Bump pyyaml from 3.12 to 5.4 in /Packs/Exchange2016_Compliance/Integrations/Exchange2016_Compliance/doc_files #87

* Created PrismaCloudCompute mapping * ParsingRule * RN * ParsingRule * Updated README * Updated README * Updated ModelingRules * Update Packs/PrismaCloudCompute/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/PrismaCloudCompute/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/PrismaCloudCompute/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/PrismaCloudCompute/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/PrismaCloudCompute/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Updated README * Updated README --------- Co-authored-by: ShirleyDenkberg <[email protected]>

* Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes

* PANOS-EXPANDR-5997 (demisto#30156) * init * RN * contributors * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * update RN --------- Co-authored-by: ShirleyDenkberg <[email protected]> * fix RN format --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: sapirshuker <[email protected]> Co-authored-by: sapir shuker <[email protected]>

…ybook (demisto#30226)

…emisto#30229)

* add $TEST_XDR_ENV * add $TEST_XDR_ENV * fix * fix * test with TEST_XDR_ENV = true * test with TEST_XDR_ENV = true * test with TEST_XDR_ENV = true * test with TEST_XDR_ENV = true * fixed * testing * Update .gitlab/ci/.gitlab-ci.on-push.yml * testing * Update .gitlab/ci/.gitlab-ci.on-push.yml * testing * testing * testing * testing * testing * fixed * Remove TEST_XDR_ENV: "true" * test for cr * test for cr * test with TEST_XDR_ENV: "true" * Remove TEST_XDR_ENV: "true"

* Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update

* Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSATEventCollector/KnowBe4KMSATEventCollector.yml Docker image update * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update

* Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update

* Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update

* Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update

* Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack Anomali_ThreatStream * Added release notes to pack Anomali_ThreatStream * Packs/Anomali_ThreatStream/Integrations/AnomaliThreatStreamv3/AnomaliThreatStreamv3.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Updated Metadata Of Pack FiltersAndTransformers * Added release notes to pack FiltersAndTransformers * Packs/FiltersAndTransformers/Scripts/Jmespath/Jmespath.yml Docker image update

* Updated Metadata Of Pack Cylance_Protect * Added release notes to pack Cylance_Protect * Packs/Cylance_Protect/Integrations/Cylance_Protect_v2/Cylance_Protect_v2.yml Docker image update * Updated Metadata Of Pack Zoom * Added release notes to pack Zoom * Packs/Zoom/Integrations/Zoom/Zoom.yml Docker image update * Packs/Zoom/Integrations/ZoomEventCollector/ZoomEventCollector.yml Docker image update * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Updated Metadata Of Pack AzureDataExplorer * Added release notes to pack AzureDataExplorer * Packs/AzureDataExplorer/Integrations/AzureDataExplorer/AzureDataExplorer.yml Docker image update * Updated Metadata Of Pack MicrosoftManagementActivity * Added release notes to pack MicrosoftManagementActivity * Packs/MicrosoftManagementActivity/Integrations/MicrosoftManagementActivity/MicrosoftManagementActivity.yml Docker image update * Updated Metadata Of Pack Box * Added release notes to pack Box * Packs/Box/Integrations/BoxEventsCollector/BoxEventsCollector.yml Docker image update * Packs/Box/Integrations/BoxV2/BoxV2.yml Docker image update * Updated Metadata Of Pack Troubleshoot * Added release notes to pack Troubleshoot * Packs/Troubleshoot/Scripts/CertificatesTroubleshoot/CertificatesTroubleshoot.yml Docker image update

