Cyblethreatintel updates #19832
Merged
Cyblethreatintel updates #19832
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Pack having Cyble Event incident integration
This reverts commit 11f934b.
content-bot
changed the base branch from
master
to
contrib/cyble-dev_cyblethreatintel-updates
|
Thank you for your contribution. Your generosity and caring are unrivaled! Make sure to register your contribution by filling the Contribution Registration form, so our content wizard @ilappe will know he can start review the proposed changes. |
content-bot
added
Contribution Form Filled
|
This pull request introduces 2 alerts when merging 0677330 into d2819ce - view on LGTM.com new alerts:
|
|
This pull request introduces 2 alerts when merging 4c9e289 into 1ef46e3 - view on LGTM.com new alerts:
|
…ev/content into cyblethreatintel-updates
|
This pull request introduces 2 alerts when merging 9ead1ed into 1ef46e3 - view on LGTM.com new alerts:
|
change is breaking the flow
|
This pull request introduces 2 alerts when merging fcba54a into 622728b - view on LGTM.com new alerts:
|
israelpoli
added
the
ready-for-instance-test
|
For the Reviewer: Successfully created a pipeline in Gitlab with url: https://code.pan.run/xsoar/content/-/pipelines/3283922 |
israelpoli
added
ready-for-instance-test
israelpoli
merged commit 59c6258
into
demisto:contrib/cyble-dev_cyblethreatintel-updates
11 tasks
ShahafBenYakir
pushed a commit
that referenced
this pull request
Aug 2, 2022
* Cyblethreatintel updates (#19832) * Cyble Events Integration Pack having Cyble Event incident integration * Revert "Cyble Events Integration" This reverts commit 11f934b. * integration update * UT fixes * UT fixes * change docker image and readme * review changes * reversal of one of review change change is breaking the flow * review changes * readme update * docker image update * flake8 error fixes * UT fixes * UT coverage * ut coverage * ut fixes * flake8 fixes * ut fix * ut fixes * Added `breakingChanges` and update the RN Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * Commit * commit * commit * commit * commit * Add the proxy and insecure to the integration * Update docker * commit * Correcting typo * commit * commit * Update docker Co-authored-by: cyble-dev <101622497+cyble-dev@users.noreply.github.com> Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com>
MosheEichler
pushed a commit
that referenced
this pull request
Aug 2, 2022
* Cyblethreatintel updates (#19832) * Cyble Events Integration Pack having Cyble Event incident integration * Revert "Cyble Events Integration" This reverts commit 11f934b. * integration update * UT fixes * UT fixes * change docker image and readme * review changes * reversal of one of review change change is breaking the flow * review changes * readme update * docker image update * flake8 error fixes * UT fixes * UT coverage * ut coverage * ut fixes * flake8 fixes * ut fix * ut fixes * Added `breakingChanges` and update the RN Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * Commit * commit * commit * commit * commit * Add the proxy and insecure to the integration * Update docker * commit * Correcting typo * commit * commit * Update docker Co-authored-by: cyble-dev <101622497+cyble-dev@users.noreply.github.com> Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com>
MosheEichler
pushed a commit
that referenced
this pull request
Aug 3, 2022
* Cyblethreatintel updates (#19832) * Cyble Events Integration Pack having Cyble Event incident integration * Revert "Cyble Events Integration" This reverts commit 11f934b. * integration update * UT fixes * UT fixes * change docker image and readme * review changes * reversal of one of review change change is breaking the flow * review changes * readme update * docker image update * flake8 error fixes * UT fixes * UT coverage * ut coverage * ut fixes * flake8 fixes * ut fix * ut fixes * Added `breakingChanges` and update the RN Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * Commit * commit * commit * commit * commit * Add the proxy and insecure to the integration * Update docker * commit * Correcting typo * commit * commit * Update docker Co-authored-by: cyble-dev <101622497+cyble-dev@users.noreply.github.com> Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com>
MosheEichler
added a commit
that referenced
this pull request
Aug 4, 2022
* [Marketplace Contribution] Simple SFTP (#19787) * "pack contribution initial commit" * Update SimpleSFTP.py - Changed to use paramiko - Added Port parameter - Refactored to handle errors/exceptions and print traceback - Changed docker image to demisto/sftp with paramiko as dependency - Added optional command argument "returnFile" to return file to war room along with file - Added main function * Update SimpleSFTP.yml - Added image - Added new arg returnFile - Added descriptions for args and commands * Update SimpleSFTP.py * Update SimpleSFTP.yml Please review as I added most of the changes. I did not know where to add the "marketplacev2, xsoar " key in the yml. * Update pack_metadata.json Changed description * Update pack_metadata.json * Update SimpleSFTP_description.md * Update Packs/SimpleSFTP/Integrations/SimpleSFTP/SimpleSFTP.py Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Update SimpleSFTP.py Updated logic for returning