Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Phishing enhancements #26029

Merged
merged 38 commits into from
May 4, 2023
Merged

Phishing enhancements #26029

Show file tree
Hide file tree
Changes from 26 commits
Commits
Show all changes
38 commits
Select commit Hold shift + click to select a range
cd786a8
Playbooks changes
ArikDay Apr 23, 2023
bac6a58
Playbooks changes - release notes
ArikDay Apr 23, 2023
470b4eb
Merge branch 'master' into phishing_enhancements
ArikDay Apr 23, 2023
e2963fd
validation fixes
ArikDay Apr 23, 2023
a690942
Merge remote-tracking branch 'origin/phishing_enhancements' into phis…
ArikDay Apr 23, 2023
24e2886
Merge branch 'master' into phishing_enhancements
ArikDay Apr 23, 2023
ea4e582
validation fixes
ArikDay Apr 23, 2023
231e81c
Merge remote-tracking branch 'origin/phishing_enhancements' into phis…
ArikDay Apr 23, 2023
f01a9a5
validation fixes
ArikDay Apr 23, 2023
f027033
Merged master into current branch.
Apr 23, 2023
4cfaef1
Bump pack from version CommonPlaybooks to 2.3.61.
Apr 23, 2023
9dfa50f
validation fixes
ArikDay Apr 24, 2023
bc143de
Merge remote-tracking branch 'origin/phishing_enhancements' into phis…
ArikDay Apr 24, 2023
0366e79
Merge branch 'master' into phishing_enhancements
ArikDay Apr 24, 2023
488f0da
validation fixes
ArikDay Apr 24, 2023
b88fdcd
Merge remote-tracking branch 'origin/phishing_enhancements' into phis…
ArikDay Apr 24, 2023
0ebd2c6
Add incident field and layout changes
ArikDay Apr 24, 2023
96f8768
Add incident field and layout changes - release notes update
ArikDay Apr 24, 2023
793bd54
Merged master into current branch.
Apr 30, 2023
d9f912c
Bump pack from version CommonTypes to 3.3.67.
Apr 30, 2023
14b1076
Merge branch 'master' of github.com:demisto/content into phishing_enh…
ArikDay Apr 30, 2023
a10c4f9
resolve conflict
ArikDay Apr 30, 2023
d399a35
Merge remote-tracking branch 'origin/phishing_enhancements' into phis…
ArikDay Apr 30, 2023
7862fc2
Merge branch 'master' into phishing_enhancements
ArikDay May 1, 2023
be0d54c
Merge branch 'master' into phishing_enhancements
ArikDay May 1, 2023
8ea8a9a
Merge branch 'master' of github.com:demisto/content into phishing_enh…
ArikDay May 1, 2023
a927f20
Merge branch 'master' into phishing_enhancements
ArikDay May 1, 2023
a8f8c3e
Merge branch 'master' of github.com:demisto/content into phishing_enh…
ArikDay May 1, 2023
c3cc024
review fixes
ArikDay May 1, 2023
d693472
Merge remote-tracking branch 'origin/phishing_enhancements' into phis…
ArikDay May 1, 2023
0cfedd5
Merged master into current branch.
May 1, 2023
6ada446
Bump pack from version CommonPlaybooks to 2.3.62.
May 1, 2023
d23e5e5
Merge branch 'master' into phishing_enhancements
ArikDay May 2, 2023
3a43d32
Merge branch 'master' into phishing_enhancements
ArikDay May 2, 2023
4486396
Merge branch 'master' into phishing_enhancements
ArikDay May 3, 2023
4ed5de1
Merge branch 'master' into phishing_enhancements
ArikDay May 3, 2023
a1429df
Merge branch 'master' into phishing_enhancements
ArikDay May 4, 2023
d1cabf5
Merge branch 'master' into phishing_enhancements
ArikDay May 4, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
155 changes: 83 additions & 72 deletions Packs/CommonPlaybooks/Playbooks/playbook-Calculate_Severity_By_Highest_DBotScore_6_0.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,11 +21,12 @@ tasks:
'#none#':
- "23"
separatecontext: false
continueonerrortype: ""
view: |-
{
"position": {
"x": 240,
"y": -40
"y": -10
}
}
note: false
Expand All @@ -35,7 +36,6 @@ tasks:
quietmode: 0
isoversize: false
isautoswitchedtoquietmode: false
continueonerrortype: ""
"10":
id: "10"
taskid: 9d087581-2976-4b96-887a-27a3a8edd630
Expand All @@ -49,11 +49,12 @@ tasks:
brand: ""
description: ''
separatecontext: false
continueonerrortype: ""
view: |-
{
"position": {
"x": 592.5,
"y": 1235
"x": 240,
"y": 975
}
}
note: false
Expand All @@ -63,7 +64,6 @@ tasks:
quietmode: 0
isoversize: false
isautoswitchedtoquietmode: false
continueonerrortype: ""
"22":
id: "22"
taskid: c33bfc3b-3bfd-4b09-8fef-d7c299ddbcab
Expand All @@ -80,7 +80,7 @@ tasks:
brand: ""
nexttasks:
'#none#':
- "32"
- "31"
scriptarguments:
key:
simple: DBotScore
Expand All @@ -89,11 +89,12 @@ tasks:
root: inputs.DBotScore
reputationcalc: 1
separatecontext: false
continueonerrortype: ""
view: |-
{
"position": {
"x": 592.5,
"y": 270
"y": 290
}
}
note: false
Expand All @@ -103,7 +104,6 @@ tasks:
quietmode: 0
isoversize: false
isautoswitchedtoquietmode: false
continueonerrortype: ""
"23":
id: "23"
taskid: 0cc4278a-6b22-4ea9-834f-3ed21c346499
Expand All @@ -112,7 +112,7 @@ tasks:
id: 0cc4278a-6b22-4ea9-834f-3ed21c346499
version: -1
name: Is there a DBotScore in inputs?
description: Checks if there is a "DBotScore" in the playbook inputs.
description: Checks if there is a "DBotScore" in the playbook input.
type: condition
iscommand: false
brand: ""
Expand All @@ -128,13 +128,17 @@ tasks:
- - operator: isExists
left:
value:
simple: inputs.DBotScore
complex:
root: inputs.DBotScore
iscontext: true
right:
value: {}
continueonerrortype: ""
view: |-
{
"position": {
"x": 240,
"y": 90
"y": 120
}
}
note: false
Expand All @@ -144,7 +148,6 @@ tasks:
quietmode: 0
isoversize: false
isautoswitchedtoquietmode: false
continueonerrortype: ""
"24":
id: "24"
taskid: d6b7eccb-3284-460d-8b20-197ea1c62f8a
Expand All @@ -161,11 +164,12 @@ tasks:
'#none#':
- "30"
separatecontext: false
continueonerrortype: ""
view: |-
{
"position": {
"x": -210,
"y": 270
"y": 290
}
}
note: false
Expand All @@ -175,7 +179,6 @@ tasks:
quietmode: 0
isoversize: false
isautoswitchedtoquietmode: false
continueonerrortype: ""
"25":
id: "25"
taskid: 7082757c-758b-4cda-803e-526f85f26a68
Expand Down Expand Up @@ -222,6 +225,23 @@ tasks:
simple: "3"
accessor: Score
iscontext: true
right:
value: {}
- operator: isExists
left:
value:
complex:
root: DBotScore.Score
filters:
- - operator: isEqualString
left:
value:
simple: DBotScore.Score
iscontext: true
right:
value:
simple: "3"
iscontext: true
- label: Medium
condition:
- - operator: isExists
Expand All @@ -239,6 +259,21 @@ tasks:
value:
simple: "2"
iscontext: true
- operator: isExists
left:
value:
complex:
root: DBotScore.Score
filters:
- - operator: isEqualString
left:
value:
simple: DBotScore.Score
iscontext: true
right:
value:
simple: "2"
iscontext: true
- label: Low
condition:
- - operator: isExists
Expand All @@ -256,11 +291,27 @@ tasks:
value:
simple: "1"
iscontext: true
- operator: isExists
left:
value:
complex:
root: DBotScore.Score
filters:
- - operator: isEqualString
left:
value:
simple: DBotScore.Score
iscontext: true
right:
value:
simple: "1"
iscontext: true
continueonerrortype: ""
view: |-
{
"position": {
"x": 592.5,
"y": 780
"y": 610
}
}
note: false
Expand All @@ -270,7 +321,6 @@ tasks:
quietmode: 0
isoversize: false
isautoswitchedtoquietmode: false
continueonerrortype: ""
"27":
id: "27"
taskid: 86bc9089-08a5-44e2-8a0f-03dd11411f9b
Expand All @@ -294,11 +344,12 @@ tasks:
simple: High
reputationcalc: 1
separatecontext: false
continueonerrortype: ""
view: |-
{
"position": {
"x": 990,
"y": 975
"y": 805
}
}
note: false
Expand All @@ -308,7 +359,6 @@ tasks:
quietmode: 0
isoversize: false
isautoswitchedtoquietmode: false
continueonerrortype: ""
"28":
id: "28"
taskid: 288ac730-e8e3-4782-805f-e54721977877
Expand All @@ -332,11 +382,12 @@ tasks:
simple: Medium
reputationcalc: 1
separatecontext: false
continueonerrortype: ""
view: |-
{
"position": {
"x": 592.5,
"y": 975
"y": 805
}
}
note: false
Expand All @@ -346,7 +397,6 @@ tasks:
quietmode: 0
isoversize: false
isautoswitchedtoquietmode: false
continueonerrortype: ""
"29":
id: "29"
taskid: 3132e114-0841-4c3f-800f-fab492944f7a
Expand All @@ -370,11 +420,12 @@ tasks:
simple: Low
reputationcalc: 1
separatecontext: false
continueonerrortype: ""
view: |-
{
"position": {
"x": 190,
"y": 975
"y": 805
}
}
note: false
Expand All @@ -384,7 +435,6 @@ tasks:
quietmode: 0
isoversize: false
isautoswitchedtoquietmode: false
continueonerrortype: ""
"30":
id: "30"
taskid: ca3d7b7e-95d9-48b6-87e1-c625b8f53c43
Expand All @@ -408,11 +458,12 @@ tasks:
simple: Unknown
reputationcalc: 1
separatecontext: false
continueonerrortype: ""
view: |-
{
"position": {
"x": -210,
"y": 975
"y": 805
}
}
note: false
Expand All @@ -422,7 +473,6 @@ tasks:
quietmode: 0
isoversize: false
isautoswitchedtoquietmode: false
continueonerrortype: ""
"31":
id: "31"
taskid: b894e09e-1a9a-4c62-80df-f1b53961c7c9
Expand All @@ -441,58 +491,16 @@ tasks:
- "25"
scriptarguments:
value:
simple: ${DBotScore.Indicator}
complex:
root: DBotScore
accessor: Indicator
separatecontext: false
view: |-
{
"position": {
"x": 592.5,
"y": 600
}
}
note: false
timertriggers: []
ignoreworker: false
skipunavailable: false
quietmode: 0
isoversize: false
isautoswitchedtoquietmode: false
continueonerrortype: ""
"32":
id: "32"
taskid: 0036cf03-36a0-4182-8466-db7daabf4766
type: playbook
task:
id: 0036cf03-36a0-4182-8466-db7daabf4766
version: -1
name: Indicator Registration Polling - Generic
playbookName: Indicator Registration Polling - Generic
type: playbook
iscommand: false
brand: ""
description: ''
nexttasks:
'#none#':
- "31"
scriptarguments:
frequency:
simple: "1"
indicators:
simple: ${inputs.DBotScore.Indicator}
timeout:
simple: "10"
separatecontext: true
continueonerrortype: ""
loop:
iscommand: false
exitCondition: ""
wait: 1
max: 100
view: |-
{
"position": {
"x": 592.5,
"y": 440
"y": 450
}
}
note: false
Expand All @@ -505,16 +513,19 @@ tasks:
view: |-
{
"linkLabelsPosition": {
"23_22_yes": 0.31,
"23_24_#default#": 0.24,
"25_27_High": 0.82,
"25_28_Medium": 0.76,
"25_29_Low": 0.78,
"25_30_#default#": 0.87
},
"paper": {
"dimensions": {
"height": 1340,
"height": 1050,
"width": 1580,
"x": -210,
"y": -40
"y": -10
}
}
}
Expand Down