Merged
Conversation
* IPQualityScore integration. * Update metadata. * Add Reputation. * Updates to correct various issues. * Fix use cases. * Update documentation to guide users on how to aquire a private key. * Tweak wording. * Add ceritification. * Update Packs/IPQualityScore/Integrations/IPQualityScore/IPQualityScore.py Co-authored-by: Dan Tavori <[email protected]> * Remove malicious. * fixed tpb Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]>
dantavori
approved these changes
May 9, 2021
MosheEichler
pushed a commit
that referenced
this pull request
May 9, 2021
* IPQualityScore integration. (#12310) * IPQualityScore integration. * Update metadata. * Add Reputation. * Updates to correct various issues. * Fix use cases. * Update documentation to guide users on how to aquire a private key. * Tweak wording. * Add ceritification. * Update Packs/IPQualityScore/Integrations/IPQualityScore/IPQualityScore.py Co-authored-by: Dan Tavori <[email protected]> * Remove malicious. * fixed tpb Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * doc fixes Co-authored-by: IPQualityScore <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]>
MosheEichler
added a commit
that referenced
this pull request
May 11, 2021
* The first commit of the V2 of carbon black * The second commit of the V2 of carbon black * Commit of the complete unit_test * add commands, test playbook, and descriptions * revert existing files that chanced * Some fixes after demisto-sdk lint run * Delete some files from the pr * Release notes and mypy fixes * Update the version from version 5.0.0 * Try to fix the issue of server 5 playbook not found * Add command_examples * Fixed RN * Added 3 playbooks * RN fix * Update from version in sub playbook * demisto-sdk formating the playbooks * added incident-field * change the folder-name from incident to Incident * Update release notes * fix the commit * Fix the policy in the test play book (cherry picked from commit d92c04a) * Remove Carbon Black from skipped_integrations in conf_json (cherry picked from commit 6797d92) * Remove Carbon Black from skipped_integrations in conf_json and update RN (cherry picked from commit f8aa1b6) * Update CarbonBlackDefenseV2_description.md Done. * Update CarbonBlackDefenseV2.yml Done. * Update Carbon_Black_Defense_Find_Events.yml Done. * Update Carbon_Black_Defense_Find_Processes.yml Done. * Update Carbon_Black_Defense_Find_Event_Details.yml Done. * Update 1_1_2.md Done. * Update Carbon_Black_Defense_Find_Event_Details.yml Done. * Some changes after code review and the changes from technical writers * Add mapper and fix the code review * update RN * update Docker Image * Layout * RN * Update RN * Update RN content * Integration README * Fix secrets * RN * Update RN * Update version in README file * Demo Fixes * test conf * Validate fixes * RN * RN * Test playbook * fix the test playbook * change the integration README Carbon Black Defense to Endpoint standard * fix the overwrite results in find events/process * fix the layout * report-id, tags incident-fields * RN * report_id incident-field * RN * RN * layout to Layout * feedback changes * Add incident type mappers classifiers * classifier 5_9_9 * Add classifier * CR * fixed the hash arg * conf json * update docker image * CommonTypes RN and more incident description * fix the alert category * fix the unit test * Update CarbonBlackEndpointStandard.yml done. * Change to GetIndicatorDBotScore (#12561) * Fix * added another UT and documentation * Update Packs/CommonScripts/Scripts/GetIndicatorDBotScore/README.md Co-authored-by: Shai Yaakovi <[email protected]> * Update 1_3_41.md Done. * Update README.md Done. * Update GetIndicatorDBotScore.yml Done. * change to 1.3.42 * change to 1.3.42 Co-authored-by: Shai Yaakovi <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * update README and contact email (#12453) (#12604) Co-authored-by: Brad Chiappetta <[email protected]> * Anomali threat stream tags data bug (#12076) * Bug fix, the integration was missing the following value in DEFAULT_INDICATOR_MAPPING 'tags': 'Tags'. * ThreatStream bug fix * Added indicator tags to context and human readable * update docker image * Fix yml * Added to README.md * Fix yml * Fix README.md * Fix README.md * Update Packs/Anomali_ThreatStream/Integrations/Anomali_ThreatStream_v2/README.md Co-authored-by: roysagi <[email protected]> * update release notes * Update 1_1_1.md * Added a comment explaining the tags conversion * Fixed comment Co-authored-by: roysagi <[email protected]> * Update README.md (#12405) (#12602) * Update README.md * Update README.md Co-authored-by: roysagi <[email protected]> Co-authored-by: jschimC42 <[email protected]> Co-authored-by: roysagi <[email protected]> * fixing handling of premium packs' pack metadata (#12605) Co-authored-by: guykeller <g12k34ppp> * GitHub - Add branch arg and SHA output to Github-list-files (#12567) * Recorded Future: Added two new fields to intelligence lookups for CVEs. (#12610) * Recorded Future: Added two new fields to intelligence lookups for CVEs. (#12445) * Added two new fields to intelligence lookups for CVEs. * Added release notes. * Update Packs/RecordedFuture/ReleaseNotes/1_1_1.md Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * docker image - bumped version Co-authored-by: christian-recordedfuture <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * IPQualityScore integration. (#12552) * IPQualityScore integration. (#12310) * IPQualityScore integration. * Update metadata. * Add Reputation. * Updates to correct various issues. * Fix use cases. * Update documentation to guide users on how to aquire a private key. * Tweak wording. * Add ceritification. * Update Packs/IPQualityScore/Integrations/IPQualityScore/IPQualityScore.py Co-authored-by: Dan Tavori <[email protected]> * Remove malicious. * fixed tpb Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * doc fixes Co-authored-by: IPQualityScore <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * delete parent and blocked hash * revert unit test * delete parent and blocked hash from test play book * fix the test-module * remove the unrelated files * add val.id to the command results * fix the test-module * revert the comment about the test * Fix the version of CommonTypes * fix the proxy error in the build * latest cr fixes Co-authored-by: rshalem <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Timor Eizenman <[email protected]> Co-authored-by: Shai Yaakovi <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: Brad Chiappetta <[email protected]> Co-authored-by: Dan Sterenson <[email protected]> Co-authored-by: roysagi <[email protected]> Co-authored-by: jschimC42 <[email protected]> Co-authored-by: Guy Keller <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: christian-recordedfuture <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: IPQualityScore <[email protected]>
DeanArbel
pushed a commit
that referenced
this pull request
May 18, 2021
* IPQualityScore integration. (#12310) * IPQualityScore integration. * Update metadata. * Add Reputation. * Updates to correct various issues. * Fix use cases. * Update documentation to guide users on how to aquire a private key. * Tweak wording. * Add ceritification. * Update Packs/IPQualityScore/Integrations/IPQualityScore/IPQualityScore.py Co-authored-by: Dan Tavori <[email protected]> * Remove malicious. * fixed tpb Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * doc fixes Co-authored-by: IPQualityScore <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]>
DeanArbel
pushed a commit
that referenced
this pull request
May 18, 2021
* The first commit of the V2 of carbon black * The second commit of the V2 of carbon black * Commit of the complete unit_test * add commands, test playbook, and descriptions * revert existing files that chanced * Some fixes after demisto-sdk lint run * Delete some files from the pr * Release notes and mypy fixes * Update the version from version 5.0.0 * Try to fix the issue of server 5 playbook not found * Add command_examples * Fixed RN * Added 3 playbooks * RN fix * Update from version in sub playbook * demisto-sdk formating the playbooks * added incident-field * change the folder-name from incident to Incident * Update release notes * fix the commit * Fix the policy in the test play book (cherry picked from commit d92c04a) * Remove Carbon Black from skipped_integrations in conf_json (cherry picked from commit 6797d92) * Remove Carbon Black from skipped_integrations in conf_json and update RN (cherry picked from commit f8aa1b6) * Update CarbonBlackDefenseV2_description.md Done. * Update CarbonBlackDefenseV2.yml Done. * Update Carbon_Black_Defense_Find_Events.yml Done. * Update Carbon_Black_Defense_Find_Processes.yml Done. * Update Carbon_Black_Defense_Find_Event_Details.yml Done. * Update 1_1_2.md Done. * Update Carbon_Black_Defense_Find_Event_Details.yml Done. * Some changes after code review and the changes from technical writers * Add mapper and fix the code review * update RN * update Docker Image * Layout * RN * Update RN * Update RN content * Integration README * Fix secrets * RN * Update RN * Update version in README file * Demo Fixes * test conf * Validate fixes * RN * RN * Test playbook * fix the test playbook * change the integration README Carbon Black Defense to Endpoint standard * fix the overwrite results in find events/process * fix the layout * report-id, tags incident-fields * RN * report_id incident-field * RN * RN * layout to Layout * feedback changes * Add incident type mappers classifiers * classifier 5_9_9 * Add classifier * CR * fixed the hash arg * conf json * update docker image * CommonTypes RN and more incident description * fix the alert category * fix the unit test * Update CarbonBlackEndpointStandard.yml done. * Change to GetIndicatorDBotScore (#12561) * Fix * added another UT and documentation * Update Packs/CommonScripts/Scripts/GetIndicatorDBotScore/README.md Co-authored-by: Shai Yaakovi <[email protected]> * Update 1_3_41.md Done. * Update README.md Done. * Update GetIndicatorDBotScore.yml Done. * change to 1.3.42 * change to 1.3.42 Co-authored-by: Shai Yaakovi <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * update README and contact email (#12453) (#12604) Co-authored-by: Brad Chiappetta <[email protected]> * Anomali threat stream tags data bug (#12076) * Bug fix, the integration was missing the following value in DEFAULT_INDICATOR_MAPPING 'tags': 'Tags'. * ThreatStream bug fix * Added indicator tags to context and human readable * update docker image * Fix yml * Added to README.md * Fix yml * Fix README.md * Fix README.md * Update Packs/Anomali_ThreatStream/Integrations/Anomali_ThreatStream_v2/README.md Co-authored-by: roysagi <[email protected]> * update release notes * Update 1_1_1.md * Added a comment explaining the tags conversion * Fixed comment Co-authored-by: roysagi <[email protected]> * Update README.md (#12405) (#12602) * Update README.md * Update README.md Co-authored-by: roysagi <[email protected]> Co-authored-by: jschimC42 <[email protected]> Co-authored-by: roysagi <[email protected]> * fixing handling of premium packs' pack metadata (#12605) Co-authored-by: guykeller <g12k34ppp> * GitHub - Add branch arg and SHA output to Github-list-files (#12567) * Recorded Future: Added two new fields to intelligence lookups for CVEs. (#12610) * Recorded Future: Added two new fields to intelligence lookups for CVEs. (#12445) * Added two new fields to intelligence lookups for CVEs. * Added release notes. * Update Packs/RecordedFuture/ReleaseNotes/1_1_1.md Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * docker image - bumped version Co-authored-by: christian-recordedfuture <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * IPQualityScore integration. (#12552) * IPQualityScore integration. (#12310) * IPQualityScore integration. * Update metadata. * Add Reputation. * Updates to correct various issues. * Fix use cases. * Update documentation to guide users on how to aquire a private key. * Tweak wording. * Add ceritification. * Update Packs/IPQualityScore/Integrations/IPQualityScore/IPQualityScore.py Co-authored-by: Dan Tavori <[email protected]> * Remove malicious. * fixed tpb Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * doc fixes Co-authored-by: IPQualityScore <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * delete parent and blocked hash * revert unit test * delete parent and blocked hash from test play book * fix the test-module * remove the unrelated files * add val.id to the command results * fix the test-module * revert the comment about the test * Fix the version of CommonTypes * fix the proxy error in the build * latest cr fixes Co-authored-by: rshalem <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Timor Eizenman <[email protected]> Co-authored-by: Shai Yaakovi <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: Brad Chiappetta <[email protected]> Co-authored-by: Dan Sterenson <[email protected]> Co-authored-by: roysagi <[email protected]> Co-authored-by: jschimC42 <[email protected]> Co-authored-by: Guy Keller <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: christian-recordedfuture <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: IPQualityScore <[email protected]>
DeanArbel
added a commit
that referenced
this pull request
May 23, 2021
* added new polling commands * added new class Common.PollingConfiguration * bump CSP version * Unify search commands and update CSP polling commands handling * validate * revert BC changes * CSP linter * revert previous autofocus-samples-search-results behavior * update test playbook * Update Packs/AutoFocus/ReleaseNotes/1_2_0.md * Update Packs/Base/ReleaseNotes/1_11_0.md Co-authored-by: Anar Azadaliyev <[email protected]> * replaced ScheduleMetadata class with get_schedule_metadata() function * scheduled_command_config to scheduled_command * various small improvements * Common.ScheduledCommandConfiguration->ScheduledCommand * with_results arg -> polling arg * flake8 * Update Packs/Base/Scripts/CommonServerPython/CommonServerPython.py Co-authored-by: yuvalbenshalom <[email protected]> * add documentation * SentinelOne - Adjustments and support 2_1 (#10860) * * Added support for version 2.1 * Implemented BaseClient * Updated according to current code conventions * Arranges the commands according to changes in API * Changes to yml according to changes in code * Adjusted the existing TPB and created a new one for api version 2.1 * Updated README according to changes Added an examples.txt file Added RN and bumped version * unitests * Conf.json and tests configuration * Updated the 2.1 tpb * Changed 'occured' field handling since the API added this field in old version * Replaced the test playbooks to run as a single "thread" instead of parallel tasks * CR Changes * updates rn * Updated yml * Added integration to skipped_integrations list. * updated docker image tag * Update SentinelOne-V2.yml Updated * Update 2_0_0.md Updated * Update pack_metadata.json Updated * Updated README according to docs team changes * Added the first_fetch params to test module updated docker * removed duplicate argument definition Co-authored-by: Michal-Vardi <[email protected]> Co-authored-by: yaakovi <[email protected]> Co-authored-by: Shai Yaakovi <[email protected]> * Several integrations: Fix duplicate args (#12544) * fixed duplicate args * added instance_name to AWS - EC2 test * fixed hive observables incident field, updated docker image * updated docker images * Skipped the following tests: "BitcoinAbuse-test", "get_file_sample_by_hash_-_cylance_protect_-_test", "playbook_TrendmicroCAS_Test" (#12587) * Fixed readme (#12585) * Add incoming mirroring limitations (#12551) * Skipped the following tests: "Carbon Black Enterprise EDR Test", "Rundeck_test" (#12594) * StixCreator: changed reputation values (#12480) * split yml * adding the new values * update docker image * fixing code for the new stix version Co-authored-by: esharf <[email protected]> Co-authored-by: roysagi <[email protected]> * Axonius docker version bump 19245 (#12584) (#12591) * Updating docker container version. Updating docker container version. * Revert "Updating docker container version." This reverts commit ec4e486627adb87747553200b5d3639bfd7015ba. * Bumping docker version to 19245. Bumping docker version to 19245. * version bump and release notes Bumped version number and added missing release notes. Co-authored-by: nate-axonius <[email protected]> * Update README.md (#12586) (#12596) * Exabeam commands (#12161) * exabeam-get-notable-assets command * exabeam-get-notable-session-details command * some changes * exabeam-get-sequence-eventtypes command * start UT * UT and lint fixes * TPB * remove unrelated files * remove unrelated files * remove unrelated files * remove unrelated files * README.md * RN * CR fixes * UT fixes related to cr fixes * rn docker update * add sequence ID to event type command * update README.md * pagination * validate and lint fixes * fix some fields * revert previous changes, fix outputs path * fix readme for last changes * Fix context path * cr fixes * cr fixes * CR Fixes, lint and validate * docker image * MicrosoftGraphMail: fix problem when changeing the account (#12528) * fix problem when changing the account Co-authored-by: esharf <[email protected]> * Active Directory Query v2: fixed null outputs (#12593) * fixed null outputs * Update 1_1_11.md Co-authored-by: roysagi <[email protected]> * added the default bucket parameter (#12519) * added the default bucket parameter * improved test-module failure message * improved argument descriptions * Update 1_0_1.md Done. * fixed CR notes * updated docker image Co-authored-by: ShirleyDenkberg <[email protected]> * Update README.md (#12599) * Update README.md (#12512) * Update README.md * Update README.md * Update README.md Co-authored-by: roysagi <[email protected]> * Update README.md Co-authored-by: mjsaurbaugh <[email protected]> Co-authored-by: roysagi <[email protected]> * Update CODEOWNERS (#12601) Update code owners for build-related files * fixed the release_notes_generator to handle the layoutscontainer on the packs release notes (#12432) * fixed * testing * added test * for a failing test that reproduces the issue * Undo changes from testing * fixed unit test * Configuring nightly on gitlab (#12443) Co-authored-by: hod-alpert <[email protected]> * [EDL] Add filter fields and filter EDL queries (#12547) * add query by fields and limit edl to name,indicator_type * swtich indicator_type with type (insight mapping) * add build_number requirement for filter_fields * fix test * docker image rn * added _can_use_filter_fields to limit just populate fields to build_number=1095800 * added insight docstring * bump metadata * bump version * lower version * Change to GetIndicatorDBotScore (#12561) * Fix * added another UT and documentation * Update Packs/CommonScripts/Scripts/GetIndicatorDBotScore/README.md Co-authored-by: Shai Yaakovi <[email protected]> * Update 1_3_41.md Done. * Update README.md Done. * Update GetIndicatorDBotScore.yml Done. * change to 1.3.42 * change to 1.3.42 Co-authored-by: Shai Yaakovi <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * update README and contact email (#12453) (#12604) Co-authored-by: Brad Chiappetta <[email protected]> * Anomali threat stream tags data bug (#12076) * Bug fix, the integration was missing the following value in DEFAULT_INDICATOR_MAPPING 'tags': 'Tags'. * ThreatStream bug fix * Added indicator tags to context and human readable * update docker image * Fix yml * Added to README.md * Fix yml * Fix README.md * Fix README.md * Update Packs/Anomali_ThreatStream/Integrations/Anomali_ThreatStream_v2/README.md Co-authored-by: roysagi <[email protected]> * update release notes * Update 1_1_1.md * Added a comment explaining the tags conversion * Fixed comment Co-authored-by: roysagi <[email protected]> * Update README.md (#12405) (#12602) * Update README.md * Update README.md Co-authored-by: roysagi <[email protected]> Co-authored-by: jschimC42 <[email protected]> Co-authored-by: roysagi <[email protected]> * fixing handling of premium packs' pack metadata (#12605) Co-authored-by: guykeller <g12k34ppp> * GitHub - Add branch arg and SHA output to Github-list-files (#12567) * Recorded Future: Added two new fields to intelligence lookups for CVEs. (#12610) * Recorded Future: Added two new fields to intelligence lookups for CVEs. (#12445) * Added two new fields to intelligence lookups for CVEs. * Added release notes. * Update Packs/RecordedFuture/ReleaseNotes/1_1_1.md Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * docker image - bumped version Co-authored-by: christian-recordedfuture <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * IPQualityScore integration. (#12552) * IPQualityScore integration. (#12310) * IPQualityScore integration. * Update metadata. * Add Reputation. * Updates to correct various issues. * Fix use cases. * Update documentation to guide users on how to aquire a private key. * Tweak wording. * Add ceritification. * Update Packs/IPQualityScore/Integrations/IPQualityScore/IPQualityScore.py Co-authored-by: Dan Tavori <[email protected]> * Remove malicious. * fixed tpb Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * doc fixes Co-authored-by: IPQualityScore <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * SDK release 1-3-6 content branch (#12603) * sdk release * sdk release * sdk release * sdk release * Get incidents support populate fields (#12577) * GetIncidentsByQuery - Add support in populateFields argument * add RN * add version check * add RN * fix * Update 1_10_22.md * Update 1_10_22.md * update docker * update RN * update RN Co-authored-by: eharush <[email protected]> Co-authored-by: roysagi <[email protected]> * fixing common types pack deps bug (#12568) * Cymulate Docs Fix (#12613) * Cymulate Docs Fix (#12377) * docs fix * docs improve * changed headers from ## to ### * formmating readme * adding secret ignore Co-authored-by: Shirat Glazer <[email protected]> Co-authored-by: rsagi <[email protected]> * Fixed description name (#12615) * Fixed description name * Fixed description name * Fixed description name * Expanse v2: removed duplicate argument definition (#12616) * removed duplicate argument definition * updated docker image * Removed O365-SecurityAndCompliance-ContextResults-Test from skipped (#12529) * Removed O365-SecurityAndCompliance-ContextResults-Test from skipped * removed the instance_names field * extended timeout * extended timeout * rasterize default value fix (#12472) * rasterize default value fix * fix rn and bump metadata version * removing the default value completely * updated docker image Co-authored-by: Shai Yaakovi <[email protected]> Co-authored-by: yaakovi <[email protected]> * IsMaliciousIndicator task bug (#12578) * wrong variable * rn * rn * Merge branch 'master' into IsMalicios_bug # Conflicts: # Packs/CommonScripts/ReleaseNotes/1_3_41.md * Changed to 1.3.42 * Changed to 1.3.42 * Changed to 1.3.42 * Check were added to test playbook * Merge remote-tracking branch 'origin/master' into IsMalicios_bug # Conflicts: # Packs/CommonScripts/ReleaseNotes/1_3_42.md * added check to test playbook * RNs * Skipped the following tests: "Azure NSG - Test" (#12623) * Extract files bug (#12508) * fixed playbook for xlsb files * fixed playbook for xlsb files * rn * Update 1_9_5.md * rn Co-authored-by: roysagi <[email protected]> * Microsoft CAS fix example in yml file (#12489) * fixing yml * fixing yml * add rn * Update 1_0_17.md * add rn * Update Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Co-authored-by: roysagi <[email protected]> * Update Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Co-authored-by: roysagi <[email protected]> Co-authored-by: roysagi <[email protected]> * Create new STIX indicator fields types (#12477) * add new indicator fields and create course of action and campaign indictor types * add infra to types * 1. add new layouts 2. add new indicator types 3. modify indicator fields * rename file names * recreated RN * change version number * delete rep extra * fix wrong layout name * fix layout name * change layout filename * change default mapping * update RN * update RN * change infra types field fromversion to 5.5.0 * add new indicator field * change Kill_Chain_Phases to not be associated to all 2. change from version * add selectvalues to kill chain phases * FindSimilarIncidents - improve query performance (#12441) * fix rn (#12627) * Second stage of changes for the adoption of the content pack by Intel 471. (#12600) * Second stage of changes for the adoption of the content pack by Intel 471. (#12549) * Support/adoption notice for the pack added. * Support/adoption notice for the pack added. * Update pack_metadata.json * Update package-lock.json * Create 1_1_1.md * Support/adoption notice for the pack added. * Support/adoption notice for the pack added. * Version incremented. * Update package-lock.json * Intel 471 logo updated and second stage pack adoption changes made. * Additional detail added to the content pack's README.md * Support changed to 'partner'. * Version ammended in an attempt to update version using SDK. * Arbitary change in an attempt to get SDK to update version. * Adoption date changed. * Update of version. * manually changed version * Bumped versions Co-authored-by: reut shalem <[email protected]> Co-authored-by: ShahafBenYakir <[email protected]> * added to secrets ignore Co-authored-by: rhallick <[email protected]> Co-authored-by: reut shalem <[email protected]> Co-authored-by: ShahafBenYakir <[email protected]> Co-authored-by: mgalitzki <[email protected]> * fixed an issue with max attribute parameter after upgrade (#12622) * XSOARLabUpdates Pack (#12406) * SendContentUpdates pack * cr & demo fixes * pack readme update * Deprecate TCPIPUtils (#9646) * deprecate tcpiputils * Update Packs/TCPIPUtils/Integrations/integration-TCPIPUtils.yml Co-authored-by: Guy Lichtman <[email protected]> * Updated Co-authored-by: Guy Lichtman <[email protected]> Co-authored-by: Alex Fiedler <[email protected]> * Threat crowd v2 (#12103) * Add integration * added tests * Update ThreatCrowd_v2.py fix documentation * Update README.md * fixed secrets * command's name change * command's name change * Update Packs/Threat_Crowd/Integrations/ThreatCrowdV2/README.md Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Threat_Crowd/Integrations/ThreatCrowdV2/ThreatCrowd_v2.py Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Threat_Crowd/Integrations/ThreatCrowdV2/ThreatCrowd_v2.py Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Threat_Crowd/Integrations/ThreatCrowdV2/ThreatCrowd_v2.yml Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Threat_Crowd/Integrations/ThreatCrowdV2/ThreatCrowd_v2.py Co-authored-by: Bar Katzir <[email protected]> * added resolution handling with instance param * CR fixes * CR fixes * Update Packs/Threat_Crowd/Integrations/ThreatCrowdV2/ThreatCrowd_v2.yml Co-authored-by: Bar Katzir <[email protected]> * pr fixes * pr fixes * test fix * test fix * test fix * deprecated old integration * deprecated old integration * PR fix * PR fix * Update Packs/Threat_Crowd/Integrations/ThreatCrowd_v2/README.md Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Threat_Crowd/Integrations/ThreatCrowd_v2/README.md Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Threat_Crowd/Integrations/ThreatCrowd_v2/ThreatCrowd_v2.py Co-authored-by: Bar Katzir <[email protected]> * CR fix * Update ThreatCrowd_v2_test.py removed commented imports * Update Packs/Threat_Crowd/Integrations/ThreatCrowd_v2/ThreatCrowd_v2.yml Co-authored-by: Bar Katzir <[email protected]> * Update ThreatCrowd_v2.py CR fix * Update Packs/Threat_Crowd/Integrations/ThreatCrowd_v2/ThreatCrowd_v2.py Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Threat_Crowd/Integrations/ThreatCrowd_v2/ThreatCrowd_v2.py Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Threat_Crowd/Integrations/ThreatCrowd_v2/ThreatCrowd_v2.yml Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Threat_Crowd/Integrations/ThreatCrowd_v2/ThreatCrowd_v2.yml Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Threat_Crowd/Integrations/ThreatCrowd_v2/ThreatCrowd_v2.yml Co-authored-by: Bar