) * added a modeling rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * Update README.md (#23810) Edit the file to remove duplication of command names in the right pane. * Modeling rules fixes (#24259) * save * save no exit_code * save not fail on test-modeling-rules * remove ciscoasa changes * Update Docker Image To demisto/chromium (#24291) * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml Docker image update * Deprecated GitHub TestData (#31573) * CR fixes * UT fixes * revert f-string * conflicts * pack version * conflicts * doc * conflicts * Bump pack from version Base to 1.34.0. * conflicts * RN * remove parameterize * Bump pack from version Base to 1.33.26. * pre-commit fixes --------- Co-authored-by: guytamir10 <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Darya Koval <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: eepstain <[email protected]> Co-authored-by: Content Bot <[email protected]> * XSUP 31502 - Gmail - Update the time parsing during the fetch-incidents process (#32431) * updated get_occurred_date to return the smaller of the header time and internalDate in utc * base_time to occured * added more debug logs for the body of the msg * RN and pack version update * updated the failing tests * pre-commit updates * docker image update * updated the unit test test_get_occurred_date * pre-commit updates * cr updates * Bambenek Consulting Adoption (#32738) (#32743) * Bambenek Consulting Adoption * Update 1_2_1.md * update releasnotes.md file Co-authored-by: Rambatla Venkat Rao <[email protected]> Co-authored-by: Yuval Cohen <[email protected]> * fix * fix * Fix an issue on AWS-GuardDuty (#32685) * fix bug * update RN * add UT * update docker * fix UT * update RN * Update Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty_test.py --------- Co-authored-by: dorschw <[email protected]> * CIAC-8712/generic-sql (#32729) * playbook fixes * fix CR * cr review * cr review * Add pyzbar to ReadQRCode (#32556) * init * multiple codes * working * update docker * CR changes * added pipe redirect * RN * update gitignore * Web file repository - Updated the UI (#32731) (#32773) * Merge * revert package-lock.json * Updated the UI to improve security for priventing cross site scripting. * Update RN * Update RN * Update 1_0_25.md --------- Co-authored-by: Masahiko Inoue <[email protected]> Co-authored-by: Yuval Cohen <[email protected]> * CIAC-9020 adding 3 new commands to prisma cloud compute (#32303) * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * fix * fix files * fix files * add docstring * Bump pack from version CortexXDR to 6.1.14. * Bump pack from version CortexXDR to 6.1.15. * cr without dups fix * cr fixing tests * Bump pack from version CortexXDR to 6.1.16. * fix * fix * fix_unit tests * remove null * fix * fix * fix * demo notes * cr * cr * Fix type issue in CommandResult input tags (#32794) * Fixed type error * Updated the RN * updated RN * Aws data lake fix yml (#32870) * fixed path yml * fix * fix * breaking * rn * Fixing Mandiant ASM Issue Status Sync (#32767) (#32920) * Fixing ASM issue status not syncing from ASM into XSOAR * Bumping version * Metadata * Punctuation * Update Packs/MandiantAdvantageAttackSurfaceManagement/ReleaseNotes/1_0_5.md * docker update --------- Co-authored-by: Christopher Hultin <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: YuvHayun <[email protected]> * GCP-EXPANDR-3608: Determine potential offending firewall rules (#32795) * GCP-EXPANDR-3608: Determine potential offending firewall rules (#32678) * dl script * GCP-Enrich play * formatting and start unittest * more tests and RN * add screenshot * update pack README * increase test coverage * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Apply suggestions from code review Co-authored-by: Shmuel Kroizer <[email protected]> * update function names * pre-commit changes * Update Packs/GCP-Enrichment-Remediation/Scripts/GCPOffendingFirewallRule/GCPOffendingFirewallRule.py Co-authored-by: Shmuel Kroizer <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> * update docker * some improve * revert * Update Packs/GCP-Enrichment-Remediation/Scripts/GCPOffendingFirewallRule/GCPOffendingFirewallRule.py --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> * Dev Container and Codespace - fix docker in docker (#32863) * Taxii 2 feed bug (#32783) * added logs * added logs * logs * applied a fix to duplicates * fixed the fix * added unittests * reverted changed id * reverted changes in api module * added rn * fixes for the logs * added typing hints * updated docker image * updated docker image * changed the lasted_indicators to contain only the id and the modified date * fixed the unittests and handled dummy indicators * added log * fixed unittest * fixed unittest * revert * Bump pack from version FeedTAXII to 1.2.6. * editd after cr * rn * fixed for flake8 --------- Co-authored-by: Content Bot <[email protected]> * removed files (#32937) * [Marketplace Contribution] Common Scripts - New Script IsNotInCidrRanges (#32854) * [Marketplace Contribution] Common Scripts - New Script IsNotInCidrRanges (#32120) * "contribution update to pack "Common Scripts"" * Update Packs/CommonScripts/ReleaseNotes/1_14_0.md * Updated based on recommendations * chmode +x ping file * revert * revert * revert * move the PR to filters and transformers * move RN * Update Packs/FiltersAndTransformers/Scripts/IsNotInCidrRanges/IsNotInCidrRanges.yml * update docker * revert yml * add docstring * fix RN * change the docker to python3:3.10 * update the description that the script support only ipv4 * update docker to demisto/python3:3.10.12.63474 * added UT * update docker to demisto/python3:3.10.13.87159 * added test playbook * demisto-sdk format * Update Packs/FiltersAndTransformers/ReleaseNotes/1_2_58.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/FiltersAndTransformers/Scripts/IsNotInCidrRanges/IsNotInCidrRanges.yml Co-authored-by: ShirleyDenkberg <[email protected]> * update version * revert conf.json * update RN --------- Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: amontminypa <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * conf.json added test playbook * "fromversion": "6.10.0" * revert * Update Packs/FiltersAndTransformers/TestPlaybooks/playbook-TestIsNotInCidrRanges.yml --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: amontminypa <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * [TestIsNotInCidrRanges] Added Test Playbook To The Conf File (#32919) * added test playbook to conf.json * Update Tests/conf.json * Unisolate generic playbook enhancement (#32873) * added inputs * RN update * edited the description of the input * RN update * [IBM QRadar] Fix W291 Trailing whitespace (#32855) * fix w291 * added RN * Bump gitpython from 3.1.40 to 3.1.41 (#32119) * Bump gitpython from 3.1.40 to 3.1.41 Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.40 to 3.1.41. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.40...3.1.41) --- updated-dependencies: - dependency-name: gitpython dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * update pre-commit dependencies --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dorschw <[email protected]> * Bump pillow from 10.1.0 to 10.2.0 (#32356) Bumps [pillow](https://github.com/python-pillow/Pillow) from 10.1.0 to 10.2.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](https://github.com/python-pillow/Pillow/compare/10.1.0...10.2.0) --- updated-dependencies: - dependency-name: pillow dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dorschw <[email protected]> * Notify External PR Merge (#32349) * added new action * Test SK (#32350) * Jira bugfix in edit issue - xsup 31954 (#32041) * Added tests * Updated RNs * Updated docstrings * Updated TPB * Updated command description * Updated RNs --------- Co-authored-by: Anas Yousef <[email protected]> * Update AMPv2.yml --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: Anas Yousef <[email protected]> * Revert "Test SK" (#32352) * Fixed * Update .github/workflows/create-internal-pr-from-external.yml Co-authored-by: RotemAmit <[email protected]> * Update .github/workflows/create-internal-pr-from-external.yml Co-authored-by: RotemAmit <[email protected]> --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: Anas Yousef <[email protected]> Co-authored-by: RotemAmit <[email protected]> * added 'W291, # trailing-whitespace' to pyproject.toml and nightly (#32862) * [greynoise-266] New Pack - FeedGreyNoiseIndicator (#32514) (#32942) * updates * pre-commit and readme * pre-commit * updates * more updates * fix tests * fix tests * fix formatting * fix pack ver check * update tests * fix flake8 and secrets * feedback * updates * feedback updates * fix default feedRep * add notes to docs * update docker image num Co-authored-by: Brad Chiappetta <[email protected]> * Fix CommonServerPython mypy (#32931) * Update docker images of `CommonScript` items (#32938) * Update `demisto/xslxwriter` 70-100 coverage rate (#32763) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/xml-feed` 70-100 coverage rate (#32762) * upgrade images * revert * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/bs4-py3` 70-100 coverage rate (#32741) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version FiltersAndTransformers to 1.2.59. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/bs4-tld` 0-10 coverage rate (#32744) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/btfl-soup` 70-100 coverage rate (#32745) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/netutils` 70-100 coverage rate (#32752) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/nltk` 70-100 coverage rate (#32753) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/pcap-http-extractor` 70-100 coverage rate (#32754) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/python3-deb` 70-100 coverage rate (#32759) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/unzip` 40-55 coverage rate (#32761) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * update RN * Bump pack from version FiltersAndTransformers to 1.2.60. --------- Co-authored-by: Content Bot <[email protected]> * [ASM] EXPANDR-3608: store potential offending firewall rules (#32721) (#32940) * update GCP enrich play * RN * Apply suggestions from code review * update field name and bump ver --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * XSUP-31342 - XDR mirroring changes incident resolution (#32359) * added more debug logs to the mirroring process * more debug logs * updated the schema * added ckose_reason * updated the schema name * updated the outgoing mapper and some debug logs * added RN * Bump pack from version CortexXDR to 6.1.14. * Bump pack from version CortexXDR to 6.1.15. * updated test_get_mapping_fields_command * updated handle_outgoing_issue_closure to use close_reason or closeReason * updated RN and docker image * added a unit test test_handle_outgoing_issue_closure * added RN to core pack and ctf01 pack * Bump pack from version CortexXDR to 6.1.16. * updated the RN * added an incident type to the outgoing mapper and updated the RN --------- Co-authored-by: Content Bot <[email protected]> * Domaintools iris release v2.0.1 (#32880) (#32946) * first pass at fixing proxy use * don't use empty strings * avoid empty string * fix docker tag, add release notes * update release notes with docker image * Update Packs/DomainTools_Iris/ReleaseNotes/2_0_1.md --------- Co-authored-by: Wesley Agena <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> * revert docker changes (#32944) * AWS Require Region (#32687) * init * update docker * update docker * update docker * RN * fix conflicts * update docker * fix conflicts * Update `demisto/fastapi` 70-100 coverage rate (#32573) * upgrade images * update RN * fix pb parser (#32826) * fix pb parser - test * change xpanse stuff * remove poetry changes * more xpanse changes * fix gr103 * YR/Handle long running pipelines, and commits with no pipelines/CIAC-9386 (#32462) * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkber…
israelpoli
added a commit
that referenced
this pull request
May 15, 2024
* [GCP-IAM] - fix proxy issues (#31076) * sent proxy to test-module & log exception * fix proxy issue * remove None * fix * rn * auto pep8 * rn typo * uts * pre-commit * Update Packs/GCP-IAM/ReleaseNotes/1_0_22.md Co-authored-by: Judah Schwartz <[email protected]> * cr fixes --------- Co-authored-by: Judah Schwartz <[email protected]> * Release notes tag parser for all xsoar mp. (#31090) * added xsoar_saas xsoar_on_prem functionallity to the release notes tag parser * pre commit changes * fixed lint whitespace error * Fix EntryID-related issue for scripts (#30979) * Fix zip file issue using polling * Add release-notes * Fix validation errors * Minor fixes and improvements * Update IAMInitADUser automation * Add a warning if `ZipProtectWithPassword` parameter is not being used * Fix typo * `IAMInitADUser` fixes * Bump Docker versions * Apply code review suggestions * Bump Docker version * Remove timeout value from polling parameters (so that the default value will be used) * [CommonServerPython] Fix Polling Failure If `polling` Parameter is Missing (#31111) * Add default value to `args.get()` * Bump version * Update release-notes message * jira ticket creation impovements (#31105) jira ticket creation improvements #31105 * Added Support for Microsoft Graph Single User integration (#30967) * Added Support for Microsoft Graph Single User integration * fix validation * Update 2_0_15.md * Update Packs/EmailCommunication/ReleaseNotes/2_0_15.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: EyalPintzov <[email protected]> * Xdr ioc to keep troubleshoting (#30163) * trouble shooting version * fixed new command yml * some comments * trouble shooting version * fixed new command yml * new ioc_to_keep schedule method * some comments * fix tz error * added RN * fix validation errors * fixup! fix validation errors * added UT * added UT and log * improved path * fixup! improved path * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.py * Added some documentation * Bump pack from version CortexXDR to 6.0.3. * format the yml and update the docker * fixed the bug when updating an already running integration that does not have the key next_icos_to_keep_time in the integration context * docs * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_3.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Integrations/XDR_iocs/XDR_iocs.yml Co-authored-by: ShirleyDenkberg <[email protected]> * fixed the unit test acording to change in code * fixed the unit test * trim whitespaces --------- Co-authored-by: darbel <[email protected]> Co-authored-by: esharf <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update README.md (#31129) fixed external link * [fileResult] - fix issue with special strings (#31126) * [fileResult] - fix issue with special strings * bump rn * log if ../ is in path * validate file-name is string * add unit-test * bump rn * Rapid7 - Threat Command (IntSights) pack release 3.1.0 (#30954) (#31133) * Changes related to Rapid7 - Threat Command (IntSights) pack release: 3.1.0 * resolved validation errors * Updated the release notes as per the comments * Updated the tab name for the Threat Command Layout --------- Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Adi Daud <[email protected]> * add e2e tests for xsoar-saas (#30231) * add xsoar_ng_end_to_end_job * unify end_to_end and write edl basic test * add file * fix some rules * setup and teardown for xsoar_ng e2e * update readme * conftest changes * update end_to_end_tests script * test enhancments * fix * debug issues * lock * collect tests * lock * lock * try without xsoar * lock * enhance tests and lock * install e2e nessecary packs * add packs in shell * install only specific packs in xsoar-saas * README.md * install hardcoded packs * update * fix collect tests issues * add REASONS_ALLOWING_NO_ID_SET_OR_CONF * fix is_nightly * fail when exit code != 0 * send integration params path as input * enhance e2e echo message * lock * fix get_integration_params * lock2 * sleep * unlock machine sleep + taxii2 server * fix unlock machine * fix " * fixes * sleep in test 2 hours * poetry lock * edl size = 10 * update edl size loc * use new instance * log instance name * existing name * revert poetry * poetry based on latest master * update job to fit newer version * lock * state its long running * try with long-running=true * implement taxii2-server e2e test * pre-commit fixes * add headers * lock * move func to tools.py as its general * docstrings * add support for do_long_running in xsoar_client * docstring * slack sdk * add slack-ask test * test slack ask playbook * add qradar mirroring test * update README and add support for env vars * docstrings * enhancments * update .gitignore * do not make xsoar_ng a package * excplicit implementation * add test_xdr_env * add docstrings * pre-commit * update slackask playbook path * query qradar playbook state before closing offense * assert investigation id * increase playbook query & sleep 5 minutes taxii * merge xsoar_ng_end_to_end to test content * some fixes * make nightly * end-to-end tests inside .run-tests section * try to fix syntax issue * log playbook failure reasons * add support for sourceInstanceName * remove delete context from slack * pre commit * pre-commit * try to fix taxii2 server bug * update taxii2 server test * sleep * comment out waiting for playbook qradar * sleep in case of error taxii2 * qradar * revert taxii2 server + qradar * assert true * revert * update context managers * pre-commit fixes * add logs * create instance update * create folders for content e2e tests * make fixture named xsoar_saas_client * get integration name to func Please enter the commit message for your changes. Lines starting * fixes * pre-commit * export context managers to client_utils * update xsiam e2e to use new client * update readmes * client utils fixes * change log name * add junit support * implement results support for e2e * change name * run e2e in current branch * update job names * update collect tests for testing * do not exit if e2e tests fail * use artifacts folder * fix context * save playbook - change client name * remove playbook for testing * add fi * make e2e test summary to run * ls * try now * change path * file test name * run also playbook results * change log to error * fix syntax error * update get_file to use new file service * remove import * pre-commit * update retry import * do not skip qradar test if incident cannot be found * judah's cr * koby cr * update result names * Empty-Commit * remove irrelevant logs * cr fixes * server_test_reulst renaming * change end_to_end to e2e * revert current job names * add .e2e_test_results job * remove e2e from test_playbooks_results * filter only if nightly * try to ignore pre-commit error * change rules * fix * test * xsoar saas * try now * fix * xsoar-saas e2e job * add conftest * add conftest * add xsoar-saas readme to avoid trigger test-upload * port * Empty-Commit * test integrations * do not test qradar module * Empty-Commit * Empty-Commit * retry on different ports for taxii2-test * remove get json response from taxii2 test * adjust to nightly * pre-commit * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-a…
