NGINXApiModule: fix logging typo #24878

glicht · 2023-02-26T12:55:17Z

Status

In Progress
Ready
In Hold - (Reason for hold)

Related Issues

fixes: https://jira-hq.paloaltonetworks.local/browse/CRTX-75893

Description

Fix small logging typo

Screenshots

Paste here any images that will help the reviewer

Minimum version of Cortex XSOAR

6.0.0
6.1.0
6.2.0
6.5.0

Does it break backward compatibility?

Yes
- Further details:
No

Must have

Tests
Documentation

xsoar-bot · 2023-02-27T09:02:11Z

Link to the unit tests coverage report:
https://output.circle-artifacts.com/output/job/316bfbb0-a45f-4394-8d44-9bbfafce5d87/artifacts/0/artifacts/coverage_report/html/index.html

* fix logging typo * bump dependent packs --------- Co-authored-by: glicht <glicht@users.noreply.github.com>

* init new integration branch * commands work * added new update commands * domain map progress * Identification profiles and domain map improvements * access policy create commands * Added docstrings and improved update objects request * fixed update objects command and token retrieve issue * Add space to conf * Revert "Add space to conf" This reverts commit 3a74b93. * First demo fixes and domain map unit tests * Created identification profile and url categories unit tests * Created access policies unit tests * fixed pack validations * Fixed mypy lints * added README * Internal CR Fixes * Added UT for access policies and added functionality for identification profiles * deprecated existing integration * Updated release notes and pack version * test playbook, command examples, fixes * Dict to dict * Updating files * Fixing linters * Adding ok codes in requests * Adding docstrings * Handler for HTTP requests * Adding unit tests * Adding unit tests * Adding unit tests * Adding unit tests * Fixing linters * Adding multi status handler for delete commands * Fixing linters. * Fixing linters * Fixing linters and docstrigns * Filtering catefories * Fixing linters * Fixing datetime to iso 8061 * Naming and updating files for pr * Adding release note * Adding secrets files * Improving code * Updating after review * Improving code. * Improving code. * Improving tests. * Improving tests * Fixing type hints * Adding delete hander * Adding docstrings * Adding tests * Fixing linters * Fixing linters * Adding docstring * Handling pagination erros. * Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- Co-authored-by: glicht <glicht@users.noreply.github.com> * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Fixing linters. * Adding missing test_data * Fixing conf.json integration name * Updating docker version * Fixing id and type in the yml * Fixing doc review. * Fixing doc review. * Fixing doc review. * Fixing integration name. * Fixing pack_metadata * Adding readme file * Fixing integration name * Fixing secrets * Updating README * Update README --------- Co-authored-by: Jonathan Tauman <jonathant@qmasters.co> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com>

* Cisco WSA (#24917) * init new integration branch * commands work * added new update commands * domain map progress * Identification profiles and domain map improvements * access policy create commands * Added docstrings and improved update objects request * fixed update objects command and token retrieve issue * Add space to conf * Revert "Add space to conf" This reverts commit 3a74b93. * First demo fixes and domain map unit tests * Created identification profile and url categories unit tests * Created access policies unit tests * fixed pack validations * Fixed mypy lints * added README * Internal CR Fixes * Added UT for access policies and added functionality for identification profiles * deprecated existing integration * Updated release notes and pack version * test playbook, command examples, fixes * Dict to dict * Updating files * Fixing linters * Adding ok codes in requests * Adding docstrings * Handler for HTTP requests * Adding unit tests * Adding unit tests * Adding unit tests * Adding unit tests * Fixing linters * Adding multi status handler for delete commands * Fixing linters. * Fixing linters * Fixing linters and docstrigns * Filtering catefories * Fixing linters * Fixing datetime to iso 8061 * Naming and updating files for pr * Adding release note * Adding secrets files * Improving code * Updating after review * Improving code. * Improving code. * Improving tests. * Improving tests * Fixing type hints * Adding delete hander * Adding docstrings * Adding tests * Fixing linters * Fixing linters * Adding docstring * Handling pagination erros. * Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- Co-authored-by: glicht <glicht@users.noreply.github.com> * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Fixing linters. * Adding missing test_data * Fixing conf.json integration name * Updating docker version * Fixing id and type in the yml * Fixing doc review. * Fixing doc review. * Fixing doc review. * Fixing integration name. * Fixing pack_metadata * Adding readme file * Fixing integration name * Fixing secrets * Updating README * Update README --------- Co-authored-by: Jonathan Tauman <jonathant@qmasters.co> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * Skipped test playbook, developed by Qmasters and w have no instance for it * Skipped test playbook, developed by Qmasters and w have no instance for it --------- Co-authored-by: ronh1 <112933572+ronh1@users.noreply.github.com> Co-authored-by: Jonathan Tauman <jonathant@qmasters.co> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: gal-forer <forer.gal@gmail.com> Co-authored-by: gal-forer <gforer@paloaltonetworks.com>

* Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- Co-authored-by: glicht <glicht@users.noreply.github.com> * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Fixing relese note --------- Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com>

* Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Fixing relese note --------- Co-authored-by: ronh1 <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com>

* Cisco WSA (demisto#24917) * init new integration branch * commands work * added new update commands * domain map progress * Identification profiles and domain map improvements * access policy create commands * Added docstrings and improved update objects request * fixed update objects command and token retrieve issue * Add space to conf * Revert "Add space to conf" This reverts commit 3a74b93. * First demo fixes and domain map unit tests * Created identification profile and url categories unit tests * Created access policies unit tests * fixed pack validations * Fixed mypy lints * added README * Internal CR Fixes * Added UT for access policies and added functionality for identification profiles * deprecated existing integration * Updated release notes and pack version * test playbook, command examples, fixes * Dict to dict * Updating files * Fixing linters * Adding ok codes in requests * Adding docstrings * Handler for HTTP requests * Adding unit tests * Adding unit tests * Adding unit tests * Adding unit tests * Fixing linters * Adding multi status handler for delete commands * Fixing linters. * Fixing linters * Fixing linters and docstrigns * Filtering catefories * Fixing linters * Fixing datetime to iso 8061 * Naming and updating files for pr * Adding release note * Adding secrets files * Improving code * Updating after review * Improving code. * Improving code. * Improving tests. * Improving tests * Fixing type hints * Adding delete hander * Adding docstrings * Adding tests * Fixing linters * Fixing linters * Adding docstring * Handling pagination erros. * Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (demisto#24876) * Update Docker Image To demisto/fastapi (demisto#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (demisto#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (demisto#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (demisto#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * NGINXApiModule: fix logging typo (demisto#24878) * fix logging typo * bump dependent packs --------- Co-authored-by: glicht <glicht@users.noreply.github.com> * Downgrade docker to fix banner issue (demisto#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Fixing linters. * Adding missing test_data * Fixing conf.json integration name * Updating docker version * Fixing id and type in the yml * Fixing doc review. * Fixing doc review. * Fixing doc review. * Fixing integration name. * Fixing pack_metadata * Adding readme file * Fixing integration name * Fixing secrets * Updating README * Update README --------- Co-authored-by: Jonathan Tauman <jonathant@qmasters.co> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * Skipped test playbook, developed by Qmasters and w have no instance for it * Skipped test playbook, developed by Qmasters and w have no instance for it --------- Co-authored-by: ronh1 <112933572+ronh1@users.noreply.github.com> Co-authored-by: Jonathan Tauman <jonathant@qmasters.co> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: gal-forer <forer.gal@gmail.com> Co-authored-by: gal-forer <gforer@paloaltonetworks.com>

* Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (demisto#24876) * Update Docker Image To demisto/fastapi (demisto#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (demisto#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (demisto#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (demisto#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (demisto#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (demisto#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Fixing relese note --------- Co-authored-by: ronh1 <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com>

* Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- Co-authored-by: glicht <glicht@users.noreply.github.com> * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Updating error handllin * Updating error handling. * Updating error handling. * Updating error handling. * Updating error handling. * Updating linters. * Updating linters. * Validation fix * Updating release note description. * Updating knowd words. * Updating pack metadata. * Updating error handling(try/ except). --------- Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com>

* Fortiweb bug (#25744) * Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- Co-authored-by: glicht <glicht@users.noreply.github.com> * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Updating error handllin * Updating error handling. * Updating error handling. * Updating error handling. * Updating error handling. * Updating linters. * Updating linters. * Validation fix * Updating release note description. * Updating knowd words. * Updating pack metadata. * Updating error handling(try/ except). --------- Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * version fix * docker update --------- Co-authored-by: ronh1 <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: Dan Tavori <dtavori@paloaltonetworks.com>

* Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- Co-authored-by: glicht <glicht@users.noreply.github.com> * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding integration * Adding integration. * Adding incidents to common types * Adding classifiers, mappers and incidents fields * Adding to Test/conf.json * Updating release notes * Updating known words. * Fixing incidents associated type name (adding whitespace) * Fixing incidents associated type name (adding whitespace) * Fixing incidents associated type name (adding whitespace) * Updating incident fields fromversion * Updating fromversion * Updating README * Updating description * Updating description * Removing unused file. * Updating playbook name and ID. * Updating pack name. * Updating CR comments. * Updating code and secrets. * Updating secrets. * Updating description. * Updating description. * Updating README path. * Adding default value. * Updating release note. * Adding default vaule to page arguments. * Adding file_type to alert images. * Adding context data to add asset. * Adding context data to close alert. * Adding context data to update alert severity. * Adding context data to update alert assign/ unassign. * Adding yml outputs * Adding file info. * Fixing description. * Fixing description. * Initiating ExecutionMetrics in the main(). * Fixing unit-tests. * Removing unnecessary line. * Updating docstrings. * Improving generic commands implementation. * Fixing flake8 error. * Adding widgets. * Improving generic logic. * Fixing yml tests. * Fixing descriptions after doc-reviewe. * Deleting comments. * Deleting comments. * Updating known words. * Adding part of the readme * Adding part of the readme * Adding part of the readme * Fixing linters * Fixing doc-review notes. * Fixing linters * Fixing README file * Fixing classifier file name * Fixing generic commands logic. * Adding widget and updating dashboard. * Updating release note. * Updating release note. * Adding realses notes and update metadata. * Fixing Common types last release note * Fixing CommonDashboards last release note * Fixing CommonTypes last release note * Adding ThreatCommand to known words * Fixing Intsigts release note * Adding itemPrefix to pack metadata. * Updating docker version * Updating readme and pack metadata item prefix * Updating CommonTypes release note * Updating README * Updating pack metadata itemPrefix * Updating pack metadata itemPrefix * Fixing linters --------- Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com>

* Rapid7 threat command (#25775) * Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- Co-authored-by: glicht <glicht@users.noreply.github.com> * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding integration * Adding integration. * Adding incidents to common types * Adding classifiers, mappers and incidents fields * Adding to Test/conf.json * Updating release notes * Updating known words. * Fixing incidents associated type name (adding whitespace) * Fixing incidents associated type name (adding whitespace) * Fixing incidents associated type name (adding whitespace) * Updating incident fields fromversion * Updating fromversion * Updating README * Updating description * Updating description * Removing unused file. * Updating playbook name and ID. * Updating pack name. * Updating CR comments. * Updating code and secrets. * Updating secrets. * Updating description. * Updating description. * Updating README path. * Adding default value. * Updating release note. * Adding default vaule to page arguments. * Adding file_type to alert images. * Adding context data to add asset. * Adding context data to close alert. * Adding context data to update alert severity. * Adding context data to update alert assign/ unassign. * Adding yml outputs * Adding file info. * Fixing description. * Fixing description. * Initiating ExecutionMetrics in the main(). * Fixing unit-tests. * Removing unnecessary line. * Updating docstrings. * Improving generic commands implementation. * Fixing flake8 error. * Adding widgets. * Improving generic logic. * Fixing yml tests. * Fixing descriptions after doc-reviewe. * Deleting comments. * Deleting comments. * Updating known words. * Adding part of the readme * Adding part of the readme * Adding part of the readme * Fixing linters * Fixing doc-review notes. * Fixing linters * Fixing README file * Fixing classifier file name * Fixing generic commands logic. * Adding widget and updating dashboard. * Updating release note. * Updating release note. * Adding realses notes and update metadata. * Fixing Common types last release note * Fixing CommonDashboards last release note * Fixing CommonTypes last release note * Adding ThreatCommand to known words * Fixing Intsigts release note * Adding itemPrefix to pack metadata. * Updating docker version * Updating readme and pack metadata item prefix * Updating CommonTypes release note * Updating README * Updating pack metadata itemPrefix * Updating pack metadata itemPrefix * Fixing linters --------- Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * update docker * Rename incidentfield-ThreatCommand_Source Network_Type.json to incidentfield-ThreatCommand_Source_Network_Type.json * Update 3_0_0.md * Rename incidentfield-ThreatCommand Takedown_Status.json to incidentfield-ThreatCommand_Takedown_Status.json * Update 3_0_0.md * Rename incidenttype-Rapid7 ThreatCommand_Alert.json to incidenttype-Rapid7_ThreatCommand_Alert.json * Update 3_0_0.md * Update 3_0_0.md * Rename layoutscontainer-Rapid7 ThreatCommand_Layout.json to layoutscontainer-Rapid7_ThreatCommand_Layout.json * Update 3_0_0.md * Update conf.json --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com>

* Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- Co-authored-by: glicht <glicht@users.noreply.github.com> * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding URL access rule commands * Updating description * Updating PR * Reset * Adding virtual server and dependencies commands. * Updating yml * Updating PR * Adding server pool commands * Updating yml * Adding README * Updating release notes * Updating README * Adding sdn connector list command * Updating README * Updating secrets * Improving coverage * Adding description * Fixing playbook error * Removing wrong README * Updating yml * Updating PR * Updating PR * Updating yml * Fixing Ruff errors * Updating Ruff errors * Fixing fromversion * Updating PR * Updating demo comments. --------- Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com>

* Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding URL access rule commands * Updating description * Updating PR * Reset * Adding virtual server and dependencies commands. * Updating yml * Updating PR * Adding server pool commands * Updating yml * Adding README * Updating release notes * Updating README * Adding sdn connector list command * Updating README * Updating secrets * Improving coverage * Adding description * Fixing playbook error * Removing wrong README * Updating yml * Updating PR * Updating PR * Updating yml * Fixing Ruff errors * Updating Ruff errors * Fixing fromversion * Updating PR * Updating demo comments. --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com>

* Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (demisto#24876) * Update Docker Image To demisto/fastapi (demisto#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (demisto#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (demisto#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (demisto#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (demisto#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (demisto#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding URL access rule commands * Updating description * Updating PR * Reset * Adding virtual server and dependencies commands. * Updating yml * Updating PR * Adding server pool commands * Updating yml * Adding README * Updating release notes * Updating README * Adding sdn connector list command * Updating README * Updating secrets * Improving coverage * Adding description * Fixing playbook error * Removing wrong README * Updating yml * Updating PR * Updating PR * Updating yml * Fixing Ruff errors * Updating Ruff errors * Fixing fromversion * Updating PR * Updating demo comments. --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com>

* Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- Co-authored-by: glicht <glicht@users.noreply.github.com> * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com>

* Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com>

* Add command prisma-cloud-compute-get-file-integrity-events (#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (#29621) * [pre-commit pycln] Align the entire repo with pycln (#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (#29638) * add marketplaces to metadata (#29629) * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <bot@demisto.com> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * rename image --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * PANOS - EXPANDR-5744 (#29223) (#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Audit alert fields fix (#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Big query bug xsup 28132 (#29680) * bug fix * rn * rn * Apply suggestions from code review Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * format * pre commit --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * New Prisma Cloud v2 commands (#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fix test playbook * Tomer's changes --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Prisma Cloud Update (#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- Co-authored-by: Content Bot <bot@demisto.com> * Rapid7 appsec (#29134) (#29687) * Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * Panos add param (#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Fix proxy usage (#85) (#29630) * Fix proxy usage (#85) (#29181) * Fix proxy usage (#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> * Missing dependencies when installing packs (#28989) * search and install packs --------- Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * Deprecate Picus Community (#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> * [ASM] - Expander - GCP Hierarchy field - 4376 (#29696) (#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- Co-authored-by: Ali Sawyer <91506078+ali-sawyer@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: Tomer Haimof <81556849+tomer-pan@users.noreply.github.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Co-authored-by: eepstain <116078117+eepstain@users.noreply.github.com> Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: Koby Meir <kobymeir@users.noreply.github.com> Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> Co-authored-by: Edi Katsenelson <85438368+edik24@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com>

…9608) * Add command prisma-cloud-compute-get-file-integrity-events (demisto#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (demisto#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (demisto#29621) * [pre-commit pycln] Align the entire repo with pycln (demisto#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (demisto#29638) * add marketplaces to metadata (demisto#29629) * Fixing AWS Project Number in ASM Cloud (demisto#29593) (demisto#29642) Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [MS Teams] support reset_graph_auth (demisto#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (demisto#29641) * Recordedfuture threathunting v2.5.0 (demisto#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] Expander 5777 (demisto#29647) * [ASM] Expander 5777 (demisto#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * XDR Malware Enrichment - hotfix for usernames (split) (demisto#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/pyjwt3 (demisto#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (demisto#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (demisto#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (demisto#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/taxii-server (demisto#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/datadog-api-client (demisto#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Add reliability parameter to cves and pipl integration (demisto#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <bot@demisto.com> * Proofpoint email security pack: update description (demisto#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * Jira v2 deprecated (demisto#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (demisto#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * XSUP-27717/FortiSIEM (demisto#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (demisto#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (demisto#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (demisto#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * rename image --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * add unstuck fetch stream command (demisto#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln demisto#4 (demisto#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (demisto#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (demisto#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * PANOS - EXPANDR-5744 (demisto#29223) (demisto#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Audit alert fields fix (demisto#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (demisto#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (demisto#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (demisto#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Big query bug xsup 28132 (demisto#29680) * bug fix * rn * rn * Apply suggestions from code review Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * format * pre commit --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * New Prisma Cloud v2 commands (demisto#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fix test playbook * Tomer's changes --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Prisma Cloud Update (demisto#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- Co-authored-by: Content Bot <bot@demisto.com> * Rapid7 appsec (demisto#29134) (demisto#29687) * Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (demisto#24876) * Update Docker Image To demisto/fastapi (demisto#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (demisto#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (demisto#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (demisto#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (demisto#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (demisto#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * Panos add param (demisto#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Fix proxy usage (demisto#85) (demisto#29630) * Fix proxy usage (demisto#85) (demisto#29181) * Fix proxy usage (demisto#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (demisto#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> * Missing dependencies when installing packs (demisto#28989) * search and install packs --------- Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * Deprecate Picus Community (demisto#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> * [ASM] - Expander - GCP Hierarchy field - 4376 (demisto#29696) (demisto#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- Co-authored-by: Ali Sawyer <91506078+ali-sawyer@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: Tomer Haimof <81556849+tomer-pan@users.noreply.github.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Co-authored-by: eepstain <116078117+eepstain@users.noreply.github.com> Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: Koby Meir <kobymeir@users.noreply.github.com> Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> Co-authored-by: Edi Katsenelson <85438368+edik24@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com>

* Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (demisto#24876) * Update Docker Image To demisto/fastapi (demisto#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (demisto#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (demisto#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (demisto#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (demisto#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (demisto#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com>

…9608) * Add command prisma-cloud-compute-get-file-integrity-events (demisto#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (demisto#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (demisto#29621) * [pre-commit pycln] Align the entire repo with pycln (demisto#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (demisto#29638) * add marketplaces to metadata (demisto#29629) * Fixing AWS Project Number in ASM Cloud (demisto#29593) (demisto#29642) Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [MS Teams] support reset_graph_auth (demisto#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (demisto#29641) * Recordedfuture threathunting v2.5.0 (demisto#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] Expander 5777 (demisto#29647) * [ASM] Expander 5777 (demisto#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * XDR Malware Enrichment - hotfix for usernames (split) (demisto#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/pyjwt3 (demisto#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (demisto#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (demisto#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (demisto#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/taxii-server (demisto#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/datadog-api-client (demisto#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Add reliability parameter to cves and pipl integration (demisto#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <bot@demisto.com> * Proofpoint email security pack: update description (demisto#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * Jira v2 deprecated (demisto#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (demisto#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * XSUP-27717/FortiSIEM (demisto#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (demisto#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (demisto#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (demisto#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * rename image --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * add unstuck fetch stream command (demisto#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln demisto#4 (demisto#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (demisto#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (demisto#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * PANOS - EXPANDR-5744 (demisto#29223) (demisto#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Audit alert fields fix (demisto#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (demisto#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (demisto#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (demisto#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Big query bug xsup 28132 (demisto#29680) * bug fix * rn * rn * Apply suggestions from code review Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * format * pre commit --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * New Prisma Cloud v2 commands (demisto#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fix test playbook * Tomer's changes --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Prisma Cloud Update (demisto#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- Co-authored-by: Content Bot <bot@demisto.com> * Rapid7 appsec (demisto#29134) (demisto#29687) * Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (demisto#24876) * Update Docker Image To demisto/fastapi (demisto#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (demisto#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (demisto#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (demisto#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (demisto#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (demisto#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * Panos add param (demisto#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Fix proxy usage (demisto#85) (demisto#29630) * Fix proxy usage (demisto#85) (demisto#29181) * Fix proxy usage (demisto#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (demisto#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> * Missing dependencies when installing packs (demisto#28989) * search and install packs --------- Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * Deprecate Picus Community (demisto#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> * [ASM] - Expander - GCP Hierarchy field - 4376 (demisto#29696) (demisto#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- Co-authored-by: Ali Sawyer <91506078+ali-sawyer@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: Tomer Haimof <81556849+tomer-pan@users.noreply.github.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Co-authored-by: eepstain <116078117+eepstain@users.noreply.github.com> Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: Koby Meir <kobymeir@users.noreply.github.com> Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> Co-authored-by: Edi Katsenelson <85438368+edik24@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com>

* Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (demisto#24876) * Update Docker Image To demisto/fastapi (demisto#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (demisto#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (demisto#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (demisto#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (demisto#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (demisto#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com>

…9608) * Add command prisma-cloud-compute-get-file-integrity-events (demisto#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (demisto#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (demisto#29621) * [pre-commit pycln] Align the entire repo with pycln (demisto#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (demisto#29638) * add marketplaces to metadata (demisto#29629) * Fixing AWS Project Number in ASM Cloud (demisto#29593) (demisto#29642) Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [MS Teams] support reset_graph_auth (demisto#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (demisto#29641) * Recordedfuture threathunting v2.5.0 (demisto#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] Expander 5777 (demisto#29647) * [ASM] Expander 5777 (demisto#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * XDR Malware Enrichment - hotfix for usernames (split) (demisto#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/pyjwt3 (demisto#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (demisto#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (demisto#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (demisto#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/taxii-server (demisto#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/datadog-api-client (demisto#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Add reliability parameter to cves and pipl integration (demisto#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <bot@demisto.com> * Proofpoint email security pack: update description (demisto#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * Jira v2 deprecated (demisto#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (demisto#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * XSUP-27717/FortiSIEM (demisto#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (demisto#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (demisto#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (demisto#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * rename image --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * add unstuck fetch stream command (demisto#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (demisto#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (demisto#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (demisto#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * PANOS - EXPANDR-5744 (demisto#29223) (demisto#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Audit alert fields fix (demisto#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (demisto#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (demisto#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (demisto#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Big query bug xsup 28132 (demisto#29680) * bug fix * rn * rn * Apply suggestions from code review Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * format * pre commit --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * New Prisma Cloud v2 commands (demisto#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fix test playbook * Tomer's changes --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Prisma Cloud Update (demisto#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- Co-authored-by: Content Bot <bot@demisto.com> * Rapid7 appsec (demisto#29134) (demisto#29687) * Revert "Add space to conf" This reverts commit 3a74b93. * Updated the packs category to *Authentication & Identity Management* (part 2) (demisto#24876) * Update Docker Image To demisto/fastapi (demisto#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (demisto#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (demisto#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (demisto#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (demisto#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (demisto#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * Panos add param (demisto#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Fix proxy usage (#85) (demisto#29630) * Fix proxy usage (#85) (demisto#29181) * Fix proxy usage (#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> * Missing dependencies when installing packs (demisto#28989) * search and install packs --------- Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * Deprecate Picus Community (demisto#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> * [ASM] - Expander - GCP Hierarchy field - 4376 (demisto#29696) (demisto#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- Co-authored-by: Ali Sawyer <91506078+ali-sawyer@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: Tomer Haimof <81556849+tomer-pan@users.noreply.github.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Co-authored-by: eepstain <116078117+eepstain@users.noreply.github.com> Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: Koby Meir <kobymeir@users.noreply.github.com> Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> Co-authored-by: Edi Katsenelson <85438368+edik24@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com>

* test commit * remove bt link * Remove A in TI for yaml and md for indicator * back yaml to default * refactor yaml with cortex utils * refactor md and yaml for feed * remove bp/domain * replace git_leak with git_repository * Add new collection Fix issue with date for TI * remove changes outside the Packs * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * update release notes * update logo * update logo * Revert "update release notes" This reverts commit fc93e44461b3085c156c42a96e3f5aaf8efbe0af. * revert microsocks * fix compromised account issue * adding RL * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/GroupIBTIA.py Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * create release notes v1_3_12 * add test for compromised/account_group * refactor changes in playbook * fixed validation errors * adding pragma no cover * refactor RN * add urllib exception * fixing validation errors * adding pragma no cover * format * fix lint test errors * revert sentinel * revert changes to azure sentinel * fixing cloud machine ids processing (#29777) * fixing cloud machine ids processing * not exiting the installation script if we fail to install a pack. report an error but continue with the test playbook upload (#29759) Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * Microsoft DNS Parsing Rule Drop (#29765) * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * [JoeSecurity] Pre-Commit (#29717) * [pre-commit ruff] Align the entire repo with ruff #2 (#29754) * [pre-commit ruff] Align the entire repo with ruff #2 * Add RN * Update the docker image * Don't checkout build files in pre-commit (#27900) * is file up to date pre-commit * Revert changes made by mistake --------- Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks (#29774) * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks * RN * fixed RN and 'NGFW Scan playbook' * CiscoSMA- Added timeout parameter (#29372) * fix * add_tests * fix_test_description * fix_yml_add_readme * fixes - add timeout to the client * add timeout to yml * revert changes * Update CiscoSMA.py * Update CiscoSMA.py * CR review * add RN * fix CR review * update docker image * XSUP-27956/ Added EWS PS V3 Description (#29784) * updated the description * update rn * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * test * test * removed import --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 * fix minor typos and update docker image * Bump Docker version --------- Co-authored-by: Ariel Tobiana <107474518+ariel-wiz@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] - Expander - Update ASM fields (4821) (#29702) * [ASM] - Expander - Update ASM fields (4821) (#29506) * Add missing comments to grid fields - Update descriptions of fields as needed. * Add release notes * Add descriptions to two fields - asmdevcheckdetails - asmenrichmentstatus * Update release notes. * Grammar updates. * Update release notes * Add mandatory or optional in comments * Update comments with mandatory * Update pack version and release notes * Add correct 1_6_33 release notes * fix rn * fix rn --------- Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> * Wildfire-upload-url add poling timeout argument (#29790) * save adding timeout param * new docker image * added rn * fix ruff * ruff made me to do this fixes :( not related to my changes * Update Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/2_1_35.md * poetry files (#29793) Co-authored-by: Content Bot <bot@demisto.com> * Dra-cvss-color-fix (#29757) * Fixed a small issue when indicator had no custom fields * RN * docker bump * RN * Update CVECVSSColor.py * docker bump * RN * fixing typos in build scripts. (#29788) unremovable -> non-removable productname -> product_name testplaybook -> test_playbook changed some arg passing to use their full name: -gpidd -gpidp Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * mapping to standard stix values (#29785) * mapping to standard stix values * updated release notes * update docker * breaking json * add dot * Add the nightly_ruff file for run pre-commit with --all flag (#29684) * Add the nightly_ruff file for run pre-commit with --all flag * Add more rules; Add the error name * Add E501 * Add F601, F842, TID252 * XSUP-27528 (#29705) * add_tests * add_tests * add RN, fix tests, format yml * Update Packs/CommonScripts/ReleaseNotes/1_12_24.md Co-authored-by: Arad Carmi <62752352+AradCarmi@users.noreply.github.com> * fix readme * Bump pack from version CommonScripts to 1.12.25. --------- Co-authored-by: Arad Carmi <62752352+AradCarmi@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29802) * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29625) * bumped docker version for axonius api client * docker image * remove the - --------- Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> * format --------- Co-authored-by: Bryce Pedroza <97995056+bryce-ax@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> * Updated native:8.4 image; Add auth-utils support (#29792) Co-authored-by: GuyAfik <guyafik11@gmail.com> * Fixed sc_task closing state (#29636) * Fixed sc_task closing state * Added release notes * Updated docker image * small fix * bumped dokcer * fixed rn --------- Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: sbenyakir <shahaf.benyakir@demisto.com> * Private Compliance Packs (#29664) * XSUP-27936 problem with regex (#29613) * failed test * fix * rn * rn * unit test * ut * validations * fixed test and docker * fix * validation * Prisma Cloud V2 Add "usernames" Argument (#29710) * add username arg * support list * update UT * update README * docker update * update TPB * Fortinet fortigate enhancement (#29655) * Updated the readme for proofpoint fortigate. * Modified the modeling rule. * Modified the modeling rule and the schema file. * Updated the release note. * Update Packs/FortiGate/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated the modeling rule. * Added tags to the readme. * removed ftntfgtmastersrcmac and ftntfgtmasterdstmac from the mapping. * updated the modeling rule and the schema file. * updated the modeling rule * updated the modeling rule --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Add syslog example for War Room Actions (#29800) * Graph Security Update (#29797) * Updated MicrosoftGraphSecurity_schema * Updated ReleaseNotes * Updated ReleaseNotes * [Dataminr Pulse] Release 106 (#29805) * [Dataminr Pulse] Release 106 (#29693) * Changes related to release v1.0.6 * Changes related to release v1.0.6 * Fixing Release Note related issue --------- Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Bump Docker version --------- Co-authored-by: Crest Data Systems <60967033+crestdatasystems@users.noreply.github.com> Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [RecordedFuture] threat actor playbook update V2.5.1 (#29690) (#29807) * Update Threat actor search playbook. * Add release notes * Fix formatting * Change ExtractedIndicators to ExtractedIndicators\.File * Fix release notes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [JoeSecurity] show partial result in polling commands (#29715) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 (#29761) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 * Private Upload Mode - ThreatExchange v2 (#28249) * ThreatExchange integration * ThreatExchange updates * Added param to instance configuration * pre-commit * updated RN * RN test * CR updates * Removed Threat_Crowd * Update Packs/ThreatExchange/ReleaseNotes/2_0_12.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * docker * format * skip tests since theres no instance * no testing instance --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> * added plus 1 for each iteration in find destination (#29811) * added plus 1 for each iteration in find destination (#29760) * added plus 1 for each iteration in find destination * added release notes * Update Packs/Cisco-umbrella-cloud-security/ReleaseNotes/2_0_2.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * updated docker image tag to latest * updated unit test for pagination functions * removed comments --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update 2_0_2.md --------- Co-authored-by: LiorQM <106475467+LiorQM@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> * Mde list indicator filter (#29640) * Mde list indicator filter (#29338) * init indicator filter * release notes * latest docker image * updated docker image * minor fixes * reslove conflicts * resolve version conflicts * silence linter * format * docker * Apply suggestions from Shirley Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * add period * change phrase * adding "is_mockable": false * docker * try change test playbook * empty line * docker * return the mock * Revert "return the mock" This reverts commit da9baeff5cadddf2cd125fb073c266c867f465a5. --------- Co-authored-by: ckaadic <48683125+ckaadic@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Audit Logs Endpoints Scripts Aligments for Xsoar-8 (#29781) * test * fix core api * ExportAuditLogsToFile - add support for xsoar-8 * add ExportAuditLogsToFile UTs * add forward audit logs uts * update ut * validation fixes * mypy * bump rns * update docker * update docker image * fix ut * format * Bump pack from version CommonScripts to 1.12.25. * Bump pack from version CommonScripts to 1.12.26. * cr * cr fixes * update * fix uts --------- Co-authored-by: Content Bot <bot@demisto.com> * Add command prisma-cloud-compute-get-file-integrity-events (#29608) * Add command prisma-cloud-compute-get-file-integrity-events (#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (#29621) * [pre-commit pycln] Align the entire repo with pycln (#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (#29638) * add marketplaces to metadata (#29629) * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <bot@demisto.com> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * rename image --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * PANOS - EXPANDR-5744 (#29223) (#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Audit alert fields fix (#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Big query bug xsup 28132 (#29680) * bug fix * rn * rn * Apply suggestions from code review Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * format * pre commit --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * New Prisma Cloud v2 commands (#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fix test playbook * Tomer's changes --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Prisma Cloud Update (#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- Co-authored-by: Content Bot <bot@demisto.com> * Rapid7 appsec (#29134) (#29687) * Revert "Add space to conf" This reverts commit 3a74b931d31ae2b33e0e4570c7df7d06c668e9c8. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * Panos add param (#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Fix proxy usage (#85) (#29630) * Fix proxy usage (#85) (#29181) * Fix proxy usage (#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> * Missing dependencies when installing packs (#28989) * search and install packs --------- Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * Deprecate Picus Community (#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> * [ASM] - Expander - GCP Hierarchy field - 4376 (#29696) (#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- Co-authored-by: Ali Sawyer <91506078+ali-sawyer@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: Tomer Haimof <81556849+tomer-pan@users.noreply.github.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Co-authored-by: eepstain <116078117+eepstain@users.noreply.github.com> Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: Koby Meir <kobymeir@users.noreply.github.com> Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> Co-authored-by: Edi Katsenelson <85438368+edik24@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * [Marketplace Contribution] Okta - Content Pack Update (#29650) * [Marketplace Contribution] Okta - Content Pack Update (#29303) * "contribution update to pack "Okta"" * minor fixes * add outputs and readme * add outputs description * update docker * change outputs --------- Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <bot@demisto.com> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * rename image --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * update docker --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> * If-Elif Transformer (#27763) * IfElif init * minor changes * parse single strings not json * fixed regex * fixed json bug * removed context * created eval blacklist * added json KW to eval * Update bucket-upload.yml * added ast for parsing * use hash for context grab * added value arg * quick * added unit-tests * added README.md * added RN * added flags arg; use dt for context grabbing * fixed context grabbing * added regex support * finished readme * finished readme 2 * added variables arg * changed vars to upper * changed to class * prefixed variable bug * some tests * finished unit-tests * completed tests * finished docs * finished docs in yml * new design for 'value' * unit-tests complete * docs part 1 * docs complete * added if-elif TPB * fixed TPB * fixed mypy error * fixed mypy error * fixed injection issue; added + op * name changes * added injection test in TPB * CR changes * error for unknown variables * reformat 'from_context' func * resolve conflicts * demo changes * demo changes part 2 * bug fix * updated docker * added list_compare flag * added error catcher for comp funcs * readme update; textArea for conditions * resolve conflicts * resolve conflicts * updated docker * name changes * fixed unit-tests * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * added missing flag to readme * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * name changes * added suppres_error behaviuor to docs * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * updated docker --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * revert removal of release notes generator (#29828) * revert * validations * rn * search_and_install_packs.py - less strict when installing packs during nightly. should be reverted in (#29806) Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * exit on error alignment.fixing echo message when exiting the uninstallation script. (#29821) * exit on error alignment. fixing echo message when exiting the uninstallation script. * installing specific poetry version (#29812) * installing specific poetry version - moving the logic to bootstrap * Cs falcon detections revert (#29833) * Revert "Cs falcon fetch limit issue (#29411)" This reverts commit f7b7d5c6 * Revert "Cs limit in idp detections (#29550)" This reverts commit 47738d56 * Added rn * Added rn * SQL Alchemy 2.x.x (#29436) * MySQL and Postgress works * MSSQL, My SQL and postgres works with bind_variables from the second form * resolve conflicts * fix CR's comments * pre commit * parsing the results * Add UT * same name and right docker * RN * sourcery * another docker image * revert docker image * Update Packs/GenericSQL/ReleaseNotes/1_0_25.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix variable name * constants * mapping instead of conditions * unskip Oracle TPB * resolve conflicts * resolve conflicts * Constants * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * CR fixes * Update Packs/GenericSQL/ReleaseNotes/1_1_0.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * add commit after executing a query * fix UT * remove autocommit true from MSSQL * fix UT * autocommit for MSSQL, commit for the others * commit for the others DBs, since in MSSQL is automatically * docker image --------- Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Generic playbooks fixes (#29711) * fixes for generic playbooks * fixes for generic playbooks * fixes for generic playbooks * Use Case Builder Development stage Field update (#29771) (#29825) * pushing changes to the use case stage * adding release notes * Update pack_metadata.json * Rename 1_1_0.md to 1_0_4.md * Update 1_0_4.md * Update 1_0_4.md --------- Co-authored-by: Joe Cosgrove <joecosgrove5@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Add mapper and disable auto extraction for ThinkstCanary (#29756) * Add Classification and Mapping to ThinkstCanary Integration * Duo Mapping Enrichment (#29139) * Updated DuoModelingRule_1_3 * Updated ModelingRules and ReleaseNotes * Updated ModelingRules and ReleaseNotes * Updated DuoModelingRule_1_3_schema and README * Rev DuoModelingRule_1_3 | add DuoModelingRule_2_0 * Updated .yml and ReleaseNotes * Updated DuoModelingRule_2_0 * Updated ReleaseNotes * Updated .yml with toversion: 8.3.0 * Updated DuoModelingRule_2_0_schema * Updated ModelingRules * Updated ReleaseNotes * Bump pack from version DuoAdminApi to 4.0.8. * Updated DuoModelingRule_1_3 * azure * Updated DuoModelingRule_2_0 * Updated DuoModelingRule_2_0 * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * Updated ReleaseNotes * Updated ReleaseNotes * Updated DuoModelingRule_2_0 * Reverted MS packs * Reverted MS packs * Updated DuoModelingRule_1_3_schema * Updated ReleaseNotes * Update Packs/DuoAdminApi/ReleaseNotes/4_0_10.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * [AWS System Manager] New Pack (#28992) * init - new pack * 2 commands * aws-ssm-inventory-entry-list * list_associations_command * remove boto stubs * remove boto stubs * improve * poetry * revert poetry * aws-ssm-association-list * aws-ssm-association-get * aws-ssm-association-get * aws-ssm-association-version-list * format * aws-ssm-document-list * ruff * ruff * ssmclient test * test * doc get * docs * Update pyproject.toml * Update poetry.lock * Update .pre-commit-config_template.yaml * regex * aws-ssm-tag-remove * improve * aws-ssm-automation-execution-list * pack * aws-ssm-command-list * aws-ssm-command-run aws-ssm-command-cancel * ruff * Apply suggestions from code review Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> * UT * UT * cr and docs * black * black and ruff * format * description * format description * pack metadata * fix ut * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * cr * cr * fix yml * add outputs * Update Packs/AWS_SystemManager/Integrations/AWSSystemManager/AWSSystemManager.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix cr * run command and fix UT * automation run * fix output add playbook * docs * docs * docs * docs * ruff and black * fix demo * fix demo * update docker and fix line to long * Apply suggestions from code review (docs) Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr fix * update docker * fix line * Fix an issue * Fix an issue * Update playbook description * Update docker --------- Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Fix splunk search in incident context (#29763) * fixes * fixes * fixes * update docker * added rn * add bc rn * Empty-Commit * Test For 'WildFire Malware' Playbook (#29404) * Test For 'WildFire Malware' Playbook * PR * RN * added the "is_mockable" config to the conf file * removed the "is_mockable" config to the conf file * Bump pack from version Core to 2.0.14. * Bump pack from version Core to 2.0.15. * Increased timeout configs * Added VirusTotal to the conf file * added virustotal instance name * changed the 'AutoContainment' playbook input config to 'true' * changed 'timeout' * changed 'timeout' * changed 'timeout' to 1600 * changed the 'ShouldCloseAutomatically' playbook input to 'false' * added the test playbook name to the playbook YML file * RN * removed the close note alert field verification * added the 'marketplacev2' to the test playbook YML file * added the '000001e7a228b2a7abdf7f7e404bc8522df32b725e86907dde32176bccbbbb27' malicious file hash to secrets ignore file. the file hash is used within the test playbook for enrichment and test purposes. --------- Co-authored-by: Content Bot <bot@demisto.com> * update docker image (#29845) * added functionallity to download index by marketplace (#29834) * added functionallity to download index by marketplace * added some logs for validation * commit * removed logs * [pre-commit MyPy] Align the entire repo with MyPy #2 (#29799) * [pre-commit MyPy] Align the entire repo with MyPy #2 * Add RN * Revert changes in 1.12.26 RN * Update the docker images * [pre-commit MyPy] Align the entire repo with MyPy #1 (#29798) * [pre-commit MyPy] Align the entire repo with MyPy #1 * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * test * test * removed import --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase re…

* Update Group-IB TI APP PR from master branch (#29350) * test commit * remove bt link * Remove A in TI for yaml and md for indicator * back yaml to default * refactor yaml with cortex utils * refactor md and yaml for feed * remove bp/domain * replace git_leak with git_repository * Add new collection Fix issue with date for TI * remove changes outside the Packs * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * update release notes * update logo * update logo * Revert "update release notes" This reverts commit fc93e44461b3085c156c42a96e3f5aaf8efbe0af. * revert microsocks * fix compromised account issue * adding RL * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/GroupIBTIA.py Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * create release notes v1_3_12 * add test for compromised/account_group * refactor changes in playbook * fixed validation errors * adding pragma no cover * refactor RN * add urllib exception * fixing validation errors * adding pragma no cover * format * fix lint test errors * revert sentinel * revert changes to azure sentinel * fixing cloud machine ids processing (#29777) * fixing cloud machine ids processing * not exiting the installation script if we fail to install a pack. report an error but continue with the test playbook upload (#29759) Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * Microsoft DNS Parsing Rule Drop (#29765) * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * [JoeSecurity] Pre-Commit (#29717) * [pre-commit ruff] Align the entire repo with ruff #2 (#29754) * [pre-commit ruff] Align the entire repo with ruff #2 * Add RN * Update the docker image * Don't checkout build files in pre-commit (#27900) * is file up to date pre-commit * Revert changes made by mistake --------- Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks (#29774) * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks * RN * fixed RN and 'NGFW Scan playbook' * CiscoSMA- Added timeout parameter (#29372) * fix * add_tests * fix_test_description * fix_yml_add_readme * fixes - add timeout to the client * add timeout to yml * revert changes * Update CiscoSMA.py * Update CiscoSMA.py * CR review * add RN * fix CR review * update docker image * XSUP-27956/ Added EWS PS V3 Description (#29784) * updated the description * update rn * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * test * test * removed import --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 * fix minor typos and update docker image * Bump Docker version --------- Co-authored-by: Ariel Tobiana <107474518+ariel-wiz@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] - Expander - Update ASM fields (4821) (#29702) * [ASM] - Expander - Update ASM fields (4821) (#29506) * Add missing comments to grid fields - Update descriptions of fields as needed. * Add release notes * Add descriptions to two fields - asmdevcheckdetails - asmenrichmentstatus * Update release notes. * Grammar updates. * Update release notes * Add mandatory or optional in comments * Update comments with mandatory * Update pack version and release notes * Add correct 1_6_33 release notes * fix rn * fix rn --------- Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> * Wildfire-upload-url add poling timeout argument (#29790) * save adding timeout param * new docker image * added rn * fix ruff * ruff made me to do this fixes :( not related to my changes * Update Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/2_1_35.md * poetry files (#29793) Co-authored-by: Content Bot <bot@demisto.com> * Dra-cvss-color-fix (#29757) * Fixed a small issue when indicator had no custom fields * RN * docker bump * RN * Update CVECVSSColor.py * docker bump * RN * fixing typos in build scripts. (#29788) unremovable -> non-removable productname -> product_name testplaybook -> test_playbook changed some arg passing to use their full name: -gpidd -gpidp Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * mapping to standard stix values (#29785) * mapping to standard stix values * updated release notes * update docker * breaking json * add dot * Add the nightly_ruff file for run pre-commit with --all flag (#29684) * Add the nightly_ruff file for run pre-commit with --all flag * Add more rules; Add the error name * Add E501 * Add F601, F842, TID252 * XSUP-27528 (#29705) * add_tests * add_tests * add RN, fix tests, format yml * Update Packs/CommonScripts/ReleaseNotes/1_12_24.md Co-authored-by: Arad Carmi <62752352+AradCarmi@users.noreply.github.com> * fix readme * Bump pack from version CommonScripts to 1.12.25. --------- Co-authored-by: Arad Carmi <62752352+AradCarmi@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29802) * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29625) * bumped docker version for axonius api client * docker image * remove the - --------- Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> * format --------- Co-authored-by: Bryce Pedroza <97995056+bryce-ax@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> * Updated native:8.4 image; Add auth-utils support (#29792) Co-authored-by: GuyAfik <guyafik11@gmail.com> * Fixed sc_task closing state (#29636) * Fixed sc_task closing state * Added release notes * Updated docker image * small fix * bumped dokcer * fixed rn --------- Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: sbenyakir <shahaf.benyakir@demisto.com> * Private Compliance Packs (#29664) * XSUP-27936 problem with regex (#29613) * failed test * fix * rn * rn * unit test * ut * validations * fixed test and docker * fix * validation * Prisma Cloud V2 Add "usernames" Argument (#29710) * add username arg * support list * update UT * update README * docker update * update TPB * Fortinet fortigate enhancement (#29655) * Updated the readme for proofpoint fortigate. * Modified the modeling rule. * Modified the modeling rule and the schema file. * Updated the release note. * Update Packs/FortiGate/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated the modeling rule. * Added tags to the readme. * removed ftntfgtmastersrcmac and ftntfgtmasterdstmac from the mapping. * updated the modeling rule and the schema file. * updated the modeling rule * updated the modeling rule --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Add syslog example for War Room Actions (#29800) * Graph Security Update (#29797) * Updated MicrosoftGraphSecurity_schema * Updated ReleaseNotes * Updated ReleaseNotes * [Dataminr Pulse] Release 106 (#29805) * [Dataminr Pulse] Release 106 (#29693) * Changes related to release v1.0.6 * Changes related to release v1.0.6 * Fixing Release Note related issue --------- Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Bump Docker version --------- Co-authored-by: Crest Data Systems <60967033+crestdatasystems@users.noreply.github.com> Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [RecordedFuture] threat actor playbook update V2.5.1 (#29690) (#29807) * Update Threat actor search playbook. * Add release notes * Fix formatting * Change ExtractedIndicators to ExtractedIndicators\.File * Fix release notes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [JoeSecurity] show partial result in polling commands (#29715) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 (#29761) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 * Private Upload Mode - ThreatExchange v2 (#28249) * ThreatExchange integration * ThreatExchange updates * Added param to instance configuration * pre-commit * updated RN * RN test * CR updates * Removed Threat_Crowd * Update Packs/ThreatExchange/ReleaseNotes/2_0_12.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * docker * format * skip tests since theres no instance * no testing instance --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> * added plus 1 for each iteration in find destination (#29811) * added plus 1 for each iteration in find destination (#29760) * added plus 1 for each iteration in find destination * added release notes * Update Packs/Cisco-umbrella-cloud-security/ReleaseNotes/2_0_2.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * updated docker image tag to latest * updated unit test for pagination functions * removed comments --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update 2_0_2.md --------- Co-authored-by: LiorQM <106475467+LiorQM@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> * Mde list indicator filter (#29640) * Mde list indicator filter (#29338) * init indicator filter * release notes * latest docker image * updated docker image * minor fixes * reslove conflicts * resolve version conflicts * silence linter * format * docker * Apply suggestions from Shirley Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * add period * change phrase * adding "is_mockable": false * docker * try change test playbook * empty line * docker * return the mock * Revert "return the mock" This reverts commit da9baeff5cadddf2cd125fb073c266c867f465a5. --------- Co-authored-by: ckaadic <48683125+ckaadic@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Audit Logs Endpoints Scripts Aligments for Xsoar-8 (#29781) * test * fix core api * ExportAuditLogsToFile - add support for xsoar-8 * add ExportAuditLogsToFile UTs * add forward audit logs uts * update ut * validation fixes * mypy * bump rns * update docker * update docker image * fix ut * format * Bump pack from version CommonScripts to 1.12.25. * Bump pack from version CommonScripts to 1.12.26. * cr * cr fixes * update * fix uts --------- Co-authored-by: Content Bot <bot@demisto.com> * Add command prisma-cloud-compute-get-file-integrity-events (#29608) * Add command prisma-cloud-compute-get-file-integrity-events (#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (#29621) * [pre-commit pycln] Align the entire repo with pycln (#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (#29638) * add marketplaces to metadata (#29629) * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <bot@demisto.com> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * rename image --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * PANOS - EXPANDR-5744 (#29223) (#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Audit alert fields fix (#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Big query bug xsup 28132 (#29680) * bug fix * rn * rn * Apply suggestions from code review Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * format * pre commit --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * New Prisma Cloud v2 commands (#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fix test playbook * Tomer's changes --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Prisma Cloud Update (#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- Co-authored-by: Content Bot <bot@demisto.com> * Rapid7 appsec (#29134) (#29687) * Revert "Add space to conf" This reverts commit 3a74b931d31ae2b33e0e4570c7df7d06c668e9c8. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * Panos add param (#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Fix proxy usage (#85) (#29630) * Fix proxy usage (#85) (#29181) * Fix proxy usage (#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> * Missing dependencies when installing packs (#28989) * search and install packs --------- Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * Deprecate Picus Community (#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> * [ASM] - Expander - GCP Hierarchy field - 4376 (#29696) (#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- Co-authored-by: Ali Sawyer <91506078+ali-sawyer@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: Tomer Haimof <81556849+tomer-pan@users.noreply.github.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Co-authored-by: eepstain <116078117+eepstain@users.noreply.github.com> Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: Koby Meir <kobymeir@users.noreply.github.com> Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> Co-authored-by: Edi Katsenelson <85438368+edik24@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * [Marketplace Contribution] Okta - Content Pack Update (#29650) * [Marketplace Contribution] Okta - Content Pack Update (#29303) * "contribution update to pack "Okta"" * minor fixes * add outputs and readme * add outputs description * update docker * change outputs --------- Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <bot@demisto.com> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * rename image --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * update docker --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> * If-Elif Transformer (#27763) * IfElif init * minor changes * parse single strings not json * fixed regex * fixed json bug * removed context * created eval blacklist * added json KW to eval * Update bucket-upload.yml * added ast for parsing * use hash for context grab * added value arg * quick * added unit-tests * added README.md * added RN * added flags arg; use dt for context grabbing * fixed context grabbing * added regex support * finished readme * finished readme 2 * added variables arg * changed vars to upper * changed to class * prefixed variable bug * some tests * finished unit-tests * completed tests * finished docs * finished docs in yml * new design for 'value' * unit-tests complete * docs part 1 * docs complete * added if-elif TPB * fixed TPB * fixed mypy error * fixed mypy error * fixed injection issue; added + op * name changes * added injection test in TPB * CR changes * error for unknown variables * reformat 'from_context' func * resolve conflicts * demo changes * demo changes part 2 * bug fix * updated docker * added list_compare flag * added error catcher for comp funcs * readme update; textArea for conditions * resolve conflicts * resolve conflicts * updated docker * name changes * fixed unit-tests * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * added missing flag to readme * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * name changes * added suppres_error behaviuor to docs * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * updated docker --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * revert removal of release notes generator (#29828) * revert * validations * rn * search_and_install_packs.py - less strict when installing packs during nightly. should be reverted in (#29806) Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * exit on error alignment.fixing echo message when exiting the uninstallation script. (#29821) * exit on error alignment. fixing echo message when exiting the uninstallation script. * installing specific poetry version (#29812) * installing specific poetry version - moving the logic to bootstrap * Cs falcon detections revert (#29833) * Revert "Cs falcon fetch limit issue (#29411)" This reverts commit f7b7d5c6 * Revert "Cs limit in idp detections (#29550)" This reverts commit 47738d56 * Added rn * Added rn * SQL Alchemy 2.x.x (#29436) * MySQL and Postgress works * MSSQL, My SQL and postgres works with bind_variables from the second form * resolve conflicts * fix CR's comments * pre commit * parsing the results * Add UT * same name and right docker * RN * sourcery * another docker image * revert docker image * Update Packs/GenericSQL/ReleaseNotes/1_0_25.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix variable name * constants * mapping instead of conditions * unskip Oracle TPB * resolve conflicts * resolve conflicts * Constants * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * CR fixes * Update Packs/GenericSQL/ReleaseNotes/1_1_0.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * add commit after executing a query * fix UT * remove autocommit true from MSSQL * fix UT * autocommit for MSSQL, commit for the others * commit for the others DBs, since in MSSQL is automatically * docker image --------- Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Generic playbooks fixes (#29711) * fixes for generic playbooks * fixes for generic playbooks * fixes for generic playbooks * Use Case Builder Development stage Field update (#29771) (#29825) * pushing changes to the use case stage * adding release notes * Update pack_metadata.json * Rename 1_1_0.md to 1_0_4.md * Update 1_0_4.md * Update 1_0_4.md --------- Co-authored-by: Joe Cosgrove <joecosgrove5@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Add mapper and disable auto extraction for ThinkstCanary (#29756) * Add Classification and Mapping to ThinkstCanary Integration * Duo Mapping Enrichment (#29139) * Updated DuoModelingRule_1_3 * Updated ModelingRules and ReleaseNotes * Updated ModelingRules and ReleaseNotes * Updated DuoModelingRule_1_3_schema and README * Rev DuoModelingRule_1_3 | add DuoModelingRule_2_0 * Updated .yml and ReleaseNotes * Updated DuoModelingRule_2_0 * Updated ReleaseNotes * Updated .yml with toversion: 8.3.0 * Updated DuoModelingRule_2_0_schema * Updated ModelingRules * Updated ReleaseNotes * Bump pack from version DuoAdminApi to 4.0.8. * Updated DuoModelingRule_1_3 * azure * Updated DuoModelingRule_2_0 * Updated DuoModelingRule_2_0 * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * Updated ReleaseNotes * Updated ReleaseNotes * Updated DuoModelingRule_2_0 * Reverted MS packs * Reverted MS packs * Updated DuoModelingRule_1_3_schema * Updated ReleaseNotes * Update Packs/DuoAdminApi/ReleaseNotes/4_0_10.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * [AWS System Manager] New Pack (#28992) * init - new pack * 2 commands * aws-ssm-inventory-entry-list * list_associations_command * remove boto stubs * remove boto stubs * improve * poetry * revert poetry * aws-ssm-association-list * aws-ssm-association-get * aws-ssm-association-get * aws-ssm-association-version-list * format * aws-ssm-document-list * ruff * ruff * ssmclient test * test * doc get * docs * Update pyproject.toml * Update poetry.lock * Update .pre-commit-config_template.yaml * regex * aws-ssm-tag-remove * improve * aws-ssm-automation-execution-list * pack * aws-ssm-command-list * aws-ssm-command-run aws-ssm-command-cancel * ruff * Apply suggestions from code review Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> * UT * UT * cr and docs * black * black and ruff * format * description * format description * pack metadata * fix ut * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * cr * cr * fix yml * add outputs * Update Packs/AWS_SystemManager/Integrations/AWSSystemManager/AWSSystemManager.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix cr * run command and fix UT * automation run * fix output add playbook * docs * docs * docs * docs * ruff and black * fix demo * fix demo * update docker and fix line to long * Apply suggestions from code review (docs) Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr fix * update docker * fix line * Fix an issue * Fix an issue * Update playbook description * Update docker --------- Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Fix splunk search in incident context (#29763) * fixes * fixes * fixes * update docker * added rn * add bc rn * Empty-Commit * Test For 'WildFire Malware' Playbook (#29404) * Test For 'WildFire Malware' Playbook * PR * RN * added the "is_mockable" config to the conf file * removed the "is_mockable" config to the conf file * Bump pack from version Core to 2.0.14. * Bump pack from version Core to 2.0.15. * Increased timeout configs * Added VirusTotal to the conf file * added virustotal instance name * changed the 'AutoContainment' playbook input config to 'true' * changed 'timeout' * changed 'timeout' * changed 'timeout' to 1600 * changed the 'ShouldCloseAutomatically' playbook input to 'false' * added the test playbook name to the playbook YML file * RN * removed the close note alert field verification * added the 'marketplacev2' to the test playbook YML file * added the '000001e7a228b2a7abdf7f7e404bc8522df32b725e86907dde32176bccbbbb27' malicious file hash to secrets ignore file. the file hash is used within the test playbook for enrichment and test purposes. --------- Co-authored-by: Content Bot <bot@demisto.com> * update docker image (#29845) * added functionallity to download index by marketplace (#29834) * added functionallity to download index by marketplace * added some logs for validation * commit * removed logs * [pre-commit MyPy] Align the entire repo with MyPy #2 (#29799) * [pre-commit MyPy] Align the entire repo with MyPy #2 * Add RN * Revert changes in 1.12.26 RN * Update the docker images * [pre-commit MyPy] Align the entire repo with MyPy #1 (#29798) * [pre-commit MyPy] Align the entire repo with MyPy #1 * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * test * test * removed import --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase re…