* Updated Metadata Of Pack GSuiteAdmin * Added release notes to pack GSuiteAdmin * Packs/GSuiteAdmin/Integrations/GSuiteAdmin/GSuiteAdmin.yml Docker image update * Updated Metadata Of Pack GoogleChronicleBackstory * Added release notes to pack GoogleChronicleBackstory * Packs/GoogleChronicleBackstory/Integrations/GoogleChronicleBackstory/GoogleChronicleBackstory.yml Docker image update * Updated Metadata Of Pack GSuiteSecurityAlertCenter * Added release notes to pack GSuiteSecurityAlertCenter * Packs/GSuiteSecurityAlertCenter/Integrations/GSuiteSecurityAlertCenter/GSuiteSecurityAlertCenter.yml Docker image update * Updated Metadata Of Pack GoogleCalendar * Added release notes to pack GoogleCalendar * Packs/GoogleCalendar/Integrations/GoogleCalendar/GoogleCalendar.yml Docker image update

* Updated Metadata Of Pack Slack * Added release notes to pack Slack * Packs/Slack/Integrations/SlackV3/SlackV3.yml Docker image update

* Updated Metadata Of Pack MicrosoftDefenderAdvancedThreatProtection * Added release notes to pack MicrosoftDefenderAdvancedThreatProtection * Packs/MicrosoftDefenderAdvancedThreatProtection/Integrations/MicrosoftDefenderAdvancedThreatProtection/MicrosoftDefenderAdvancedThreatProtection.yml Docker image update

* Updated Metadata Of Pack GenericSQL * Added release notes to pack GenericSQL * Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.yml Docker image update

* Updated Metadata Of Pack MicrosoftGraphMail * Added release notes to pack MicrosoftGraphMail * Packs/MicrosoftGraphMail/Integrations/MicrosoftGraphMail/MicrosoftGraphMail.yml Docker image update * Updated Metadata Of Pack MicrosoftDefenderAdvancedThreatProtection * Added release notes to pack MicrosoftDefenderAdvancedThreatProtection * Packs/MicrosoftDefenderAdvancedThreatProtection/Integrations/MicrosoftDefenderAdvancedThreatProtection/MicrosoftDefenderAdvancedThreatProtection.yml Docker image update * Updated Metadata Of Pack AzureSecurityCenter * Added release notes to pack AzureSecurityCenter * Packs/AzureSecurityCenter/Integrations/AzureSecurityCenter_v2/AzureSecurityCenter_v2.yml Docker image update

* playbooks fix * RN * remove paths * add image

* Hotfix for calculate severity * RN * IsExists -> IsNotEmpty Simple -> Complex * format

…30171) * Additional argument for servicenow-generic-api-call command (demisto#30016) * added additional argument to generic api command to be able to send the request to a custom servicenow api, added changes from demisto-sdk validation * fixed pass through of custom api argument * added unit test with the new argument, adjustes argument descriptions of existing arguments for generic command * added new param to function docstring * renamed arg custom_api_root to custom_api and reverted description changes of other args * removed custom_api argument manipulation and added validation and returning an error instead, adjusted release notes * fixed typing in function definition --------- Co-authored-by: psybertool <[email protected]> Co-authored-by: okarkkatz <[email protected]> Co-authored-by: omerKarkKatz <[email protected]>

* fix gmail-list-labels command * Update 1_3_14.md

* Credentials rotation playbooks * update RN * review fix * review fix * review fix * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * review fix * review fix * review fix * update RN * Bump pack from version CommonPlaybooks to 2.4.11. * Bump pack from version CommonPlaybooks to 2.4.12. * review fix * review fix * review fix * review fix * review fix * Bump pack from version CommonPlaybooks to 2.4.13. --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Content Bot <[email protected]>

…'t presented in XSOAR 8.x. (demisto#30214) * Fixed a bug where the integration default classifier and mapper weren't presented in XSOAR 8.x * Update 1_1_8.md

* commit * add UT and RN * corrections * Fix DS108 and update Docker * correction comments

…30172)

* init * update * init * RN * bump * add conditon statements * update wording * Unescape JSON views * Unscape JSON continued * change inet address for pan-os-security-policy-match command * Apply suggestions from code review --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: bigeasyj <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]>