file * Update Packs/SimpleSFTP/pack_metadata.json Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Update SimpleSFTP.yml * Update SimpleSFTP.yml Co-authored-by: Vibhu A Bharadwaj <53234515+vibhuabharadwaj@users.noreply.github.com> Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Fortinet FortiGate Modeling Rules (#20292) * Added Modeling Rules for FortiGate * Changed the time field to match the original CEF * Added Release notes * Added ReleaseNotes * Added FortinetFortiGateModelingRules_schema.json * Changed the value in first field in the json file * Delete create_certs.sh * Added README file * Bigger font for header * Changed styling * Revert "Delete create_certs.sh" This reverts commit 0d994bb. * Changed file names * Changed the README file * Revert "Added FortinetFortiGateModelingRules_schema.json" This reverts commit 0c86f6d. * Added Fortinet * Added Fortigate to known words * Changed the ReleaseNotes * Changed the Yaml file Co-authored-by: evisochek <72695126+evisochek@users.noreply.github.com> * fix the display of the credentials parameter (#20345) * Cyblethreatintel updates (#20097) * Cyblethreatintel updates (#19832) * Cyble Events Integration Pack having Cyble Event incident integration * Revert "Cyble Events Integration" This reverts commit 11f934b. * integration update * UT fixes * UT fixes * change docker image and readme * review changes * reversal of one of review change change is breaking the flow * review changes * readme update * docker image update * flake8 error fixes * UT fixes * UT coverage * ut coverage * ut fixes * flake8 fixes * ut fix * ut fixes * Added `breakingChanges` and update the RN Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * Commit * commit * commit * commit * commit * Add the proxy and insecure to the integration * Update docker * commit * Correcting typo * commit * commit * Update docker Co-authored-by: cyble-dev <101622497+cyble-dev@users.noreply.github.com> Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * New version for solving authentication problem (#20222) * new version for solving authentication problem * docker image * SplunkPy pre-release docker image * RN's * return the line connection_args['autologin'] = True * Update Packs/SplunkPy/ReleaseNotes/2_4_5.md Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> * Update Packs/SplunkPyPreRelease/ReleaseNotes/1_0_12.md Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> * Trig build * misspelled * Trig build * same like costumer's version - only basic * before changes but with new docker * like costumer, and conf.json rolled back to the old configuration * autologin + basic + new docker * basic was added to SplunkPyPreRelease.pypre * Test playbook was moved to skipped * trig build Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> * CSP and demistomock * validate fixes * image and demost * image * ignore * Utilities * fix lint error Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: Vibhu A Bharadwaj <53234515+vibhuabharadwaj@users.noreply.github.com> Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: evisochek <72695126+evisochek@users.noreply.github.com> Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> Co-authored-by: cyble-dev <101622497+cyble-dev@users.noreply.github.com> Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> Co-authored-by: rshunim <102469772+rshunim@users.noreply.github.com> Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> Co-authored-by: meichlerpanw <meichler@paloaltonetworks.com>
yaakovi
added a commit
that referenced
this pull request
Aug 23, 2022
* Xm 2445 demisto integration missing data (#20079) * Add missing score fields to incident mapper * Fix wrong types * Fix multiple commands and layouts issues * Fix python typing issues * Update release notes * Fix flake8 errors * Update Packs/XMCyber/Integrations/XMCyberIntegration/XMCyberIntegration.py Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Update Packs/XMCyber/Integrations/XMCyberIntegration/XMCyberIntegration.py Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Update Packs/XMCyber/Integrations/XMCyberIntegration/XMCyberIntegration.py Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Update Packs/XMCyber/Integrations/XMCyberIntegration/XMCyberIntegration.py Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Fortinet FortiGate Modeling Rules (#20292) * Added Modeling Rules for FortiGate * Changed the time field to match the original CEF * Added Release notes * Added ReleaseNotes * Added FortinetFortiGateModelingRules_schema.json * Changed the value in first field in the json file * Delete create_certs.sh * Added README file * Bigger font for header * Changed styling * Revert "Delete create_certs.sh" This reverts commit 0d994bb. * Changed file names * Changed the README file * Revert "Added FortinetFortiGateModelingRules_schema.json" This reverts commit 0c86f6d. * Added Fortinet * Added Fortigate to known words * Changed the ReleaseNotes * Changed the Yaml file Co-authored-by: evisochek <72695126+evisochek@users.noreply.github.com> * fix the display of the credentials parameter (#20345) * Cyblethreatintel updates (#20097) * Cyblethreatintel updates (#19832) * Cyble Events Integration Pack having Cyble Event incident integration * Revert "Cyble Events Integration" This reverts