* test commit * remove bt link * Remove A in TI for yaml and md for indicator * back yaml to default * refactor yaml with cortex utils * refactor md and yaml for feed * remove bp/domain * replace git_leak with git_repository * Add new collection Fix issue with date for TI * remove changes outside the Packs * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * update release notes * update logo * update logo * Revert "update release notes" This reverts commit fc93e44461b3085c156c42a96e3f5aaf8efbe0af. * revert microsocks * fix compromised account issue * adding RL * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/GroupIBTIA.py Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * create release notes v1_3_12 * add test for compromised/account_group * refactor changes in playbook * fixed validation errors * adding pragma no cover * refactor RN * add urllib exception * fixing validation errors * adding pragma no cover * format * fix lint test errors * revert sentinel * revert changes to azure sentinel * fixing cloud machine ids processing (#29777) * fixing cloud machine ids processing * not exiting the installation script if we fail to install a pack. report an error but continue with the test playbook upload (#29759) Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * Microsoft DNS Parsing Rule Drop (#29765) * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * [JoeSecurity] Pre-Commit (#29717) * [pre-commit ruff] Align the entire repo with ruff #2 (#29754) * [pre-commit ruff] Align the entire repo with ruff #2 * Add RN * Update the docker image * Don't checkout build files in pre-commit (#27900) * is file up to date pre-commit * Revert changes made by mistake --------- Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks (#29774) * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks * RN * fixed RN and 'NGFW Scan playbook' * CiscoSMA- Added timeout parameter (#29372) * fix * add_tests * fix_test_description * fix_yml_add_readme * fixes - add timeout to the client * add timeout to yml * revert changes * Update CiscoSMA.py * Update CiscoSMA.py * CR review * add RN * fix CR review * update docker image * XSUP-27956/ Added EWS PS V3 Description (#29784) * updated the description * update rn * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * test * test * removed import --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 * fix minor typos and update docker image * Bump Docker version --------- Co-authored-by: Ariel Tobiana <107474518+ariel-wiz@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] - Expander - Update ASM fields (4821) (#29702) * [ASM] - Expander - Update ASM fields (4821) (#29506) * Add missing comments to grid fields - Update descriptions of fields as needed. * Add release notes * Add descriptions to two fields - asmdevcheckdetails - asmenrichmentstatus * Update release notes. * Grammar updates. * Update release notes * Add mandatory or optional in comments * Update comments with mandatory * Update pack version and release notes * Add correct 1_6_33 release notes * fix rn * fix rn --------- Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> * Wildfire-upload-url add poling timeout argument (#29790) * save adding timeout param * new docker image * added rn * fix ruff * ruff made me to do this fixes :( not related to my changes * Update Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/2_1_35.md * poetry files (#29793) Co-authored-by: Content Bot <bot@demisto.com> * Dra-cvss-color-fix (#29757) * Fixed a small issue when indicator had no custom fields * RN * docker bump * RN * Update CVECVSSColor.py * docker bump * RN * fixing typos in build scripts. (#29788) unremovable -> non-removable productname -> product_name testplaybook -> test_playbook changed some arg passing to use their full name: -gpidd -gpidp Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * mapping to standard stix values (#29785) * mapping to standard stix values * updated release notes * update docker * breaking json * add dot * Add the nightly_ruff file for run pre-commit with --all flag (#29684) * Add the nightly_ruff file for run pre-commit with --all flag * Add more rules; Add the error name * Add E501 * Add F601, F842, TID252 * XSUP-27528 (#29705) * add_tests * add_tests * add RN, fix tests, format yml * Update Packs/CommonScripts/ReleaseNotes/1_12_24.md Co-authored-by: Arad Carmi <62752352+AradCarmi@users.noreply.github.com> * fix readme * Bump pack from version CommonScripts to 1.12.25. --------- Co-authored-by: Arad Carmi <62752352+AradCarmi@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29802) * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29625) * bumped docker version for axonius api client * docker image * remove the - --------- Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> * format --------- Co-authored-by: Bryce Pedroza <97995056+bryce-ax@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> * Updated native:8.4 image; Add auth-utils support (#29792) Co-authored-by: GuyAfik <guyafik11@gmail.com> * Fixed sc_task closing state (#29636) * Fixed sc_task closing state * Added release notes * Updated docker image * small fix * bumped dokcer * fixed rn --------- Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: sbenyakir <shahaf.benyakir@demisto.com> * Private Compliance Packs (#29664) * XSUP-27936 problem with regex (#29613) * failed test * fix * rn * rn * unit test * ut * validations * fixed test and docker * fix * validation * Prisma Cloud V2 Add "usernames" Argument (#29710) * add username arg * support list * update UT * update README * docker update * update TPB * Fortinet fortigate enhancement (#29655) * Updated the readme for proofpoint fortigate. * Modified the modeling rule. * Modified the modeling rule and the schema file. * Updated the release note. * Update Packs/FortiGate/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated the modeling rule. * Added tags to the readme. * removed ftntfgtmastersrcmac and ftntfgtmasterdstmac from the mapping. * updated the modeling rule and the schema file. * updated the modeling rule * updated the modeling rule --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Add syslog example for War Room Actions (#29800) * Graph Security Update (#29797) * Updated MicrosoftGraphSecurity_schema * Updated ReleaseNotes * Updated ReleaseNotes * [Dataminr Pulse] Release 106 (#29805) * [Dataminr Pulse] Release 106 (#29693) * Changes related to release v1.0.6 * Changes related to release v1.0.6 * Fixing Release Note related issue --------- Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Bump Docker version --------- Co-authored-by: Crest Data Systems <60967033+crestdatasystems@users.noreply.github.com> Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [RecordedFuture] threat actor playbook update V2.5.1 (#29690) (#29807) * Update Threat actor search playbook. * Add release notes * Fix formatting * Change ExtractedIndicators to ExtractedIndicators\.File * Fix release notes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [JoeSecurity] show partial result in polling commands (#29715) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 (#29761) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 * Private Upload Mode - ThreatExchange v2 (#28249) * ThreatExchange integration * ThreatExchange updates * Added param to instance configuration * pre-commit * updated RN * RN test * CR updates * Removed Threat_Crowd * Update Packs/ThreatExchange/ReleaseNotes/2_0_12.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * docker * format * skip tests since theres no instance * no testing instance --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> * added plus 1 for each iteration in find destination (#29811) * added plus 1 for each iteration in find destination (#29760) * added plus 1 for each iteration in find destination * added release notes * Update Packs/Cisco-umbrella-cloud-security/ReleaseNotes/2_0_2.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * updated docker image tag to latest * updated unit test for pagination functions * removed comments --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update 2_0_2.md --------- Co-authored-by: LiorQM <106475467+LiorQM@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> * Mde list indicator filter (#29640) * Mde list indicator filter (#29338) * init indicator filter * release notes * latest docker image * updated docker image * minor fixes * reslove conflicts * resolve version conflicts * silence linter * format * docker * Apply suggestions from Shirley Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * add period * change phrase * adding "is_mockable": false * docker * try change test playbook * empty line * docker * return the mock * Revert "return the mock" This reverts commit da9baeff5cadddf2cd125fb073c266c867f465a5. --------- Co-authored-by: ckaadic <48683125+ckaadic@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Audit Logs Endpoints Scripts Aligments for Xsoar-8 (#29781) * test * fix core api * ExportAuditLogsToFile - add support for xsoar-8 * add ExportAuditLogsToFile UTs * add forward audit logs uts * update ut * validation fixes * mypy * bump rns * update docker * update docker image * fix ut * format * Bump pack from version CommonScripts to 1.12.25. * Bump pack from version CommonScripts to 1.12.26. * cr * cr fixes * update * fix uts --------- Co-authored-by: Content Bot <bot@demisto.com> * Add command prisma-cloud-compute-get-file-integrity-events (#29608) * Add command prisma-cloud-compute-get-file-integrity-events (#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (#29621) * [pre-commit pycln] Align the entire repo with pycln (#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (#29638) * add marketplaces to metadata (#29629) * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <bot@demisto.com> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * rename image --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * PANOS - EXPANDR-5744 (#29223) (#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Audit alert fields fix (#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Big query bug xsup 28132 (#29680) * bug fix * rn * rn * Apply suggestions from code review Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * format * pre commit --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * New Prisma Cloud v2 commands (#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fix test playbook * Tomer's changes --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Prisma Cloud Update (#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- Co-authored-by: Content Bot <bot@demisto.com> * Rapid7 appsec (#29134) (#29687) * Revert "Add space to conf" This reverts commit 3a74b931d31ae2b33e0e4570c7df7d06c668e9c8. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * Panos add param (#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Fix proxy usage (#85) (#29630) * Fix proxy usage (#85) (#29181) * Fix proxy usage (#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> * Missing dependencies when installing packs (#28989) * search and install packs --------- Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * Deprecate Picus Community (#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> * [ASM] - Expander - GCP Hierarchy field - 4376 (#29696) (#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- Co-authored-by: Ali Sawyer <91506078+ali-sawyer@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: Tomer Haimof <81556849+tomer-pan@users.noreply.github.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Co-authored-by: eepstain <116078117+eepstain@users.noreply.github.com> Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: Koby Meir <kobymeir@users.noreply.github.com> Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> Co-authored-by: Edi Katsenelson <85438368+edik24@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * [Marketplace Contribution] Okta - Content Pack Update (#29650) * [Marketplace Contribution] Okta - Content Pack Update (#29303) * "contribution update to pack "Okta"" * minor fixes * add outputs and readme * add outputs description * update docker * change outputs --------- Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <bot@demisto.com> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * rename image --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * update docker --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> * If-Elif Transformer (#27763) * IfElif init * minor changes * parse single strings not json * fixed regex * fixed json bug * removed context * created eval blacklist * added json KW to eval * Update bucket-upload.yml * added ast for parsing * use hash for context grab * added value arg * quick * added unit-tests * added README.md * added RN * added flags arg; use dt for context grabbing * fixed context grabbing * added regex support * finished readme * finished readme 2 * added variables arg * changed vars to upper * changed to class * prefixed variable bug * some tests * finished unit-tests * completed tests * finished docs * finished docs in yml * new design for 'value' * unit-tests complete * docs part 1 * docs complete * added if-elif TPB * fixed TPB * fixed mypy error * fixed mypy error * fixed injection issue; added + op * name changes * added injection test in TPB * CR changes * error for unknown variables * reformat 'from_context' func * resolve conflicts * demo changes * demo changes part 2 * bug fix * updated docker * added list_compare flag * added error catcher for comp funcs * readme update; textArea for conditions * resolve conflicts * resolve conflicts * updated docker * name changes * fixed unit-tests * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * added missing flag to readme * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * name changes * added suppres_error behaviuor to docs * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * updated docker --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * revert removal of release notes generator (#29828) * revert * validations * rn * search_and_install_packs.py - less strict when installing packs during nightly. should be reverted in (#29806) Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * exit on error alignment.fixing echo message when exiting the uninstallation script. (#29821) * exit on error alignment. fixing echo message when exiting the uninstallation script. * installing specific poetry version (#29812) * installing specific poetry version - moving the logic to bootstrap * Cs falcon detections revert (#29833) * Revert "Cs falcon fetch limit issue (#29411)" This reverts commit f7b7d5c6 * Revert "Cs limit in idp detections (#29550)" This reverts commit 47738d56 * Added rn * Added rn * SQL Alchemy 2.x.x (#29436) * MySQL and Postgress works * MSSQL, My SQL and postgres works with bind_variables from the second form * resolve conflicts * fix CR's comments * pre commit * parsing the results * Add UT * same name and right docker * RN * sourcery * another docker image * revert docker image * Update Packs/GenericSQL/ReleaseNotes/1_0_25.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix variable name * constants * mapping instead of conditions * unskip Oracle TPB * resolve conflicts * resolve conflicts * Constants * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * CR fixes * Update Packs/GenericSQL/ReleaseNotes/1_1_0.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * add commit after executing a query * fix UT * remove autocommit true from MSSQL * fix UT * autocommit for MSSQL, commit for the others * commit for the others DBs, since in MSSQL is automatically * docker image --------- Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Generic playbooks fixes (#29711) * fixes for generic playbooks * fixes for generic playbooks * fixes for generic playbooks * Use Case Builder Development stage Field update (#29771) (#29825) * pushing changes to the use case stage * adding release notes * Update pack_metadata.json * Rename 1_1_0.md to 1_0_4.md * Update 1_0_4.md * Update 1_0_4.md --------- Co-authored-by: Joe Cosgrove <joecosgrove5@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Add mapper and disable auto extraction for ThinkstCanary (#29756) * Add Classification and Mapping to ThinkstCanary Integration * Duo Mapping Enrichment (#29139) * Updated DuoModelingRule_1_3 * Updated ModelingRules and ReleaseNotes * Updated ModelingRules and ReleaseNotes * Updated DuoModelingRule_1_3_schema and README * Rev DuoModelingRule_1_3 | add DuoModelingRule_2_0 * Updated .yml and ReleaseNotes * Updated DuoModelingRule_2_0 * Updated ReleaseNotes * Updated .yml with toversion: 8.3.0 * Updated DuoModelingRule_2_0_schema * Updated ModelingRules * Updated ReleaseNotes * Bump pack from version DuoAdminApi to 4.0.8. * Updated DuoModelingRule_1_3 * azure * Updated DuoModelingRule_2_0 * Updated DuoModelingRule_2_0 * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * Updated ReleaseNotes * Updated ReleaseNotes * Updated DuoModelingRule_2_0 * Reverted MS packs * Reverted MS packs * Updated DuoModelingRule_1_3_schema * Updated ReleaseNotes * Update Packs/DuoAdminApi/ReleaseNotes/4_0_10.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * [AWS System Manager] New Pack (#28992) * init - new pack * 2 commands * aws-ssm-inventory-entry-list * list_associations_command * remove boto stubs * remove boto stubs * improve * poetry * revert poetry * aws-ssm-association-list * aws-ssm-association-get * aws-ssm-association-get * aws-ssm-association-version-list * format * aws-ssm-document-list * ruff * ruff * ssmclient test * test * doc get * docs * Update pyproject.toml * Update poetry.lock * Update .pre-commit-config_template.yaml * regex * aws-ssm-tag-remove * improve * aws-ssm-automation-execution-list * pack * aws-ssm-command-list * aws-ssm-command-run aws-ssm-command-cancel * ruff * Apply suggestions from code review Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> * UT * UT * cr and docs * black * black and ruff * format * description * format description * pack metadata * fix ut * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * cr * cr * fix yml * add outputs * Update Packs/AWS_SystemManager/Integrations/AWSSystemManager/AWSSystemManager.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix cr * run command and fix UT * automation run * fix output add playbook * docs * docs * docs * docs * ruff and black * fix demo * fix demo * update docker and fix line to long * Apply suggestions from code review (docs) Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr fix * update docker * fix line * Fix an issue * Fix an issue * Update playbook description * Update docker --------- Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Fix splunk search in incident context (#29763) * fixes * fixes * fixes * update docker * added rn * add bc rn * Empty-Commit * Test For 'WildFire Malware' Playbook (#29404) * Test For 'WildFire Malware' Playbook * PR * RN * added the "is_mockable" config to the conf file * removed the "is_mockable" config to the conf file * Bump pack from version Core to 2.0.14. * Bump pack from version Core to 2.0.15. * Increased timeout configs * Added VirusTotal to the conf file * added virustotal instance name * changed the 'AutoContainment' playbook input config to 'true' * changed 'timeout' * changed 'timeout' * changed 'timeout' to 1600 * changed the 'ShouldCloseAutomatically' playbook input to 'false' * added the test playbook name to the playbook YML file * RN * removed the close note alert field verification * added the 'marketplacev2' to the test playbook YML file * added the '000001e7a228b2a7abdf7f7e404bc8522df32b725e86907dde32176bccbbbb27' malicious file hash to secrets ignore file. the file hash is used within the test playbook for enrichment and test purposes. --------- Co-authored-by: Content Bot <bot@demisto.com> * update docker image (#29845) * added functionallity to download index by marketplace (#29834) * added functionallity to download index by marketplace * added some logs for validation * commit * removed logs * [pre-commit MyPy] Align the entire repo with MyPy #2 (#29799) * [pre-commit MyPy] Align the entire repo with MyPy #2 * Add RN * Revert changes in 1.12.26 RN * Update the docker images * [pre-commit MyPy] Align the entire repo with MyPy #1 (#29798) * [pre-commit MyPy] Align the entire repo with MyPy #1 * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * test * test * removed import --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 …

* test commit * remove bt link * Remove A in TI for yaml and md for indicator * back yaml to default * refactor yaml with cortex utils * refactor md and yaml for feed * remove bp/domain * replace git_leak with git_repository * Add new collection Fix issue with date for TI * remove changes outside the Packs * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json * update release notes * update logo * update logo * Revert "update release notes" This reverts commit fc93e44461b3085c156c42a96e3f5aaf8efbe0af. * revert microsocks * fix compromised account issue * adding RL * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/GroupIBTIA.py * create release notes v1_3_12 * add test for compromised/account_group * refactor changes in playbook * fixed validation errors * adding pragma no cover * refactor RN * add urllib exception * fixing validation errors * adding pragma no cover * format * fix lint test errors * revert sentinel * revert changes to azure sentinel * fixing cloud machine ids processing (#29777) * fixing cloud machine ids processing * not exiting the installation script if we fail to install a pack. report an error but continue with the test playbook upload (#29759) * Microsoft DNS Parsing Rule Drop (#29765) * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * [JoeSecurity] Pre-Commit (#29717) * [pre-commit ruff] Align the entire repo with ruff #2 (#29754) * [pre-commit ruff] Align the entire repo with ruff #2 * Add RN * Update the docker image * Don't checkout build files in pre-commit (#27900) * is file up to date pre-commit * Revert changes made by mistake --------- * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks (#29774) * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks * RN * fixed RN and 'NGFW Scan playbook' * CiscoSMA- Added timeout parameter (#29372) * fix * add_tests * fix_test_description * fix_yml_add_readme * fixes - add timeout to the client * add timeout to yml * revert changes * Update CiscoSMA.py * Update CiscoSMA.py * CR review * add RN * fix CR review * update docker image * XSUP-27956/ Added EWS PS V3 Description (#29784) * updated the description * update rn * Apply suggestions from code review --------- * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md * test * test * removed import --------- * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 * fix minor typos and update docker image * Bump Docker version --------- * [ASM] - Expander - Update ASM fields (4821) (#29702) * [ASM] - Expander - Update ASM fields (4821) (#29506) * Add missing comments to grid fields - Update descriptions of fields as needed. * Add release notes * Add descriptions to two fields - asmdevcheckdetails - asmenrichmentstatus * Update release notes. * Grammar updates. * Update release notes * Add mandatory or optional in comments * Update comments with mandatory * Update pack version and release notes * Add correct 1_6_33 release notes * fix rn * fix rn --------- * Wildfire-upload-url add poling timeout argument (#29790) * save adding timeout param * new docker image * added rn * fix ruff * ruff made me to do this fixes :( not related to my changes * Update Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/2_1_35.md * poetry files (#29793) * Dra-cvss-color-fix (#29757) * Fixed a small issue when indicator had no custom fields * RN * docker bump * RN * Update CVECVSSColor.py * docker bump * RN * fixing typos in build scripts. (#29788) unremovable -> non-removable productname -> product_name testplaybook -> test_playbook changed some arg passing to use their full name: -gpidd -gpidp * mapping to standard stix values (#29785) * mapping to standard stix values * updated release notes * update docker * breaking json * add dot * Add the nightly_ruff file for run pre-commit with --all flag (#29684) * Add the nightly_ruff file for run pre-commit with --all flag * Add more rules; Add the error name * Add E501 * Add F601, F842, TID252 * XSUP-27528 (#29705) * add_tests * add_tests * add RN, fix tests, format yml * Update Packs/CommonScripts/ReleaseNotes/1_12_24.md * fix readme * Bump pack from version CommonScripts to 1.12.25. --------- * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29802) * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29625) * bumped docker version for axonius api client * docker image * remove the - --------- * format --------- * Updated native:8.4 image; Add auth-utils support (#29792) * Fixed sc_task closing state (#29636) * Fixed sc_task closing state * Added release notes * Updated docker image * small fix * bumped dokcer * fixed rn --------- * Private Compliance Packs (#29664) * XSUP-27936 problem with regex (#29613) * failed test * fix * rn * rn * unit test * ut * validations * fixed test and docker * fix * validation * Prisma Cloud V2 Add "usernames" Argument (#29710) * add username arg * support list * update UT * update README * docker update * update TPB * Fortinet fortigate enhancement (#29655) * Updated the readme for proofpoint fortigate. * Modified the modeling rule. * Modified the modeling rule and the schema file. * Updated the release note. * Update Packs/FortiGate/README.md * Updated the modeling rule. * Added tags to the readme. * removed ftntfgtmastersrcmac and ftntfgtmasterdstmac from the mapping. * updated the modeling rule and the schema file. * updated the modeling rule * updated the modeling rule --------- * Add syslog example for War Room Actions (#29800) * Graph Security Update (#29797) * Updated MicrosoftGraphSecurity_schema * Updated ReleaseNotes * Updated ReleaseNotes * [Dataminr Pulse] Release 106 (#29805) * [Dataminr Pulse] Release 106 (#29693) * Changes related to release v1.0.6 * Changes related to release v1.0.6 * Fixing Release Note related issue --------- * Bump Docker version --------- * [RecordedFuture] threat actor playbook update V2.5.1 (#29690) (#29807) * Update Threat actor search playbook. * Add release notes * Fix formatting * Change ExtractedIndicators to ExtractedIndicators\.File * Fix release notes --------- * [JoeSecurity] show partial result in polling commands (#29715) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 (#29761) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 * Private Upload Mode - ThreatExchange v2 (#28249) * ThreatExchange integration * ThreatExchange updates * Added param to instance configuration * pre-commit * updated RN * RN test * CR updates * Removed Threat_Crowd * Update Packs/ThreatExchange/ReleaseNotes/2_0_12.md * docker * format * skip tests since theres no instance * no testing instance --------- * added plus 1 for each iteration in find destination (#29811) * added plus 1 for each iteration in find destination (#29760) * added plus 1 for each iteration in find destination * added release notes * Update Packs/Cisco-umbrella-cloud-security/ReleaseNotes/2_0_2.md * updated docker image tag to latest * updated unit test for pagination functions * removed comments --------- * Update 2_0_2.md --------- * Mde list indicator filter (#29640) * Mde list indicator filter (#29338) * init indicator filter * release notes * latest docker image * updated docker image * minor fixes * reslove conflicts * resolve version conflicts * silence linter * format * docker * Apply suggestions from Shirley * add period * change phrase * adding "is_mockable": false * docker * try change test playbook * empty line * docker * return the mock * Revert "return the mock" This reverts commit da9baeff5cadddf2cd125fb073c266c867f465a5. --------- * Audit Logs Endpoints Scripts Aligments for Xsoar-8 (#29781) * test * fix core api * ExportAuditLogsToFile - add support for xsoar-8 * add ExportAuditLogsToFile UTs * add forward audit logs uts * update ut * validation fixes * mypy * bump rns * update docker * update docker image * fix ut * format * Bump pack from version CommonScripts to 1.12.25. * Bump pack from version CommonScripts to 1.12.26. * cr * cr fixes * update * fix uts --------- * Add command prisma-cloud-compute-get-file-integrity-events (#29608) * Add command prisma-cloud-compute-get-file-integrity-events (#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (#29621) * [pre-commit pycln] Align the entire repo with pycln (#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (#29638) * add marketplaces to metadata (#29629) * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- * Minor README fixes --------- * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md --------- * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- * rename image --------- * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- * PANOS - EXPANDR-5744 (#29223) (#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- * Audit alert fields fix (#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- * Big query bug xsup 28132 (#29680) * bug fix * rn * rn * Apply suggestions from code review * format * pre commit --------- * New Prisma Cloud v2 commands (#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review * fix test playbook * Tomer's changes --------- * Prisma Cloud Update (#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- * Rapid7 appsec (#29134) (#29687) * Revert "Add space to conf" This reverts commit 3a74b931d31ae2b33e0e4570c7df7d06c668e9c8. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- * Panos add param (#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- * Fix proxy usage (#85) (#29630) * Fix proxy usage (#85) (#29181) * Fix proxy usage (#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- * Missing dependencies when installing packs (#28989) * search and install packs --------- * Deprecate Picus Community (#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- * [ASM] - Expander - GCP Hierarchy field - 4376 (#29696) (#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- * [Marketplace Contribution] Okta - Content Pack Update (#29650) * [Marketplace Contribution] Okta - Content Pack Update (#29303) * "contribution update to pack "Okta"" * minor fixes * add outputs and readme * add outputs description * update docker * change outputs --------- * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- * Minor README fixes --------- * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md --------- * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- * rename image --------- * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * update docker --------- * If-Elif Transformer (#27763) * IfElif init * minor changes * parse single strings not json * fixed regex * fixed json bug * removed context * created eval blacklist * added json KW to eval * Update bucket-upload.yml * added ast for parsing * use hash for context grab * added value arg * quick * added unit-tests * added README.md * added RN * added flags arg; use dt for context grabbing * fixed context grabbing * added regex support * finished readme * finished readme 2 * added variables arg * changed vars to upper * changed to class * prefixed variable bug * some tests * finished unit-tests * completed tests * finished docs * finished docs in yml * new design for 'value' * unit-tests complete * docs part 1 * docs complete * added if-elif TPB * fixed TPB * fixed mypy error * fixed mypy error * fixed injection issue; added + op * name changes * added injection test in TPB * CR changes * error for unknown variables * reformat 'from_context' func * resolve conflicts * demo changes * demo changes part 2 * bug fix * updated docker * added list_compare flag * added error catcher for comp funcs * readme update; textArea for conditions * resolve conflicts * resolve conflicts * updated docker * name changes * fixed unit-tests * Apply suggestions from code review * added missing flag to readme * CR changes * Apply suggestions from code review * name changes * added suppres_error behaviuor to docs * Apply suggestions from code review * updated docker --------- * revert removal of release notes generator (#29828) * revert * validations * rn * search_and_install_packs.py - less strict when installing packs during nightly. should be reverted in (#29806) * exit on error alignment.fixing echo message when exiting the uninstallation script. (#29821) * exit on error alignment. fixing echo message when exiting the uninstallation script. * installing specific poetry version (#29812) * installing specific poetry version - moving the logic to bootstrap * Cs falcon detections revert (#29833) * Revert "Cs falcon fetch limit issue (#29411)" This reverts commit f7b7d5c6 * Revert "Cs limit in idp detections (#29550)" This reverts commit 47738d56 * Added rn * Added rn * SQL Alchemy 2.x.x (#29436) * MySQL and Postgress works * MSSQL, My SQL and postgres works with bind_variables from the second form * resolve conflicts * fix CR's comments * pre commit * parsing the results * Add UT * same name and right docker * RN * sourcery * another docker image * revert docker image * Update Packs/GenericSQL/ReleaseNotes/1_0_25.md * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * fix variable name * constants * mapping instead of conditions * unskip Oracle TPB * resolve conflicts * resolve conflicts * Constants * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * CR fixes * Update Packs/GenericSQL/ReleaseNotes/1_1_0.md * add commit after executing a query * fix UT * remove autocommit true from MSSQL * fix UT * autocommit for MSSQL, commit for the others * commit for the others DBs, since in MSSQL is automatically * docker image --------- * Generic playbooks fixes (#29711) * fixes for generic playbooks * fixes for generic playbooks * fixes for generic playbooks * Use Case Builder Development stage Field update (#29771) (#29825) * pushing changes to the use case stage * adding release notes * Update pack_metadata.json * Rename 1_1_0.md to 1_0_4.md * Update 1_0_4.md * Update 1_0_4.md --------- * Add mapper and disable auto extraction for ThinkstCanary (#29756) * Add Classification and Mapping to ThinkstCanary Integration * Duo Mapping Enrichment (#29139) * Updated DuoModelingRule_1_3 * Updated ModelingRules and ReleaseNotes * Updated ModelingRules and ReleaseNotes * Updated DuoModelingRule_1_3_schema and README * Rev DuoModelingRule_1_3 | add DuoModelingRule_2_0 * Updated .yml and ReleaseNotes * Updated DuoModelingRule_2_0 * Updated ReleaseNotes * Updated .yml with toversion: 8.3.0 * Updated DuoModelingRule_2_0_schema * Updated ModelingRules * Updated ReleaseNotes * Bump pack from version DuoAdminApi to 4.0.8. * Updated DuoModelingRule_1_3 * azure * Updated DuoModelingRule_2_0 * Updated DuoModelingRule_2_0 * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * Updated ReleaseNotes * Updated ReleaseNotes * Updated DuoModelingRule_2_0 * Reverted MS packs * Reverted MS packs * Updated DuoModelingRule_1_3_schema * Updated ReleaseNotes * Update Packs/DuoAdminApi/ReleaseNotes/4_0_10.md --------- * [AWS System Manager] New Pack (#28992) * init - new pack * 2 commands * aws-ssm-inventory-entry-list * list_associations_command * remove boto stubs * remove boto stubs * improve * poetry * revert poetry * aws-ssm-association-list * aws-ssm-association-get * aws-ssm-association-get * aws-ssm-association-version-list * format * aws-ssm-document-list * ruff * ruff * ssmclient test * test * doc get * docs * Update pyproject.toml * Update poetry.lock * Update .pre-commit-config_template.yaml * regex * aws-ssm-tag-remove * improve * aws-ssm-automation-execution-list * pack * aws-ssm-command-list * aws-ssm-command-run aws-ssm-command-cancel * ruff * Apply suggestions from code review * Apply suggestions from code review * UT * UT * cr and docs * black * black and ruff * format * description * format description * pack metadata * fix ut * Apply suggestions from code review * Apply suggestions from code review * cr * cr * fix yml * add outputs * Update Packs/AWS_SystemManager/Integrations/AWSSystemManager/AWSSystemManager.py * fix cr * run command and fix UT * automation run * fix output add playbook * docs * docs * docs * docs * ruff and black * fix demo * fix demo * update docker and fix line to long * Apply suggestions from code review (docs) * cr fix * update docker * fix line * Fix an issue * Fix an issue * Update playbook description * Update docker --------- * Fix splunk search in incident context (#29763) * fixes * fixes * fixes * update docker * added rn * add bc rn * Empty-Commit * Test For 'WildFire Malware' Playbook (#29404) * Test For 'WildFire Malware' Playbook * PR * RN * added the "is_mockable" config to the conf file * removed the "is_mockable" config to the conf file * Bump pack from version Core to 2.0.14. * Bump pack from version Core to 2.0.15. * Increased timeout configs * Added VirusTotal to the conf file * added virustotal instance name * changed the 'AutoContainment' playbook input config to 'true' * changed 'timeout' * changed 'timeout' * changed 'timeout' to 1600 * changed the 'ShouldCloseAutomatically' playbook input to 'false' * added the test playbook name to the playbook YML file * RN * removed the close note alert field verification * added the 'marketplacev2' to the test playbook YML file * added the '000001e7a228b2a7abdf7f7e404bc8522df32b725e86907dde32176bccbbbb27' malicious file hash to secrets ignore file. the file hash is used within the test playbook for enrichment and test purposes. --------- * update docker image (#29845) * added functionallity to download index by marketplace (#29834) * added functionallity to download index by marketplace * added some logs for validation * commit * removed logs * [pre-commit MyPy] Align the entire repo with MyPy #2 (#29799) * [pre-commit MyPy] Align the entire repo with MyPy #2 * Add RN * Revert changes in 1.12.26 RN * Update the docker images * [pre-commit MyPy] Align the entire repo with MyPy #1 (#29798) * [pre-commit MyPy] Align the entire repo with MyPy #1 * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md * test * test * removed import --------- * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 … Co-authored-by: Daniil Lanskoy <107933862+LanskoyGIB@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Koby Meir <kobymeir@users.noreply.github.com> Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> Co-authored-by: eepstain <116078117+eepstain@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> Co-authored-by: TalNos <112805149+TalNos@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Arad Carmi <62752352+AradCarmi@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: Ariel Tobiana <107474518+ariel-wiz@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: Darya Koval <72339940+daryakoval@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Dror Avrahami <davrahami@paloaltonetworks.com> Co-authored-by: Judah Schwartz <JudahSchwartz@users.noreply.github.com> Co-authored-by: Bryce Pedroza <97995056+bryce-ax@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com> Co-authored-by: GuyAfik <guyafik11@gmail.com> Co-authored-by: Shelly Tzohar <45915502+Shellyber@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: sbenyakir <shahaf.benyakir@demisto.com> Co-authored-by: tkatzir <tkatzir@paloaltonetworks.com> Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Co-authored-by: yasta5 <112320333+yasta5@users.noreply.github.com> Co-authored-by: Crest Data Systems <60967033+crestdatasystems@users.noreply.github.com> Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: darkushin <61732335+darkushin@users.noreply.github.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: LiorQM <106475467+LiorQM@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> Co-authored-by: ckaadic <48683125+ckaadic@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Ali Sawyer <91506078+ali-sawyer@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: Tomer Haimof <81556849+tomer-pan@users.noreply.github.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: Edi Katsenelson <85438368+edik24@users.noreply.github.com> Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> Co-authored-by: Yuval Cohen <86777474+yucohen@users.noreply.github.com> Co-authored-by: rshunim <102469772+rshunim@users.noreply.github.com> Co-authored-by: OmriItzhak <115150792+OmriItzhak@users.noreply.github.com> Co-authored-by: Joe Cosgrove <joecosgrove5@gmail.com> Co-authored-by: Shmuel Kroizer <69422117+shmuel44@users.noreply.github.com> Co-authored-by: Israel Lappe <79846863+ilappe@users.noreply.github.com> Co-authored-by: Erez FelmanDar <102903097+efelmandar@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> Co-authored-by: ArikDay <115150768+ArikDay@users.noreply.github.com> Co-authored-by: Christopher Hultin <chrishultin@google.com> Co-authored-by: Mike Beauchamp <beauchompers@gmail.com> Co-authored-by: Moshe Galitzky <112559840+moishce@users.noreply.github.com>