Katzir <[email protected]> * Update ThreatCrowd_v2.py CR fix * CR fix * Update README.md Done. * Update ThreatCrowd_v2.yml Done. * Update 2_0_0.md Done. * CR fix * CR fix * CR fix * CR fix * Demo fixes * Validate fixes * Update Packs/Threat_Crowd/Integrations/ThreatCrowd_v2/README.md Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Threat_Crowd/Integrations/ThreatCrowd_v2/README.md Co-authored-by: Bar Katzir <[email protected]> * Update Packs/Threat_Crowd/ReleaseNotes/2_0_0.md Co-authored-by: Bar Katzir <[email protected]> * Update ThreatCrowd_v2.py CR fixes * Update ThreatCrowd_v2.py small bug fix * Update ThreatCrowd_v2.yml changed description of limit * PR lint fix Co-authored-by: Bar Katzir <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Proof Point Threat Response - added fetch delta as a integration parameter (#12042) * added fetch delta as a integration parameter * added raw response added two params fetch_limit and fetch_delta * fixed secrets * fixed rn * Update Packs/ProofpointThreatResponse/Integrations/ProofpointThreatResponse/ProofpointThreatResponse.py Co-authored-by: Bar Katzir <[email protected]> * added debug logs and changes res.json file * changed name of variable * added debug logs * updated debug logs from py3 to py2 * removed str setting * updated the extention of the ids * added order to results * added logs * added support for minutes and hours in fetch_delta * removed already fetched and new fetched ids * updated first fetch from value to relative added last_fetch_incident_id to get incidents that happen at the same time and are not gathered together. added helper functions * added unit tests for the next functionality * added rn * fixed flake8 * added to readme edited descriptions of parameters added description regarding timeouts * fixed readme * Update Packs/ProofpointThreatResponse/ReleaseNotes/1_0_3.md * pr fixes Co-authored-by: Bar Katzir <[email protected]> * update integration desc (#12633) * Hod/instance testing support (#12620) * Fixing instance testing flow for circle build * Adding instance-testing flow for gitlab-ci * Adding trigger script Co-authored-by: hod-alpert <[email protected]> * added requrment - pygithub (#12634) * Updated ReadMe.md (#12597) (#12628) * Updated ReadMe.md * Update README.md Co-authored-by: roysagi <[email protected]> Co-authored-by: RiskSenseProduct <[email protected]> Co-authored-by: roysagi <[email protected]> * Adding support in release branches (#12475) * Adding support in release branches Co-authored-by: hod-alpert <[email protected]> * MISP search-attributes command (#12429) * MISP search-attributes command * Added RNs * Added 'Event' and 'Object' to the outputs * Updated yml * Updated Readme * Updates after meeting with customer * Updated yml * Added TPB * Updated TPB * Added comment about Galaxy * Update Packs/MISP/Integrations/MISP_V2/MISP_V2.py Co-authored-by: yuvalbenshalom <[email protected]> * Update 1_0_7.md Done. * Update MISP_V2.yml Done. * Updated README * Updated YML * Updated RN Co-authored-by: yuvalbenshalom <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * [Community Contribution] SendGrid (#12361) (#12636) * Allowing server scripts to continue when one of the step fails (#12639) Co-authored-by: hod-alpert <[email protected]> * Search relationships fix (#12637) * updated error handling when no relationships * updated docker * rename ThreatCrowd_v2.png -> ThreatCrowd_v2_image.png (#12641) * rename ThreatCrowd_v2.png -> ThreatCrowd_v2_image.png * Update 2_0_1.md Co-authored-by: roysagi <[email protected]> * Update README.md (#12638) (#12644) * Update README.md * Update README.md Co-authored-by: roysagi <[email protected]> Co-authored-by: soumenchakraborty-endace <[email protected]> Co-authored-by: roysagi <[email protected]> * TB for relationships scripts (#12555) * added TB * Update Packs/Base/TestPlaybooks/Relationships_scripts_Test.yml * added TB to scripts * format of TB * format of TB * added sleep to TB * added sleep * fixed validate * added rn * Update Packs/Base/TestPlaybooks/Relationships_scripts_Test.yml Co-authored-by: Bar Katzir <[email protected]> * GitHub - list team members (#12560) * new pr * fix comments * fix lint * change to max_users * change to max_users * Update Packs/GitHub/ReleaseNotes/1_2_4.md Co-authored-by: Shai Yaakovi <[email protected]> * add ut * fix comment * fix comment * add file context output * add file context output * fix comment * fixes Co-authored-by: Shai Yaakovi <[email protected]> * Update README.md (#12563) (#12647) * Update README.md * Update Packs/ThreatQ/README.md Co-authored-by: Matt Chase <[email protected]> Co-authored-by: Matt Chase <[email protected]> Co-authored-by: ryantoddtq <[email protected]> Co-authored-by: Matt Chase <[email protected]> * Create README.md (#12521) (#12606) * Create README.md * Update README.md Co-authored-by: roysagi <[email protected]> Co-authored-by: sgukal <[email protected]> Co-authored-by: roysagi <[email protected]> * Unite service desk plus packs (#12094) * unite service desk plus packs * Fix unitests * small fixes * fix unitests * fix cr * remove hidden * update docker image * update docker image * Skipped the following tests: "AutoFocus V2 test", "VirusTotal (API v3) Detonate Test" (#12643) * bump version (#12656) * The first commit of the V2 of carbon black (#11478) * The first commit of the V2 of carbon black * The second commit of the V2 of carbon black * Commit of the complete unit_test * add commands, test playbook, and descriptions * revert existing files that chanced * Some fixes after demisto-sdk lint run * Delete some files from the pr * Release notes and mypy fixes * Update the version from version 5.0.0 * Try to fix the issue of server 5 playbook not found * Add command_examples * Fixed RN * Added 3 playbooks * RN fix * Update from version in sub playbook * demisto-sdk formating the playbooks * added incident-field * change the folder-name from incident to Incident * Update release notes * fix the commit * Fix the policy in the test play book (cherry picked from commit d92c04abac587d0f9fa5325bc62713d91b2fce07) * Remove Carbon Black from skipped_integrations in conf_json (cherry picked from commit 6797d92c4520b57089c846e03186aa9e6f362ed9) * Remove Carbon Black from skipped_integrations in conf_json and update RN (cherry picked from commit f8aa1b63f6d247fffde504a1dc645ee4b8ae2495) * Update CarbonBlackDefenseV2_description.md Done. * Update CarbonBlackDefenseV2.yml Done. * Update Carbon_Black_Defense_Find_Events.yml Done. * Update Carbon_Black_Defense_Find_Processes.yml Done. * Update Carbon_Black_Defense_Find_Event_Details.yml Done. * Update 1_1_2.md Done. * Update Carbon_Black_Defense_Find_Event_Details.yml Done. * Some changes after code review and the changes from technical writers * Add mapper and fix the code review * update RN * update Docker Image * Layout * RN * Update RN * Update RN content * Integration README * Fix secrets * RN * Update RN * Update version in README file * Demo Fixes * test conf * Validate fixes * RN * RN * Test playbook * fix the test playbook * change the integration README Carbon Black Defense to Endpoint standard * fix the overwrite results in find events/process * fix the layout * report-id, tags incident-fields * RN * report_id incident-field * RN * RN * layout to Layout * feedback changes * Add incident type mappers classifiers * classifier 5_9_9 * Add classifier * CR * fixed the hash arg * conf json * update docker image * CommonTypes RN and more incident description * fix the alert category * fix the unit test * Update CarbonBlackEndpointStandard.yml done. * Change to GetIndicatorDBotScore (#12561) * Fix * added another UT and documentation * Update Packs/CommonScripts/Scripts/GetIndicatorDBotScore/README.md Co-authored-by: Shai Yaakovi <[email protected]> * Update 1_3_41.md Done. * Update README.md Done. * Update GetIndicatorDBotScore.yml Done. * change to 1.3.42 * change to 1.3.42 Co-authored-by: Shai Yaakovi <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * update README and contact email (#12453) (#12604) Co-authored-by: Brad Chiappetta <[email protected]> * Anomali threat stream tags data bug (#12076) * Bug fix, the integration was missing the following value in DEFAULT_INDICATOR_MAPPING 'tags': 'Tags'. * ThreatStream bug fix * Added indicator tags to context and human readable * update docker image * Fix yml * Added to README.md * Fix yml * Fix README.md * Fix README.md * Update Packs/Anomali_ThreatStream/Integrations/Anomali_ThreatStream_v2/README.md Co-authored-by: roysagi <[email protected]> * update release notes * Update 1_1_1.md * Added a comment explaining the tags conversion * Fixed comment Co-authored-by: roysagi <[email protected]> * Update README.md (#12405) (#12602) * Update README.md * Update README.md Co-authored-by: roysagi <[email protected]> Co-authored-by: jschimC42 <[email protected]> Co-authored-by: roysagi <[email protected]> * fixing handling of premium packs' pack metadata (#12605) Co-authored-by: guykeller <g12k34ppp> * GitHub - Add branch arg and SHA output to Github-list-files (#12567) * Recorded Future: Added two new fields to intelligence lookups for CVEs. (#12610) * Recorded Future: Added two new fields to intelligence lookups for CVEs. (#12445) * Added two new fields to intelligence lookups for CVEs. * Added release notes. * Update Packs/RecordedFuture/ReleaseNotes/1_1_1.md Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * docker