New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactor/CIAC 832/Process Indicators as SCOs #26026
Refactor/CIAC 832/Process Indicators as SCOs #26026
Conversation
…scos. Updated the sdos IDs. Updated the docker image. Added release notes
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
Co-authored-by: MLainer1 <93524335+MLainer1@users.noreply.github.com>
Co-authored-by: MLainer1 <93524335+MLainer1@users.noreply.github.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good
##### StixCreator | ||
|
||
- Added an option to enter a flag for creating SCO indicators. | ||
- Updated the process of generating IDs for SDO indicators. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is the update?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The update part is the use of create_sdo_stix_uuid function to create the stix_id of the SDO indicators or SCO indicators when the flag is false. I did this update because I discovered that in each click on the button "export (stix)" generates a new indicator ID. After I talked to @Ni-Knight we decided to do it this. It is also written as a comment in the issue.
…c-932/process-indicators-as-SCOs
…c-932/process-indicators-as-SCOs
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
@RotemAmit can we have a self-service with the flag on and the scripts updated so I can QA it? |
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good.
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
…c-932/process-indicators-as-SCOs
…c-932/process-indicators-as-SCOs
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice work
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
fixes: link to the issue
Description
The JSON created by exporting an indicator to STIX does not work as it should and creates the wrong JSON for the indicator type. So I added an option to enter a flag for creating SCO indicators, in order to fix the wrong JSON. I also updated the process of generating IDs for SDO indicators.
Screenshots
Paste here any images that will help the reviewer
Minimum version of Cortex XSOAR
Does it break backward compatibility?
Must have