…isto#30298) Co-authored-by: pl-brault <[email protected]>

* Pcap file extract streams (demisto#30289) * Update .devcontainer.json name * Update .devcontainer.json name * Update .devcontainer.json name * Update .devcontainer.json name * fix * Added an entry_id parameter to the output. * Update RN * Added CONTRIBUTORS.json * Update RN / Fixed test cases * Fixed test cases * Update docker image * Update docker image * Fixed comments * Update RN --------- Co-authored-by: spearmin10 <[email protected]> * pre-commit fixes * doc review --------- Co-authored-by: Masahiko Inoue <[email protected]> Co-authored-by: spearmin10 <[email protected]> Co-authored-by: MosheEichler <[email protected]>

* Update CiscoSpark.yml (demisto#30184) * Update CiscoSpark.yml api.ciscospark.com has changed to webexapis.com - https://developer.webex.com/docs/basics * Update .gitlab-ci.on-push.yml * Revert .gitlab-ci.on-push.yml * Revert .gitlab-ci.on-push.yml --------- Co-authored-by: Moshe Eichler <[email protected]> * pack metedata updates * format yml file * RN * doc review * secrets --------- Co-authored-by: idev <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: MosheEichler <[email protected]>

* Fix query in the playbook * RN

demisto#30230) * Added additional *with_attachments* argument to command misp-search-a… (demisto#30114) * Added additional *with_attachments* argument to command misp-search-attributes * Added CONTRIBUTORS.json * Update Packs/MISP/Integrations/MISPV3/MISPV3.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/MISP/Integrations/MISPV3/MISPV3.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/MISP/Integrations/MISPV3/MISPV3.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/MISP/Integrations/MISPV3/MISPV3.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/MISP/Integrations/MISPV3/MISPV3.py Co-authored-by: Moshe Eichler <[email protected]> * Updated MISPV3.py formatting. Filename of zip equals to the input argument * Update Packs/MISP/Integrations/MISPV3/MISPV3.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/MISP/ReleaseNotes/2_1_34.md Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/MISP/Integrations/MISPV3/MISPV3.py Co-authored-by: Moshe Eichler <[email protected]> * Updated MISPV3.py * Updated release note and pack metadata * Update 2_1_35.md --------- Co-authored-by: Moshe Eichler <[email protected]> * pre-commit fixes * fix UT * docker * flake error * doc review fixes * doc review fixes --------- Co-authored-by: Martin Ohl <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: MosheEichler <[email protected]>

…#30313) * change needed params * update RN

* Updated Metadata Of Pack Phishing * Added release notes to pack Phishing * Packs/Phishing/Scripts/FindDuplicateEmailIncidents/FindDuplicateEmailIncidents.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]>

…sto#30293) * [Marketplace Contribution] VMRay Analyzer - Content Pack Update (demisto#28872) * "contribution update to pack "VMRay Analyzer"" * Fixed several issues / added docs * Update VMRay.yml Added Descriptions to command * Changed as requested * fix conflicts * conflict with docker image * Added documentation for commands * fix the readme * fix yml * format * fix validation --------- Co-authored-by: Konrad <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> Co-authored-by: Yehuda <[email protected]> * add a period * fix RN * Apply suggestions from Shirley Co-authored-by: ShirleyDenkberg <[email protected]> * flake 8 * docker * add outputs * adding pragma no cover' since the new functions are straightforward and don't need test * moving the no cover to the new functions instead main * flake 8 --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Konrad <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]>

* Updated Metadata Of Pack CommonScripts * Added release notes to pack CommonScripts * Packs/CommonScripts/Scripts/ParseEmailFilesV2/ParseEmailFilesV2.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]>

* Updated Metadata Of Pack CommonScripts * Added release notes to pack CommonScripts * Packs/CommonScripts/Scripts/ConvertFile/ConvertFile.yml Docker image update * update docker * Update RN * commit --------- Co-authored-by: israelpolishook <[email protected]>