* Group-IB hot fix integration (#30470) (#30878) * test commit * remove bt link * Remove A in TI for yaml and md for indicator * back yaml to default * refactor yaml with cortex utils * refactor md and yaml for feed * remove bp/domain * replace git_leak with git_repository * Add new collection Fix issue with date for TI * remove changes outside the Packs * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json * update release notes * update logo * update logo * Revert "update release notes" This reverts commit fc93e44461b3085c156c42a96e3f5aaf8efbe0af. * revert microsocks * fix compromised account issue * adding RL * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/GroupIBTIA.py * create release notes v1_3_12 * add test for compromised/account_group * refactor changes in playbook * fixed validation errors * adding pragma no cover * refactor RN * add urllib exception * fixing validation errors * adding pragma no cover * format * fix lint test errors * revert sentinel * revert changes to azure sentinel * fixing cloud machine ids processing (#29777) * fixing cloud machine ids processing * not exiting the installation script if we fail to install a pack. report an error but continue with the test playbook upload (#29759) * Microsoft DNS Parsing Rule Drop (#29765) * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * [JoeSecurity] Pre-Commit (#29717) * [pre-commit ruff] Align the entire repo with ruff #2 (#29754) * [pre-commit ruff] Align the entire repo with ruff #2 * Add RN * Update the docker image * Don't checkout build files in pre-commit (#27900) * is file up to date pre-commit * Revert changes made by mistake --------- * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks (#29774) * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks * RN * fixed RN and 'NGFW Scan playbook' * CiscoSMA- Added timeout parameter (#29372) * fix * add_tests * fix_test_description * fix_yml_add_readme * fixes - add timeout to the client * add timeout to yml * revert changes * Update CiscoSMA.py * Update CiscoSMA.py * CR review * add RN * fix CR review * update docker image * XSUP-27956/ Added EWS PS V3 Description (#29784) * updated the description * update rn * Apply suggestions from code review --------- * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md * test * test * removed import --------- * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 * fix minor typos and update docker image * Bump Docker version --------- * [ASM] - Expander - Update ASM fields (4821) (#29702) * [ASM] - Expander - Update ASM fields (4821) (#29506) * Add missing comments to grid fields - Update descriptions of fields as needed. * Add release notes * Add descriptions to two fields - asmdevcheckdetails - asmenrichmentstatus * Update release notes. * Grammar updates. * Update release notes * Add mandatory or optional in comments * Update comments with mandatory * Update pack version and release notes * Add correct 1_6_33 release notes * fix rn * fix rn --------- * Wildfire-upload-url add poling timeout argument (#29790) * save adding timeout param * new docker image * added rn * fix ruff * ruff made me to do this fixes :( not related to my changes * Update Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/2_1_35.md * poetry files (#29793) * Dra-cvss-color-fix (#29757) * Fixed a small issue when indicator had no custom fields * RN * docker bump * RN * Update CVECVSSColor.py * docker bump * RN * fixing typos in build scripts. (#29788) unremovable -> non-removable productname -> product_name testplaybook -> test_playbook changed some arg passing to use their full name: -gpidd -gpidp * mapping to standard stix values (#29785) * mapping to standard stix values * updated release notes * update docker * breaking json * add dot * Add the nightly_ruff file for run pre-commit with --all flag (#29684) * Add the nightly_ruff file for run pre-commit with --all flag * Add more rules; Add the error name * Add E501 * Add F601, F842, TID252 * XSUP-27528 (#29705) * add_tests * add_tests * add RN, fix tests, format yml * Update Packs/CommonScripts/ReleaseNotes/1_12_24.md * fix readme * Bump pack from version CommonScripts to 1.12.25. --------- * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29802) * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29625) * bumped docker version for axonius api client * docker image * remove the - --------- * format --------- * Updated native:8.4 image; Add auth-utils support (#29792) * Fixed sc_task closing state (#29636) * Fixed sc_task closing state * Added release notes * Updated docker image * small fix * bumped dokcer * fixed rn --------- * Private Compliance Packs (#29664) * XSUP-27936 problem with regex (#29613) * failed test * fix * rn * rn * unit test * ut * validations * fixed test and docker * fix * validation * Prisma Cloud V2 Add "usernames" Argument (#29710) * add username arg * support list * update UT * update README * docker update * update TPB * Fortinet fortigate enhancement (#29655) * Updated the readme for proofpoint fortigate. * Modified the modeling rule. * Modified the modeling rule and the schema file. * Updated the release note. * Update Packs/FortiGate/README.md * Updated the modeling rule. * Added tags to the readme. * removed ftntfgtmastersrcmac and ftntfgtmasterdstmac from the mapping. * updated the modeling rule and the schema file. * updated the modeling rule * updated the modeling rule --------- * Add syslog example for War Room Actions (#29800) * Graph Security Update (#29797) * Updated MicrosoftGraphSecurity_schema * Updated ReleaseNotes * Updated ReleaseNotes * [Dataminr Pulse] Release 106 (#29805) * [Dataminr Pulse] Release 106 (#29693) * Changes related to release v1.0.6 * Changes related to release v1.0.6 * Fixing Release Note related issue --------- * Bump Docker version --------- * [RecordedFuture] threat actor playbook update V2.5.1 (#29690) (#29807) * Update Threat actor search playbook. * Add release notes * Fix formatting * Change ExtractedIndicators to ExtractedIndicators\.File * Fix release notes --------- * [JoeSecurity] show partial result in polling commands (#29715) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 (#29761) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 * Private Upload Mode - ThreatExchange v2 (#28249) * ThreatExchange integration * ThreatExchange updates * Added param to instance configuration * pre-commit * updated RN * RN test * CR updates * Removed Threat_Crowd * Update Packs/ThreatExchange/ReleaseNotes/2_0_12.md * docker * format * skip tests since theres no instance * no testing instance --------- * added plus 1 for each iteration in find destination (#29811) * added plus 1 for each iteration in find destination (#29760) * added plus 1 for each iteration in find destination * added release notes * Update Packs/Cisco-umbrella-cloud-security/ReleaseNotes/2_0_2.md * updated docker image tag to latest * updated unit test for pagination functions * removed comments --------- * Update 2_0_2.md --------- * Mde list indicator filter (#29640) * Mde list indicator filter (#29338) * init indicator filter * release notes * latest docker image * updated docker image * minor fixes * reslove conflicts * resolve version conflicts * silence linter * format * docker * Apply suggestions from Shirley * add period * change phrase * adding "is_mockable": false * docker * try change test playbook * empty line * docker * return the mock * Revert "return the mock" This reverts commit da9baeff5cadddf2cd125fb073c266c867f465a5. --------- * Audit Logs Endpoints Scripts Aligments for Xsoar-8 (#29781) * test * fix core api * ExportAuditLogsToFile - add support for xsoar-8 * add ExportAuditLogsToFile UTs * add forward audit logs uts * update ut * validation fixes * mypy * bump rns * update docker * update docker image * fix ut * format * Bump pack from version CommonScripts to 1.12.25. * Bump pack from version CommonScripts to 1.12.26. * cr * cr fixes * update * fix uts --------- * Add command prisma-cloud-compute-get-file-integrity-events (#29608) * Add command prisma-cloud-compute-get-file-integrity-events (#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (#29621) * [pre-commit pycln] Align the entire repo with pycln (#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (#29638) * add marketplaces to metadata (#29629) * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- * Minor README fixes --------- * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md --------- * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- * rename image --------- * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- * PANOS - EXPANDR-5744 (#29223) (#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- * Audit alert fields fix (#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- * Big query bug xsup 28132 (#29680) * bug fix * rn * rn * Apply suggestions from code review * format * pre commit --------- * New Prisma Cloud v2 commands (#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review * fix test playbook * Tomer's changes --------- * Prisma Cloud Update (#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- * Rapid7 appsec (#29134) (#29687) * Revert "Add space to conf" This reverts commit 3a74b931d31ae2b33e0e4570c7df7d06c668e9c8. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- * Panos add param (#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- * Fix proxy usage (#85) (#29630) * Fix proxy usage (#85) (#29181) * Fix proxy usage (#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- * Missing dependencies when installing packs (#28989) * search and install packs --------- * Deprecate Picus Community (#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- * [ASM] - Expander - GCP Hierarchy field - 4376 (#29696) (#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- * [Marketplace Contribution] Okta - Content Pack Update (#29650) * [Marketplace Contribution] Okta - Content Pack Update (#29303) * "contribution update to pack "Okta"" * minor fixes * add outputs and readme * add outputs description * update docker * change outputs --------- * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- * Minor README fixes --------- * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md --------- * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- * rename image --------- * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * update docker --------- * If-Elif Transformer (#27763) * IfElif init * minor changes * parse single strings not json * fixed regex * fixed json bug * removed context * created eval blacklist * added json KW to eval * Update bucket-upload.yml * added ast for parsing * use hash for context grab * added value arg * quick * added unit-tests * added README.md * added RN * added flags arg; use dt for context grabbing * fixed context grabbing * added regex support * finished readme * finished readme 2 * added variables arg * changed vars to upper * changed to class * prefixed variable bug * some tests * finished unit-tests * completed tests * finished docs * finished docs in yml * new design for 'value' * unit-tests complete * docs part 1 * docs complete * added if-elif TPB * fixed TPB * fixed mypy error * fixed mypy error * fixed injection issue; added + op * name changes * added injection test in TPB * CR changes * error for unknown variables * reformat 'from_context' func * resolve conflicts * demo changes * demo changes part 2 * bug fix * updated docker * added list_compare flag * added error catcher for comp funcs * readme update; textArea for conditions * resolve conflicts * resolve conflicts * updated docker * name changes * fixed unit-tests * Apply suggestions from code review * added missing flag to readme * CR changes * Apply suggestions from code review * name changes * added suppres_error behaviuor to docs * Apply suggestions from code review * updated docker --------- * revert removal of release notes generator (#29828) * revert * validations * rn * search_and_install_packs.py - less strict when installing packs during nightly. should be reverted in (#29806) * exit on error alignment.fixing echo message when exiting the uninstallation script. (#29821) * exit on error alignment. fixing echo message when exiting the uninstallation script. * installing specific poetry version (#29812) * installing specific poetry version - moving the logic to bootstrap * Cs falcon detections revert (#29833) * Revert "Cs falcon fetch limit issue (#29411)" This reverts commit f7b7d5c6 * Revert "Cs limit in idp detections (#29550)" This reverts commit 47738d56 * Added rn * Added rn * SQL Alchemy 2.x.x (#29436) * MySQL and Postgress works * MSSQL, My SQL and postgres works with bind_variables from the second form * resolve conflicts * fix CR's comments * pre commit * parsing the results * Add UT * same name and right docker * RN * sourcery * another docker image * revert docker image * Update Packs/GenericSQL/ReleaseNotes/1_0_25.md * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * fix variable name * constants * mapping instead of conditions * unskip Oracle TPB * resolve conflicts * resolve conflicts * Constants * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * CR fixes * Update Packs/GenericSQL/ReleaseNotes/1_1_0.md * add commit after executing a query * fix UT * remove autocommit true from MSSQL * fix UT * autocommit for MSSQL, commit for the others * commit for the others DBs, since in MSSQL is automatically * docker image --------- * Generic playbooks fixes (#29711) * fixes for generic playbooks * fixes for generic playbooks * fixes for generic playbooks * Use Case Builder Development stage Field update (#29771) (#29825) * pushing changes to the use case stage * adding release notes * Update pack_metadata.json * Rename 1_1_0.md to 1_0_4.md * Update 1_0_4.md * Update 1_0_4.md --------- * Add mapper and disable auto extraction for ThinkstCanary (#29756) * Add Classification and Mapping to ThinkstCanary Integration * Duo Mapping Enrichment (#29139) * Updated DuoModelingRule_1_3 * Updated ModelingRules and ReleaseNotes * Updated ModelingRules and ReleaseNotes * Updated DuoModelingRule_1_3_schema and README * Rev DuoModelingRule_1_3 | add DuoModelingRule_2_0 * Updated .yml and ReleaseNotes * Updated DuoModelingRule_2_0 * Updated ReleaseNotes * Updated .yml with toversion: 8.3.0 * Updated DuoModelingRule_2_0_schema * Updated ModelingRules * Updated ReleaseNotes * Bump pack from version DuoAdminApi to 4.0.8. * Updated DuoModelingRule_1_3 * azure * Updated DuoModelingRule_2_0 * Updated DuoModelingRule_2_0 * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * Updated ReleaseNotes * Updated ReleaseNotes * Updated DuoModelingRule_2_0 * Reverted MS packs * Reverted MS packs * Updated DuoModelingRule_1_3_schema * Updated ReleaseNotes * Update Packs/DuoAdminApi/ReleaseNotes/4_0_10.md --------- * [AWS System Manager] New Pack (#28992) * init - new pack * 2 commands * aws-ssm-inventory-entry-list * list_associations_command * remove boto stubs * remove boto stubs * improve * poetry * revert poetry * aws-ssm-association-list * aws-ssm-association-get * aws-ssm-association-get * aws-ssm-association-version-list * format * aws-ssm-document-list * ruff * ruff * ssmclient test * test * doc get * docs * Update pyproject.toml * Update poetry.lock * Update .pre-commit-config_template.yaml * regex * aws-ssm-tag-remove * improve * aws-ssm-automation-execution-list * pack * aws-ssm-command-list * aws-ssm-command-run aws-ssm-command-cancel * ruff * Apply suggestions from code review * Apply suggestions from code review * UT * UT * cr and docs * black * black and ruff * format * description * format description * pack metadata * fix ut * Apply suggestions from code review * Apply suggestions from code review * cr * cr * fix yml * add outputs * Update Packs/AWS_SystemManager/Integrations/AWSSystemManager/AWSSystemManager.py * fix cr * run command and fix UT * automation run * fix output add playbook * docs * docs * docs * docs * ruff and black * fix demo * fix demo * update docker and fix line to long * Apply suggestions from code review (docs) * cr fix * update docker * fix line * Fix an issue * Fix an issue * Update playbook description * Update docker --------- * Fix splunk search in incident context (#29763) * fixes * fixes * fixes * update docker * added rn * add bc rn * Empty-Commit * Test For 'WildFire Malware' Playbook (#29404) * Test For 'WildFire Malware' Playbook * PR * RN * added the "is_mockable" config to the conf file * removed the "is_mockable" config to the conf file * Bump pack from version Core to 2.0.14. * Bump pack from version Core to 2.0.15. * Increased timeout configs * Added VirusTotal to the conf file * added virustotal instance name * changed the 'AutoContainment' playbook input config to 'true' * changed 'timeout' * changed 'timeout' * changed 'timeout' to 1600 * changed the 'ShouldCloseAutomatically' playbook input to 'false' * added the test playbook name to the playbook YML file * RN * removed the close note alert field verification * added the 'marketplacev2' to the test playbook YML file * added the '000001e7a228b2a7abdf7f7e404bc8522df32b725e86907dde32176bccbbbb27' malicious file hash to secrets ignore file. the file hash is used within the test playbook for enrichment and test purposes. --------- * update docker image (#29845) * added functionallity to download index by marketplace (#29834) * added functionallity to download index by marketplace * added some logs for validation * commit * removed logs * [pre-commit MyPy] Align the entire repo with MyPy #2 (#29799) * [pre-commit MyPy] Align the entire repo with MyPy #2 * Add RN * Revert changes in 1.12.26 RN * Update the docker images * [pre-commit MyPy] Align the entire repo with MyPy #1 (#29798) * [pre-commit MyPy] Align the entire repo with MyPy #1 * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md * test * test * removed import --------- * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 … Co-authored-by: Daniil Lanskoy <107933862+LanskoyGIB@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Koby Meir <kobymeir@users.noreply.github.com> Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> Co-authored-by: eepstain <116078117+eepstain@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> Co-authored-by: TalNos <112805149+TalNos@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Arad Carmi <62752352+AradCarmi@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: Ariel Tobiana <107474518+ariel-wiz@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: Darya Koval <72339940+daryakoval@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Dror Avrahami <davrahami@paloaltonetworks.com> Co-authored-by: Judah Schwartz <JudahSchwartz@users.noreply.github.com> Co-authored-by: Bryce Pedroza <97995056+bryce-ax@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com> Co-authored-by: GuyAfik <guyafik11@gmail.com> Co-authored-by: Shelly Tzohar <45915502+Shellyber@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: sbenyakir <shahaf.benyakir@demisto.com> Co-authored-by: tkatzir <tkatzir@paloaltonetworks.com> Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Co-authored-by: yasta5 <112320333+yasta5@users.noreply.github.com> Co-authored-by: Crest Data Systems <60967033+crestdatasystems@users.noreply.github.com> Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: darkushin <61732335+darkushin@users.noreply.github.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: LiorQM <106475467+LiorQM@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> Co-authored-by: ckaadic <48683125+ckaadic@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Ali Sawyer <91506078+ali-sawyer@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: Tomer Haimof <81556849+tomer-pan@users.noreply.github.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: Edi Katsenelson <85438368+edik24@users.noreply.github.com> Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> Co-authored-by: Yuval Cohen <86777474+yucohen@users.noreply.github.com> Co-authored-by: rshunim <102469772+rshunim@users.noreply.github.com> Co-authored-by: OmriItzhak <115150792+OmriItzhak@users.noreply.github.com> Co-authored-by: Joe Cosgrove <joecosgrove5@gmail.com> Co-authored-by: Shmuel Kroizer <69422117+shmuel44@users.noreply.github.com> Co-authored-by: Israel Lappe <79846863+ilappe@users.noreply.github.com> Co-authored-by: Erez FelmanDar <102903097+efelmandar@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> Co-authored-by: ArikDay <115150768+ArikDay@users.noreply.github.com> Co-authored-by: Christopher Hultin <chrishultin@google.com> Co-authored-by: Mike Beauchamp <beauchompers@gmail.com> Co-authored-by: Moshe Galitzky <112559840+moishce@users.noreply.github.com> * revert * revert * fixes * fixes * docker * Mypy * RN * str * Docker --------- Co-authored-by: Daniil Lanskoy <107933862+LanskoyGIB@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Koby Meir <kobymeir@users.noreply.github.com> Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> Co-authored-by: eepstain <116078117+eepstain@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> Co-authored-by: TalNos <112805149+TalNos@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Arad Carmi <62752352+AradCarmi@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: Ariel Tobiana <107474518+ariel-wiz@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: Darya Koval <72339940+daryakoval@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Dror Avrahami <davrahami@paloaltonetworks.com> Co-authored-by: Judah Schwartz <JudahSchwartz@users.noreply.github.com> Co-authored-by: Bryce Pedroza <97995056+bryce-ax@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com> Co-authored-by: GuyAfik <guyafik11@gmail.com> Co-authored-by: Shelly Tzohar <45915502+Shellyber@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: sbenyakir <shahaf.benyakir@demisto.com> Co-authored-by: tkatzir <tkatzir@paloaltonetworks.com> Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Co-authored-by: yasta5 <112320333+yasta5@users.noreply.github.com> Co-authored-by: Crest Data Systems <60967033+crestdatasystems@users.noreply.github.com> Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: darkushin <61732335+darkushin@users.noreply.github.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: LiorQM <106475467+LiorQM@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> Co-authored-by: ckaadic <48683125+ckaadic@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Ali Sawyer <91506078+ali-sawyer@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: Tomer Haimof <81556849+tomer-pan@users.noreply.github.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: Edi Katsenelson <85438368+edik24@users.noreply.github.com> Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> Co-authored-by: Yuval Cohen <86777474+yucohen@users.noreply.github.com> Co-authored-by: rshunim <102469772+rshunim@users.noreply.github.com> Co-authored-by: OmriItzhak <115150792+OmriItzhak@users.noreply.github.com> Co-authored-by: Joe Cosgrove <joecosgrove5@gmail.com> Co-authored-by: Shmuel Kroizer <69422117+shmuel44@users.noreply.github.com> Co-authored-by: Israel Lappe <79846863+ilappe@users.noreply.github.com> Co-authored-by: Erez FelmanDar <102903097+efelmandar@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> Co-authored-by: ArikDay <115150768+ArikDay@users.noreply.github.com> Co-authored-by: Christopher Hultin <chrishultin@google.com> Co-authored-by: Mike Beauchamp <beauchompers@gmail.com> Co-authored-by: Moshe Galitzky <112559840+moishce@users.noreply.github.com>