pal-xmco
pushed a commit
to pal-xmco/content
that referenced
this pull request
Jun 19, 2024
* fix * fix fetch using timestamp * cr notes * adding unify * cr * after meeting with the client fix * after meeting with the client fixing tests 2 * fixing fetching above 2000 indicators * fixing fetching * fixing fetching * adding unify for customer * Bump gitpython from 3.1.40 to 3.1.41 (#32119) * Bump gitpython from 3.1.40 to 3.1.41 Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.40 to 3.1.41. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.40...3.1.41) --- updated-dependencies: - dependency-name: gitpython dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * update pre-commit dependencies --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dorschw <[email protected]> * Bump pillow from 10.1.0 to 10.2.0 (#32356) Bumps [pillow](https://github.com/python-pillow/Pillow) from 10.1.0 to 10.2.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](https://github.com/python-pillow/Pillow/compare/10.1.0...10.2.0) --- updated-dependencies: - dependency-name: pillow dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dorschw <[email protected]> * Notify External PR Merge (#32349) * added new action * Test SK (#32350) * Jira bugfix in edit issue - xsup 31954 (#32041) * Added tests * Updated RNs * Updated docstrings * Updated TPB * Updated command description * Updated RNs --------- Co-authored-by: Anas Yousef <[email protected]> * Update AMPv2.yml --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: Anas Yousef <[email protected]> * Revert "Test SK" (#32352) * Fixed * Update .github/workflows/create-internal-pr-from-external.yml Co-authored-by: RotemAmit <[email protected]> * Update .github/workflows/create-internal-pr-from-external.yml Co-authored-by: RotemAmit <[email protected]> --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: Anas Yousef <[email protected]> Co-authored-by: RotemAmit <[email protected]> * added 'W291, # trailing-whitespace' to pyproject.toml and nightly (#32862) * [greynoise-266] New Pack - FeedGreyNoiseIndicator (#32514) (#32942) * updates * pre-commit and readme * pre-commit * updates * more updates * fix tests * fix tests * fix formatting * fix pack ver check * update tests * fix flake8 and secrets * feedback * updates * feedback updates * fix default feedRep * add notes to docs * update docker image num Co-authored-by: Brad Chiappetta <[email protected]> * Fix CommonServerPython mypy (#32931) * Update docker images of `CommonScript` items (#32938) * Update `demisto/xslxwriter` 70-100 coverage rate (#32763) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/xml-feed` 70-100 coverage rate (#32762) * upgrade images * revert * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/bs4-py3` 70-100 coverage rate (#32741) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version FiltersAndTransformers to 1.2.59. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/bs4-tld` 0-10 coverage rate (#32744) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/btfl-soup` 70-100 coverage rate (#32745) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/netutils` 70-100 coverage rate (#32752) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/nltk` 70-100 coverage rate (#32753) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/pcap-http-extractor` 70-100 coverage rate (#32754) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/python3-deb` 70-100 coverage rate (#32759) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/unzip` 40-55 coverage rate (#32761) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * update RN * Bump pack from version FiltersAndTransformers to 1.2.60. --------- Co-authored-by: Content Bot <[email protected]> * [ASM] EXPANDR-3608: store potential offending firewall rules (#32721) (#32940) * update GCP enrich play * RN * Apply suggestions from code review * update field name and bump ver --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * XSUP-31342 - XDR mirroring changes incident resolution (#32359) * added more debug logs to the mirroring process * more debug logs * updated the schema * added ckose_reason * updated the schema name * updated the outgoing mapper and some debug logs * added RN * Bump pack from version CortexXDR to 6.1.14. * Bump pack from version CortexXDR to 6.1.15. * updated test_get_mapping_fields_command * updated handle_outgoing_issue_closure to use close_reason or closeReason * updated RN and docker image * added a unit test test_handle_outgoing_issue_closure * added RN to core pack and ctf01 pack * Bump pack from version CortexXDR to 6.1.16. * updated the RN * added an incident type to the outgoing mapper and updated the RN --------- Co-authored-by: Content Bot <[email protected]> * Domaintools iris release v2.0.1 (#32880) (#32946) * first pass at fixing proxy use * don't use empty strings * avoid empty string * fix docker tag, add release notes * update release notes with docker image * Update Packs/DomainTools_Iris/ReleaseNotes/2_0_1.md --------- Co-authored-by: Wesley Agena <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> * revert docker changes (#32944) * AWS Require Region (#32687) * init * update docker * update docker * update docker * RN * fix conflicts * update docker * fix conflicts * Update `demisto/fastapi` 70-100 coverage rate (#32573) * upgrade images * update RN * fix pb parser (#32826) * fix pb parser - test * change xpanse stuff * remove poetry changes * more xpanse changes * fix gr103 * YR/Handle long running pipelines, and commits with no pipelines/CIAC-9386 (#32462) * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image …
pal-xmco
pushed a commit
to pal-xmco/content
that referenced
this pull request
Jun 19, 2024
* Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <[email protected]> * NextToken in CommandResults (#30501) * init * new design * added error in case of non nested input * RN * a tad more docs * Bump pack from version Base to 1.32.47. * Bump pack from version Base to 1.32.48. * Bump pack from version Base to 1.32.49. * improved doc-string * resolve conflicts * resolve conflicts * Bump pack from version Base to 1.32.52. --------- Co-authored-by: Content Bot <[email protected]> * demisto-sdk-release 1.24.0 (#31268) * poetry files * update validate manager imports (#31179) * update validate manager imports * revert * Update Tests/configure_and_test_integration_instances.py * Edit file types test (#31170) * edited tests * s * s * edit --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: JudithB <[email protected]> * modified modeling rules of clearswift dlp (#31247) * modified modeling rules of clearswift dlp * modified the parsing rule of clearswiftdlp * Added release notes. * added dlp to pack ignore * added Clearswift to pack ignore * QRadar: continue to poll in case of networking issues (#31084) * Generalize the mode option in pre-commit (#30663) * args updated to match the update in the sdk * add merge-coverage-report and coverage-analyze * updaing pyproject.toml * poetry lock * restoring pyproject.toml and poetry.lock * pre-commit.yml * updates * test comment * use sdk ref * if * add github output * revert ilan changes * merge-pytest-reports --------- Co-authored-by: ilan <[email protected]> * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#31190) * EXPANDR-1576 CortexXpanse Remediation Guidance changes (#30712) * CortexXpanse RG changes * Fix flake8 errors * Fix unit test cases * Update docker version * update command name * Readme updates * docker update * Ignore BC error * fix packignore * Update release notes * update breaking change notes * update breaking change notes * correct RN --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: ilappe <[email protected]> * Feature/cyberint enhancement (#31252) * Feature/cyberint enhancement (#30493) * Update Docker Image To demisto/py3-tools (#25523) * Updated Metadata Of Pack FeedAWS * Added release notes to pack FeedAWS * Packs/FeedAWS/Integrations/FeedAWS/FeedAWS.yml Docker image update * update Cyberint Pack * update release note and incidentfields * update CommonType release note * update CommonType relesenotes * update CommonType relese notes * update CyberInt Related entity name * update release notes * add new incident field: Alert Data * foramt alert_data * update CyberInt Related Entity name to avoid validation errors * reset the CyberInt Related Entity name * update incident field name * Update 3_3_93.md * pre commit update docker * added known words * fixed the RN * known words --------- Co-authored-by: TalGumi <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: okarkkatz <[email protected]> * [xsoar-8 coverage] - use poll functions from SDK clients (#31144) * update poetry * use poll functions * test against builds * try to fix ssl issue * timeout = 300 + verify ssl * fix ssl issues * fix incident pull * fix * make verify=false by default * fix ports bug * use sdk master * revert poetry * revert infra used for testing * [CrowdStrike Falcon Intel v2] Fixed an issue in 'cs-actors' and 'cs-reports' commands (#31265) * Fix the 'NoneType' object is not iterable issue * ruff * Update the docker image; Add RN * Update Packs/CrowdStrikeIntel/ReleaseNotes/2_0_34.