Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Phishing playbooks small performance improvements #32282

Merged
merged 9 commits into from Jan 22, 2024
Merged

Phishing playbooks small performance improvements #32282

merged 9 commits into from Jan 22, 2024

Conversation

idovandijk
Copy link
Contributor

Status

Ready

Related Issues

fixes: https://jira-dc.paloaltonetworks.com/browse/CIAC-9493

Description

Phishing - Machine Learning Analysis
  • Added the Unique for URLs in Phishing URL prediction to ensure only unique URLs are analyzed in the machine-learning subplaybook.
Phishing - Generic v3
  • Added the Unique transformer to the URLs sent for detonation.
  • Added the Unique transformer to ensure that only unique relationships are retrieved for the IP, URL and Domain indicators.
Phishing - Indicators Hunting
  • Added the Unique transformer to the DBotScore indicators, which should improve performance when multiple enrichers are enabled.

ShirleyDenkberg
ShirleyDenkberg reviewed Jan 18, 2024
View reviewed changes
Packs/Phishing/Playbooks/Phishing_-_Generic_v3_6_8.yml Outdated Show resolved Hide resolved
Packs/Phishing/Playbooks/Phishing_-_Generic_v3_6_8.yml Outdated Show resolved Hide resolved
Packs/Phishing/Playbooks/Phishing_-_Generic_v3_6_8.yml Outdated Show resolved Hide resolved
Packs/Phishing/Playbooks/playbook-Phishing_-_Indicators_Hunting.yml Outdated Show resolved Hide resolved
Packs/Phishing/ReleaseNotes/3_6_6.md Outdated Show resolved Hide resolved
Packs/Phishing/ReleaseNotes/3_6_6.md Outdated Show resolved Hide resolved
@ShirleyDenkberg
Copy link
Contributor

@tomer-pan @AdiPeret @ArikDay Doc review completed.

@idovandijk idovandijk merged commit 33b2053 into master Jan 22, 2024
15 of 16 checks passed
@idovandijk idovandijk deleted the phishing-perf-improvements branch January 22, 2024 08:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ShirleyDenkberg ShirleyDenkberg ShirleyDenkberg left review comments

@ssokolovich ssokolovich ssokolovich approved these changes

@tomer-pan tomer-pan Awaiting requested review from tomer-pan

@ArikDay ArikDay Awaiting requested review from ArikDay

@AdiPeret AdiPeret Awaiting requested review from AdiPeret

Assignees

@ShirleyDenkberg ShirleyDenkberg

Labels
docs-approved
Projects
None yet
Milestone
No milestone
3 participants
@idovandijk @ShirleyDenkberg @ssokolovich