Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Local Analysis Malware #19624

Merged
merged 75 commits into from Jun 22, 2022
Merged

Local Analysis Malware #19624

Show file tree
Hide file tree
Changes from 74 commits
Commits
Show all changes
75 commits
Select commit Hold shift + click to select a range
2946141
test
evisochek Feb 3, 2021
fbaf629
test
evisochek Feb 3, 2021
8eb4874
Merge branch 'Test' of github.com:demisto/content
melamedbn Jul 25, 2021
dd43dac
Merge branch 'master' of github.com:demisto/content
melamedbn Jul 27, 2021
b4f9600
Merge branch 'master' of github.com:demisto/content
melamedbn Sep 12, 2021
1aab2ed
Merge branch 'master' of github.com:demisto/content
melamedbn Sep 15, 2021
da407cb
Merge branch 'master' of github.com:demisto/content
melamedbn Nov 1, 2021
fda539b
Merge branch 'master' of github.com:demisto/content
melamedbn Nov 2, 2021
e6c699d
Merge branch 'master' of github.com:demisto/content
melamedbn Nov 7, 2021
dfc55ce
Merge branch 'master' of github.com:demisto/content
melamedbn Nov 9, 2021
68b4c39
Merge branch 'master' of github.com:demisto/content
melamedbn Nov 11, 2021
1535dde
Merge branch 'master' of github.com:demisto/content
melamedbn Nov 18, 2021
69e6de8
Merge branch 'master' of github.com:demisto/content
melamedbn Nov 21, 2021
8e457fd
Merge branch 'master' of github.com:demisto/content
melamedbn Nov 23, 2021
85592e4
Merge branch 'master' of github.com:demisto/content
melamedbn Nov 24, 2021
eca848d
Merge branch 'master' of github.com:demisto/content
melamedbn Nov 24, 2021
9a4c4c5
Merge branch 'master' of github.com:demisto/content
melamedbn Nov 25, 2021
06cf8c3
Merge branch 'master' of github.com:demisto/content
melamedbn Nov 30, 2021
120c010
Merge branch 'master' of github.com:demisto/content
melamedbn Dec 10, 2021
7954e96
Merge branch 'master' of github.com:demisto/content
melamedbn Dec 13, 2021
b29713a
Merge branch 'master' of github.com:demisto/content
melamedbn Dec 14, 2021
9ba84da
Merge branch 'master' of github.com:demisto/content
melamedbn Dec 16, 2021
e638c34
Merge branch 'master' of github.com:demisto/content
melamedbn Dec 29, 2021
8e0b823
Merge branch 'master' of github.com:demisto/content
melamedbn Jan 6, 2022
e35a945
Merge branch 'master' of github.com:demisto/content
melamedbn Jan 9, 2022
7b7322c
Merge branch 'master' of github.com:demisto/content
melamedbn Jan 18, 2022
baaf2db
Merge branch 'master' of github.com:demisto/content
melamedbn Mar 7, 2022
0df3f8c
Merge branch 'master' of github.com:demisto/content
melamedbn Mar 17, 2022
ed5df7a
Merge branch 'master' of github.com:demisto/content
melamedbn Mar 20, 2022
37eebe5
Merge branch 'master' of github.com:demisto/content
melamedbn Mar 20, 2022
b2026d9
Merge branch 'master' of github.com:demisto/content
melamedbn Mar 20, 2022
251f3d2
Merge branch 'master' of github.com:demisto/content
melamedbn Mar 22, 2022
bda6a34
Merge branch 'master' of github.com:demisto/content
melamedbn Mar 27, 2022
797b869
Merge branch 'master' of github.com:demisto/content
melamedbn Mar 30, 2022
8279912
Merge branch 'master' of github.com:demisto/content
melamedbn Mar 31, 2022
4c7600a
Merge branch 'master' of github.com:demisto/content
melamedbn Mar 31, 2022
d0d9cda
Merge branch 'master' of github.com:demisto/content
melamedbn Apr 3, 2022
b9a5b0f
Merge branch 'master' of github.com:demisto/content
melamedbn Apr 4, 2022
db7f431
Merge branch 'master' of github.com:demisto/content
melamedbn Apr 5, 2022
7cfe09c
Merge branch 'master' of github.com:demisto/content
melamedbn Apr 6, 2022
58ae748
Merge branch 'master' of github.com:demisto/content
melamedbn Apr 17, 2022
e155c77
Merge branch 'master' of github.com:demisto/content
melamedbn Apr 18, 2022
2f7c181
Merge branch 'master' of github.com:demisto/content
melamedbn Apr 25, 2022
72987d4
Merge branch 'master' of github.com:demisto/content
melamedbn May 1, 2022
2a9e2fe
