New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cyblethreatintel updates #19832
Cyblethreatintel updates #19832
Conversation
Pack having Cyble Event incident integration
This reverts commit 11f934b.
Thank you for your contribution. Your generosity and caring are unrivaled! Make sure to register your contribution by filling the Contribution Registration form, so our content wizard @ilappe will know he can start review the proposed changes. |
This pull request introduces 2 alerts when merging 0677330 into d2819ce - view on LGTM.com new alerts:
|
This pull request introduces 2 alerts when merging 4c9e289 into 1ef46e3 - view on LGTM.com new alerts:
|
…ev/content into cyblethreatintel-updates
This pull request introduces 2 alerts when merging 9ead1ed into 1ef46e3 - view on LGTM.com new alerts:
|
change is breaking the flow
This pull request introduces 2 alerts when merging fcba54a into 622728b - view on LGTM.com new alerts:
|
For the Reviewer: Successfully created a pipeline in Gitlab with url: https://code.pan.run/xsoar/content/-/pipelines/3283922 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great job
Thanks
59c6258
into
demisto:contrib/cyble-dev_cyblethreatintel-updates
* Cyblethreatintel updates (#19832) * Cyble Events Integration Pack having Cyble Event incident integration * Revert "Cyble Events Integration" This reverts commit 11f934b. * integration update * UT fixes * UT fixes * change docker image and readme * review changes * reversal of one of review change change is breaking the flow * review changes * readme update * docker image update * flake8 error fixes * UT fixes * UT coverage * ut coverage * ut fixes * flake8 fixes * ut fix * ut fixes * Added `breakingChanges` and update the RN Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * Commit * commit * commit * commit * commit * Add the proxy and insecure to the integration * Update docker * commit * Correcting typo * commit * commit * Update docker Co-authored-by: cyble-dev <101622497+cyble-dev@users.noreply.github.com> Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com>
* Cyblethreatintel updates (#19832) * Cyble Events Integration Pack having Cyble Event incident integration * Revert "Cyble Events Integration" This reverts commit 11f934b. * integration update * UT fixes * UT fixes * change docker image and readme * review changes * reversal of one of review change change is breaking the flow * review changes * readme update * docker image update * flake8 error fixes * UT fixes * UT coverage * ut coverage * ut fixes * flake8 fixes * ut fix * ut fixes * Added `breakingChanges` and update the RN Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * Commit * commit * commit * commit * commit * Add the proxy and insecure to the integration * Update docker * commit * Correcting typo * commit * commit * Update docker Co-authored-by: cyble-dev <101622497+cyble-dev@users.noreply.github.com> Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com>
* Cyblethreatintel updates (#19832) * Cyble Events Integration Pack having Cyble Event incident integration * Revert "Cyble Events Integration" This reverts commit 11f934b. * integration update * UT fixes * UT fixes * change docker image and readme * review changes * reversal of one of review change change is breaking the flow * review changes * readme update * docker image update * flake8 error fixes * UT fixes * UT coverage * ut coverage * ut fixes * flake8 fixes * ut fix * ut fixes * Added `breakingChanges` and update the RN Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * Commit * commit * commit * commit * commit * Add the proxy and insecure to the integration * Update docker * commit * Correcting typo * commit * commit * Update docker Co-authored-by: cyble-dev <101622497+cyble-dev@users.noreply.github.com> Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com>
* [Marketplace Contribution] Simple SFTP (#19787) * "pack contribution initial commit" * Update SimpleSFTP.py - Changed to use paramiko - Added Port parameter - Refactored to handle errors/exceptions and print traceback - Changed docker image to demisto/sftp with paramiko as dependency - Added optional command argument "returnFile" to return file to war room along with file - Added main function * Update SimpleSFTP.yml - Added image - Added new arg returnFile - Added descriptions for args and commands * Update SimpleSFTP.py * Update SimpleSFTP.yml Please review as I added most of the changes. I did not know where to add the "marketplacev2, xsoar " key in the yml. * Update pack_metadata.json Changed description * Update pack_metadata.json * Update SimpleSFTP_description.md * Update Packs/SimpleSFTP/Integrations/SimpleSFTP/SimpleSFTP.py Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Update SimpleSFTP.py Updated logic for returning file * Update Packs/SimpleSFTP/pack_metadata.json Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Update SimpleSFTP.yml * Update SimpleSFTP.yml Co-authored-by: Vibhu A Bharadwaj <53234515+vibhuabharadwaj@users.noreply.github.com> Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Fortinet FortiGate Modeling Rules (#20292) * Added Modeling Rules for FortiGate * Changed