Update the IPEntity_DuoSecurity Analytic Rule for Threat Intelligence (NEW)

[v-kasghosh]

Change(s):

• Update the IPEntity_DuoSecurity Analytic Rule

Reason for Change(s):

• closes CiscoDuo TI rule fails to deploy due to wrong table name DuoSecurityAuthentication_CL #13701

Version Updated:

• solution - 3.0.15
• Rule - 1.0.10

[contentautomationbot]

Hello how are you I am GitHub bot
😀😀
I see that you changed templates under the detections/analytic rules folder. Did you remember to update the version of the templates you changed?
If not, and if you want customers to be aware that a new version of this template is available, please update the version property of the template you changed.

[Copilot]

Pull request overview

Updates the Threat Intelligence (NEW) solution to reflect the latest changes to the Duo Security IP entity analytic rule (closing #13701), including version bumps and installer UI text updates.

Changes:

• Added a 3.0.15 release note entry for the updated DuoSecurity analytic rule.
• Updated the solution installer UI definition text for the Threat Intelligence (NEW) data connectors section.
• Updated the IPEntity_DuoSecurity analytic rule query to use the CiscoDuo table/fields and bumped the rule version to 1.0.10.

Reviewed changes

Copilot reviewed 3 out of 5 changed files in this pull request and generated 7 comments.

File	Description
Solutions/Threat Intelligence (NEW)/ReleaseNotes.md	Adds release note entry for solution version 3.0.15.
Solutions/Threat Intelligence (NEW)/Package/createUiDefinition.json	Reworks the data connectors UI text (currently introduces repeated/duplicated content).
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_DuoSecurity.yaml	Updates the rule query to the new Cisco Duo schema and bumps rule version.