* added formatSublists param * revert bad changes * no underscores * no underscores * negative for bakwards compatibility * added desc * change desc * update readme * format * added rn * variable, nbetter rn * snake case * added test * assert have underscore * no answer for risky is acceptable * format * Revert "format" This reverts commit d0a33c5. * Revert "Revert "format"" This reverts commit 8452418a6b1c0ec6b779a0c9353d05567615e505. * fix playbook * fix playbook * docker image * fixed time * fix mistake * fix pb * account not admin * switch to 1

* [Feedly] Initial Integration (demisto#29822) * [feedly] initial integration * [feedly] pr.review * [feedly] address pre commit checks * [feedly] fix image sizes * [feedly] pr.review * [feedly] pr.review * [feedly] pr.review * [feedly] update image * [feedly] increase coverage and fix typing * [feedly] fix relationships and test it * [feedly] fix indicators imit * [feedly] add TTP and threat tags * [feedly] order of params * [feedly] Add custom FeedlyReport for better visualization * [feedly] fixes * [feedly] fix feedyl report layout * [feedly] add to free feeds * [feedly] (layout) pr.review * [feedly] format layout file * [feedly] update image --------- Co-authored-by: Michael Yochpaz <[email protected]> * Bump Docker image --------- Co-authored-by: Mathieu Béligon <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]>

Co-authored-by: Content Bot <[email protected]>

* fix PytestUnhandledThreadExceptionWarning warning in UrlScan * PytestUnhandledThreadExceptionWarning version. * handle PytzUsageWarning. * UserWarning: DataFrame * handle PytestMockWarning * SettingWithCopyWarning * Handle PytestReturnNotNoneWarning * Handle GuessedAtParserWarning * Handle PytestUnraisableExceptionWarning * Handle InsecureRequestWarning. * Handle PytestUnknownMarkWarning * Handle PytestRemovedIn8Warning * Handling warnings. * trigger nightly * reduce warnings. * reduce warnings. * More warnings. * Add ignore warnings to pyproject.toml file * testing if commit nightly can run now * Fix wrong usage of ignore warning in pyproject. * yet again fix warnings. * Remove pytets changes from pyproject.toml * Trying to ignore using a pytest.ini in root of a pack. * Remove pytest.ini for specific pack. * ignore PytestUnraisableExceptionWarning * Ignore marshmallow and ignore unknown mark warnings. * Use exact path to PytestUnknownMarkWarning * Yet another method to try ignore PytestUnknownMarkWarning * resolve conflicts. * Versions and readme and versions update. * Remove "Note: Zero warnings effort." from RN. * Update to latest docker images. * revert wrong changes. * Fix failing unit tests. * making changes to catch linter validations * try to load Axonius src file in lint stage. * specify type for args. * Bump pack from version Phishing to 3.5.28. * import marshmallow and ignore marshmallow warning. * Break long lines. * Different ignore * Update docker images. * Bump pack from version CommonScripts to 1.12.37. * update forgotten docker images. * Fix RN validation errors. * yet another docker image. --------- Co-authored-by: Content Bot <[email protected]>

* add input * Update 2_0_20.md

…to#30329) * Update README.md Per CyberArk's request * modified pack metadata * added author image * update author image * decreased size of author image * added secret ignore * rm conflict patch * revert vectra ai readme * added rn added adoption readme preface --------- Co-authored-by: Melody Crosby <[email protected]> Co-authored-by: Kobbi Gal <[email protected]> Co-authored-by: kgal-pan <[email protected]>

* [partner collectors] - add support_level_header headers * bump rn * update supportlevelheader * update rn * fix * poetry lock * revert poetry * bump rn * update docker image * bump docker * trendmicro fixes

