demisto · dantavori · Jul 3, 2023 · Jun 25, 2023 · Jun 26, 2023 · Jun 26, 2023
diff --git a/Packs/CheckPhish/.pack-ignore b/Packs/CheckPhish/.pack-ignore
@@ -1,2 +1,2 @@
 [file:CheckPhish.yml]
-ignore=IN135,IN145
+ignore=IN135
diff --git a/Packs/CheckPhish/Integrations/CheckPhish/CheckPhish.py b/Packs/CheckPhish/Integrations/CheckPhish/CheckPhish.py
@@ -226,7 +226,9 @@ def main():
     good_disp = argToList(demisto_params.get('good_disp'))
     susp_disp = argToList(demisto_params.get('susp_disp'))
     bad_disp = argToList(demisto_params.get('bad_disp'))
-
+    api_key = demisto_params.get('credentials_api_token', {}).get('password') or demisto_params.get('token')
+    if not api_key:
+        raise DemistoException('API token must be provided.')
     unite_dispositions(good_disp, susp_disp, bad_disp)
 
     reliability = demisto_params.get('integrationReliability')
@@ -239,7 +241,7 @@ def main():
 
     params = {
         'base_url': demisto_params['url'],
-        'api_key': demisto_params.get('token'),
+        'api_key': api_key,
         'use_ssl': not demisto_params.get('insecure', False),
         'reliability': reliability
     }

diff --git a/Packs/CheckPhish/Integrations/CheckPhish/CheckPhish.yml b/Packs/CheckPhish/Integrations/CheckPhish/CheckPhish.yml
@@ -10,8 +10,14 @@ configuration:
   type: 0
 - display: API Token
   name: token
-  required: true
+  required: false
   type: 4
+  hidden: true
+- displaypassword: API Token
+  name:  credentials_api_token
+  required: false
+  hiddenusername: true
+  type: 9
 - display: 'Good Dispositions (CheckPhish labels for non-phishing URLs. Default is "clean")'
   name: good_disp
   options:
@@ -206,5 +212,5 @@ script:
   script: '-'
   type: python
   subtype: python3
-  dockerimage: demisto/python3:3.10.11.54132
+  dockerimage: demisto/python3:3.10.12.63474
 fromversion: 5.0.0
diff --git a/Packs/CheckPhish/ReleaseNotes/1_0_18.md b/Packs/CheckPhish/ReleaseNotes/1_0_18.md
@@ -0,0 +1,6 @@
+
+#### Integrations
+
+##### CheckPhish
+- Added the *API Token* integration parameter to support credentials fetching object.
+- Updated the Docker image to: *demisto/python3:3.10.12.63474*.
diff --git a/Packs/CheckPhish/pack_metadata.json b/Packs/CheckPhish/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "CheckPhish",
     "description": "Check any URL to detect supsicious behavior.",
     "support": "xsoar",
-    "currentVersion": "1.0.17",
+    "currentVersion": "1.0.18",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

diff --git a/Packs/isight/.pack-ignore b/Packs/isight/.pack-ignore
@@ -1,2 +1,2 @@
 [file:FireEyeISIGHT.yml]
-ignore=IN144,IN145,IN107
+ignore=IN144,IN107
diff --git a/Packs/isight/Integrations/FireEyeISIGHT/FireEyeISIGHT.js b/Packs/isight/Integrations/FireEyeISIGHT/FireEyeISIGHT.js
@@ -1,7 +1,7 @@
 
 var baseUrl = 'https://api.isightpartners.com'; // iSight base url
 var publicKey = params.publicKey;
-var privateKey = params.privateKey;
+var privateKey = params.credentials_private_key? params.credentials_private_key.password : params.privateKey;
 var acceptVersion = params.version;
 var insecure = params.insecure;
 var proxy = params.proxy;
@@ -45,6 +45,9 @@ var getHeaders = function(query) {
     } else if (timestamp.indexOf('-') > 0) {
         timestamp = timestamp.substring(0,timestamp.indexOf('-'));
     }
+    if (!privateKey){
+        throw('Private Key must be provided.')
+    }
     message = query + acceptVersion + 'application/json' + timestamp;
     hashed = HMAC_SHA256_MAC(privateKey, message);
 

diff --git a/Packs/isight/Integrations/FireEyeISIGHT/FireEyeISIGHT.yml b/Packs/isight/Integrations/FireEyeISIGHT/FireEyeISIGHT.yml
@@ -15,7 +15,13 @@ configuration:
   name: privateKey
   defaultvalue: ""
   type: 4
-  required: true
+  required: false
+  hidden: true
+- displaypassword: Private Key
+  name:  credentials_private_key
+  required: false
+  hiddenusername: true
+  type: 9 
 - display: Version
   name: version
   defaultvalue: "2.5"