Merge branch 'master' of github.com:demisto/content
melamedbn May 25, 2022
5217e27
Merge branch 'master' of github.com:demisto/content
melamedbn May 31, 2022
5a0f060
Merge branch 'master' of github.com:demisto/content
melamedbn Jun 1, 2022
9a35a8b
Merge branch 'master' of github.com:demisto/content
melamedbn Jun 2, 2022
dad6a2a
Merge branch 'master' of github.com:demisto/content
melamedbn Jun 6, 2022
5995cf8
Merge branch 'master' of github.com:demisto/content
melamedbn Jun 7, 2022
76a9dae
Merge branch 'master' of github.com:demisto/content
melamedbn Jun 19, 2022
d9d9b49
New playbook for Local Analysis Malware alert
melamedbn Jun 19, 2022
72a8bf7
typo
melamedbn Jun 19, 2022
18b49d5
update RN for the following packs:
melamedbn Jun 19, 2022
bf38f53
update the playbook's fromversion
melamedbn Jun 19, 2022
4b96355
Merge branch 'master' of github.com:demisto/content into Local_Analys…
melamedbn Jun 19, 2022
a29b62b
New Get WildFire Verdict playbook
melamedbn Jun 19, 2022
3372400
typos and RN
melamedbn Jun 19, 2022
2c1e901
fix fromversion
melamedbn Jun 19, 2022
092692d
fixes validation errors
melamedbn Jun 19, 2022
1ddface
Merge branch 'master' of github.com:demisto/content into Local_Analys…
melamedbn Jun 19, 2022
851e25e
fixes validation errors
melamedbn Jun 19, 2022
0ae08bd
Merge branch 'master' of github.com:demisto/content into Local_Analys…
melamedbn Jun 19, 2022
5b4ffca
fixes task 11 id
melamedbn Jun 19, 2022
3405ea8
Merge branch 'master' of github.com:demisto/content into Local_Analys…
melamedbn Jun 19, 2022
d6bf6d1
fixes after merge from master
melamedbn Jun 19, 2022
0418bd6
Merge branch 'master' of github.com:demisto/content into Local_Analys…
melamedbn Jun 20, 2022
360724d
Merge branch 'master' of github.com:demisto/content into Local_Analys…
melamedbn Jun 21, 2022
d2e86ce
fixes
melamedbn Jun 21, 2022
49a4e9a
update RN
melamedbn Jun 21, 2022
ba505aa
removes playbook from the PR
melamedbn Jun 21, 2022
32a7943
typo
melamedbn Jun 21, 2022
b693018
Merge branch 'master' of github.com:demisto/content into Local_Analys…
melamedbn Jun 21, 2022
f07339a
typo
melamedbn Jun 21, 2022
d8fea8d
Merge branch 'master' of github.com:demisto/content into Local_Analys…
melamedbn Jun 22, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
19 changes: 15 additions & 4 deletions Packs/CommonPlaybooks/Playbooks/playbook-Containment_Plan.yml
View file
Open in desktop
Expand Up @@ -2178,7 +2178,7 @@ tasks:
value:
simple: WORKSTATION
ignorecase: true
- - operator: isNotEqualString
- - operator: isEqualString
left:
value:
complex:
Expand All @@ -2187,7 +2187,18 @@ tasks:
iscontext: true
right:
value:
simple: "True"
simple: AGENT_UNISOLATED
ignorecase: true
- - operator: isNotEqualString
left:
value:
complex:
root: Core.Endpoint
accessor: endpoint_status
iscontext: true
right:
value:
simple: DISCONNECTED
ignorecase: true
- label: Manual
condition:
Expand All @@ -2211,7 +2222,7 @@ tasks:
right:
value:
simple: WORKSTATION
- - operator: isNotEqualString
- - operator: isEqualString
left:
value:
complex:
Expand All @@ -2220,7 +2231,7 @@ tasks:
iscontext: true
right:
value:
simple: "true"
simple: AGENT_UNISOLATED
ignorecase: true
view: |-
{
Expand Down
4 changes: 4 additions & 0 deletions Packs/CommonPlaybooks/ReleaseNotes/2_2_5.md
View file
Open in desktop
@@ -0,0 +1,4 @@

#### Playbooks
##### Containment Plan
- Fixes to Containment Plan playbook conditions.
2 changes: 1 addition & 1 deletion Packs/CommonPlaybooks/pack_metadata.json
View file
Open in desktop
Expand Up @@ -2,7 +2,7 @@
"name": "Common Playbooks",
"description": "Frequently used playbooks pack.",
"support": "xsoar",
"currentVersion": "2.2.4",
"currentVersion": "2.2.5",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
3 changes: 2 additions & 1 deletion Packs/Core/.pack-ignore
View file
Open in desktop
Expand Up @@ -11,4 +11,5 @@ ignore=RM104
ignore=CJ105

[known_words]
XSIAM
XSIAM
CoreIRApiModule