* Updated ModelingRules * Updated secrets * Updated yml * Update Packs/CyberArk_Privileged_Threat_Analytics/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CyberArk_Privileged_Threat_Analytics/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CyberArk_Privileged_Threat_Analytics/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Updated yml * Updated README * Updated Beta Note * Updated ModelingRules * Updated README --------- Co-authored-by: ShirleyDenkberg <[email protected]>

)

* fixed the parameter that send as a limit * update rn * update test playbook * Update Packs/CrowdStrikeFalcon/ReleaseNotes/1_11_7.md Co-authored-by: Shelly Tzohar <[email protected]> * fixing test playbook * adding sort incidents by the ids order; fix time field issue * rename rn * bump version * added unitest * fix rn * save unitest fix * save format * save unitest fix * update docker * use created timestamp * start_time * RN * Update Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.py Co-authored-by: yuvalbenshalom <[email protected]> * CR * typo * fixes * fixes * fixes * fixes * sort by created * fixes * fixes * simplify * back to offset * fix offset * remove sort * fixes * fix * fixes * updates * fix offset calc * fix * move calculate new offset * fix tests * fix * update limit * fixes --------- Co-authored-by: daryakoval <[email protected]> Co-authored-by: Darya Koval <[email protected]> Co-authored-by: Shelly Tzohar <[email protected]> Co-authored-by: yuvalbenshalom <[email protected]>

…to#30352) This reverts commit 8832678.

* Fix ruff error N804 * pre-commit

…Pack Update (demisto#30338) * "contribution update to pack "Microsoft Defender for Endpoint"" (demisto#30323) * revert * Update Packs/MicrosoftDefenderAdvancedThreatProtection/ReleaseNotes/1_16_15.md Co-authored-by: ShirleyDenkberg <[email protected]> * docker * RN * RN --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: MosheEichler <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]>

* ThreatZone Integration * Add Playbooks & Minor Fixes * Limit Check Added & Minor Fixes * Fix Problems & Update Integration Image * Fix Problems & Update Integration Image * Fix Playbook Dt Condition * Minor Fixed & Indicator/DBotScore * Temporary Disable CDR Sanitized File Return as File * Fix Package Name etc * Format & Verification Changes & Satisfy Requirements * Fix Release Notes & DBotScore Unknown to None * Remove Unused Exception Variable * Fix Too Much return_error Usage & Add Test * Implemented Improvements Based on Feedbacks * unit tests added * fix unit test sample path & comment unreachable code * fix flake8 errors * add more unit tests * fix flake8 error * minor fixes & playbook improvements * requested fixes * fix validation errors & requested changes * fix unittests * fix flake8 error * return submission decline error & minor fix * Add Scan Type as Prefix to Submission Context Path * Unit Test Scan Type Correction Co-authored-by: Veli Tekin <[email protected]>

…30111) * [Marketplace Contribution] Akamai WAF - Content Pack Update (demisto#29671) * "contribution update to pack "Akamai WAF"" * Update Akamai_WAF.py Added [0] to line entry_context.append(raw_response.get('siteShieldMaps')) human_readable.append(raw_response.get('siteShieldMaps')) * Update Akamai_WAF.py 1) Added additional validations when all "enrollment_path", "enrollment_id", "change_id" are all blank. 2) Added Dateparer for input dates * Update Akamai_WAF.yml Added output for both commands: akamai-get-cps-enrollment-deployment akamai-get-cps-change-status Added additional description for both arguments: enrollment_id change_id * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.py Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.yml Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.py Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/ReleaseNotes/2_0_8.md Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.py Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.py Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.py Co-authored-by: RotemAmit <[email protected]> * Update Akamai_WAF.yml Updated "akamai-update-cps-enrollment-schedule" command's Arguments to predefined value. * Update Akamai_WAF.yml Updated "akamai-update-cps-enrollment" commmand's Arguments. * Update Akamai_WAF.yml Updated command outputs descriptions and types. * Update Akamai_WAF.yml Updated Command Output descriptions and types * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.yml Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.yml Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.yml Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.yml Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.yml Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.yml Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.yml Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.py Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.py Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.py Co-authored-by: RotemAmit <[email protected]> * Update Packs/Akamai_WAF/Integrations/Akamai_WAF/Akamai_WAF.py Co-authored-by: RotemAmit <[email protected]> * updated the yml according to master --------- Co-authored-by: davistonehub <[email protected]> Co-authored-by: RotemAmit <[email protected]> * README.md * format of yml file and pre-commit * added test_get_cps_enrollment_deployment_command_production * pre-commit changes and first test updates * updated the dates, mypy updates and docker image update * fixed trailing whitespaces * updated the dates issue to be a function, more test * final tests * test_try_parsing_date * doc-review changes * readme and docker image update * fixed a test and release notes --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: davistonehub <[email protected]> Co-authored-by: RotemAmit <[email protected]> Co-authored-by: okarkkatz <[email protected]>