diff --git a/Packs/isight/Integrations/FireEyeISIGHT/FireEyeISIGHT_description.md b/Packs/isight/Integrations/FireEyeISIGHT/FireEyeISIGHT_description.md
@@ -0,0 +1,3 @@
+## FireEye iSIGHT
+FireEye iSIGHT is a cybersecurity intelligence platform that provides organizations with comprehensive threat intelligence and analysis.
+It offers real-time monitoring and detection of emerging cyber threats, allowing businesses to proactively defend against attacks.
diff --git a/Packs/isight/Integrations/FireEyeISIGHT/README.md b/Packs/isight/Integrations/FireEyeISIGHT/README.md
@@ -0,0 +1,133 @@
+
+### ip
+
+***
+basic search reports by ip
+
+#### Base Command
+
+`ip`
+
+#### Input
+
+| **Argument Name** | **Description** | **Required** |
+| --- | --- | --- |
+| ip | ip to search by. | Required | 
+
+#### Context Output
+
+| **Path** | **Type** | **Description** |
+| --- | --- | --- |
+| DBotScore.Indicator | unknown | The indicator we tested | 
+| DBotScore.Type | unknown | The type of the indicator | 
+| DBotScore.Vendor | unknown | Vendor used to calculate the score | 
+| DBotScore.Score | unknown | The actual score | 
+| IP.Address | unknown | The IP address | 
+| Report.ID | unknown | Report ID | 
+| Report.title | unknown | Report title | 
+| Report.publishDate | unknown | Report publish date | 
+| Report.intelligenceType | unknown | Report intelligence type \(overview, vulnerability, malware, threat\) | 
+### domain
+
+***
+basic search reports by domain
+
+#### Base Command
+
+`domain`
+
+#### Input
+
+| **Argument Name** | **Description** | **Required** |
+| --- | --- | --- |
+| domain | domain to search by. | Required | 
+
+#### Context Output
+
+| **Path** | **Type** | **Description** |
+| --- | --- | --- |
+| DBotScore.Indicator | unknown | The indicator we tested | 
+| DBotScore.Type | unknown | The type of the indicator | 
+| DBotScore.Vendor | unknown | Vendor used to calculate the score | 
+| DBotScore.Score | unknown | The actual score | 
+| Domain.Name | unknown | The domain name. | 
+| Report.ID | unknown | Report ID | 
+| Report.title | unknown | Report title | 
+| Report.publishDate | unknown | Report publish date | 
+| Report.intelligenceType | unknown | Report intelligence type \(overview, vulnerability, malware, threat\) | 
+### file
+
+***
+basic search file report by md5/sha1. NOTE - specify only one of md5/sha1 arguments
+
+#### Base Command
+
+`file`
+
+#### Input
+
+| **Argument Name** | **Description** | **Required** |
+| --- | --- | --- |
+| file | md5 or sha1 to search by. | Optional | 
+
+#### Context Output
+
+| **Path** | **Type** | **Description** |
+| --- | --- | --- |
+| DBotScore.Indicator | unknown | The indicator we tested | 
+| DBotScore.Type | unknown | The type of the indicator | 
+| DBotScore.Vendor | unknown | Vendor used to calculate the score | 
+| DBotScore.Score | unknown | The actual score | 
+| Report.ID | unknown | Report ID | 
+| Report.title | unknown | Report title | 
+| Report.publishDate | unknown | Report publish date | 
+| Report.intelligenceType | unknown | Report intelligence type \(overview, vulnerability, malware, threat\) | 
+### isight-get-report
+
+***
+Get specific report
+
+#### Base Command
+
+`isight-get-report`
+
+#### Input
+
+| **Argument Name** | **Description** | **Required** |
+| --- | --- | --- |
+| reportID | Report ID to search by. | Required | 
+
+#### Context Output
+
+| **Path** | **Type** | **Description** |
+| --- | --- | --- |
+| Report.ID | unknown | Report ID | 
+| Report.title | unknown | Report title | 
+| Report.publishDate | unknown | Report publish date | 
+| Report.intelligenceType | unknown | Report intelligence type \(overview, vulnerability, malware, threat\) | 
+| Report.audience | unknown | Report audience | 
+| Report.ThreatScape | unknown | Report threat scape | 
+| Report.operatingSystems | unknown | Report operating systems | 
+| Report.riskRating | unknown | Report risk rating | 
+| Report.version | unknown | Report version | 
+| Report.tagSection | unknown | Report tag section | 
+### isight-submit-file
+
+***
+Submission of malware and other files for community sharing
+
+#### Base Command
+
+`isight-submit-file`
+
+#### Input
+
+| **Argument Name** | **Description** | **Required** |
+| --- | --- | --- |
+| entryID | entry-id of the file to submit (e.g. 41@18). | Required | 
+| description | file description. | Required | 
+| type | Type of the given file. Possible values are: malware, other. | Required | 
+
+#### Context Output
+
+There is no context output for this command.
diff --git a/Packs/isight/ReleaseNotes/1_0_3.md b/Packs/isight/ReleaseNotes/1_0_3.md
@@ -0,0 +1,5 @@
+
+#### Integrations
+
+##### FireEye iSIGHT
+Added the *Private Key* integration parameter to support credentials fetching object.
diff --git a/Packs/isight/pack_metadata.json b/Packs/isight/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "FireEye iSIGHT",
     "description": "FireEye cyber threat intelligence",
     "support": "xsoar",
-    "currentVersion": "1.0.2",
+    "currentVersion": "1.0.3",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

@@ -5751,7 +5751,8 @@
         "LogRhythm": "The integration is deprecated",
         "Threat Grid": "No instance & Depreceated, replaced by ThreatGridv2",
         "ThreatGridv2": "No instance - developed by Qmasters",
-        "SentinelOne V2": "No instance - developed by partner"
+        "SentinelOne V2": "No instance - developed by partner",
+        "CheckPhish": "Issue CRTX-86562"
     },
     "nightly_packs": [
         "CommonScripts",