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * oncall- installation orders (#31253) * test * test * revert debugs * pre-commit --------- Co-authored-by: Jas Beilin <[email protected]> * Core rest api docs fix (#31262) * Improved descriptions. * Added docs * Added rn. * Changed i.e to e.g * bugfix/XSUP-30713/port-scan-pb-issue-incident-failure (#31154) * Fix playbook input's default value, change to not required, add check for value not empty * Update playbook image * Update release notes * Bump pack from version CortexXDR to 6.0.5. * Moved InternalIPRanges input check to better location * Fix review comments --------- Co-authored-by: Content Bot <[email protected]> * [PagerDuty v2] Added Support For Pagination (#30959) * commit init - lint and type annotation * typing * pagination function and some typing * fix api limit and pagination * added UT and test_data * added RN and description for args * generate readme * update docker * added UT * fix flake8 * more docstring, one more UT, fix send unnecessary parameters * fix f-string * fix pep8 * revert copy * fix parameters name * docs review * update docker * [ASM] EXPANDR 7225 - Update Ev1 Integration Display Name (#31234) (#31276) * Update Display Name * Update release notes * Update docker image and add period to descriptions Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Update Docker Image To demisto/python3 (#31286) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Add XSOAR_SAAS section to EDL description (#31264) * add XSOAR_SAAS section to EDL description * update RN * [XSUP 30575] Added full fields query param (#31272) * get indicators full fields data * pre-commit * release notes * tests and CR fixes * Update Packs/FeedCrowdstrikeFalconIntel/ReleaseNotes/2_1_13.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Dan Tavori <[email protected]> * Update Docker Image To demisto/boto3py3 (#31287) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31288) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31290) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31289) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/armorblox (#31291) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/crypto (#31292) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/sixgill (#31293) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/carbon-black-cloud (#31295) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31294) * Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * MS IIS Update2 (#31256) * Updated MicrosoftIISWebServerModelingRules_1_3 * Updated ModelingRules filters * Updated ModelingRules filters * Updated ReleaseNotes * Upated ReleaseNotes * CrowdStrikeFalconX-genreic-polling (#31189) * old playbooks deprecated and new one added * readme file edited * set the interval from the inputs * fixes for release notes * added extensions to known words * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/ReleaseNotes/1_2_37.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_File_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * minor fixes for description * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CrowdStrikeFalconX/Playbooks/Detonate_URL_-_CrowdStrike_Falcon_Intelligence_Sandbox_v2.yml Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Add Symantec MSS to ignored items (#31296) * [XSUP 30870] Added full fields option for cs-actors and cs-reports commands (#31271) * Added the display_full_fields argument * pre-commit * release notes * tests and CR fixes * resolve conflict * pre-commit * CR fixes * docker * pre-commit * add myself as codeowner (#31314) * ORKL Feed Integration 1.0.0 Initial Release (#31166) * ORKL Feed Integration 1.0.0 Initial Release (#31101) Co-authored-by: Martin Ohl <[email protected]> * [VirusTotal] Add suspicious threshold (#31220) * [VirusTotal] Add suspicious threshold (#31021) * fixing CimTrak_test.py unit tests (#31308) fixing CimTrak_test.py unit tests #31308 * Add new command and bug fix. (#31311) * Anomali ThreatStream v3 - Fix threatstream-get-indicators command (#31269) * fix get_indicators method * update RN * update docker * update test * update test * update get_indicators method * update RN * Update Packs/Anomali_ThreatStream/ReleaseNotes/2_2_9.md Co-authored-by: ShirleyDenkberg <[email protected]> * update docker * update docker --------- Co-authored-by: ShirleyDenkberg <[email protected]> * SentinelOne v2: Add 2 new commands (#31312) * fixing jira file attachments (#31297) fixing jira file attachments, fixing mapping of newly created tickets #31297 * CiscoSMA Update (#31315) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * updated docs (#31192) * updated docs * running pre-commit and docker * docker update * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * remove package-lock file * cr note * Update Packs/MicrosoftGraphDeviceManagement/ReleaseNotes/1_1_20.md Co-authored-by: EyalPintzov <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: EyalPintzov <[email protected]> * Fix an issue when there is only one incident in fetch_incidents powershell (#31267) * added -AsArray * updated the docker image and added . * RN * unit tests and docker image * rn * docker image and release notes * Update Packs/Base/ReleaseNotes/1_32_53.md Co-authored-by: EyalPintzov <[email protected]> * updated the unit tests --------- Co-authored-by: EyalPintzov <[email protected]> * Get Entity Alerts by MITRE Tactics - Performance Improvements (Refactor) (#31232) * Added playbooks * New playbooks images, formatted playbooks, and added RN * Updated pb image to be in light mode * Further improvements to playbooks, updated docs, and updated playbook images * Bump pack from version CortexXDR to 6.0.6. * Changed alert to incident to fix validation * Descriptions --------- Co-authored-by: Content Bot <[email protected]> * fix for sdk nightly e2e tests (#31310) * [qradar-v3] - handle connection errors (#31246) * [qradar-v3] - handle connection errors * add uts * bump rn * remove irrelevant imports * update code * timeout = 300 * bump rn * update implementation * docker image * fixes * remove imports * rn * update debug-message * update log * fix docker-image * fix ut * oncall-sdk-nightly-create-xsoar-instance (#31300) * overwrite the filter env file * remove space * remove print * Update .gitlab/ci/.gitlab-ci.on-push.yml Co-authored-by: Koby Meir <[email protected]> --------- Co-authored-by: Koby Meir <[email protected]> * [ASM] - EXPANDER 7238 - Jira Playbook Support for V2 and V3 Project Key (#31273) (#31322) * Add support V2 and V3, remove default project key - Add data collection task for customer - Leave Jira Project Key input as blank - Add support for project key passed into Jira V2 and V3 integrations * Add release notes * Update Playbook ReadMe * Add task description * Update release notes Co-authored-by: John <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Support contributions when the name of the repo isn't content (#31320) * update handle_external_pr.py * set repo_name arg as optional * Oncall sdk nightly create xsoar instance (#31324) Oncall sdk nightly create xsoar instance #31324 * CIAC-4556/xdr-remote-psexec-lolbin-command-execution-playbook (#29092) * Add playbook and readme files * Add updated files * Add playbook image * Update release notes * Fix validation error * Bump pack from version CortexXDR to 5.1.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add CommandLine verdict to layout * Update according to demo review comments * Bump pack from version CortexXDR to 5.2.0. * Bump pack from version CortexXDR to 5.2.0. * Add field for cmd line verdict * Update layout * Fix review comments * Update from master * Update Packs/CortexXDR/ReleaseNotes/5_2_0.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/5_2_0.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Fix review comments and validations * Apply suggestions from code review Fix docs review Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/playbook-Cortex_XDR_-_Remote_PsExec_with_LOLBIN_command_execution_alert.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Fix review comments * Remove duplicate task for alert details, update playbook image * Fix skipifunavailable validations and update release notes * Fix review comments * Update release notes * Update release notes * Bump pack from version CortexXDR to 5.2.0. * Fix review comments * Update release notes * Bump pack from ve…