* Add command prisma-cloud-compute-get-file-integrity-events (#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (#29621) * [pre-commit pycln] Align the entire repo with pycln (#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (#29638) * add marketplaces to metadata (#29629) * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <bot@demisto.com> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * rename image --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * PANOS - EXPANDR-5744 (#29223) (#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Audit alert fields fix (#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Big query bug xsup 28132 (#29680) * bug fix * rn * rn * Apply suggestions from code review Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * format * pre commit --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * New Prisma Cloud v2 commands (#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fix test playbook * Tomer's changes --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Prisma Cloud Update (#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- Co-authored-by: Content Bot <bot@demisto.com> * Rapid7 appsec (#29134) (#29687) * Revert "Add space to conf" This reverts commit 08e6490c8907bdb3fbf2dc394d0bc352dc0c5935. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * Panos add param (#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Fix proxy usage (#85) (#29630) * Fix proxy usage (#85) (#29181) * Fix proxy usage (#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> * Missing dependencies when installing packs (#28989) * search and install packs --------- Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * Deprecate Picus Community (#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> * [ASM] - Expander - GCP Hierarchy field - 4376 (#29696) (#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- Co-authored-by: Ali Sawyer <91506078+ali-sawyer@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: Tomer Haimof <81556849+tomer-pan@users.noreply.github.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Co-authored-by: eepstain <116078117+eepstain@users.noreply.github.com> Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: Koby Meir <kobymeir@users.noreply.github.com> Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> Co-authored-by: Edi Katsenelson <85438368+edik24@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com>

* test commit * remove bt link * Remove A in TI for yaml and md for indicator * back yaml to default * refactor yaml with cortex utils * refactor md and yaml for feed * remove bp/domain * replace git_leak with git_repository * Add new collection Fix issue with date for TI * remove changes outside the Packs * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * update release notes * update logo * update logo * Revert "update release notes" This reverts commit 7c9ac76fd46c499fd185de154fe8d272657971db. * revert microsocks * fix compromised account issue * adding RL * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/GroupIBTIA.py Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * create release notes v1_3_12 * add test for compromised/account_group * refactor changes in playbook * fixed validation errors * adding pragma no cover * refactor RN * add urllib exception * fixing validation errors * adding pragma no cover * format * fix lint test errors * revert sentinel * revert changes to azure sentinel * fixing cloud machine ids processing (#29777) * fixing cloud machine ids processing * not exiting the installation script if we fail to install a pack. report an error but continue with the test playbook upload (#29759) Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * Microsoft DNS Parsing Rule Drop (#29765) * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * [JoeSecurity] Pre-Commit (#29717) * [pre-commit ruff] Align the entire repo with ruff #2 (#29754) * [pre-commit ruff] Align the entire repo with ruff #2 * Add RN * Update the docker image * Don't checkout build files in pre-commit (#27900) * is file up to date pre-commit * Revert changes made by mistake --------- Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks (#29774) * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks * RN * fixed RN and 'NGFW Scan playbook' * CiscoSMA- Added timeout parameter (#29372) * fix * add_tests * fix_test_description * fix_yml_add_readme * fixes - add timeout to the client * add timeout to yml * revert changes * Update CiscoSMA.py * Update CiscoSMA.py * CR review * add RN * fix CR review * update docker image * XSUP-27956/ Added EWS PS V3 Description (#29784) * updated the description * update rn * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * test * test * removed import --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 * fix minor typos and update docker image * Bump Docker version --------- Co-authored-by: Ariel Tobiana <107474518+ariel-wiz@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] - Expander - Update ASM fields (4821) (#29702) * [ASM] - Expander - Update ASM fields (4821) (#29506) * Add missing comments to grid fields - Update descriptions of fields as needed. * Add release notes * Add descriptions to two fields - asmdevcheckdetails - asmenrichmentstatus * Update release notes. * Grammar updates. * Update release notes * Add mandatory or optional in comments * Update comments with mandatory * Update pack version and release notes * Add correct 1_6_33 release notes * fix rn * fix rn --------- Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> * Wildfire-upload-url add poling timeout argument (#29790) * save adding timeout param * new docker image * added rn * fix ruff * ruff made me to do this fixes :( not related to my changes * Update Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/2_1_35.md * poetry files (#29793) Co-authored-by: Content Bot <bot@demisto.com> * Dra-cvss-color-fix (#29757) * Fixed a small issue when indicator had no custom fields * RN * docker bump * RN * Update CVECVSSColor.py * docker bump * RN * fixing typos in build scripts. (#29788) unremovable -> non-removable productname -> product_name testplaybook -> test_playbook changed some arg passing to use their full name: -gpidd -gpidp Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * mapping to standard stix values (#29785) * mapping to standard stix values * updated release notes * update docker * breaking json * add dot * Add the nightly_ruff file for run pre-commit with --all flag (#29684) * Add the nightly_ruff file for run pre-commit with --all flag * Add more rules; Add the error name * Add E501 * Add F601, F842, TID252 * XSUP-27528 (#29705) * add_tests * add_tests * add RN, fix tests, format yml * Update Packs/CommonScripts/ReleaseNotes/1_12_24.md Co-authored-by: Arad Carmi <62752352+AradCarmi@users.noreply.github.com> * fix readme * Bump pack from version CommonScripts to 1.12.25. --------- Co-authored-by: Arad Carmi <62752352+AradCarmi@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29802) * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29625) * bumped docker version for axonius api client * docker image * remove the - --------- Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> * format --------- Co-authored-by: Bryce Pedroza <97995056+bryce-ax@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> * Updated native:8.4 image; Add auth-utils support (#29792) Co-authored-by: GuyAfik <guyafik11@gmail.com> * Fixed sc_task closing state (#29636) * Fixed sc_task closing state * Added release notes * Updated docker image * small fix * bumped dokcer * fixed rn --------- Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: sbenyakir <shahaf.benyakir@demisto.com> * Private Compliance Packs (#29664) * XSUP-27936 problem with regex (#29613) * failed test * fix * rn * rn * unit test * ut * validations * fixed test and docker * fix * validation * Prisma Cloud V2 Add "usernames" Argument (#29710) * add username arg * support list * update UT * update README * docker update * update TPB * Fortinet fortigate enhancement (#29655) * Updated the readme for proofpoint fortigate. * Modified the modeling rule. * Modified the modeling rule and the schema file. * Updated the release note. * Update Packs/FortiGate/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated the modeling rule. * Added tags to the readme. * removed ftntfgtmastersrcmac and ftntfgtmasterdstmac from the mapping. * updated the modeling rule and the schema file. * updated the modeling rule * updated the modeling rule --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Add syslog example for War Room Actions (#29800) * Graph Security Update (#29797) * Updated MicrosoftGraphSecurity_schema * Updated ReleaseNotes * Updated ReleaseNotes * [Dataminr Pulse] Release 106 (#29805) * [Dataminr Pulse] Release 106 (#29693) * Changes related to release v1.0.6 * Changes related to release v1.0.6 * Fixing Release Note related issue --------- Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Bump Docker version --------- Co-authored-by: Crest Data Systems <60967033+crestdatasystems@users.noreply.github.com> Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [RecordedFuture] threat actor playbook update V2.5.1 (#29690) (#29807) * Update Threat actor search playbook. * Add release notes * Fix formatting * Change ExtractedIndicators to ExtractedIndicators\.File * Fix release notes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [JoeSecurity] show partial result in polling commands (#29715) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 (#29761) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 * Private Upload Mode - ThreatExchange v2 (#28249) * ThreatExchange integration * ThreatExchange updates * Added param to instance configuration * pre-commit * updated RN * RN test * CR updates * Removed Threat_Crowd * Update Packs/ThreatExchange/ReleaseNotes/2_0_12.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * docker * format * skip tests since theres no instance * no testing instance --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> * added plus 1 for each iteration in find destination (#29811) * added plus 1 for each iteration in find destination (#29760) * added plus 1 for each iteration in find destination * added release notes * Update Packs/Cisco-umbrella-cloud-security/ReleaseNotes/2_0_2.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * updated docker image tag to latest * updated unit test for pagination functions * removed comments --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update 2_0_2.md --------- Co-authored-by: LiorQM <106475467+LiorQM@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> * Mde list indicator filter (#29640) * Mde list indicator filter (#29338) * init indicator filter * release notes * latest docker image * updated docker image * minor fixes * reslove conflicts * resolve version conflicts * silence linter * format * docker * Apply suggestions from Shirley Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * add period * change phrase * adding "is_mockable": false * docker * try change test playbook * empty line * docker * return the mock * Revert "return the mock" This reverts commit ef23428eac12ef075f0dbdfba672399fb4ca7090. --------- Co-authored-by: ckaadic <48683125+ckaadic@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Audit Logs Endpoints Scripts Aligments for Xsoar-8 (#29781) * test * fix core api * ExportAuditLogsToFile - add support for xsoar-8 * add ExportAuditLogsToFile UTs * add forward audit logs uts * update ut * validation fixes * mypy * bump rns * update docker * update docker image * fix ut * format * Bump pack from version CommonScripts to 1.12.25. * Bump pack from version CommonScripts to 1.12.26. * cr * cr fixes * update * fix uts --------- Co-authored-by: Content Bot <bot@demisto.com> * Add command prisma-cloud-compute-get-file-integrity-events (#29608) * Add command prisma-cloud-compute-get-file-integrity-events (#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (#29621) * [pre-commit pycln] Align the entire repo with pycln (#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (#29638) * add marketplaces to metadata (#29629) * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <bot@demisto.com> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * rename image --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * PANOS - EXPANDR-5744 (#29223) (#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Audit alert fields fix (#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Big query bug xsup 28132 (#29680) * bug fix * rn * rn * Apply suggestions from code review Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * format * pre commit --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * New Prisma Cloud v2 commands (#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fix test playbook * Tomer's changes --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Prisma Cloud Update (#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- Co-authored-by: Content Bot <bot@demisto.com> * Rapid7 appsec (#29134) (#29687) * Revert "Add space to conf" This reverts commit 08e6490c8907bdb3fbf2dc394d0bc352dc0c5935. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * Panos add param (#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Fix proxy usage (#85) (#29630) * Fix proxy usage (#85) (#29181) * Fix proxy usage (#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> * Missing dependencies when installing packs (#28989) * search and install packs --------- Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * Deprecate Picus Community (#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> * [ASM] - Expander - GCP Hierarchy field - 4376 (#29696) (#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- Co-authored-by: Ali Sawyer <91506078+ali-sawyer@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: Tomer Haimof <81556849+tomer-pan@users.noreply.github.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Co-authored-by: eepstain <116078117+eepstain@users.noreply.github.com> Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: Koby Meir <kobymeir@users.noreply.github.com> Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> Co-authored-by: Edi Katsenelson <85438368+edik24@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * [Marketplace Contribution] Okta - Content Pack Update (#29650) * [Marketplace Contribution] Okta - Content Pack Update (#29303) * "contribution update to pack "Okta"" * minor fixes * add outputs and readme * add outputs description * update docker * change outputs --------- Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <bot@demisto.com> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * rename image --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * update docker --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> * If-Elif Transformer (#27763) * IfElif init * minor changes * parse single strings not json * fixed regex * fixed json bug * removed context * created eval blacklist * added json KW to eval * Update bucket-upload.yml * added ast for parsing * use hash for context grab * added value arg * quick * added unit-tests * added README.md * added RN * added flags arg; use dt for context grabbing * fixed context grabbing * added regex support * finished readme * finished readme 2 * added variables arg * changed vars to upper * changed to class * prefixed variable bug * some tests * finished unit-tests * completed tests * finished docs * finished docs in yml * new design for 'value' * unit-tests complete * docs part 1 * docs complete * added if-elif TPB * fixed TPB * fixed mypy error * fixed mypy error * fixed injection issue; added + op * name changes * added injection test in TPB * CR changes * error for unknown variables * reformat 'from_context' func * resolve conflicts * demo changes * demo changes part 2 * bug fix * updated docker * added list_compare flag * added error catcher for comp funcs * readme update; textArea for conditions * resolve conflicts * resolve conflicts * updated docker * name changes * fixed unit-tests * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * added missing flag to readme * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * name changes * added suppres_error behaviuor to docs * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * updated docker --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * revert removal of release notes generator (#29828) * revert * validations * rn * search_and_install_packs.py - less strict when installing packs during nightly. should be reverted in (#29806) Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * exit on error alignment.fixing echo message when exiting the uninstallation script. (#29821) * exit on error alignment. fixing echo message when exiting the uninstallation script. * installing specific poetry version (#29812) * installing specific poetry version - moving the logic to bootstrap * Cs falcon detections revert (#29833) * Revert "Cs falcon fetch limit issue (#29411)" This reverts commit f7b7d5c6 * Revert "Cs limit in idp detections (#29550)" This reverts commit 47738d56 * Added rn * Added rn * SQL Alchemy 2.x.x (#29436) * MySQL and Postgress works * MSSQL, My SQL and postgres works with bind_variables from the second form * resolve conflicts * fix CR's comments * pre commit * parsing the results * Add UT * same name and right docker * RN * sourcery * another docker image * revert docker image * Update Packs/GenericSQL/ReleaseNotes/1_0_25.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix variable name * constants * mapping instead of conditions * unskip Oracle TPB * resolve conflicts * resolve conflicts * Constants * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * CR fixes * Update Packs/GenericSQL/ReleaseNotes/1_1_0.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * add commit after executing a query * fix UT * remove autocommit true from MSSQL * fix UT * autocommit for MSSQL, commit for the others * commit for the others DBs, since in MSSQL is automatically * docker image --------- Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Generic playbooks fixes (#29711) * fixes for generic playbooks * fixes for generic playbooks * fixes for generic playbooks * Use Case Builder Development stage Field update (#29771) (#29825) * pushing changes to the use case stage * adding release notes * Update pack_metadata.json * Rename 1_1_0.md to 1_0_4.md * Update 1_0_4.md * Update 1_0_4.md --------- Co-authored-by: Joe Cosgrove <joecosgrove5@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Add mapper and disable auto extraction for ThinkstCanary (#29756) * Add Classification and Mapping to ThinkstCanary Integration * Duo Mapping Enrichment (#29139) * Updated DuoModelingRule_1_3 * Updated ModelingRules and ReleaseNotes * Updated ModelingRules and ReleaseNotes * Updated DuoModelingRule_1_3_schema and README * Rev DuoModelingRule_1_3 | add DuoModelingRule_2_0 * Updated .yml and ReleaseNotes * Updated DuoModelingRule_2_0 * Updated ReleaseNotes * Updated .yml with toversion: 8.3.0 * Updated DuoModelingRule_2_0_schema * Updated ModelingRules * Updated ReleaseNotes * Bump pack from version DuoAdminApi to 4.0.8. * Updated DuoModelingRule_1_3 * azure * Updated DuoModelingRule_2_0 * Updated DuoModelingRule_2_0 * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * Updated ReleaseNotes * Updated ReleaseNotes * Updated DuoModelingRule_2_0 * Reverted MS packs * Reverted MS packs * Updated DuoModelingRule_1_3_schema * Updated ReleaseNotes * Update Packs/DuoAdminApi/ReleaseNotes/4_0_10.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * [AWS System Manager] New Pack (#28992) * init - new pack * 2 commands * aws-ssm-inventory-entry-list * list_associations_command * remove boto stubs * remove boto stubs * improve * poetry * revert poetry * aws-ssm-association-list * aws-ssm-association-get * aws-ssm-association-get * aws-ssm-association-version-list * format * aws-ssm-document-list * ruff * ruff * ssmclient test * test * doc get * docs * Update pyproject.toml * Update poetry.lock * Update .pre-commit-config_template.yaml * regex * aws-ssm-tag-remove * improve * aws-ssm-automation-execution-list * pack * aws-ssm-command-list * aws-ssm-command-run aws-ssm-command-cancel * ruff * Apply suggestions from code review Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> * UT * UT * cr and docs * black * black and ruff * format * description * format description * pack metadata * fix ut * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * cr * cr * fix yml * add outputs * Update Packs/AWS_SystemManager/Integrations/AWSSystemManager/AWSSystemManager.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix cr * run command and fix UT * automation run * fix output add playbook * docs * docs * docs * docs * ruff and black * fix demo * fix demo * update docker and fix line to long * Apply suggestions from code review (docs) Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr fix * update docker * fix line * Fix an issue * Fix an issue * Update playbook description * Update docker --------- Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Fix splunk search in incident context (#29763) * fixes * fixes * fixes * update docker * added rn * add bc rn * Empty-Commit * Test For 'WildFire Malware' Playbook (#29404) * Test For 'WildFire Malware' Playbook * PR * RN * added the "is_mockable" config to the conf file * removed the "is_mockable" config to the conf file * Bump pack from version Core to 2.0.14. * Bump pack from version Core to 2.0.15. * Increased timeout configs * Added VirusTotal to the conf file * added virustotal instance name * changed the 'AutoContainment' playbook input config to 'true' * changed 'timeout' * changed 'timeout' * changed 'timeout' to 1600 * changed the 'ShouldCloseAutomatically' playbook input to 'false' * added the test playbook name to the playbook YML file * RN * removed the close note alert field verification * added the 'marketplacev2' to the test playbook YML file * added the '000001e7a228b2a7abdf7f7e404bc8522df32b725e86907dde32176bccbbbb27' malicious file hash to secrets ignore file. the file hash is used within the test playbook for enrichment and test purposes. --------- Co-authored-by: Content Bot <bot@demisto.com> * update docker image (#29845) * added functionallity to download index by marketplace (#29834) * added functionallity to download index by marketplace * added some logs for validation * commit * removed logs * [pre-commit MyPy] Align the entire repo with MyPy #2 (#29799) * [pre-commit MyPy] Align the entire repo with MyPy #2 * Add RN * Revert changes in 1.12.26 RN * Update the docker images * [pre-commit MyPy] Align the entire repo with MyPy #1 (#29798) * [pre-commit MyPy] Align the entire repo with MyPy #1 * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * test * test * removed import --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 …

