New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
XSIAM - New Phishing layout + playbook fixes #30590
Conversation
…or attachment sections
…tag input, so that the blocked indicators would properly show in the phishing alert layout.
I don't know if you wanted me to review all files but the layout rule looks great :) |
Only the rule. Still need to fix a few things in other places. Thanks! |
@altmannyarden Can you please review the newly added playbook trigger? |
@AdiPeret @michal-dagan @michalgold @altmannyarden Doc review completed. |
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
…to xsiam-phishing-layout
…release and will then need to commit something again to get the fix in the build
This PR was automatically updated by a GitHub Action
To stop automatic version bumps, add the |
* Updated the field's description. * Added layout, fixed playbook, playbook image, new playbook readme, and release notes. * Added improvements for layout - added email origin and descriptions for attachment sections * formatted * Added fromversion to layout to satisfy validator * Updated phishing pack RN to reflect the change in Process Email - Generic v2 * Updated the Block Indicators - Generic v3 playbook to have a default tag input, so that the blocked indicators would properly show in the phishing alert layout. * RNs and new readme for Block Indicators pb * Added speculative layout rule * Re-exported playbook from XSOAR * validation stuff * Added layout rule RN * Added tooltip as known word + speculative RN fix * Added phishing trigger * Updated RN with trigger recommendation * Implemented feedback - added a warning to the html rendering section. * Update Packs/Phishing/ReleaseNotes/3_6_0.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Phishing/ReleaseNotes/3_6_0.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Phishing/ReleaseNotes/3_6_0.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/CommonPlaybooks/ReleaseNotes/2_4_14.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Phishing/ReleaseNotes/3_6_0.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Update Packs/Phishing/ReleaseNotes/3_6_0.md Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> * Removed emailimage and attachmentitem fields that don't exist * Updated poetry to use Dan's SDK * Fixed RN manually because SDK is terrible * Reverting poetry after verified the SDK fix. Now waiting for new SDK release and will then need to commit something again to get the fix in the build * Bump pack from version CommonPlaybooks to 2.4.15. --------- Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com> Co-authored-by: Content Bot <bot@demisto.com>
Status
Blocked - SDK issue with layout rule
Related Issues
fixes: https://jira-dc.paloaltonetworks.com/browse/CIAC-8729
fixes: https://jira-dc.paloaltonetworks.com/browse/CIAC-8752
fixes: https://jira-dc.paloaltonetworks.com/browse/CIAC-8753
fixes: https://jira-dc.paloaltonetworks.com/browse/CIAC-8826
Description