pal-xmco
pushed a commit
to pal-xmco/content
that referenced
this pull request
Jun 19, 2024
* Mcafee WebGW Mapping (#32709) * Updated ModelingRules ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated README * Updated README * Updated yml name and id * Updated README * Reverted RN * Updated ReleaseNotes * Updated ReleaseNotes * [SevriceManager] better error message (#32742) * better error message * Update Packs/HPE_Service_Manager/ReleaseNotes/1_0_6.md * fix validate * Update pack_metadata.json (#32725) * Update pack_metadata.json Added missing word in the description * Update Packs/DragosWorldview/pack_metadata.json Co-authored-by: Israel Lappe <[email protected]> --------- Co-authored-by: Israel Lappe <[email protected]> * [VirusTotal] Return DBotScore and fix suspicious threshold (#32677) (#32740) * fix(commands): Always return score * Add error file output * Fix test * Update pack_metadata * Update docker image * Add tests * Update Packs/VirusTotal/ReleaseNotes/2_6_17.md * Update Packs/VirusTotal/ReleaseNotes/2_6_17.md * given-when-then docs --------- Co-authored-by: Pablo Pérez <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> * JSON Feed - Remove ports from IPv4s Indicators (#32223) * add parameter * Parameter to remove ports * RN * yml fixes * RN * small fix * RN * cover * Apply suggestions from code review Co-authored-by: Arad Carmi <[email protected]> * Bump pack from version FeedMalwareBazaar to 1.0.38. * Bump pack from version FeedGCPWhitelist to 2.0.38. * Bump pack from version AccentureCTI_Feed to 1.1.35. * Bump pack from version FeedAWS to 1.1.49. * Update FeedJSON.yml * docker bump * RN * Apply suggestions from code review Doc review Co-authored-by: ShirleyDenkberg <[email protected]> * Fixed test PB * RN --------- Co-authored-by: Arad Carmi <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * MS Teams send-notification command bug (#32531) * fixed a bug in teams where send-notification failed to send messages in GUID format * added rn * updated docker, added unit test * added doc * m * added unit test * added unittest in ms teams * uodated the code * removed comment * added test to ms teams ask * fixed tests * removed comment * minor doc update * update after build failed * Update Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams.py Co-authored-by: dorschw <[email protected]> * Update Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py Co-authored-by: dorschw <[email protected]> * Update Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py Co-authored-by: dorschw <[email protected]> * Update Packs/MicrosoftTeams/Integrations/MicrosoftTeams/MicrosoftTeams_test.py Co-authored-by: dorschw <[email protected]> * Apply suggestions from code review * updated do * fixed precommit issues --------- Co-authored-by: dorschw <[email protected]> * New pack for Ivanti vulnerabilities (#32703) * New pack for Ivanti vulnerabilities * New pack for Ivanti vulnerabilities * update RN of the main Rapid pack * review fixes * add the UseReputationCommand input * review fixes * review fixes * review fixes * update RN * review fix * update RN * update RN * update RN * update RN * update RN * update RN * Improve create clickable URL (#31584) * Add the ability to create a clickable url with different text than the link * RN * revert * added a modeling rule (#22875) * added a modeling rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * added a parsing rule * Update README.md (#23810) Edit the file to remove duplication of command names in the right pane. * Modeling rules fixes (#24259) * save * save no exit_code * save not fail on test-modeling-rules * remove ciscoasa changes * Update Docker Image To demisto/chromium (#24291) * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml Docker image update * Deprecated GitHub TestData (#31573) * CR fixes * UT fixes * revert f-string * conflicts * pack version * conflicts * doc * conflicts * Bump pack from version Base to 1.34.0. * conflicts * RN * remove parameterize * Bump pack from version Base to 1.33.26. * pre-commit fixes --------- Co-authored-by: guytamir10 <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Darya Koval <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: eepstain <[email protected]> Co-authored-by: Content Bot <[email protected]> * XSUP 31502 - Gmail - Update the time parsing during the fetch-incidents process (#32431) * updated get_occurred_date to return the smaller of the header time and internalDate in utc * base_time to occured * added more debug logs for the body of the msg * RN and pack version update * updated the failing tests * pre-commit updates * docker image update * updated the unit test test_get_occurred_date * pre-commit updates * cr updates * Bambenek Consulting Adoption (#32738) (#32743) * Bambenek Consulting Adoption * Update 1_2_1.md * update releasnotes.md file Co-authored-by: Rambatla Venkat Rao <[email protected]> Co-authored-by: Yuval Cohen <[email protected]> * fix * fix * Fix an issue on AWS-GuardDuty (#32685) * fix bug * update RN * add UT * update docker * fix UT * update RN * Update Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty_test.py --------- Co-authored-by: dorschw <[email protected]> * CIAC-8712/generic-sql (#32729) * playbook fixes * fix CR * cr review * cr review * Add pyzbar to ReadQRCode (#32556) * init * multiple codes * working * update docker * CR changes * added pipe redirect * RN * update gitignore * Web file repository - Updated the UI (#32731) (#32773) * Merge * revert package-lock.json * Updated the UI to improve security for priventing cross site scripting. * Update RN * Update RN * Update 1_0_25.md --------- Co-authored-by: Masahiko Inoue <[email protected]> Co-authored-by: Yuval Cohen <[email protected]> * CIAC-9020 adding 3 new commands to prisma cloud compute (#32303) * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * CIAC-9020 adding 3 new commands to prisma cloud compute * fix * fix files * fix files * add docstring * Bump pack from version CortexXDR to 6.1.14. * Bump pack from version CortexXDR to 6.1.15. * cr without dups fix * cr fixing tests * Bump pack from version CortexXDR to 6.1.16. * fix * fix * fix_unit tests * remove null * fix * fix * fix * demo notes * cr * cr * Fix type issue in CommandResult input tags (#32794) * Fixed type error * Updated the RN * updated RN * Aws data lake fix yml (#32870) * fixed path yml * fix * fix * breaking * rn * Fixing Mandiant ASM Issue Status Sync (#32767) (#32920) * Fixing ASM issue status not syncing from ASM into XSOAR * Bumping version * Metadata * Punctuation * Update Packs/MandiantAdvantageAttackSurfaceManagement/ReleaseNotes/1_0_5.md * docker update --------- Co-authored-by: Christopher Hultin <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: YuvHayun <[email protected]> * GCP-EXPANDR-3608: Determine potential offending firewall rules (#32795) * GCP-EXPANDR-3608: Determine potential offending firewall rules (#32678) * dl script * GCP-Enrich play * formatting and start unittest * more tests and RN * add screenshot * update pack README * increase test coverage * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Apply suggestions from code review Co-authored-by: Shmuel Kroizer <[email protected]> * update function names * pre-commit changes * Update Packs/GCP-Enrichment-Remediation/Scripts/GCPOffendingFirewallRule/GCPOffendingFirewallRule.py Co-authored-by: Shmuel Kroizer <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> * update docker * some improve * revert * Update Packs/GCP-Enrichment-Remediation/Scripts/GCPOffendingFirewallRule/GCPOffendingFirewallRule.py --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> * Dev Container and Codespace - fix docker in docker (#32863) * Taxii 2 feed bug (#32783) * added logs * added logs * logs * applied a fix to duplicates * fixed the fix * added unittests * reverted changed id * reverted changes in api module * added rn * fixes for the logs * added typing hints * updated docker image * updated docker image * changed the lasted_indicators to contain only the id and the modified date * fixed the unittests and handled dummy indicators * added log * fixed unittest * fixed unittest * revert * Bump pack from version FeedTAXII to 1.2.6. * editd after cr * rn * fixed for flake8 --------- Co-authored-by: Content Bot <[email protected]> * removed files (#32937) * [Marketplace Contribution] Common Scripts - New Script IsNotInCidrRanges (#32854) * [Marketplace Contribution] Common Scripts - New Script IsNotInCidrRanges (#32120) * "contribution update to pack "Common Scripts"" * Update Packs/CommonScripts/ReleaseNotes/1_14_0.md * Updated based on recommendations * chmode +x ping file * revert * revert * revert * move the PR to filters and transformers * move RN * Update Packs/FiltersAndTransformers/Scripts/IsNotInCidrRanges/IsNotInCidrRanges.yml * update docker * revert yml * add docstring * fix RN * change the docker to python3:3.10 * update the description that the script support only ipv4 * update docker to demisto/python3:3.10.12.63474 * added UT * update docker to demisto/python3:3.10.13.87159 * added test playbook * demisto-sdk format * Update Packs/FiltersAndTransformers/ReleaseNotes/1_2_58.