* Update Group-IB TI APP PR from master branch (#29350) * test commit * remove bt link * Remove A in TI for yaml and md for indicator * back yaml to default * refactor yaml with cortex utils * refactor md and yaml for feed * remove bp/domain * replace git_leak with git_repository * Add new collection Fix issue with date for TI * remove changes outside the Packs * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * update release notes * update logo * update logo * Revert "update release notes" This reverts commit 7c9ac76fd46c499fd185de154fe8d272657971db. * revert microsocks * fix compromised account issue * adding RL * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/GroupIBTIA.py Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> * create release notes v1_3_12 * add test for compromised/account_group * refactor changes in playbook * fixed validation errors * adding pragma no cover * refactor RN * add urllib exception * fixing validation errors * adding pragma no cover * format * fix lint test errors * revert sentinel * revert changes to azure sentinel * fixing cloud machine ids processing (#29777) * fixing cloud machine ids processing * not exiting the installation script if we fail to install a pack. report an error but continue with the test playbook upload (#29759) Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * Microsoft DNS Parsing Rule Drop (#29765) * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * [JoeSecurity] Pre-Commit (#29717) * [pre-commit ruff] Align the entire repo with ruff #2 (#29754) * [pre-commit ruff] Align the entire repo with ruff #2 * Add RN * Update the docker image * Don't checkout build files in pre-commit (#27900) * is file up to date pre-commit * Revert changes made by mistake --------- Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks (#29774) * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks * RN * fixed RN and 'NGFW Scan playbook' * CiscoSMA- Added timeout parameter (#29372) * fix * add_tests * fix_test_description * fix_yml_add_readme * fixes - add timeout to the client * add timeout to yml * revert changes * Update CiscoSMA.py * Update CiscoSMA.py * CR review * add RN * fix CR review * update docker image * XSUP-27956/ Added EWS PS V3 Description (#29784) * updated the description * update rn * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * test * test * removed import --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 * fix minor typos and update docker image * Bump Docker version --------- Co-authored-by: Ariel Tobiana <107474518+ariel-wiz@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] - Expander - Update ASM fields (4821) (#29702) * [ASM] - Expander - Update ASM fields (4821) (#29506) * Add missing comments to grid fields - Update descriptions of fields as needed. * Add release notes * Add descriptions to two fields - asmdevcheckdetails - asmenrichmentstatus * Update release notes. * Grammar updates. * Update release notes * Add mandatory or optional in comments * Update comments with mandatory * Update pack version and release notes * Add correct 1_6_33 release notes * fix rn * fix rn --------- Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> * Wildfire-upload-url add poling timeout argument (#29790) * save adding timeout param * new docker image * added rn * fix ruff * ruff made me to do this fixes :( not related to my changes * Update Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/2_1_35.md * poetry files (#29793) Co-authored-by: Content Bot <bot@demisto.com> * Dra-cvss-color-fix (#29757) * Fixed a small issue when indicator had no custom fields * RN * docker bump * RN * Update CVECVSSColor.py * docker bump * RN * fixing typos in build scripts. (#29788) unremovable -> non-removable productname -> product_name testplaybook -> test_playbook changed some arg passing to use their full name: -gpidd -gpidp Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * mapping to standard stix values (#29785) * mapping to standard stix values * updated release notes * update docker * breaking json * add dot * Add the nightly_ruff file for run pre-commit with --all flag (#29684) * Add the nightly_ruff file for run pre-commit with --all flag * Add more rules; Add the error name * Add E501 * Add F601, F842, TID252 * XSUP-27528 (#29705) * add_tests * add_tests * add RN, fix tests, format yml * Update Packs/CommonScripts/ReleaseNotes/1_12_24.md Co-authored-by: Arad Carmi <62752352+AradCarmi@users.noreply.github.com> * fix readme * Bump pack from version CommonScripts to 1.12.25. --------- Co-authored-by: Arad Carmi <62752352+AradCarmi@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29802) * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29625) * bumped docker version for axonius api client * docker image * remove the - --------- Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> * format --------- Co-authored-by: Bryce Pedroza <97995056+bryce-ax@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> * Updated native:8.4 image; Add auth-utils support (#29792) Co-authored-by: GuyAfik <guyafik11@gmail.com> * Fixed sc_task closing state (#29636) * Fixed sc_task closing state * Added release notes * Updated docker image * small fix * bumped dokcer * fixed rn --------- Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: sbenyakir <shahaf.benyakir@demisto.com> * Private Compliance Packs (#29664) * XSUP-27936 problem with regex (#29613) * failed test * fix * rn * rn * unit test * ut * validations * fixed test and docker * fix * validation * Prisma Cloud V2 Add "usernames" Argument (#29710) * add username arg * support list * update UT * update README * docker update * update TPB * Fortinet fortigate enhancement (#29655) * Updated the readme for proofpoint fortigate. * Modified the modeling rule. * Modified the modeling rule and the schema file. * Updated the release note. * Update Packs/FortiGate/README.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated the modeling rule. * Added tags to the readme. * removed ftntfgtmastersrcmac and ftntfgtmasterdstmac from the mapping. * updated the modeling rule and the schema file. * updated the modeling rule * updated the modeling rule --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Add syslog example for War Room Actions (#29800) * Graph Security Update (#29797) * Updated MicrosoftGraphSecurity_schema * Updated ReleaseNotes * Updated ReleaseNotes * [Dataminr Pulse] Release 106 (#29805) * [Dataminr Pulse] Release 106 (#29693) * Changes related to release v1.0.6 * Changes related to release v1.0.6 * Fixing Release Note related issue --------- Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Bump Docker version --------- Co-authored-by: Crest Data Systems <60967033+crestdatasystems@users.noreply.github.com> Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [RecordedFuture] threat actor playbook update V2.5.1 (#29690) (#29807) * Update Threat actor search playbook. * Add release notes * Fix formatting * Change ExtractedIndicators to ExtractedIndicators\.File * Fix release notes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [JoeSecurity] show partial result in polling commands (#29715) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 (#29761) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 * Private Upload Mode - ThreatExchange v2 (#28249) * ThreatExchange integration * ThreatExchange updates * Added param to instance configuration * pre-commit * updated RN * RN test * CR updates * Removed Threat_Crowd * Update Packs/ThreatExchange/ReleaseNotes/2_0_12.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * docker * format * skip tests since theres no instance * no testing instance --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> * added plus 1 for each iteration in find destination (#29811) * added plus 1 for each iteration in find destination (#29760) * added plus 1 for each iteration in find destination * added release notes * Update Packs/Cisco-umbrella-cloud-security/ReleaseNotes/2_0_2.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * updated docker image tag to latest * updated unit test for pagination functions * removed comments --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update 2_0_2.md --------- Co-authored-by: LiorQM <106475467+LiorQM@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> * Mde list indicator filter (#29640) * Mde list indicator filter (#29338) * init indicator filter * release notes * latest docker image * updated docker image * minor fixes * reslove conflicts * resolve version conflicts * silence linter * format * docker * Apply suggestions from Shirley Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * add period * change phrase * adding "is_mockable": false * docker * try change test playbook * empty line * docker * return the mock * Revert "return the mock" This reverts commit ef23428eac12ef075f0dbdfba672399fb4ca7090. --------- Co-authored-by: ckaadic <48683125+ckaadic@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Audit Logs Endpoints Scripts Aligments for Xsoar-8 (#29781) * test * fix core api * ExportAuditLogsToFile - add support for xsoar-8 * add ExportAuditLogsToFile UTs * add forward audit logs uts * update ut * validation fixes * mypy * bump rns * update docker * update docker image * fix ut * format * Bump pack from version CommonScripts to 1.12.25. * Bump pack from version CommonScripts to 1.12.26. * cr * cr fixes * update * fix uts --------- Co-authored-by: Content Bot <bot@demisto.com> * Add command prisma-cloud-compute-get-file-integrity-events (#29608) * Add command prisma-cloud-compute-get-file-integrity-events (#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (#29621) * [pre-commit pycln] Align the entire repo with pycln (#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (#29638) * add marketplaces to metadata (#29629) * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <bot@demisto.com> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * rename image --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * PANOS - EXPANDR-5744 (#29223) (#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Audit alert fields fix (#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Big query bug xsup 28132 (#29680) * bug fix * rn * rn * Apply suggestions from code review Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * format * pre commit --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * New Prisma Cloud v2 commands (#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * fix test playbook * Tomer's changes --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Prisma Cloud Update (#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- Co-authored-by: Content Bot <bot@demisto.com> * Rapid7 appsec (#29134) (#29687) * Revert "Add space to conf" This reverts commit 08e6490c8907bdb3fbf2dc394d0bc352dc0c5935. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> * Panos add param (#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * Fix proxy usage (#85) (#29630) * Fix proxy usage (#85) (#29181) * Fix proxy usage (#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> * Missing dependencies when installing packs (#28989) * search and install packs --------- Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * Deprecate Picus Community (#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> * [ASM] - Expander - GCP Hierarchy field - 4376 (#29696) (#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- Co-authored-by: Ali Sawyer <91506078+ali-sawyer@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: Tomer Haimof <81556849+tomer-pan@users.noreply.github.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Co-authored-by: eepstain <116078117+eepstain@users.noreply.github.com> Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: Koby Meir <kobymeir@users.noreply.github.com> Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> Co-authored-by: Edi Katsenelson <85438368+edik24@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> * [Marketplace Contribution] Okta - Content Pack Update (#29650) * [Marketplace Contribution] Okta - Content Pack Update (#29303) * "contribution update to pack "Okta"" * minor fixes * add outputs and readme * add outputs description * update docker * change outputs --------- Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <bot@demisto.com> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <sberman@paloaltonetworks.com> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * rename image --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * update docker --------- Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> * If-Elif Transformer (#27763) * IfElif init * minor changes * parse single strings not json * fixed regex * fixed json bug * removed context * created eval blacklist * added json KW to eval * Update bucket-upload.yml * added ast for parsing * use hash for context grab * added value arg * quick * added unit-tests * added README.md * added RN * added flags arg; use dt for context grabbing * fixed context grabbing * added regex support * finished readme * finished readme 2 * added variables arg * changed vars to upper * changed to class * prefixed variable bug * some tests * finished unit-tests * completed tests * finished docs * finished docs in yml * new design for 'value' * unit-tests complete * docs part 1 * docs complete * added if-elif TPB * fixed TPB * fixed mypy error * fixed mypy error * fixed injection issue; added + op * name changes * added injection test in TPB * CR changes * error for unknown variables * reformat 'from_context' func * resolve conflicts * demo changes * demo changes part 2 * bug fix * updated docker * added list_compare flag * added error catcher for comp funcs * readme update; textArea for conditions * resolve conflicts * resolve conflicts * updated docker * name changes * fixed unit-tests * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * added missing flag to readme * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * name changes * added suppres_error behaviuor to docs * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * updated docker --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * revert removal of release notes generator (#29828) * revert * validations * rn * search_and_install_packs.py - less strict when installing packs during nightly. should be reverted in (#29806) Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> * exit on error alignment.fixing echo message when exiting the uninstallation script. (#29821) * exit on error alignment. fixing echo message when exiting the uninstallation script. * installing specific poetry version (#29812) * installing specific poetry version - moving the logic to bootstrap * Cs falcon detections revert (#29833) * Revert "Cs falcon fetch limit issue (#29411)" This reverts commit f7b7d5c6 * Revert "Cs limit in idp detections (#29550)" This reverts commit 47738d56 * Added rn * Added rn * SQL Alchemy 2.x.x (#29436) * MySQL and Postgress works * MSSQL, My SQL and postgres works with bind_variables from the second form * resolve conflicts * fix CR's comments * pre commit * parsing the results * Add UT * same name and right docker * RN * sourcery * another docker image * revert docker image * Update Packs/GenericSQL/ReleaseNotes/1_0_25.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix variable name * constants * mapping instead of conditions * unskip Oracle TPB * resolve conflicts * resolve conflicts * Constants * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * CR fixes * Update Packs/GenericSQL/ReleaseNotes/1_1_0.md Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * add commit after executing a query * fix UT * remove autocommit true from MSSQL * fix UT * autocommit for MSSQL, commit for the others * commit for the others DBs, since in MSSQL is automatically * docker image --------- Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Generic playbooks fixes (#29711) * fixes for generic playbooks * fixes for generic playbooks * fixes for generic playbooks * Use Case Builder Development stage Field update (#29771) (#29825) * pushing changes to the use case stage * adding release notes * Update pack_metadata.json * Rename 1_1_0.md to 1_0_4.md * Update 1_0_4.md * Update 1_0_4.md --------- Co-authored-by: Joe Cosgrove <joecosgrove5@gmail.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> * Add mapper and disable auto extraction for ThinkstCanary (#29756) * Add Classification and Mapping to ThinkstCanary Integration * Duo Mapping Enrichment (#29139) * Updated DuoModelingRule_1_3 * Updated ModelingRules and ReleaseNotes * Updated ModelingRules and ReleaseNotes * Updated DuoModelingRule_1_3_schema and README * Rev DuoModelingRule_1_3 | add DuoModelingRule_2_0 * Updated .yml and ReleaseNotes * Updated DuoModelingRule_2_0 * Updated ReleaseNotes * Updated .yml with toversion: 8.3.0 * Updated DuoModelingRule_2_0_schema * Updated ModelingRules * Updated ReleaseNotes * Bump pack from version DuoAdminApi to 4.0.8. * Updated DuoModelingRule_1_3 * azure * Updated DuoModelingRule_2_0 * Updated DuoModelingRule_2_0 * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * Updated ReleaseNotes * Updated ReleaseNotes * Updated DuoModelingRule_2_0 * Reverted MS packs * Reverted MS packs * Updated DuoModelingRule_1_3_schema * Updated ReleaseNotes * Update Packs/DuoAdminApi/ReleaseNotes/4_0_10.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * [AWS System Manager] New Pack (#28992) * init - new pack * 2 commands * aws-ssm-inventory-entry-list * list_associations_command * remove boto stubs * remove boto stubs * improve * poetry * revert poetry * aws-ssm-association-list * aws-ssm-association-get * aws-ssm-association-get * aws-ssm-association-version-list * format * aws-ssm-document-list * ruff * ruff * ssmclient test * test * doc get * docs * Update pyproject.toml * Update poetry.lock * Update .pre-commit-config_template.yaml * regex * aws-ssm-tag-remove * improve * aws-ssm-automation-execution-list * pack * aws-ssm-command-list * aws-ssm-command-run aws-ssm-command-cancel * ruff * Apply suggestions from code review Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> * UT * UT * cr and docs * black * black and ruff * format * description * format description * pack metadata * fix ut * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * cr * cr * fix yml * add outputs * Update Packs/AWS_SystemManager/Integrations/AWSSystemManager/AWSSystemManager.py Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * fix cr * run command and fix UT * automation run * fix output add playbook * docs * docs * docs * docs * ruff and black * fix demo * fix demo * update docker and fix line to long * Apply suggestions from code review (docs) Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * cr fix * update docker * fix line * Fix an issue * Fix an issue * Update playbook description * Update docker --------- Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> * Fix splunk search in incident context (#29763) * fixes * fixes * fixes * update docker * added rn * add bc rn * Empty-Commit * Test For 'WildFire Malware' Playbook (#29404) * Test For 'WildFire Malware' Playbook * PR * RN * added the "is_mockable" config to the conf file * removed the "is_mockable" config to the conf file * Bump pack from version Core to 2.0.14. * Bump pack from version Core to 2.0.15. * Increased timeout configs * Added VirusTotal to the conf file * added virustotal instance name * changed the 'AutoContainment' playbook input config to 'true' * changed 'timeout' * changed 'timeout' * changed 'timeout' to 1600 * changed the 'ShouldCloseAutomatically' playbook input to 'false' * added the test playbook name to the playbook YML file * RN * removed the close note alert field verification * added the 'marketplacev2' to the test playbook YML file * added the '000001e7a228b2a7abdf7f7e404bc8522df32b725e86907dde32176bccbbbb27' malicious file hash to secrets ignore file. the file hash is used within the test playbook for enrichment and test purposes. --------- Co-authored-by: Content Bot <bot@demisto.com> * update docker image (#29845) * added functionallity to download index by marketplace (#29834) * added functionallity to download index by marketplace * added some logs for validation * commit * removed logs * [pre-commit MyPy] Align the entire repo with MyPy #2 (#29799) * [pre-commit MyPy] Align the entire repo with MyPy #2 * Add RN * Revert changes in 1.12.26 RN * Update the docker images * [pre-commit MyPy] Align the entire repo with MyPy #1 (#29798) * [pre-commit MyPy] Align the entire repo with MyPy #1 * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * test * test * removed import --------- Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase re…