the time field to match the original CEF * Added Release notes * Added ReleaseNotes * Added FortinetFortiGateModelingRules_schema.json * Changed the value in first field in the json file * Delete create_certs.sh * Added README file * Bigger font for header * Changed styling * Revert "Delete create_certs.sh" This reverts commit 0d994bb. * Changed file names * Changed the README file * Revert "Added FortinetFortiGateModelingRules_schema.json" This reverts commit 0c86f6d. * Added Fortinet * Added Fortigate to known words * Changed the ReleaseNotes * Changed the Yaml file Co-authored-by: evisochek <72695126+evisochek@users.noreply.github.com> * fix the display of the credentials parameter (#20345) * Cyblethreatintel updates (#20097) * Cyblethreatintel updates (#19832) * Cyble Events Integration Pack having Cyble Event incident integration * Revert "Cyble Events Integration" This reverts commit 11f934b. * integration update * UT fixes * UT fixes * change docker image and readme * review changes * reversal of one of review change change is breaking the flow * review changes * readme update * docker image update * flake8 error fixes * UT fixes * UT coverage * ut coverage * ut fixes * flake8 fixes * ut fix * ut fixes * Added `breakingChanges` and update the RN Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * Commit * commit * commit * commit * commit * Add the proxy and insecure to the integration * Update docker * commit * Correcting typo * commit * commit * Update docker Co-authored-by: cyble-dev <101622497+cyble-dev@users.noreply.github.com> Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * New version for solving authentication problem (#20222) * new version for solving authentication problem * docker image * SplunkPy pre-release docker image * RN's * return the line connection_args['autologin'] = True * Update Packs/SplunkPy/ReleaseNotes/2_4_5.md Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> * Update Packs/SplunkPyPreRelease/ReleaseNotes/1_0_12.md Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> * Trig build * misspelled * Trig build * same like costumer's version - only basic * before changes but with new docker * like costumer, and conf.json rolled back to the old configuration * autologin + basic + new docker * basic was added to SplunkPyPreRelease.pypre * Test playbook was moved to skipped * trig build Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> * CSP and demistomock * validate fixes * image and demost * image * ignore * Utilities * fix lint error Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: Vibhu A Bharadwaj <53234515+vibhuabharadwaj@users.noreply.github.com> Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: evisochek <72695126+evisochek@users.noreply.github.com> Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> Co-authored-by: cyble-dev <101622497+cyble-dev@users.noreply.github.com> Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> Co-authored-by: rshunim <102469772+rshunim@users.noreply.github.com> Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> Co-authored-by: meichlerpanw <meichler@paloaltonetworks.com>
* Xm 2445 demisto integration missing data (#20079) * Add missing score fields to incident mapper * Fix wrong types * Fix multiple commands and layouts issues * Fix python typing issues * Update release notes * Fix flake8 errors * Update Packs/XMCyber/Integrations/XMCyberIntegration/XMCyberIntegration.py Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Update Packs/XMCyber/Integrations/XMCyberIntegration/XMCyberIntegration.py Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Update Packs/XMCyber/Integrations/XMCyberIntegration/XMCyberIntegration.py Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Update Packs/XMCyber/Integrations/XMCyberIntegration/XMCyberIntegration.py Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> * Fortinet FortiGate Modeling Rules (#20292) * Added Modeling Rules for FortiGate * Changed the time field to match the original CEF * Added Release notes * Added ReleaseNotes * Added FortinetFortiGateModelingRules_schema.json * Changed the value in first field in the json file * Delete create_certs.sh * Added README file * Bigger font for header * Changed styling * Revert "Delete create_certs.sh" This reverts commit 0d994bb. * Changed file names * Changed the README file * Revert "Added FortinetFortiGateModelingRules_schema.json" This reverts commit 0c86f6d. * Added Fortinet * Added Fortigate to known words * Changed the ReleaseNotes * Changed the Yaml file Co-authored-by: evisochek <72695126+evisochek@users.noreply.github.com> * fix the display of the credentials parameter (#20345) * Cyblethreatintel updates (#20097) * Cyblethreatintel updates (#19832) * Cyble Events Integration Pack having Cyble Event incident integration * Revert "Cyble Events Integration" This reverts commit 11f934b. * integration update * UT fixes * UT fixes * change docker image and readme * review changes * reversal of one of review change change is breaking the flow * review changes * readme update * docker image update * flake8 error fixes * UT fixes * UT coverage * ut coverage * ut fixes * flake8 fixes * ut fix * ut