image - bumped version Co-authored-by: christian-recordedfuture <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * IPQualityScore integration. (#12552) * IPQualityScore integration. (#12310) * IPQualityScore integration. * Update metadata. * Add Reputation. * Updates to correct various issues. * Fix use cases. * Update documentation to guide users on how to aquire a private key. * Tweak wording. * Add ceritification. * Update Packs/IPQualityScore/Integrations/IPQualityScore/IPQualityScore.py Co-authored-by: Dan Tavori <[email protected]> * Remove malicious. * fixed tpb Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * doc fixes Co-authored-by: IPQualityScore <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * delete parent and blocked hash * revert unit test * delete parent and blocked hash from test play book * fix the test-module * remove the unrelated files * add val.id to the command results * fix the test-module * revert the comment about the test * Fix the version of CommonTypes * fix the proxy error in the build * latest cr fixes Co-authored-by: rshalem <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Timor Eizenman <[email protected]> Co-authored-by: Shai Yaakovi <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: Brad Chiappetta <[email protected]> Co-authored-by: Dan Sterenson <[email protected]> Co-authored-by: roysagi <[email protected]> Co-authored-by: jschimC42 <[email protected]> Co-authored-by: Guy Keller <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: christian-recordedfuture <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: IPQualityScore <[email protected]> * Supporting handling the clean up of the build (#12654) Co-authored-by: hod-alpert <[email protected]> * [greynoise-266] Add new Integration "GreyNoise Community" (#12640) (#12659) * Add section_start and section_end helper functions (#12655) * Build requirements - lock PyGithub (#12665) * test * trigger trendmicroapex lint * set pygithub to 1.54.1 * check with pygithub 1.55 * revert test comments and lock version on 1.54.1 * fixing validation (#12663) Co-authored-by: guykeller <g12k34ppp> * Add link to EWS V2 Troubleshooting information (#12666) * More info about the ioc key (#12436) * More info about the ioc key * Change score to unknown * check if indicator exist * RN * CR * RN and calc_score * threatgrid to threat grid * URL apostrophes bug fix (#12629) * Add apostrophes to URL regex * Update release notes * Update release notes * Updated Indicators-reputation-Test playbook * Update pack_metadata.json * Updated release notes * Updated release notes * Fix playbook yml file * Email campaign context key (#12258) * store in context according fieldsToDisplay arg - test * code review changes * code review changes v2 * code review changes v2 * demo changes * demo changes v2 * Fix bug related to emailto field in the fieldsToDisplay * Update 1_1_0.md Done. * Update FindEmailCampaign.yml Done. * update docker image Co-authored-by: ShirleyDenkberg <[email protected]> * added more types to remove_code_files function (#12559) * added more types to remove_code_files function * changed flake8 * added comment to CommomServerPowerShell test changes * added test * removed changes in powershell file * applying changes from pr * fixed flake8 * IPinfo v2 (#12382) * added entry_type to CSP ctor, defaults to EntryType.NOTE * output format documentation, code refactoring, test files (#35409) * added indicator relationships (#35467) * added relations to CommandResults (alongside IP indicator) Co-authored-by: Dean Arbel <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Fix Typo in should_lint_all.sh (#12668) * prisma cloud readme: fix broken links (#12657) * Github integration update to fetch PR's as incidents,with additional … (#12148) (#12685) * Github integration update to fetch PR's as incidents,with additional command * Fixing a lint issue * Updating the release notes * Update get check runs command * Resolves conflicts & Updated the Docker image * Update the PR/Issue Select parameter and outpout format * Resolves conflicts * Resolves conflicts * Update Fetch Object Parameter * Replace PR with Pull_requests * Resolves conflicts * Updated the release notes * Add section_start and section_end helper functions (#12655) * Build requirements - lock PyGithub (#12665) * test * trigger trendmicroapex lint * set pygithub to 1.54.1 * check with pygithub 1.55 * revert test comments and lock version on 1.54.1 * fixing validation (#12663) Co-authored-by: guykeller <g12k34ppp> * Add link to EWS V2 Troubleshooting information (#12666) * Resolves conflicts Co-authored-by: mgalitzki <[email protected]> Co-authored-by: avidan-H <[email protected]> Co-authored-by: Itay Keren <[email protected]> Co-authored-by: Guy Keller <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Ayman Mahmoud <[email protected]> Co-authored-by: mgalitzki <[email protected]> Co-authored-by: avidan-H <[email protected]> Co-authored-by: Itay Keren <[email protected]> Co-authored-by: Guy Keller <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Updated integration image and added Author_image. Also changed link to website inREADME.md. (#12681) (#12691) * Support/adoption notice for the pack added. * Support/adoption notice for the pack added. * Update pack_metadata.json * Update package-lock.json * Create 1_1_1.md * Support/adoption notice for the pack added. * Support/adoption notice for the pack added. * Version incremented. * Update package-lock.json * Intel 471 logo updated and second stage pack adoption changes made. * Additional detail added to the content pack's README.md * Support changed to 'partner'. * Version ammended in an attempt to update version using SDK. * Arbitary change in an attempt to get SDK to update version. * Adoption date changed. * Update of version. * manually changed version * Bumped versions * Updated Intel 471 logos to dark features. * Added Author_image and changed link to website in README.md. * Update 1_2_1.md Co-authored-by: reut shalem <[email protected]> Co-authored-by: ShahafBenYakir <[email protected]> Co-authored-by: mgalitzki <[email protected]> Co-authored-by: roysagi <[email protected]> Co-authored-by: rhallick <[email protected]> Co-authored-by: reut shalem <[email protected]> Co-authored-by: ShahafBenYakir <[email protected]> Co-authored-by: mgalitzki <[email protected]> Co-authored-by: roysagi <[email protected]> * fix incident to credential (#12692) * adding empty readme validation to pack ignore (#12693) * pack ignore * Update PCAP Analysis PCAP_File_Carving playbook and layout (#12516) * updating PCAP Files Carving playbook for Pack PCAP Analysis * update release notes and pack_metadata * update release notes and pack_metadata * update png in PCAP_File_Carving_README * updating PCAP_Files_Carving layout for 5.5 * updating PCS RCE playbook description * Update playbook-PCAP_File_Carving.yml Done. * Update playbook-PCAP_File_Carving_README.md Done. * Update 2_4_0.md Done. * update typo Co-authored-by: ShirleyDenkberg <[email protected]> * update build related owners (#12694) * Group ib tia (#12672) * Group ib tia (#12426) * Initial commit of GroupIB_TIA * Add whole integration * Add whole integration * Change relative URLs to absolute * Change relative URLs to absolute * Fix names, IDs and fromVersion in some JSONs and a few strings of redundant code * Update Packs/GroupIB_ThreatIntelligence&Attribution/Classifiers/classifier-Group-IB_Threat_Intelligence_&_Attribution_(mapper).json * Update Packs/GroupIB_ThreatIntelligence&Attribution/Classifiers/classifier-Group-IB_Threat_Intelligence_&_Attribution_(mapper).json * Replace unicode with actual symbols * Change pack description * update dbot_classification_incident_type_all internalMapping to be empty obj instead of null * Download new playbook image * Delete Incident_Postprocessing_-_Group-IB_Threat_Intelligence_&_Attribution.png * Delete Incident_Postprocessing_-_Group-IB_Threat_Intelligence_&_Attribution_Tue_May_11_2021 (1).png * Add new playbook image * Change auto-extraction from custom to built-in functions * Minor fixes * Minor fixes * revert changes in conf.json * Delete extra lines from mapper * revert changes in conf.json * Delete extra lines from layouts and fix fields names * rm uuid from GIB Compromised IMEI filename * rm uuid from GIB Compromised Mule filename * rm uuid from GIB Victim IP filename * resolve conf.json conflicts Co-authored-by: Itay Keren <[email protected]> * rm & from pack id Co-authored-by: EvgeniyMeteliza <[email protected]> Co-authored-by: Itay Keren <[email protected]> Co-authored-by: ikeren <[email protected]> * SailPointIdentityIQ & SailPointIdentityNow - add secrets ignore (#12653) * add secrets ignore * add secrets ignore * add secrets ignore * Empty readme check add pack ignore (#12696) * added empty readme files * GitHub Add Get PRs Of Branch Command (#12420) * wip * wip * wip * wip * Update Packs/GitHub/Integrations/GitHub/GitHub.py Co-authored-by: Shahaf Ben Yakir <[email protected]> * fixes * bug fix * moved load data inside test func * wip * wip * Update Packs/GitHub/Integrations/GitHub/GitHub.yml Co-authored-by: Andrew Shamah <[email protected]> * Update Packs/GitHub/Integrations/GitHub/GitHub.yml Co-authored-by: Andrew Shamah <[email protected]> * Update Packs/GitHub/ReleaseNotes/1_2_3.md Co-authored-by: Andrew Shamah <[email protected]> * merged