* added notes to the readme * update after doc review * update after doc review

* Updated README * Updated README * Updated ModelingRules * Updated ModelingRules * Updated MicrosoftWindowsEvents_1_3 * Updated MicrosoftWindowsEvents_1_3 * Updated MicrosoftWindowsEvents_1_3 * Updated ReleaseNotes * Updated ReleaseNotes * Updated MicrosoftWindowsEvents_1_3 * Updated README

* fixed the parameter that send as a limit * update rn * update test playbook * Update Packs/CrowdStrikeFalcon/ReleaseNotes/1_11_7.md Co-authored-by: Shelly Tzohar <[email protected]> * fixing test playbook * adding sort incidents by the ids order; fix time field issue * rename rn * bump version * added unitest * fix rn * save unitest fix * save format * save unitest fix * update docker * use created timestamp * start_time * RN * Update Packs/CrowdStrikeFalcon/Integrations/CrowdStrikeFalcon/CrowdStrikeFalcon.py Co-authored-by: yuvalbenshalom <[email protected]> * CR * typo * fixes * fixes * fixes * fixes * sort by created * fixes * fixes * simplify * back to offset * fix offset * remove sort * fixes * RN * RN * fixes * adding tests * update * fixes * fix * fix * fix * add test with offset * add freeze time --------- Co-authored-by: daryakoval <[email protected]> Co-authored-by: Darya Koval <[email protected]> Co-authored-by: Shelly Tzohar <[email protected]> Co-authored-by: yuvalbenshalom <[email protected]>

* Add list_target to f5-silverline-ip-object-delete * Add list_target argument logic * Update docker Image & release notes; format fixes * Update release notes * Add known_words * Update delete command to default to proxy * Fix typo in human readable * Update test_delete_ip_objects_command UT * Update docker image * Remove explicit None return * Fix release notes typo

* Updated Metadata Of Pack Base * Added release notes to pack Base * Packs/Base/Scripts/CommonServerPython/CommonServerPython.yml Docker image update * Bump pack from version Base to 1.32.39. * Bump pack from version Base to 1.32.40. --------- Co-authored-by: Content Bot <[email protected]>

…date (demisto#30357) * [Marketplace Contribution] Community Common Scripts - Content Pack Update (demisto#29645) * "contribution update to pack "Community Common Scripts"" * Update RetrievePlaybookDependencies.yml * Update RetrievePlaybookDependencies.py * Update RetrievePlaybookDependencies.yml * Update README.md * Update 1_2_0.md * Update RetrievePlaybookDependencies.py update d[...] to d.get(...) * Update RetrievePlaybookDependencies.py * Update RetrievePlaybookDependencies.yml update docker image version * Delete Packs/CommunityCommonScripts/Scripts/RetrievePlaybooksAndIntegrations directory * Revert "Delete Packs/CommunityCommonScripts/Scripts/RetrievePlaybooksAndIntegrations directory" This reverts commit 0c67b27. * deprecation * delete RN * final delete * add RN * specify commands output are only the brandless ones * RN * docker --------- Co-authored-by: Randy Baldwin <[email protected]> Co-authored-by: Yehuda <[email protected]> * shorten the lines --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Randy Baldwin <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]>