commit 11f934b. * integration update * UT fixes * UT fixes * change docker image and readme * review changes * reversal of one of review change change is breaking the flow * review changes * readme update * docker image update * flake8 error fixes * UT fixes * UT coverage * ut coverage * ut fixes * flake8 fixes * ut fix * ut fixes * Added `breakingChanges` and update the RN Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * Commit * commit * commit * commit * commit * Add the proxy and insecure to the integration * Update docker * commit * Correcting typo * commit * commit * Update docker Co-authored-by: cyble-dev <101622497+cyble-dev@users.noreply.github.com> Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * New version for solving authentication problem (#20222) * new version for solving authentication problem * docker image * SplunkPy pre-release docker image * RN's * return the line connection_args['autologin'] = True * Update Packs/SplunkPy/ReleaseNotes/2_4_5.md Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> * Update Packs/SplunkPyPreRelease/ReleaseNotes/1_0_12.md Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> * Trig build * misspelled * Trig build * same like costumer's version - only basic * before changes but with new docker * like costumer, and conf.json rolled back to the old configuration * autologin + basic + new docker * basic was added to SplunkPyPreRelease.pypre * Test playbook was moved to skipped * trig build Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> * [Marketplace Contribution] Qualys - Content Pack Update (#20142) (#20347) * "contribution update to pack "Qualys"" * added description and required arguments * Correction for some faild Jobs Co-authored-by: Iulian Vasile Baba <iulian509@gmail.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: Iulian Vasile Baba <iulian509@gmail.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * Update Docker Image To demisto/python3 (#20351) * Updated Metadata Of Pack CiscoASA * Added release notes to pack CiscoASA * Packs/CiscoASA/Integrations/CiscoASA/CiscoASA.yml Docker image update * Updated Metadata Of Pack ThreatExchange * Added release notes to pack ThreatExchange * Packs/ThreatExchange/Integrations/ThreatExchangeV2/ThreatExchangeV2.yml Docker image update * Updated Metadata Of Pack URLHaus * Added release notes to pack URLHaus * Packs/URLHaus/Integrations/URLHaus/URLHaus.yml Docker image update * Updated Metadata Of Pack WhatIsMyBrowser * Added release notes to pack WhatIsMyBrowser * Packs/WhatIsMyBrowser/Integrations/WhatIsMyBrowser/WhatIsMyBrowser.yml Docker image update * Updated Metadata Of Pack XForceExchange * Added release notes to pack XForceExchange * Packs/XForceExchange/Integrations/XFE_v2/XFE_v2.yml Docker image update * Updated Metadata Of Pack Zimperium * Added release notes to pack Zimperium * Packs/Zimperium/Integrations/Zimperium/Zimperium.yml Docker image update * Updated Metadata Of Pack epo * Added release notes to pack epo * Packs/epo/Integrations/epoV2/epoV2.yml Docker image update * - Co-authored-by: sberman <sberman@paloaltonetworks.com> * [Mail Listener] First Fetch not Fetching All Mails in Given Time (#20317) * XDR - IR: fix wrong close reason by mirror out (#20267) * fix wrong close reason by mirror out * update release notes * CR changes * correct RN * correct RN * Common delete email playbook (#20334) * Common delete email playbook (#20112) * fixing the EWS only condition * Updating release notes * Rollback the second condition * PR updates * Fixed releasenotes issue * Fixed build issues * Fixed build issues Co-authored-by: Ayman Mahmoud <57979775+ayman-m@users.noreply.github.com> Co-authored-by: aradcarmi <aradcarmi220@gmail.com> * Intezer - Add md5 and sha1 to dbot score for file analysis (#20286) (#20372) * feat(intezerV2) - add MD5 and SHA1 to dbot score * feat(intezerV2) - fix PR comments Co-authored-by: almogch <30620255+almogch@users.noreply.github.com> * lint fixes * rn * period * entityId * rn * rn * RN * remove inputs * build fix * revert Co-authored-by: herrmannben <109451054+herrmannben@users.noreply.github.com> Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: evisochek <72695126+evisochek@users.noreply.github.com> Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> Co-authored-by: cyble-dev <101622497+cyble-dev@users.noreply.github.com> Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> Co-authored-by: rshunim <102469772+rshunim@users.noreply.github.com> Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: Iulian Vasile Baba <iulian509@gmail.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Dean Arbel <darbel@paloaltonetworks.com> Co-authored-by: Israel Lappe <79846863+ilappe@users.noreply.github.com> Co-authored-by: Ayman Mahmoud <57979775+ayman-m@users.noreply.github.com> Co-authored-by: aradcarmi <aradcarmi220@gmail.com> Co-authored-by: almogch <30620255+almogch@users.noreply.github.com> Co-authored-by: meichlerpanw <meichler@paloaltonetworks.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
fixes: link to the issue
Description
A few sentences describing the overall goals of the pull request's commits.
Screenshots
Paste here any images that will help the reviewer
Minimum version of Cortex XSOAR
Does it break backward compatibility?
Must have