master solved conflicts * merged master solved conflicts * merged master solved conflicts * merged master solved conflicts * retrigger build * retrigger build * added readme command * merged master solved conflicts * merged master solved conflicts Co-authored-by: Shahaf Ben Yakir <[email protected]> Co-authored-by: Andrew Shamah <[email protected]> * Url scan remove not needed relationships (#12690) * removed junk relationships * added rn * Update Packs/UrlScan/ReleaseNotes/1_1_6.md Co-authored-by: Andrew Shamah <[email protected]> Co-authored-by: Bar Katzir <[email protected]> Co-authored-by: Andrew Shamah <[email protected]> * fixing validation (#12680) * fixing validation * fixing validation Co-authored-by: guykeller <g12k34ppp> * Update handle_external_pr.py (#12705) * Added ignore of separators validation (#12704) * Added ignore of separators validation * Added ignore of separators validation * Added ignore of separators validation * Added ignore of separators validation * Added ignore of separators validation * Deprecated playbooks (#12503) * Add "deprecated" field to deprecated playbooks * Add "deprecated" field to deprecated playbooks * Add "deprecated" field to deprecated playbooks * Add "deprecated" field to deprecated playbooks * Add "deprecated" field to deprecated playbooks * Update playbook-Dedup_-_Generic_v2.yml * Flash point refactor common indicator and relationships supprort (#12384) * added relationships and refactor to Common indicator objects * added context to readme * fixed ut and test data, Fixed reliablity to not be required * added rn * update rn number * fixed ut * added rn * added create_relationships param to yml * added create_relationships param * fixed ut * Fixed images names (#12440) * Fixed images names * Fixed images names * Fixed images names * Proofpoint Threat Response beta - Added README (#12444) * Added README * Fixed README * Remove dedup generic v2 (#11994) * wip * wip * wip * wip * wip * wip * wip * wip * merged master solved conflicts * merged master * added RN * wip * wip * Skipped the following tests: "GmailTest" (#12458) * Updated Cortext XDR Pack README (#12299) * Update README.md (#12414) Done. * Zscalar: Fix key error (#12461) * fixed Zscaler key error bug * fixed DbotScore output descriptions * Skipped the following tests: "Gmail Single User - Test", "Microsoft Teams Management - Test" (#12462) * Change multi select duplicate similar incident script (#12449) * multi select remove duplicate * add RN * lint * update docker image * lint * lint * Updated * change file name * change currentVersion Co-authored-by: Alex Fiedler <[email protected]> * URLhuas: Fix none type iterable bug (#12460) * fixed URLhaus bug - none type iterator * updated docker image * Kafka v2 - add max_bytes_per_message parameter (#12363) * Added the max_bytes_per_message integration parameter * Added RN * Added RN * Updated docker image * Update Packs/Kafka/Integrations/Kafka_V2/Kafka_V2.yml Co-authored-by: roysagi <[email protected]> * Carbon black edr incorrect isolation status (#12379) * fix the bug with isolation true * RN * Update 1_1_7.md * RN Co-authored-by: roysagi <[email protected]> * MicrosoftApiModule: Verify no session_state in code (#12340) * Added a validation that the auth code provided doesnt contain the session_state part. * many many changes * Added a blank line * Bumped version only for integration that support auth code flow. * Adding preprocessing stage when applying prediction on a list of texts (#12448) * adding a field to blacklist at fetchdata * adding cleaning html to *none* preprocessing * added preprocessing stage when prediction is applied on a list * remove unnecessary result * fixing spacy 3 incompatibility * changing test mock for supporting shift from WordTokenizerNLP to DBotPreProcessTextData * flake8 * Added RNs * added support when regular phishing classifier returns numpy float * Stabilizing *Get EWS Folder Test* * returning fromversion field to the playbook * Codecov playbook | GitHub search code (#12430) * Added github code search for the codecov playbook * Added github code search for the codecov playbook * Updated descriptions * Updated descriptions * Updated descriptions * Updated descriptions * updated image * updated image * updated image * Cyberint attachment feature (#12465) * Cyberint attachment feature (#12181) * Push for PR * Fix lint and validation tests * Fix lint issue * Edit pack metadata * Fix PR comments * Fix indentation * Remove unnecessary validation * update metadata Co-authored-by: yehudaQ <[email protected]> Co-authored-by: Itay Keren <[email protected]> * update README with relevant information (#12466) * update README with relevant information (#12427) * ignore https://www.twinwave.io Co-authored-by: Bryan Burns <[email protected]> Co-authored-by: Itay Keren <[email protected]> * Cyberint - fix readme (#12471) * fix readme * rm joe * deleted test.json file (#12474) * Vm ray upload sample bug (#12394) * Fix the error in VMRay with analyzed files * RN * unit test * reanalyzed to reanalyze * fix the err msg * RN * fix the unit test with request_mocker * Update 1_0_1.md * fix build Co-authored-by: roysagi <[email protected]> * unskip teams mgmt (#12476) * return results failed to receive a result entry in a list (#12419) * Fixed a bug where return results failed to receive a demisto results entry * removed unnecessary return and added rn * removed return * fixed return_results * Changed version * Changed version * Changed version * Update 1_10_9.md * Added tests Reverted changes to show test is failing * Reverted changes to show the added test is failing * fix * added fix back * version * Bumped meta version * Removed unnecessary condition * Removed unnecessary condition * Changed versions * Changed versions * Pull from master * Bumped metadata version Co-authored-by: roysagi <[email protected]> * Updated description of URLScan integration (#12422) * Update UrlScan.yml Done * add release notes and bump version * added release notes Co-authored-by: ybenshalom <[email protected]> * added fields to the indicator classes (#12186) * added fields to the indicator classes * fixed file outputs * Updated the classes * fixed test * lint fixes * added release notes * added descriptions * Resolves conflicts * Resolves conflicts * Taxii Server - docker image update + TPB (#12481) * docker image update + TPB * Update 1_0_3.md Done. Co-authored-by: ShirleyDenkberg <[email protected]> * Update Microsoft Graph Files Integration README (#12470) * Update README.md Done. * Update README.md Co-authored-by: eli sharf <[email protected]> * Xpanse - Adding new VM playbook (#12389) * QradarV1: Update test-module (#12484) * Updated test-module * RN and version bump * RSA Netwitness readme note (#12468) * readme note * Update Packs/RSANetWitness_v11_1/Integrations/RSANetWitness_v11_1/README.md Co-authored-by: Bar Katzir <[email protected]> * Update README.md Done. Co-authored-by: Bar Katzir <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * deprecated playbook * mock Feodo Tracker IP Blocklist Feed (#11898) Co-authored-by: esharf <[email protected]> * added an option to batch save to kv store (#12323) * added an option to batch save to kv store * fixup! added an option to batch save to kv store * Update 2_0_2.md * fixup! Update 2_0_2.md Co-authored-by: esharf <[email protected]> Co-authored-by: roysagi <[email protected]> * comment updated (#12505) Co-authored-by: esharf <[email protected]> * Add "deprecated" field to deprecated playbooks * Add "deprecated" field to deprecated playbooks * Add "deprecated" field to deprecated playbooks * Add "deprecated" field to deprecated playbooks * Add "deprecated" field to deprecated playbooks * Update 1_9_5.md * EWS TPBs adjustments (#12497) * py_ews adjustments * Updated EWS Public Folders Test * Removed sec&comp * Add "deprecated" field to deprecated playbooks * Add "deprecated" field to deprecated playbooks. * Add "deprecated" field to deprecated playbooks. * Add "deprecated" field to deprecated playbooks. * Add "deprecated" field to deprecated playbooks. * Add "deprecated" field to deprecated playbooks. * Add "deprecated" field to deprecated playbooks. * Update PANW_-_Hunting_and_threat_detection_by_indicator_type_V2.yml Added replacement playbook name * Add "deprecated" field to deprecated playbooks. * Add "deprecated" field to deprecated playbooks. * Add "deprecated" field to deprecated playbooks. * Add "deprecated" field to deprecated playbooks. * Add "deprecated" field to deprecated playbooks. * Add "deprecated" field to deprecated playbooks. * Add "deprecated" field to deprecated playbooks. * Add "deprecated" field to deprecated playbooks. * Add "deprecated" field to deprecated playbooks. * Add "deprecated" field to deprecated playbooks. Co-authored-by: Yana Orhov <[email protected]> Co-authored-by: Yaakov Praisler <[email protected]> Co-authored-by: reut shalem <[email protected]> Co-authored-by: tomneeman151293 <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Shai Yaakovi <[email protected]> Co-authored-by: yguezpa <[email protected]> Co-authored-by: Alex Fiedler <[email protected]> Co-authored-by: roysagi <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: Bargenish <[email protected]> Co-authored-by: Lior Perry <[email protected]> Co-authored-by: altmannyarden <[email protected]> Co-authored-by: yehudaQ <[email protected]> Co-authored-by: Itay Keren <[email protected]> Co-authored-by: Bryan Burns <[email protected]> Co-authored-by: Shahaf Ben Yakir <[email protected]> Co-authored-by: ybenshalom <[email protected]> Co-authored-by: MosheGalitzky <[email protected]> Co-authored-by: Timor Eizenman <[email protected]> Co-authored-by: eli sharf <[email protected]> Co-authored-by: Bar Katzir <[email protected]> Co-authored-by: esharf <[email protected]> Co-authored-by: David Baumstein <[email protected]> * Change ExampleJSScript to work against reachable domain (#12702) * fix-TestJavaScriptCmdExampleScript * change comment add no tests * increment version * tim processing: removing broken link (#12689) * tim processing: removing broken link * change link * Misp update search attributes (#12714) * MISP - Decay Score Update * Added RN * add to secrets ignore (#12716) * Enhanced to evaluate values with custom condition expressions. (#12303) (#12715) * Enhanced to evaluate values with custom condition expressions. * Modified ReleaseNotes * Removed an unreachable code. * Modified the design with the advice. * Update 1_3_36.md * Update 1_3_36.md * Update 1_3_36.md * Removed assertLegacyCondition * Changed `condition` to `op` in the arguments, and added predefined operators. * Modified pack_metadata.json * Updated README with the modification that the argument name changes. * Changed `op` to `condition` again. * Modified the description of `options` to explain `<type>`. * Merged 1_3_36.md * Reverted 1_3_41.md * Updated some docs to the review comments. * Update Packs/CommonScripts/Scripts/IfThenElse/IfThenElse.yml Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Masahiko Inoue <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * [Community Contribution] iLert (#12695) * [Community Contribution] iLert (#12100) * "pack contribution initial commit" * refactor after review * iLert change after review * fix ack and resolve commands for iLert * refactor iLert integration after review * refactor iLert pack text after review * some convention fixes, added UT and updated metadata file Co-authored-by: yacut <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * Update .pack-ignore * Update ILert.yml Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: yacut <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * Trend Micro DDA: attempted to fix bad request (#12712) * attempted to fix bad request by removing the 'Host' header when empty * fixed syntax error * added release notes * added ignore_readable_output and fixed test * remove docstring * remove performance_test.csv * update docker image * reimplemented polling commands with a generic function run_polling_command * simplified run_polling_command and removed disable_readable_output * lint Co-authored-by: Anar Azadaliyev <[email protected]> Co-authored-by: yuvalbenshalom <[email protected]> Co-authored-by: Bargenish <[email protected]> Co-authored-by: Michal-Vardi <[email protected]> Co-authored-by: yaakovi <[email protected]> Co-authored-by: Shai Yaakovi <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: Shahaf Ben Yakir <[email protected]> Co-authored-by: Guy Freund <[email protected]> Co-authored-by: eli sharf <[email protected]> Co-authored-by: esharf <[email protected]> Co-authored-by: roysagi <[email protected]> Co-authored-by: nate-axonius <[email protected]> Co-authored-by: ChanochShayner <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: mjsaurbaugh <[email protected]> Co-authored-by: avidan-H <[email protected]> Co-authored-by: MosheGalitzky <[email protected]> Co-authored-by: Hod Alpert <[email protected]> Co-authored-by: hod-alpert <[email protected]> Co-authored-by: Timor Eizenman <[email protected]> Co-authored-by: Brad Chiappetta <[email protected]> Co-authored-by: Dan Sterenson <[email protected]> Co-authored-by: jschimC42 <[email protected]> Co-authored-by: Guy Keller <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: christian-recordedfuture <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: IPQualityScore <[email protected]> Co-authored-by: tomneeman151293 <[email protected]> Co-authored-by: erezh31 <[email protected]> Co-authored-by: eharush <[email protected]> Co-authored-by: Shirat Glazer <[email protected]> Co-authored-by: rsagi <[email protected]> Co-authored-by: Yaakov Praisler <[email protected]> Co-authored-by: Yarden Sade <[email protected]> Co-authored-by: Noy-Maimon <[email protected]> Co-authored-by: gal-berger <[email protected]> Co-authored-by: rhallick <[email protected]> Co-authored-by: reut shalem <[email protected]> Co-authored-by: ShahafBenYakir <[email protected]> Co-authored-by: mgalitzki <[email protected]> Co-authored-by: Itay Keren <[email protected]> Co-authored-by: Guy Lichtman <[email protected]> Co-authored-by: Alex Fiedler <[email protected]> Co-authored-by: Jasmine Beilin <[email protected]> Co-authored-by: Bar Katzir <[email protected]> Co-authored-by: Yana Orhov <[email protected]> Co-authored-by: Darya Koval <[email protected]> Co-authored-by: RiskSenseProduct <[email protected]> Co-authored-by: darkushin <[email protected]> Co-authored-by: Bar Hochman <[email protected]> Co-authored-by: soumenchakraborty-endace <[email protected]> Co-authored-by: Tal Lieber <[email protected]> Co-authored-by: ryantoddtq <[email protected]> Co-authored-by: Matt Chase <[email protected]> Co-authored-by: sgukal <[email protected]> Co-authored-by: Bar Chen <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: rshalem <[email protected]> Co-authored-by: ilappe <[email protected]> Co-authored-by: dorschw <[email protected]> Co-authored-by: Ayman Mahmoud <[email protected]> Co-authored-by: iyeshaya <[email protected]> Co-authored-by: Bmelamed <[email protected]> Co-authored-by: EvgeniyMeteliza <[email protected]> Co-authored-by: ikeren <[email protected]> Co-authored-by: Aviya Baumgarten <[email protected]> Co-authored-by: Andrew Shamah <[email protected]> Co-authored-by: tomer-pan <[email protected]> Co-authored-by: yguezpa <[email protected]> Co-authored-by: Lior Perry <[email protected]> Co-authored-by: altmannyarden <[email protected]> Co-authored-by: yehudaQ <[email protected]> Co-authored-by: Bryan Burns <[email protected]> Co-authored-by: David Baumstein <[email protected]> Co-authored-by: Asaf Shen <[email protected]> Co-authored-by: Masahiko Inoue <[email protected]> Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: yacut <[email protected]>
MosheEichler
added a commit
that referenced
this pull request
Jun 15, 2021
* The first commit of the V2 of carbon black * The second commit of the V2 of carbon black * Commit of the complete unit_test * add commands, test playbook, and descriptions * revert existing files that chanced * Some fixes after demisto-sdk lint run * Delete some files from the pr * Release notes and mypy fixes * Update the version from version 5.0.0 * Try to fix the issue of server 5 playbook not found * Add command_examples * Fixed RN * Added 3 playbooks * RN fix * Update from version in sub playbook * demisto-sdk formating the playbooks * added incident-field * change the folder-name from incident to Incident * Update release notes * fix the commit * Fix the policy in the test play book (cherry picked from commit d92c04a) * Remove Carbon Black from skipped_integrations in conf_json (cherry picked from commit 6797d92) * Remove Carbon Black from skipped_integrations in conf_json and update RN (cherry picked from commit f8aa1b6) * Update CarbonBlackDefenseV2_description.md Done. * Update CarbonBlackDefenseV2.yml Done. * Update Carbon_Black_Defense_Find_Events.yml Done. * Update Carbon_Black_Defense_Find_Processes.yml Done. * Update Carbon_Black_Defense_Find_Event_Details.yml Done. * Update 1_1_2.md Done. * Update Carbon_Black_Defense_Find_Event_Details.yml Done. * Some changes after code review and the changes from technical writers * Add mapper and fix the code review * update RN * update Docker Image * Layout * RN * Update RN * Update RN content * Integration README * Fix secrets * RN * Update RN * Update version in README file * Demo Fixes * test conf * Validate fixes * RN * RN * Test playbook * fix the test playbook * change the integration README Carbon Black Defense to Endpoint standard * fix the overwrite results in find events/process * fix the layout * report-id, tags incident-fields * RN * report_id incident-field * RN * RN * layout to Layout * feedback changes * Add incident type mappers classifiers * classifier 5_9_9 * Add classifier * CR * fixed the hash arg * conf json * update docker image * CommonTypes RN and more incident description * fix the alert category * fix the unit test * Update CarbonBlackEndpointStandard.yml done. * Change to GetIndicatorDBotScore (#12561) * Fix * added another UT and documentation * Update Packs/CommonScripts/Scripts/GetIndicatorDBotScore/README.md Co-authored-by: Shai Yaakovi <[email protected]> * Update 1_3_41.md Done. * Update README.md Done. * Update GetIndicatorDBotScore.yml Done. * change to 1.3.42 * change to 1.3.42 Co-authored-by: Shai Yaakovi <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * update README and contact email (#12453) (#12604) Co-authored-by: Brad Chiappetta <[email protected]> * Anomali threat stream tags data bug (#12076) * Bug fix, the integration was missing the following value in DEFAULT_INDICATOR_MAPPING 'tags': 'Tags'. * ThreatStream bug fix * Added indicator tags to context and human readable * update docker image * Fix yml * Added to README.md * Fix yml * Fix README.md * Fix README.md * Update Packs/Anomali_ThreatStream/Integrations/Anomali_ThreatStream_v2/README.md Co-authored-by: roysagi <[email protected]> * update release notes * Update 1_1_1.md * Added a comment explaining the tags conversion * Fixed comment Co-authored-by: roysagi <[email protected]> * Update README.md (#12405) (#12602) * Update README.md * Update README.md Co-authored-by: roysagi <[email protected]> Co-authored-by: jschimC42 <[email protected]> Co-authored-by: roysagi <[email protected]> * fixing handling of premium packs' pack metadata (#12605) Co-authored-by: guykeller <g12k34ppp> * GitHub - Add branch arg and SHA output to Github-list-files (#12567) * Recorded Future: Added two new fields to intelligence lookups for CVEs. (#12610) * Recorded Future: Added two new fields to intelligence lookups for CVEs. (#12445) * Added two new fields to intelligence lookups for CVEs. * Added release notes. * Update Packs/RecordedFuture/ReleaseNotes/1_1_1.md Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * docker image - bumped version Co-authored-by: christian-recordedfuture <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * IPQualityScore integration. (#12552) * IPQualityScore integration. (#12310) * IPQualityScore integration. * Update metadata. * Add Reputation. * Updates to correct various issues. * Fix use cases. * Update documentation to guide users on how to aquire a private key. * Tweak wording. * Add ceritification. * Update Packs/IPQualityScore/Integrations/IPQualityScore/IPQualityScore.py Co-authored-by: Dan Tavori <[email protected]> * Remove malicious. * fixed tpb Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * doc fixes Co-authored-by: IPQualityScore <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * delete parent and blocked hash * revert unit test * delete parent and blocked hash from test play book * fix the test-module * remove the unrelated files * add val.id to the command results * fix the test-module * revert the comment about the test * Fix the version of CommonTypes * fix the proxy error in the build * latest cr fixes * update README * demisto to xsoar * RN * Docker image * RN * fix RN * CR fixes * Update README.md Done. * README fixes and update from master * update docker image * update RN * fixing README * Create README.md Done. * README fixes Co-authored-by: rshalem <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Timor Eizenman <[email protected]> Co-authored-by: Shai Yaakovi <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: Brad Chiappetta <[email protected]> Co-authored-by: Dan Sterenson <[email protected]> Co-authored-by: roysagi <[email protected]> Co-authored-by: jschimC42 <[email protected]> Co-authored-by: Guy Keller <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: christian-recordedfuture <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: IPQualityScore <[email protected]>
avidan-H
pushed a commit
that referenced
this pull request
Jun 16, 2021
* The first commit of the V2 of carbon black * The second commit of the V2 of carbon black * Commit of the complete unit_test * add commands, test playbook, and descriptions * revert existing files that chanced * Some fixes after demisto-sdk lint run * Delete some files from the pr * Release notes and mypy fixes * Update the version from version 5.0.0 * Try to fix the issue of server 5 playbook not found * Add command_examples * Fixed RN * Added 3 playbooks * RN fix * Update from version in sub playbook * demisto-sdk formating the playbooks * added incident-field * change the folder-name from incident to Incident * Update release notes * fix the commit * Fix the policy in the test play book (cherry picked from commit d92c04a) * Remove Carbon Black from skipped_integrations in conf_json (cherry picked from commit 6797d92) * Remove Carbon Black from skipped_integrations in conf_json and update RN (cherry picked from commit f8aa1b6) * Update CarbonBlackDefenseV2_description.md Done. * Update CarbonBlackDefenseV2.yml Done. * Update Carbon_Black_Defense_Find_Events.yml Done. * Update Carbon_Black_Defense_Find_Processes.yml Done. * Update Carbon_Black_Defense_Find_Event_Details.yml Done. * Update 1_1_2.md Done. * Update Carbon_Black_Defense_Find_Event_Details.yml Done. * Some changes after code review and the changes from technical writers * Add mapper and fix the code review * update RN * update Docker Image * Layout * RN * Update RN * Update RN content * Integration README * Fix secrets * RN * Update RN * Update version in README file * Demo Fixes * test conf * Validate fixes * RN * RN * Test playbook * fix the test playbook * change the integration README Carbon Black Defense to Endpoint standard * fix the overwrite results in find events/process * fix the layout * report-id, tags incident-fields * RN * report_id incident-field * RN * RN * layout to Layout * feedback changes * Add incident type mappers classifiers * classifier 5_9_9 * Add classifier * CR * fixed the hash arg * conf json * update docker image * CommonTypes RN and more incident description * fix the alert category * fix the unit test * Update CarbonBlackEndpointStandard.yml done. * Change to GetIndicatorDBotScore (#12561) * Fix * added another UT and documentation * Update Packs/CommonScripts/Scripts/GetIndicatorDBotScore/README.md Co-authored-by: Shai Yaakovi <[email protected]> * Update 1_3_41.md Done. * Update README.md Done. * Update GetIndicatorDBotScore.yml Done. * change to 1.3.42 * change to 1.3.42 Co-authored-by: Shai Yaakovi <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * update README and contact email (#12453) (#12604) Co-authored-by: Brad Chiappetta <[email protected]> * Anomali threat stream tags data bug (#12076) * Bug fix, the integration was missing the following value in DEFAULT_INDICATOR_MAPPING 'tags': 'Tags'. * ThreatStream bug fix * Added indicator tags to context and human readable * update docker image * Fix yml * Added to README.md * Fix yml * Fix README.md * Fix README.md * Update Packs/Anomali_ThreatStream/Integrations/Anomali_ThreatStream_v2/README.md Co-authored-by: roysagi <[email protected]> * update release notes * Update 1_1_1.md * Added a comment explaining the tags conversion * Fixed comment Co-authored-by: roysagi <[email protected]> * Update README.md (#12405) (#12602) * Update README.md * Update README.md Co-authored-by: roysagi <[email protected]> Co-authored-by: jschimC42 <[email protected]> Co-authored-by: roysagi <[email protected]> * fixing handling of premium packs' pack metadata (#12605) Co-authored-by: guykeller <g12k34ppp> * GitHub - Add branch arg and SHA output to Github-list-files (#12567) * Recorded Future: Added two new fields to intelligence lookups for CVEs. (#12610) * Recorded Future: Added two new fields to intelligence lookups for CVEs. (#12445) * Added two new fields to intelligence lookups for CVEs. * Added release notes. * Update Packs/RecordedFuture/ReleaseNotes/1_1_1.md Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * docker image - bumped version Co-authored-by: christian-recordedfuture <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * IPQualityScore integration. (#12552) * IPQualityScore integration. (#12310) * IPQualityScore integration. * Update metadata. * Add Reputation. * Updates to correct various issues. * Fix use cases. * Update documentation to guide users on how to aquire a private key. * Tweak wording. * Add ceritification. * Update Packs/IPQualityScore/Integrations/IPQualityScore/IPQualityScore.py Co-authored-by: Dan Tavori <[email protected]> * Remove malicious. * fixed tpb Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * doc fixes Co-authored-by: IPQualityScore <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> * delete parent and blocked hash * revert unit test * delete parent and blocked hash from test play book * fix the test-module * remove the unrelated files * add val.id to the command results * fix the test-module * revert the comment about the test * Fix the version of CommonTypes * fix the proxy error in the build * latest cr fixes * update README * demisto to xsoar * RN * Docker image * RN * fix RN * CR fixes * Update README.md Done. * README fixes and update from master * update docker image * update RN * fixing README * Create README.md Done. * README fixes Co-authored-by: rshalem <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Timor Eizenman <[email protected]> Co-authored-by: Shai Yaakovi <[email protected]> Co-authored-by: content-bot <[email protected]> Co-authored-by: Brad Chiappetta <[email protected]> Co-authored-by: Dan Sterenson <[email protected]> Co-authored-by: roysagi <[email protected]> Co-authored-by: jschimC42 <[email protected]> Co-authored-by: Guy Keller <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: christian-recordedfuture <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: IPQualityScore <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Original External PR
external pull request
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
Description
Add IPQualityScore support to demisto to include support for IP, email and URL validations/verifications.
Screenshots
https://ipqualityscore.com/downloads/screenshots/photo_2021-04-01_13-58-06.jpg
https://ipqualityscore.com/downloads/screenshots/photo_2021-04-21_13-06-29.jpg
Minimum version of Demisto
Does it break backward compatibility?
Must have