* Gatewatcher lis generic command (demisto#30095) * Add generic commands * Add generic commands * updat * add: unit tests for generic_reputation_command * add: commands for emails * add: unit tests for mail commands * add: LIS readme pack information --------- Co-authored-by: thibault <[email protected]> * fix validation error --------- Co-authored-by: Liolaeus <[email protected]> Co-authored-by: thibault <[email protected]> Co-authored-by: ilappe <[email protected]>

* First commit * Add demistomock.py to exclude in mypy * Revert mistake --------- Co-authored-by: Koby Meir <[email protected]>

* Update Group-IB TI APP PR from master branch (#29350) * test commit * remove bt link * Remove A in TI for yaml and md for indicator * back yaml to default * refactor yaml with cortex utils * refactor md and yaml for feed * remove bp/domain * replace git_leak with git_repository * Add new collection Fix issue with date for TI * remove changes outside the Packs * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json Co-authored-by: Mai Morag <[email protected]> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIB_TIA_Feed/test_data/example.json Co-authored-by: Mai Morag <[email protected]> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <[email protected]> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <[email protected]> * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/test_data/example.json Co-authored-by: Mai Morag <[email protected]> * update release notes * update logo * update logo * Revert "update release notes" This reverts commit fc93e44461b3085c156c42a96e3f5aaf8efbe0af. * revert microsocks * fix compromised account issue * adding RL * Update Packs/GroupIB_ThreatIntelligenceAttribution/Integrations/GroupIBTIA/GroupIBTIA.py Co-authored-by: Mai Morag <[email protected]> * create release notes v1_3_12 * add test for compromised/account_group * refactor changes in playbook * fixed validation errors * adding pragma no cover * refactor RN * add urllib exception * fixing validation errors * adding pragma no cover * format * fix lint test errors * revert sentinel * revert changes to azure sentinel * fixing cloud machine ids processing (#29777) * fixing cloud machine ids processing * not exiting the installation script if we fail to install a pack. report an error but continue with the test playbook upload (#29759) Co-authored-by: kobymeir <[email protected]> * Microsoft DNS Parsing Rule Drop (#29765) * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * [JoeSecurity] Pre-Commit (#29717) * [pre-commit ruff] Align the entire repo with ruff #2 (#29754) * [pre-commit ruff] Align the entire repo with ruff #2 * Add RN * Update the docker image * Don't checkout build files in pre-commit (#27900) * is file up to date pre-commit * Revert changes made by mistake --------- Co-authored-by: dorschw <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks (#29774) * Fixes for 'NGFW Scan' and 'WildFire Malware' XSIAM playbooks * RN * fixed RN and 'NGFW Scan playbook' * CiscoSMA- Added timeout parameter (#29372) * fix * add_tests * fix_test_description * fix_yml_add_readme * fixes - add timeout to the client * add timeout to yml * revert changes * Update CiscoSMA.py * Update CiscoSMA.py * CR review * add RN * fix CR review * update docker image * XSUP-27956/ Added EWS PS V3 Description (#29784) * updated the description * update rn * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md Co-authored-by: Dan Tavori <[email protected]> * test * test * removed import --------- Co-authored-by: Dan Tavori <[email protected]> * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase release notes * update pack metadata json * rephrase release notes v2 * fix minor typos and update docker image * Bump Docker version --------- Co-authored-by: Ariel Tobiana <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [ASM] - Expander - Update ASM fields (4821) (#29702) * [ASM] - Expander - Update ASM fields (4821) (#29506) * Add missing comments to grid fields - Update descriptions of fields as needed. * Add