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/FiltersAndTransformers/Scripts/IsNotInCidrRanges/IsNotInCidrRanges.yml Co-authored-by: ShirleyDenkberg <[email protected]> * update version * revert conf.json * update RN --------- Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: amontminypa <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * conf.json added test playbook * "fromversion": "6.10.0" * revert * Update Packs/FiltersAndTransformers/TestPlaybooks/playbook-TestIsNotInCidrRanges.yml --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: amontminypa <[email protected]> Co-authored-by: Shmuel Kroizer <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * [TestIsNotInCidrRanges] Added Test Playbook To The Conf File (#32919) * added test playbook to conf.json * Update Tests/conf.json * Unisolate generic playbook enhancement (#32873) * added inputs * RN update * edited the description of the input * RN update * [IBM QRadar] Fix W291 Trailing whitespace (#32855) * fix w291 * added RN * Bump gitpython from 3.1.40 to 3.1.41 (#32119) * Bump gitpython from 3.1.40 to 3.1.41 Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.40 to 3.1.41. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.40...3.1.41) --- updated-dependencies: - dependency-name: gitpython dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * update pre-commit dependencies --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dorschw <[email protected]> * Bump pillow from 10.1.0 to 10.2.0 (#32356) Bumps [pillow](https://github.com/python-pillow/Pillow) from 10.1.0 to 10.2.0. - [Release notes](https://github.com/python-pillow/Pillow/releases) - [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst) - [Commits](https://github.com/python-pillow/Pillow/compare/10.1.0...10.2.0) --- updated-dependencies: - dependency-name: pillow dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dorschw <[email protected]> * Notify External PR Merge (#32349) * added new action * Test SK (#32350) * Jira bugfix in edit issue - xsup 31954 (#32041) * Added tests * Updated RNs * Updated docstrings * Updated TPB * Updated command description * Updated RNs --------- Co-authored-by: Anas Yousef <[email protected]> * Update AMPv2.yml --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: Anas Yousef <[email protected]> * Revert "Test SK" (#32352) * Fixed * Update .github/workflows/create-internal-pr-from-external.yml Co-authored-by: RotemAmit <[email protected]> * Update .github/workflows/create-internal-pr-from-external.yml Co-authored-by: RotemAmit <[email protected]> --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: Anas Yousef <[email protected]> Co-authored-by: RotemAmit <[email protected]> * added 'W291, # trailing-whitespace' to pyproject.toml and nightly (#32862) * [greynoise-266] New Pack - FeedGreyNoiseIndicator (#32514) (#32942) * updates * pre-commit and readme * pre-commit * updates * more updates * fix tests * fix tests * fix formatting * fix pack ver check * update tests * fix flake8 and secrets * feedback * updates * feedback updates * fix default feedRep * add notes to docs * update docker image num Co-authored-by: Brad Chiappetta <[email protected]> * Fix CommonServerPython mypy (#32931) * Update docker images of `CommonScript` items (#32938) * Update `demisto/xslxwriter` 70-100 coverage rate (#32763) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/xml-feed` 70-100 coverage rate (#32762) * upgrade images * revert * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/bs4-py3` 70-100 coverage rate (#32741) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version FiltersAndTransformers to 1.2.59. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/bs4-tld` 0-10 coverage rate (#32744) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/btfl-soup` 70-100 coverage rate (#32745) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/netutils` 70-100 coverage rate (#32752) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/nltk` 70-100 coverage rate (#32753) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/pcap-http-extractor` 70-100 coverage rate (#32754) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/python3-deb` 70-100 coverage rate (#32759) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * Update `demisto/unzip` 40-55 coverage rate (#32761) * upgrade images * update RN * Bump pack from version CommonScripts to 1.13.34. * Bump pack from version CommonScripts to 1.13.35. * Bump pack from version CommonScripts to 1.13.36. * Bump pack from version CommonScripts to 1.13.37. * Bump pack from version CommonScripts to 1.13.38. * Bump pack from version CommonScripts to 1.13.39. * revert RN --------- Co-authored-by: Content Bot <[email protected]> * update RN * Bump pack from version FiltersAndTransformers to 1.2.60. --------- Co-authored-by: Content Bot <[email protected]> * [ASM] EXPANDR-3608: store potential offending firewall rules (#32721) (#32940) * update GCP enrich play * RN * Apply suggestions from code review * update field name and bump ver --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * XSUP-31342 - XDR mirroring changes incident resolution (#32359) * added more debug logs to the mirroring process * more debug logs * updated the schema * added ckose_reason * updated the schema name * updated the outgoing mapper and some debug logs * added RN * Bump pack from version CortexXDR to 6.1.14. * Bump pack from version CortexXDR to 6.1.15. * updated test_get_mapping_fields_command * updated handle_outgoing_issue_closure to use close_reason or closeReason * updated RN and docker image * added a unit test test_handle_outgoing_issue_closure * added RN to core pack and ctf01 pack * Bump pack from version CortexXDR to 6.1.16. * updated the RN * added an incident type to the outgoing mapper and updated the RN --------- Co-authored-by: Content Bot <[email protected]> * Domaintools iris release v2.0.1 (#32880) (#32946) * first pass at fixing proxy use * don't use empty strings * avoid empty string * fix docker tag, add release notes * update release notes with docker image * Update Packs/DomainTools_Iris/ReleaseNotes/2_0_1.md --------- Co-authored-by: Wesley Agena <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> * revert docker changes (#32944) * AWS Require Region (#32687) * init * update docker * update docker * update docker * RN * fix conflicts * update docker * fix conflicts * Update `demisto/fastapi` 70-100 coverage rate (#32573) * upgrade images * update RN * fix pb parser (#32826) * fix pb parser - test * change xpanse stuff * remove poetry changes * more xpanse changes * fix gr103 * YR/Handle long running pipelines, and commits with no pipelines/CIAC-9386 (#32462) * Fix GetIndicatorDBotScoreFromCache to handle better a special character (#31070) * a fix and a test * docker image update * added rn * Bump pack from version CommonScripts to 1.12.47. * unit test fix * unit test fix * unit test fix * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Update Packs/CommonScripts/ReleaseNotes/1_12_49.md Co-authored-by: Dan Tavori <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * change pack support to community (#31110) * change pack support to community * first level header so im told * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> * Update Packs/DeveloperTools/ReleaseNotes/1_3_0.md Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> * removed GIT_DEPTH (#31141) * support multiple entry ids in ImageOCR (#31145) * Fix taxi feed observables extraction (#31120) * fixed an isssue where taxi feed will fail to retreive all indicators due to wrong extraction from XML blocks. * added rn * update docker * update test_data * add secret to secrets ignore * [transformers] Enhance to be more durable #2 (#31063) * ExtractDomainAndFQDNFromUrlAndEmail * ExtractEmailV2 * ruff fix * FormatURL * Bump pack from version CommonScripts to 1.12.47. * Bump pack from version CommonScripts to 1.12.48. * Bump pack from version CommonScripts to 1.12.49. * Added unit tests * Update the docker image * Bump pack from version CommonScripts to 1.12.50. * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update Packs/CommonScripts/ReleaseNotes/1_12_50.md Co-authored-by: Dean Arbel <[email protected]> * Update the RN * Update the docker image * empty * Skip "FormattingPerformance - Test" TPB in XSOAR 8 --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: Dean