* Group-IB hot fix integration (#30470) (#30878) * test commit * remove bt link * Remove A in TI for yaml and md for indicator * back yaml to default * refactor yaml with cortex utils * refactor md and yaml for feed * remove bp/domain * replace git_leak with git_repository * Add new collection Fix issue with date for TI * remove changes outside the Packs * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json * update release notes * update logo * update logo * Revert "update release notes" This reverts commit 7c9ac76fd46c499fd185de154fe8d272657971db. * revert microsocks * fix compromised account issue * adding RL * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/GroupIBTIA.py * create release notes v1_3_12 * add test for compromised/account_group * refactor changes in playbook * fixed validation errors * adding pragma no cover * refactor RN * add urllib exception * fixing validation errors * adding pragma no cover * format * fix lint test errors * revert sentinel * revert changes to azure sentinel * fixing cloud machine ids processing (#29777) * fixing cloud machine ids processing * not exiting the installation script if we fail to install a pack. report an error but continue with the test playbook upload (#29759) * Microsoft DNS Parsing Rule Drop (#29765) * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * [JoeSecurity] Pre-Commit (#29717) * [pre-commit ruff] Align the entire repo with ruff #2 (#29754) * [pre-commit ruff] Align the entire repo with ruff #2 * Add RN * Update the docker image * Don't checkout build files in pre-commit (#27900) * is file up to date pre-commit * Revert changes made by mistake --------- * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks (#29774) * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks * RN * fixed RN and 'NGFW Scan playbook' * CiscoSMA- Added timeout parameter (#29372) * fix * add_tests * fix_test_description * fix_yml_add_readme * fixes - add timeout to the client * add timeout to yml * revert changes * Update CiscoSMA.py * Update CiscoSMA.py * CR review * add RN * fix CR review * update docker image * XSUP-27956/ Added EWS PS V3 Description (#29784) * updated the description * update rn * Apply suggestions from code review --------- * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md * test * test * removed import --------- * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 * fix minor typos and update docker image * Bump Docker version --------- * [ASM] - Expander - Update ASM fields (4821) (#29702) * [ASM] - Expander - Update ASM fields (4821) (#29506) * Add missing comments to grid fields - Update descriptions of fields as needed. * Add release notes * Add descriptions to two fields - asmdevcheckdetails - asmenrichmentstatus * Update release notes. * Grammar updates. * Update release notes * Add mandatory or optional in comments * Update comments with mandatory * Update pack version and release notes * Add correct 1_6_33 release notes * fix rn * fix rn --------- * Wildfire-upload-url add poling timeout argument (#29790) * save adding timeout param * new docker image * added rn * fix ruff * ruff made me to do this fixes :( not related to my changes * Update Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/2_1_35.md * poetry files (#29793) * Dra-cvss-color-fix (#29757) * Fixed a small issue when indicator had no custom fields * RN * docker bump * RN * Update CVECVSSColor.py * docker bump * RN * fixing typos in build scripts. (#29788) unremovable -> non-removable productname -> product_name testplaybook -> test_playbook changed some arg passing to use their full name: -gpidd -gpidp * mapping to standard stix values (#29785) * mapping to standard stix values * updated release notes * update docker * breaking json * add dot * Add the nightly_ruff file for run pre-commit with --all flag (#29684) * Add the nightly_ruff file for run pre-commit with --all flag * Add more rules; Add the error name * Add E501 * Add F601, F842, TID252 * XSUP-27528 (#29705) * add_tests * add_tests * add RN, fix tests, format yml * Update Packs/CommonScripts/ReleaseNotes/1_12_24.md * fix readme * Bump pack from version CommonScripts to 1.12.25. --------- * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29802) * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29625) * bumped docker version for axonius api client * docker image * remove the - --------- * format --------- * Updated native:8.4 image; Add auth-utils support (#29792) * Fixed sc_task closing state (#29636) * Fixed sc_task closing state * Added release notes * Updated docker image * small fix * bumped dokcer * fixed rn --------- * Private Compliance Packs (#29664) * XSUP-27936 problem with regex (#29613) * failed test * fix * rn * rn * unit test * ut * validations * fixed test and docker * fix * validation * Prisma Cloud V2 Add "usernames" Argument (#29710) * add username arg * support list * update UT * update README * docker update * update TPB * Fortinet fortigate enhancement (#29655) * Updated the readme for proofpoint fortigate. * Modified the modeling rule. * Modified the modeling rule and the schema file. * Updated the release note. * Update Packs/FortiGate/README.md * Updated the modeling rule. * Added tags to the readme. * removed ftntfgtmastersrcmac and ftntfgtmasterdstmac from the mapping. * updated the modeling rule and the schema file. * updated the modeling rule * updated the modeling rule --------- * Add syslog example for War Room Actions (#29800) * Graph Security Update (#29797) * Updated MicrosoftGraphSecurity_schema * Updated ReleaseNotes * Updated ReleaseNotes * [Dataminr Pulse] Release 106 (#29805) * [Dataminr Pulse] Release 106 (#29693) * Changes related to release v1.0.6 * Changes related to release v1.0.6 * Fixing Release Note related issue --------- * Bump Docker version --------- * [RecordedFuture] threat actor playbook update V2.5.1 (#29690) (#29807) * Update Threat actor search playbook. * Add release notes * Fix formatting * Change ExtractedIndicators to ExtractedIndicators\.File * Fix release notes --------- * [JoeSecurity] show partial result in polling commands (#29715) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 (#29761) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 * Private Upload Mode - ThreatExchange v2 (#28249) * ThreatExchange integration * ThreatExchange updates * Added param to instance configuration * pre-commit * updated RN * RN test * CR updates * Removed Threat_Crowd * Update Packs/ThreatExchange/ReleaseNotes/2_0_12.md * docker * format * skip tests since theres no instance * no testing instance --------- * added plus 1 for each iteration in find destination (#29811) * added plus 1 for each iteration in find destination (#29760) * added plus 1 for each iteration in find destination * added release notes * Update Packs/Cisco-umbrella-cloud-security/ReleaseNotes/2_0_2.md * updated docker image tag to latest * updated unit test for pagination functions * removed comments --------- * Update 2_0_2.md --------- * Mde list indicator filter (#29640) * Mde list indicator filter (#29338) * init indicator filter * release notes * latest docker image * updated docker image * minor fixes * reslove conflicts * resolve version conflicts * silence linter * format * docker * Apply suggestions from Shirley * add period * change phrase * adding "is_mockable": false * docker * try change test playbook * empty line * docker * return the mock * Revert "return the mock" This reverts commit ef23428eac12ef075f0dbdfba672399fb4ca7090. --------- * Audit Logs Endpoints Scripts Aligments for Xsoar-8 (#29781) * test * fix core api * ExportAuditLogsToFile - add support for xsoar-8 * add ExportAuditLogsToFile UTs * add forward audit logs uts * update ut * validation fixes * mypy * bump rns * update docker * update docker image * fix ut * format * Bump pack from version CommonScripts to 1.12.25. * Bump pack from version CommonScripts to 1.12.26. * cr * cr fixes * update * fix uts --------- * Add command prisma-cloud-compute-get-file-integrity-events (#29608) * Add command prisma-cloud-compute-get-file-integrity-events (#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (#29621) * [pre-commit pycln] Align the entire repo with pycln (#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (#29638) * add marketplaces to metadata (#29629) * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- * Minor README fixes --------- * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md --------- * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- * rename image --------- * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- * PANOS - EXPANDR-5744 (#29223) (#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- * Audit alert fields fix (#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- * Big query bug xsup 28132 (#29680) * bug fix * rn * rn * Apply suggestions from code review * format * pre commit --------- * New Prisma Cloud v2 commands (#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review * fix test playbook * Tomer's changes --------- * Prisma Cloud Update (#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- * Rapid7 appsec (#29134) (#29687) * Revert "Add space to conf" This reverts commit 08e6490c8907bdb3fbf2dc394d0bc352dc0c5935. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- * Panos add param (#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- * Fix proxy usage (#85) (#29630) * Fix proxy usage (#85) (#29181) * Fix proxy usage (#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- * Missing dependencies when installing packs (#28989) * search and install packs --------- * Deprecate Picus Community (#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- * [ASM] - Expander - GCP Hierarchy field - 4376 (#29696) (#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- * [Marketplace Contribution] Okta - Content Pack Update (#29650) * [Marketplace Contribution] Okta - Content Pack Update (#29303) * "contribution update to pack "Okta"" * minor fixes * add outputs and readme * add outputs description * update docker * change outputs --------- * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- * Minor README fixes --------- * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md --------- * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- * rename image --------- * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * update docker --------- * If-Elif Transformer (#27763) * IfElif init * minor changes * parse single strings not json * fixed regex * fixed json bug * removed context * created eval blacklist * added json KW to eval * Update bucket-upload.yml * added ast for parsing * use hash for context grab * added value arg * quick * added unit-tests * added README.md * added RN * added flags arg; use dt for context grabbing * fixed context grabbing * added regex support * finished readme * finished readme 2 * added variables arg * changed vars to upper * changed to class * prefixed variable bug * some tests * finished unit-tests * completed tests * finished docs * finished docs in yml * new design for 'value' * unit-tests complete * docs part 1 * docs complete * added if-elif TPB * fixed TPB * fixed mypy error * fixed mypy error * fixed injection issue; added + op * name changes * added injection test in TPB * CR changes * error for unknown variables * reformat 'from_context' func * resolve conflicts * demo changes * demo changes part 2 * bug fix * updated docker * added list_compare flag * added error catcher for comp funcs * readme update; textArea for conditions * resolve conflicts * resolve conflicts * updated docker * name changes * fixed unit-tests * Apply suggestions from code review * added missing flag to readme * CR changes * Apply suggestions from code review * name changes * added suppres_error behaviuor to docs * Apply suggestions from code review * updated docker --------- * revert removal of release notes generator (#29828) * revert * validations * rn * search_and_install_packs.py - less strict when installing packs during nightly. should be reverted in (#29806) * exit on error alignment.fixing echo message when exiting the uninstallation script. (#29821) * exit on error alignment. fixing echo message when exiting the uninstallation script. * installing specific poetry version (#29812) * installing specific poetry version - moving the logic to bootstrap * Cs falcon detections revert (#29833) * Revert "Cs falcon fetch limit issue (#29411)" This reverts commit f7b7d5c6 * Revert "Cs limit in idp detections (#29550)" This reverts commit 47738d56 * Added rn * Added rn * SQL Alchemy 2.x.x (#29436) * MySQL and Postgress works * MSSQL, My SQL and postgres works with bind_variables from the second form * resolve conflicts * fix CR's comments * pre commit * parsing the results * Add UT * same name and right docker * RN * sourcery * another docker image * revert docker image * Update Packs/GenericSQL/ReleaseNotes/1_0_25.md * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * fix variable name * constants * mapping instead of conditions * unskip Oracle TPB * resolve conflicts * resolve conflicts * Constants * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py * CR fixes * Update Packs/GenericSQL/ReleaseNotes/1_1_0.md * add commit after executing a query * fix UT * remove autocommit true from MSSQL * fix UT * autocommit for MSSQL, commit for the others * commit for the others DBs, since in MSSQL is automatically * docker image --------- * Generic playbooks fixes (#29711) * fixes for generic playbooks * fixes for generic playbooks * fixes for generic playbooks * Use Case Builder Development stage Field update (#29771) (#29825) * pushing changes to the use case stage * adding release notes * Update pack_metadata.json * Rename 1_1_0.md to 1_0_4.md * Update 1_0_4.md * Update 1_0_4.md --------- * Add mapper and disable auto extraction for ThinkstCanary (#29756) * Add Classification and Mapping to ThinkstCanary Integration * Duo Mapping Enrichment (#29139) * Updated DuoModelingRule_1_3 * Updated ModelingRules and ReleaseNotes * Updated ModelingRules and ReleaseNotes * Updated DuoModelingRule_1_3_schema and README * Rev DuoModelingRule_1_3 | add DuoModelingRule_2_0 * Updated .yml and ReleaseNotes * Updated DuoModelingRule_2_0 * Updated ReleaseNotes * Updated .yml with toversion: 8.3.0 * Updated DuoModelingRule_2_0_schema * Updated ModelingRules * Updated ReleaseNotes * Bump pack from version DuoAdminApi to 4.0.8. * Updated DuoModelingRule_1_3 * azure * Updated DuoModelingRule_2_0 * Updated DuoModelingRule_2_0 * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * Updated ReleaseNotes * Updated ReleaseNotes * Updated DuoModelingRule_2_0 * Reverted MS packs * Reverted MS packs * Updated DuoModelingRule_1_3_schema * Updated ReleaseNotes * Update Packs/DuoAdminApi/ReleaseNotes/4_0_10.md --------- * [AWS System Manager] New Pack (#28992) * init - new pack * 2 commands * aws-ssm-inventory-entry-list * list_associations_command * remove boto stubs * remove boto stubs * improve * poetry * revert poetry * aws-ssm-association-list * aws-ssm-association-get * aws-ssm-association-get * aws-ssm-association-version-list * format * aws-ssm-document-list * ruff * ruff * ssmclient test * test * doc get * docs * Update pyproject.toml * Update poetry.lock * Update .pre-commit-config_template.yaml * regex * aws-ssm-tag-remove * improve * aws-ssm-automation-execution-list * pack * aws-ssm-command-list * aws-ssm-command-run aws-ssm-command-cancel * ruff * Apply suggestions from code review * Apply suggestions from code review * UT * UT * cr and docs * black * black and ruff * format * description * format description * pack metadata * fix ut * Apply suggestions from code review * Apply suggestions from code review * cr * cr * fix yml * add outputs * Update Packs/AWS_SystemManager/Integrations/AWSSystemManager/AWSSystemManager.py * fix cr * run command and fix UT * automation run * fix output add playbook * docs * docs * docs * docs * ruff and black * fix demo * fix demo * update docker and fix line to long * Apply suggestions from code review (docs) * cr fix * update docker * fix line * Fix an issue * Fix an issue * Update playbook description * Update docker --------- * Fix splunk search in incident context (#29763) * fixes * fixes * fixes * update docker * added rn * add bc rn * Empty-Commit * Test For 'WildFire Malware' Playbook (#29404) * Test For 'WildFire Malware' Playbook * PR * RN * added the "is_mockable" config to the conf file * removed the "is_mockable" config to the conf file * Bump pack from version Core to 2.0.14. * Bump pack from version Core to 2.0.15. * Increased timeout configs * Added VirusTotal to the conf file * added virustotal instance name * changed the 'AutoContainment' playbook input config to 'true' * changed 'timeout' * changed 'timeout' * changed 'timeout' to 1600 * changed the 'ShouldCloseAutomatically' playbook input to 'false' * added the test playbook name to the playbook YML file * RN * removed the close note alert field verification * added the 'marketplacev2' to the test playbook YML file * added the '000001e7a228b2a7abdf7f7e404bc8522df32b725e86907dde32176bccbbbb27' malicious file hash to secrets ignore file. the file hash is used within the test playbook for enrichment and test purposes. --------- * update docker image (#29845) * added functionallity to download index by marketplace (#29834) * added functionallity to download index by marketplace * added some logs for validation * commit * removed logs * [pre-commit MyPy] Align the entire repo with MyPy #2 (#29799) * [pre-commit MyPy] Align the entire repo with MyPy #2 * Add RN * Revert changes in 1.12.26 RN * Update the docker images * [pre-commit MyPy] Align the entire repo with MyPy #1 (#29798) * [pre-commit MyPy] Align the entire repo with MyPy #1 * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md * test * test * removed import --------- * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 … Co-authored-by: Daniil Lanskoy <107933862+LanskoyGIB@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Koby Meir <kobymeir@users.noreply.github.com> Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> Co-authored-by: eepstain <116078117+eepstain@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> Co-authored-by: TalNos <112805149+TalNos@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Arad Carmi <62752352+AradCarmi@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: Ariel Tobiana <107474518+ariel-wiz@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: Darya Koval <72339940+daryakoval@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Dror Avrahami <davrahami@paloaltonetworks.com> Co-authored-by: Judah Schwartz <JudahSchwartz@users.noreply.github.com> Co-authored-by: Bryce Pedroza <97995056+bryce-ax@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com> Co-authored-by: GuyAfik <guyafik11@gmail.com> Co-authored-by: Shelly Tzohar <45915502+Shellyber@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: sbenyakir <shahaf.benyakir@demisto.com> Co-authored-by: tkatzir <tkatzir@paloaltonetworks.com> Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Co-authored-by: yasta5 <112320333+yasta5@users.noreply.github.com> Co-authored-by: Crest Data Systems <60967033+crestdatasystems@users.noreply.github.com> Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: darkushin <61732335+darkushin@users.noreply.github.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: LiorQM <106475467+LiorQM@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> Co-authored-by: ckaadic <48683125+ckaadic@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Ali Sawyer <91506078+ali-sawyer@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: Tomer Haimof <81556849+tomer-pan@users.noreply.github.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: Edi Katsenelson <85438368+edik24@users.noreply.github.com> Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> Co-authored-by: Yuval Cohen <86777474+yucohen@users.noreply.github.com> Co-authored-by: rshunim <102469772+rshunim@users.noreply.github.com> Co-authored-by: OmriItzhak <115150792+OmriItzhak@users.noreply.github.com> Co-authored-by: Joe Cosgrove <joecosgrove5@gmail.com> Co-authored-by: Shmuel Kroizer <69422117+shmuel44@users.noreply.github.com> Co-authored-by: Israel Lappe <79846863+ilappe@users.noreply.github.com> Co-authored-by: Erez FelmanDar <102903097+efelmandar@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> Co-authored-by: ArikDay <115150768+ArikDay@users.noreply.github.com> Co-authored-by: Christopher Hultin <chrishultin@google.com> Co-authored-by: Mike Beauchamp <beauchompers@gmail.com> Co-authored-by: Moshe Galitzky <112559840+moishce@users.noreply.github.com> * revert * revert * fixes * fixes * docker * Mypy * RN * str * Docker --------- Co-authored-by: Daniil Lanskoy <107933862+LanskoyGIB@users.noreply.github.com> Co-authored-by: Mai Morag <81917647+maimorag@users.noreply.github.com> Co-authored-by: maimorag <mmorag@paloaltonetworks.com> Co-authored-by: Koby Meir <kobymeir@users.noreply.github.com> Co-authored-by: kobymeir <ymeir@paloaltonetworks.com> Co-authored-by: eepstain <116078117+eepstain@users.noreply.github.com> Co-authored-by: ilaner <88267954+ilaner@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <90556466+mmhw@users.noreply.github.com> Co-authored-by: dorschw <81086590+dorschw@users.noreply.github.com> Co-authored-by: Menachem Weinfeld <mmhw770@gmail.com> Co-authored-by: TalNos <112805149+TalNos@users.noreply.github.com> Co-authored-by: sapir shuker <49246861+sapirshuker@users.noreply.github.com> Co-authored-by: Arad Carmi <62752352+AradCarmi@users.noreply.github.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: EyalPintzov <91007713+eyalpalo@users.noreply.github.com> Co-authored-by: Dan Tavori <38749041+dantavori@users.noreply.github.com> Co-authored-by: content-bot <55035720+content-bot@users.noreply.github.com> Co-authored-by: Ariel Tobiana <107474518+ariel-wiz@users.noreply.github.com> Co-authored-by: Michael Yochpaz <8832013+MichaelYochpaz@users.noreply.github.com> Co-authored-by: John <40349459+BigEasyJ@users.noreply.github.com> Co-authored-by: ostolero <86190583+ostolero@users.noreply.github.com> Co-authored-by: ostolero <ostolero@paloaltonetworks.com> Co-authored-by: Darya Koval <72339940+daryakoval@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: Dror Avrahami <davrahami@paloaltonetworks.com> Co-authored-by: Judah Schwartz <JudahSchwartz@users.noreply.github.com> Co-authored-by: Bryce Pedroza <97995056+bryce-ax@users.noreply.github.com> Co-authored-by: Yehuda <yrosenberg@paloaltonetworks.com> Co-authored-by: samuelFain <65926551+samuelFain@users.noreply.github.com> Co-authored-by: GuyAfik <guyafik11@gmail.com> Co-authored-by: Shelly Tzohar <45915502+Shellyber@users.noreply.github.com> Co-authored-by: Shahaf Ben Yakir <44666568+ShahafBenYakir@users.noreply.github.com> Co-authored-by: sbenyakir <shahaf.benyakir@demisto.com> Co-authored-by: tkatzir <tkatzir@paloaltonetworks.com> Co-authored-by: Adi Bamberger Edri <72088126+BEAdi@users.noreply.github.com> Co-authored-by: yasta5 <112320333+yasta5@users.noreply.github.com> Co-authored-by: Crest Data Systems <60967033+crestdatasystems@users.noreply.github.com> Co-authored-by: crestdatasystems <crestdatasystems@users.noreply.github.com> Co-authored-by: Yaroslav Nestor <yaroslav.nestor22@gmail.com> Co-authored-by: darkushin <61732335+darkushin@users.noreply.github.com> Co-authored-by: Yehuda Rosenberg <90599084+RosenbergYehuda@users.noreply.github.com> Co-authored-by: LiorQM <106475467+LiorQM@users.noreply.github.com> Co-authored-by: RotemAmit <ramit@paloaltonetworks.com> Co-authored-by: ckaadic <48683125+ckaadic@users.noreply.github.com> Co-authored-by: Guy Afik <53861351+GuyAfik@users.noreply.github.com> Co-authored-by: Ali Sawyer <91506078+ali-sawyer@users.noreply.github.com> Co-authored-by: omerKarkKatz <95565843+omerKarkKatz@users.noreply.github.com> Co-authored-by: Yaakov Praisler <59408745+yaakovpraisler@users.noreply.github.com> Co-authored-by: Chait A <112722030+capanw@users.noreply.github.com> Co-authored-by: johnnywilkes <32227961+johnnywilkes@users.noreply.github.com> Co-authored-by: michal-dagan <109464765+michal-dagan@users.noreply.github.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> Co-authored-by: sberman <sberman@paloaltonetworks.com> Co-authored-by: DinaMeylakh <72339665+DinaMeylakh@users.noreply.github.com> Co-authored-by: Yehonatan Asta <yasta@paloaltonetworks.com> Co-authored-by: israelpoli <72099621+israelpoli@users.noreply.github.com> Co-authored-by: xsoar-bot <67315154+xsoar-bot@users.noreply.github.com> Co-authored-by: asimsarpkurt <79475614+asimsarpkurt@users.noreply.github.com> Co-authored-by: Yuval Hayun <70104171+YuvHayun@users.noreply.github.com> Co-authored-by: nkanon <109467661+nkanon@users.noreply.github.com> Co-authored-by: Eido Epstain <eepstain@paloaltonetworks.com> Co-authored-by: Tomer Haimof <81556849+tomer-pan@users.noreply.github.com> Co-authored-by: Randy Baldwin <32545292+randomizerxd@users.noreply.github.com> Co-authored-by: ‪Ron Hadad‬‏ <112933572+ronh1@users.noreply.github.com> Co-authored-by: TalGumi <talg@qmasters.co> Co-authored-by: Guy Lichtman <1395797+glicht@users.noreply.github.com> Co-authored-by: glicht <glicht@users.noreply.github.com> Co-authored-by: Andrew Shamah <42912128+amshamah419@users.noreply.github.com> Co-authored-by: Felipe Garrido <fgarridob.95+github@gmail.com> Co-authored-by: Edi Katsenelson <85438368+edik24@users.noreply.github.com> Co-authored-by: Jacob Levy <129657918+jlevypaloalto@users.noreply.github.com> Co-authored-by: Yuval Cohen <86777474+yucohen@users.noreply.github.com> Co-authored-by: rshunim <102469772+rshunim@users.noreply.github.com> Co-authored-by: OmriItzhak <115150792+OmriItzhak@users.noreply.github.com> Co-authored-by: Joe Cosgrove <joecosgrove5@gmail.com> Co-authored-by: Shmuel Kroizer <69422117+shmuel44@users.noreply.github.com> Co-authored-by: Israel Lappe <79846863+ilappe@users.noreply.github.com> Co-authored-by: Erez FelmanDar <102903097+efelmandar@users.noreply.github.com> Co-authored-by: israelpolishook <ipolishuk@paloaltonetworks.com> Co-authored-by: ArikDay <115150768+ArikDay@users.noreply.github.com> Co-authored-by: Christopher Hultin <chrishultin@google.com> Co-authored-by: Mike Beauchamp <beauchompers@gmail.com> Co-authored-by: Moshe Galitzky <112559840+moishce@users.noreply.github.com>

glicht added 3 commits February 26, 2023 14:54

fix logging typo

df7290a

bump dependent packs

bf49f3e

Merge remote-tracking branch 'origin/master' into nginx-log-fix

b337992

glicht requested a review from anara123 February 27, 2023 09:58

glicht added the docs-approved label Feb 27, 2023

anara123 approved these changes Feb 27, 2023

View reviewed changes

glicht merged commit 6dbf01d into master Feb 27, 2023

glicht deleted the nginx-log-fix branch February 27, 2023 15:14

ronh1 pushed a commit to qmasters-ltd/content that referenced this pull request Feb 27, 2023

NGINXApiModule: fix logging typo (demisto#24878)

e38feb4

* fix logging typo * bump dependent packs --------- Co-authored-by: glicht <glicht@users.noreply.github.com>

MosheEichler mentioned this pull request Nov 14, 2023

Group-IB hot fix integration #30878

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

NGINXApiModule: fix logging typo #24878

NGINXApiModule: fix logging typo #24878

glicht commented Feb 26, 2023

xsoar-bot commented Feb 27, 2023

NGINXApiModule: fix logging typo #24878

NGINXApiModule: fix logging typo #24878

Conversation

glicht commented Feb 26, 2023

Status

Related Issues

Description

Screenshots

Minimum version of Cortex XSOAR

Does it break backward compatibility?

Must have

xsoar-bot commented Feb 27, 2023