fixes * Added `breakingChanges` and update the RN Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * Commit * commit * commit * commit * commit * Add the proxy and insecure to the integration * Update docker * commit * Correcting typo * commit * commit * Update docker Co-authored-by: cyble-dev <101622497+cyble-dev@users.noreply.github.com> Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * New version for solving authentication problem (#20222) * new version for solving authentication problem * docker image * SplunkPy pre-release docker image * RN's * return the line connection_args['autologin'] = True * Update Packs/SplunkPy/ReleaseNotes/2_4_5.md Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> * Update Packs/SplunkPyPreRelease/ReleaseNotes/1_0_12.md Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> * Trig build * misspelled * Trig build * same like costumer's version - only basic * before changes but with new docker * like costumer, and conf.json rolled back to the old configuration * autologin + basic + new docker * basic was added to SplunkPyPreRelease.pypre * Test playbook was moved to skipped * trig build Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> * [Marketplace Contribution] Qualys - Content Pack Update (#20142) (#20347) * "contribution update to pack "Qualys"" * added description and required arguments * Correction for some faild Jobs Co-authored-by: Iulian Vasile Baba <iulian509@gmail.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: Iulian Vasile Baba <iulian509@gmail.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> * Update Docker Image To demisto/python3 (#20351) * Updated Metadata Of Pack CiscoASA * Added release notes to pack CiscoASA * Packs/CiscoASA/Integrations/CiscoASA/CiscoASA.yml Docker image update * Updated Metadata Of Pack ThreatExchange * Added release notes to pack ThreatExchange * Packs/ThreatExchange/Integrations/ThreatExchangeV2/ThreatExchangeV2.yml Docker image update * Updated Metadata Of Pack URLHaus * Added release notes to pack URLHaus * Packs/URLHaus/Integrations/URLHaus/URLHaus.yml Docker image update * Updated Metadata Of Pack WhatIsMyBrowser * Added release notes to pack WhatIsMyBrowser * Packs/WhatIsMyBrowser/Integrations/WhatIsMyBrowser/WhatIsMyBrowser.yml Docker image update * Updated Metadata Of Pack XForceExchange * Added release notes to pack XForceExchange * Packs/XForceExchange/Integrations/XFE_v2/XFE_v2.yml Docker image update * Updated Metadata Of Pack Zimperium * Added release notes to pack Zimperium * Packs/Zimperium/Integrations/Zimperium/Zimperium.yml Docker image update * Updated Metadata Of Pack epo * Added release notes to pack epo * Packs/epo/Integrations/epoV2/epoV2.yml Docker image update * - Co-authored-by: sberman <sberman@paloaltonetworks.com> * [Mail Listener] First Fetch not Fetching All Mails in Given Time (#20317) * XDR - IR: fix wrong close reason by mirror out (#20267) * fix wrong close reason by mirror out * update release notes * CR changes * correct RN * correct RN * Common delete email playbook (#20334) * Common delete email playbook (#20112) * fixing the EWS only condition * Updating release notes * Rollback the second condition * PR updates * Fixed releasenotes issue * Fixed build issues * Fixed build issues Co-authored-by: Ayman Mahmoud <57979775+ayman-m@users.noreply.github.com> Co-authored-by: aradcarmi <aradcarmi220@gmail.com> * Intezer - Add md5 and sha1 to dbot score for file analysis (#20286) (#20372) * feat(intezerV2) - add MD5 and SHA1 to dbot score * feat(intezerV2) - fix PR comments Co-authored-by: almogch <30620255+almogch@users.noreply.github.com> * lint fixes * rn * period * entityId * rn * rn * RN * remove inputs * build fix * revert Co-authored-by: herrmannben <109451054+herrmannben@users.noreply.github.com> Co-authored-by: Moshe Eichler <78307768+MosheEichler@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: evisochek <72695126+evisochek@users.noreply.github.com> Co-authored-by: Shai Yaakovi <30797606+yaakovi@users.noreply.github.com> Co-authored-by: cyble-dev <101622497+cyble-dev@users.noreply.github.com> Co-authored-by: sudheer-samethadka <101622497+sudheer-samethadka@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> Co-authored-by: rshunim <102469772+rshunim@users.noreply.github.com> Co-authored-by: yuvalbenshalom <ybenshalom@paloaltonetworks.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: Iulian Vasile Baba <iulian509@gmail.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Dean Arbel <darbel@paloaltonetworks.com> Co-authored-by: Israel Lappe <79846863+ilappe@users.noreply.github.com> Co-authored-by: Ayman Mahmoud <57979775+ayman-m@users.noreply.github.com> Co-authored-by: aradcarmi <aradcarmi220@gmail.com> Co-authored-by: almogch <30620255+almogch@users.noreply.github.com> Co-authored-by: meichlerpanw <meichler@paloaltonetworks.com>
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
fixes: link to the issue
Description
A few sentences describing the overall goals of the pull request's commits.
Screenshots
Paste here any images that will help the reviewer
Minimum version of Cortex XSOAR
Does it break backward compatibility?
Must have