Arbel <[email protected]> * Sleep w/ Polling (#30661) add polling mechanism to sleep upon crossing polling_threshold * Update shift management scripts (#31130) * fixed the bug and added unit tests * updated docker image * RN * updated docker image * cr updates * EWS rule commands - MS graph python integrations (#30943) Co-authored-by: ShirleyDenkberg <[email protected]> * MS IIS Update (#31132) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Anomali ThreatStream change DBot verdict from Benign to Unknown for Low Confidence Indicators (#30993) (#31151) * change DBot verdict from Benign to Unknown for Low Confidence Indicators Indicators found in Anomali that are below Confidence thresholds should be created as Unknown and not Benign. Anomali ThreatStream documentation regarding Confidence https://ui.threatstream.com/optic-doc/Content/Features/threat_model/Observables/details_indicator.htm Confidence - Confidence indicates the certainty that an observable exhibits or is connected to malicious behavior. If Anomali has indicators with low Confidence, that doesn't mean the indicator is Benign/Safe. It means Anomali is unsure that the indicator is Malicious and as such the more appropriate verdict in XSOAR should be Unknown. * add indicator_default_score param * changed values to Benign and Unknown * update README and RN * update RN * update docker set required to false * update docker * fix docs comments --------- Co-authored-by: zdrouse <[email protected]> Co-authored-by: adi88d <[email protected]> Co-authored-by: Adi Daud <[email protected]> * generate empty junit files (#31153) * Update 1_6_0.json (#31164) * fix splunkpy splunk_submit_event_hec_command string issue (#30978) * fix splunkpy splunk_submit_event_hec_command string issue * test * add fix * update rn * [xsoar saas] - fix ports taxii2 e2e (#31163) * Hello world saas (#30901) * added a new incident field only for saas mp * added an incident field to xsoar_saas only for demonstration * format incident field * format incident field * added saas word to known words * version * merge with master * fixed the xsoar_saas end tag * Added tests to validate result * modified RN * pre commit changes * RN tags * ignoe long line * MS IIS README (#31158) * Updated README * Updated README * Fixes For IP Enrichment Playbooks (#31114) * Fixes For IP Enrichment Playbooks * RN * Removed the mapping rule from both playbooks. Updated the default value of the internal range playbook input according to RFC 1918. * Removed the value of 'UseReputationCommand' playbook input and fixes the YML files * Fixed RN * Removed the value set for the 'UseReputationCommand' sub-playbook input. Re-added the default value for 'UseReputationCommand' playbook input * skip ThreatStream-Test (#31172) * [transformers] Enhance to be more durable (#30897) [transformers] Enhance to be more durable * Fixes For 'Email Address Enrichment - Generic v2.1' (#31122) * Fixes For 'Email Address Enrichment - Generic v2.1' * Re-added the test playbook and marketplace configs to the playbook YML file * changed the 'domain' playbook input value * removed the 'domain' playbook input value and added RN * Fixed RN * Bump pack from version CommonPlaybooks to 2.4.34. --------- Co-authored-by: Content Bot <[email protected]> * DisplayMappedFields - Fix dark mode text color (#31085) * removed the hardcoded color * removed the hardcoded color * update RN * update docker image * Bump pack from version CommonScripts to 1.12.48. * Unittest fixes * Bump pack from version CommonScripts to 1.12.49. * Unittest fixes * Bump pack from version CommonScripts to 1.12.50. * Bump pack from version CommonScripts to 1.12.51. * Bump pack from version CommonScripts to 1.12.52. * Bump pack from version CommonScripts to 1.12.53. --------- Co-authored-by: Content Bot <[email protected]> * Updated the layout to exclude integration incident fields that are not pertinent to Vectra XDR (#31127) (#31182) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: MLainer1 <[email protected]> * Taxii2 server relationship bug (#31162) * [taxii2-server] - code fixes * bump rn * docker update * remove debug-log because may wanted * [ASM] EXPANDER-7096 - ASM Remediation Guidance Fields (#30955) (#31178) Co-authored-by: John <[email protected]> Co-authored-by: Adi Daud <[email protected]> * Created pack for F5 BIG-IP APM (#31017) * Created pack for f5 apm * Added modeling rule files. * adding modeling rules and schema. * modified modeling rules * update yml file for modeling rule. * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/F5APM/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * update readme. * Modified the read me file. --------- Co-authored-by: ShirleyDenkberg <[email protected]> * HelloWorld - delete old classifier (#31185) * Add support for is array for rep commands (#31169) * added support for isArray for python Xsoar supported reputation commands * added rn * Empty-Commit * python files fixes * fix docker issue * cr fixes * added logs and cache fix (#30577) * added logs and cache fix * Fixed another executeCommand results handling. * Updated docker image * Added rn * Update Packs/Phishing/ReleaseNotes/3_6_2.md Co-authored-by: Dan Tavori <[email protected]> * Update Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.py --------- Co-authored-by: Dan Tavori <[email protected]> * Add support for is array for rep commands js (#31184) * JS files fixes * added rn * pre commit fixes * pre commit fixes * cr fixes * xsiam-avaya-siem-content-ciac-8502 (#31128) * init-pack * modeling-rules * add-docs * fix-pid-parsing * fix-README.md * Fixed For Endpoint Enrichment Playbooks (#31147) * Fixed For 'Endpoint Enrichment - Generic v2.1' Playbook * RN * RN * Fixes for Endpoint_Enrichment_-_Generic_v2.1_6_8 playbook * Bump pack from version CommonPlaybooks to 2.4.34. * Bump pack from version CommonPlaybooks to 2.4.35. * Fixed version for 'Endpoint Enrichment - Generic v2.1.6.8' playbook * Fixes for 'Endpoint Enrichment - Generic v2.1' playbook * Revert changes in 'Endpoint Enrichment - Generic v2.1' playbook --------- Co-authored-by: Content Bot <[email protected]> * Update Docker Image To demisto/python3 (#31198) * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31199) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/armorblox (#31203) * Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update * Update Docker Image To demisto/py3-tools (#31201) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * Update Docker Image To demisto/oci (#31202) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/accessdata (#31200) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/carbon-black-cloud (#31206) * Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update * Update Docker Image To demisto/taxii2 (#31205) * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update * Update Docker Image To demisto/crypto (#31204) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Update Docker Image To demisto/opnsense (#31208) * Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update * Update Docker Image To demisto/auth-utils (#31207) * Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update * commit --------- Co-authored-by: israelpolishook <[email protected]> * Update Docker Image To demisto/ippysocks-py3 (#31211) * Updated Metadata Of Pack Whois * Added release notes to pack Whois * Packs/Whois/Integrations/Whois/Whois.yml Docker image update * Update Docker Image To demisto/python3 (#31214) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Update Docker Image To demisto/boto3py3 (#31215) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/accessdata (#31216) * Updated Metadata Of Pack Exterro * Added release notes to pack Exterro * Packs/Exterro/Integrations/Exterro/Exterro.yml Docker image update * Update Docker Image To demisto/oci (#31218) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/py3-tools (#31217) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack JARM * Added release notes to pack JARM * Packs/JARM/Integrations/JARM/JARM.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update * CortexXDRIR-generic-polling (#31082) * - Added new playbook for quarantine_file - Old playbook deprecated - New image added * release notes added * - New playbook for _Retrieve_File_Playbook_v2 created - Old playbook _Retrieve_File_Playbook deprecated - Image was added * Release notes were added * Changed the name of the playbook * Readme file added * Added image * fixed image location in readme file * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_v2.yml Co-authored-by: Sasha Sokolovich <[email protected]> * Bump pack from version CortexXDR to 6.0.4. * Removed unnecessary tests * Readme files were updated * Fixes for the playbooks * fixed Tests/conf.json file * image issue fixed * Added new images * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/ReleaseNotes/6_0_4.