Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Malware Investigation and response v2 #21554

Merged
merged 63 commits into from Oct 25, 2022

Conversation

ssokolovich
Copy link
Contributor

@ssokolovich ssokolovich commented Sep 29, 2022

Contributing to Cortex XSOAR Content

Make sure to register your contribution by filling the contribution registration form

The Pull Request will be reviewed only after the contribution registration form is filled.

Status

  • In Progress
  • Ready
  • In Hold - (Reason for hold)

Related Issues

fixes: https://jira-hq.paloaltonetworks.local/browse/CIAC-3731
fixes: https://jira-hq.paloaltonetworks.local/browse/CIAC-3791
fixes: https://jira-hq.paloaltonetworks.local/browse/CIAC-3729
fixes: https://jira-hq.paloaltonetworks.local/browse/CIAC-3989
fixes: https://jira-hq.paloaltonetworks.local/browse/CIAC-3791

Description

Malware Investigation and response v2
This PR will add the following enhancement to the flow:

  • Triage And Contaiment SLA
  • Assign an Analyst to the incident
  • Threat Hunting Playbook
  • MDE - Adding Bulk Advanced Threat Hunting Queries to the flow.
  • Adding a 'Disable user' button to the layout

Screenshots

N.a.

Minimum version of Cortex XSOAR

  • 6.0.0
  • 6.1.0
  • 6.2.0
  • 6.5.0

Does it break backward compatibility?

  • Yes
    • Further details:
  • No

Must have

  • Tests
  • Documentation

@ssokolovich ssokolovich changed the title Malware incident and response v2 Malware Investigation and response v2 Sep 29, 2022
…dent_and_resposne_v2

� Conflicts:
�	Packs/CommonTypes/ReleaseNotes/3_3_23.md
�	Packs/CortexXDR/ReleaseNotes/4_8_20.md
�	Packs/CrowdStrikeFalcon/ReleaseNotes/1_9_5.md
@ShirleyDenkberg
Copy link
Contributor

@altmannyarden @bakatzir Doc review completed.

@ssokolovich ssokolovich merged commit ad9ba4b into master Oct 25, 2022
@ssokolovich ssokolovich deleted the malware_incident_and_resposne_v2 branch October 25, 2022 08:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants