Dlp enhancements #27612
Merged
Dlp enhancements #27612
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ents � Conflicts: � Packs/CommonTypes/ReleaseNotes/3_3_76.md
…cements # Conflicts: # Packs/CommonTypes/ReleaseNotes/3_3_77.md
...egrations/Palo_Alto_Networks_Enterprise_DLP/Palo_Alto_Networks_Enterprise_DLP_description.md
Outdated
Show resolved
Hide resolved
...egrations/Palo_Alto_Networks_Enterprise_DLP/Palo_Alto_Networks_Enterprise_DLP_description.md
Outdated
Show resolved
Hide resolved
Packs/Palo_Alto_Networks_Enterprise_DLP/Playbooks/DLP_Incident_Feedback_Loop_6_8.yml
Outdated
Show resolved
Hide resolved
Packs/Palo_Alto_Networks_Enterprise_DLP/Playbooks/DLP_Incident_Feedback_Loop_6_8.yml
Outdated
Show resolved
Hide resolved
Packs/Palo_Alto_Networks_Enterprise_DLP/Playbooks/DLP_Incident_Feedback_Loop_6_8.yml
Outdated
Show resolved
Hide resolved
| - UserMessageApp | ||
| - ApproverMessageApp | ||
| - DenyMessage | ||
| - An approval process has been added |
There was a problem hiding this comment.
Suggested change
| - An approval process has been added | |
| - Added an approval process. |
| - An approval process has been added | ||
| - Enrichment section - user details and file report. | ||
| - Communications with the user and the manager had been configured separately. | ||
| - Email communication channel was added. |
There was a problem hiding this comment.
Suggested change
| - Email communication channel was added. | |
| - Added an email communication channel. |
| - ApproverMessageApp | ||
| - DenyMessage | ||
| - An approval process has been added | ||
| - Enrichment section - user details and file report. |
There was a problem hiding this comment.
Suggested change
| - Enrichment section - user details and file report. | |
| - Added user details and file report in an Enrichment section. |
| - Email communication channel was added. | ||
| ##### New: DLP - User Message App Check | ||
|
|
||
| - New: Check if the given message app exist and configured and retrieve the user details from it. (Available from Cortex XSOAR 6.8.0). |
There was a problem hiding this comment.
Suggested change
| - New: Check if the given message app exist and configured and retrieve the user details from it. (Available from Cortex XSOAR 6.8.0). | |
| New: Check if the given message app exists and is configured and retrieve the user details from it. (Available from Cortex XSOAR 6.8.0). |
|
|
||
| ##### DlpAskFeedback | ||
| - Updated the Docker image to: *demisto/python3:3.10.12.63474*. | ||
| - Descriptions were updated to a more generic use case and not just upload violations. |
There was a problem hiding this comment.
Suggested change
| - Descriptions were updated to a more generic use case and not just upload violations. | |
| - Updated descriptions to a more generic use case and not just upload violations. |
|
@idovandijk @adi88d @DeanArbel Doc review completed. |
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
idovandijk
reviewed
Jun 28, 2023
Packs/CommonTypes/IncidentFields/incidentfield-Failed_Logon_Events.json
Outdated
Show resolved
Hide resolved
idovandijk
reviewed
Jun 28, 2023
idovandijk
reviewed
Jun 28, 2023
Packs/Palo_Alto_Networks_Enterprise_DLP/Playbooks/DLP_Incident_Feedback_Loop_6_8_README.md
Show resolved
Hide resolved
idovandijk
approved these changes
Jun 28, 2023
Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com>
MosheEichler
pushed a commit
that referenced
this pull request
Jul 2, 2023
* playbooks and images * RN * Playbooks * Playbooks * layout * automation * integration * readme * incident field * image * RN * layout fix * pre-commit fixes * secret ignore * Add EXCEPTION_DENIED as an option to command * common fields * layout * RN * RN * ignore IF100 * remove numberoffailedevents * change new playbook name * Add 6.8 split for playbook and layout * ignore 106 * layout toVersion * pack metadata * Readme * Bump pack from version CommonTypes to 3.3.77. * after review changes * RN * Add docs for auth * description rename * description rename * Apply suggestions from docs review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from docs review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * description rename * Apply suggestions from code review Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> * RN * RN --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com>
xsoar-bot
pushed a commit
to xsoar-contrib/content
that referenced
this pull request
Jul 26, 2023
* playbooks and images * RN * Playbooks * Playbooks * layout * automation * integration * readme * incident field * image * RN * layout fix * pre-commit fixes * secret ignore * Add EXCEPTION_DENIED as an option to command * common fields * layout * RN * RN * ignore IF100 * remove numberoffailedevents * change new playbook name * Add 6.8 split for playbook and layout * ignore 106 * layout toVersion * pack metadata * Readme * Bump pack from version CommonTypes to 3.3.77. * after review changes * RN * Add docs for auth * description rename * description rename * Apply suggestions from docs review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Apply suggestions from docs review Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * description rename * Apply suggestions from code review Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com> * RN * RN --------- Co-authored-by: Content Bot <bot@demisto.com> Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Ido van Dijk <43602124+idovandijk@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Status
Related Issues
fixes: https://jira-hq.paloaltonetworks.local/browse/CIAC-5721
Description
Enhancements to the DLP use case:
New playbooks and changes to the main playbook:
Minimum version of Cortex XSOAR
Does it break backward compatibility?