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_Retrieve_File_Playbook_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CortexXDR/Playbooks/Cortex_XDR_-_quarantine_file_v2_README.md Co-authored-by: ShirleyDenkberg <[email protected]> * PR fixes - new condition to check if the task finished successfully * release notes updated * image path fixed * Added new outputs for playbook * release notes updated * fix * readme files fixed * image issue * image issue * fix * fix * fix * fix * uploaded new playbook because of the image issue * fix for image issue * delete photo * fixes * test playbooks fixed * test playbooks removed --------- Co-authored-by: Sasha Sokolovich <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/crypto (#31219) * Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * update pack ignore (#31193) * Slack event collector: fixed an issue where we get a Bad Request error (#31135) * fixed an issue where we get a Bad Request error. * pre-commit * added test * fixed Flake8 error * fixed cr comments * fixed cr comments * update Docker image * YR/Remove-fields-with-one-letter-DBotFindSimilarIncidents/XSUP-29299 (#31161) * fixes * code and test * remove Json feed from this pr * test * note * pre commit * RN * CR and Flake8 * format * pre commit * Fixes For 'URL Enrichment - Generic v2' Playbook (#31195) * Fixes For 'URL Enrichment - Generic v2' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. --------- Co-authored-by: Content Bot <[email protected]> * F5 APM Remove XSIAM tags (#31221) * remove ls from test_e2e_results.sh (#31186) * [IsEmailAddressInternal] Fix an issue with **domain** argument (#31222) * First commit * Added RN * Update Packs/CommonScripts/ReleaseNotes/1_12_54.md Co-authored-by: Dean Arbel <[email protected]> --------- Co-authored-by: Dean Arbel <[email protected]> * Deprecate 'Get endpoint details - Generic' Playbook (#31196) * Deprecate 'Get endpoint details - Generic' Playbook * RN * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. --------- Co-authored-by: Content Bot <[email protected]> * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan'… (#31197) * Replacing the deprecated sub-playbook within the 'NGFW Internal Scan' XSIAM playbook * RN * [Marketplace Contribution] CISO Metrics (#30641) (#31213) * "pack contribution initial commit" * Update pack_metadata.json * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CISO_Metrics.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json Rename to CommunityCommonDashboards * Update pack_metadata.json Renamed "name": "CommunityCommonDashboards" * Update README.md Added description * Update README.md * Update and rename README.md to README.md * Rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json * Rename .pack-ignore to .pack-ignore * Rename .secrets-ignore to .secrets-ignore * Rename pack_metadata.json to pack_metadata.json * Update .pack-ignore * Update pack_metadata.json * Update .pack-ignore * Update and rename dashboard-98f353a2-312b-49f2-8e58-d71f60daf3a7-CommunityCommonDashboards.json to CISOMetrics.json Renamed to CISOMetrics * Update pack_metadata.json * Update pack_metadata.json * Update README.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: David Uhrlaub <[email protected]> * Cybereason xsoar v 2.1.14 (#30647) (#31225) * added v2.1.14 codebase * fix pr comments * replace dummy md5 placeholder * Update Packs/Cybereason/Integrations/Cybereason/Cybereason.py * updated docker image python version * updated release notes docker version * added pagination params * updated docker image * fix lint errors * fix demisto validate errors * updated release notes * updated release notes * updated release notes * updated command name as per PR comment * removed manual filtering for response * updated function name to match the command name format * updated unit test as per new command name * added machinename filter to api query * moved empty output message to the top * updated docker image tag to latest * undo changes from unisolate endpoint playbook --------- Co-authored-by: suraj-metron <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * fixed polling support (#30873) * fixed polling support * fixed rn * added rn * added rn * XSUP-30786/Fix (#31168) * Added failing UT * Fixed the issue * Updated docker image * Updated RN * Update Packs/PAN-OS/ReleaseNotes/2_1_15.md Co-authored-by: Dan Tavori <[email protected]> * Updated the bug fix and the UT * updated docker image --------- Co-authored-by: Dan Tavori <[email protected]> * rewrite to js FirstArrayElement and LastArrayElement (#31228) * rewrite to js * added tpb * added empty test case to tpb * precommit fixes * change fromversion so build wont fail * Enable Core REST API with general XSIAM endpoints (#31226) * mostly works * added release notes * fixes from review * F5 APM fixed the marketplace build failure (#31236) * F5 APM Remove XSIAM tags * fix marketplace error * Add incidents field (#30393) (#31233) * add rawJSON field to incidents * release notes * update docker image tag * nit * fetching incident details * mapper + incident fields * remove incorrect incident field files * new incident field files, new mapper * sdk validate command changes * update release noteS * validation errors * fix validation errors * undo release notes changes * undo release notes change * undo release notes * undo release notes * undo release notes * nit * new release notes * remove playbook id * update docker image tag * revert release notes * revert RN * nit- remove filters used for testing * add details field to threats * remove try/except blocks * changing version * Update Abnormal_Security_Custom_Incident_types.json change from version * nit - remove changes used for demo * updating docker image * update docker image tag --------- Co-authored-by: William Olyslager <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> * Update Docker Image To demisto/python3 (#31242) * Updated Metadata Of Pack CIRCL * Added release notes to pack CIRCL * Packs/CIRCL/Integrations/CirclCVESearch/CirclCVESearch.yml Docker image update * Updated Metadata Of Pack ipinfo * Added release notes to pack ipinfo * Packs/ipinfo/Integrations/ipinfo_v2/ipinfo_v2.yml Docker image update * Updated Metadata Of Pack AutoFocus * Added release notes to pack AutoFocus * Packs/AutoFocus/Integrations/FeedAutofocus/FeedAutofocus.yml Docker image update * Packs/AutoFocus/Integrations/AutofocusV2/AutofocusV2.yml Docker image update * Updated Metadata Of Pack MailSenderNew * Added release notes to pack MailSenderNew * Packs/MailSenderNew/Integrations/MailSenderNew/MailSenderNew.yml Docker image update * avoid to update Docker for AutoFocusv2 --------- Co-authored-by: israelpolishook <[email protected]> * Fixes For 'IP Enrichment - Generic v2' Playbook (#31183) * Fixes For 'IP Enrichment - Generic v2' Playbook * RN * RN * Updated the 'InternalRange' playbook input's default value. * configured the 'extended_data' and 'threat_model_association' sub-playbook inputs * Bump pack from version CommonPlaybooks to 2.4.36. * Bump pack from version CommonPlaybooks to 2.4.37. * changed the default value of the 'ResolveIP' playbook input * re-added RN after merging from master * Fixes RN --------- Co-authored-by: Content Bot <[email protected]> * Check if should run Instance role (#31245) * Added the sync from the saas bucket and modified the verify script to take the revision from the correct bucket. (#31254) * AWS Organizations (#30525) * init * commands template * aws-org-children-list * more commands * even more commands * added account commands * removed enhancement commands * use json_transform * unit-tests init * unit-tests continued * unit-tests continued some more * TPB * one more unit-test * one more unit-test * one more unit-test * name change * TPB * docs complete * pack readme * pack readme part 2 * readme modified * more tests * more tests * use get() * adde description * removed isFetch * added image * name change * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update docker * put the commands back in * code complete * yml part 2 * yml part 3 * test template * unit-tests continued some more * unit-tests almost complete * unit-tests complete * fixed a few bugs * fixed unit-tests * added readme * update readme * added missing descriptions to readme * TPB * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * CR changes * demo changes * update docker * build wars: round 1 * build wars: round 2 * build wars: round 3; add unit-tests * build wars: round 4 * build wars: round 5 * build wars: round 6 --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkber…
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Status
Related Issues
fixes: https://jira-dc.paloaltonetworks.com/browse/CIAC-9067
Description
As part of the common playbook update effort, I reviewed 'Get endpoint details - Generic' and noticed it only runs the 'endpoint' command which is already implemented in 'Endpoint Enrichment - Generic v2.1'.
Upon checking, I discovered that only the 'NGFW Internal Scan' XSIAM playbook uses 'Get endpoint details - Generic' as a sub-playbook.
Hence, the 'Get endpoint details - Generic' playbook should be deprecated and replaced with the 'Endpoint Enrichment - Generic v2.1', a sub-playbook of NGFW Internal Scan' XSIAM.