release notes * Add descriptions to two fields - asmdevcheckdetails - asmenrichmentstatus * Update release notes. * Grammar updates. * Update release notes * Add mandatory or optional in comments * Update comments with mandatory * Update pack version and release notes * Add correct 1_6_33 release notes * fix rn * fix rn --------- Co-authored-by: John <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> * Wildfire-upload-url add poling timeout argument (#29790) * save adding timeout param * new docker image * added rn * fix ruff * ruff made me to do this fixes :( not related to my changes * Update Packs/Palo_Alto_Networks_WildFire/ReleaseNotes/2_1_35.md * poetry files (#29793) Co-authored-by: Content Bot <[email protected]> * Dra-cvss-color-fix (#29757) * Fixed a small issue when indicator had no custom fields * RN * docker bump * RN * Update CVECVSSColor.py * docker bump * RN * fixing typos in build scripts. (#29788) unremovable -> non-removable productname -> product_name testplaybook -> test_playbook changed some arg passing to use their full name: -gpidd -gpidp Co-authored-by: kobymeir <[email protected]> * mapping to standard stix values (#29785) * mapping to standard stix values * updated release notes * update docker * breaking json * add dot * Add the nightly_ruff file for run pre-commit with --all flag (#29684) * Add the nightly_ruff file for run pre-commit with --all flag * Add more rules; Add the error name * Add E501 * Add F601, F842, TID252 * XSUP-27528 (#29705) * add_tests * add_tests * add RN, fix tests, format yml * Update Packs/CommonScripts/ReleaseNotes/1_12_24.md Co-authored-by: Arad Carmi <[email protected]> * fix readme * Bump pack from version CommonScripts to 1.12.25. --------- Co-authored-by: Arad Carmi <[email protected]> Co-authored-by: Content Bot <[email protected]> * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29802) * [Axonius Content Pack 1.2.0] Bumping Dockerfile (#29625) * bumped docker version for axonius api client * docker image * remove the - --------- Co-authored-by: Yehuda <[email protected]> * format --------- Co-authored-by: Bryce Pedroza <[email protected]> Co-authored-by: Yehuda <[email protected]> * Updated native:8.4 image; Add auth-utils support (#29792) Co-authored-by: GuyAfik <[email protected]> * Fixed sc_task closing state (#29636) * Fixed sc_task closing state * Added release notes * Updated docker image * small fix * bumped dokcer * fixed rn --------- Co-authored-by: Shahaf Ben Yakir <[email protected]> Co-authored-by: sbenyakir <[email protected]> * Private Compliance Packs (#29664) * XSUP-27936 problem with regex (#29613) * failed test * fix * rn * rn * unit test * ut * validations * fixed test and docker * fix * validation * Prisma Cloud V2 Add "usernames" Argument (#29710) * add username arg * support list * update UT * update README * docker update * update TPB * Fortinet fortigate enhancement (#29655) * Updated the readme for proofpoint fortigate. * Modified the modeling rule. * Modified the modeling rule and the schema file. * Updated the release note. * Update Packs/FortiGate/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Updated the modeling rule. * Added tags to the readme. * removed ftntfgtmastersrcmac and ftntfgtmasterdstmac from the mapping. * updated the modeling rule and the schema file. * updated the modeling rule * updated the modeling rule --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Add syslog example for War Room Actions (#29800) * Graph Security Update (#29797) * Updated MicrosoftGraphSecurity_schema * Updated ReleaseNotes * Updated ReleaseNotes * [Dataminr Pulse] Release 106 (#29805) * [Dataminr Pulse] Release 106 (#29693) * Changes related to release v1.0.6 * Changes related to release v1.0.6 * Fixing Release Note related issue --------- Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * Bump Docker version --------- Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [RecordedFuture] threat actor playbook update V2.5.1 (#29690) (#29807) * Update Threat actor search playbook. * Add release notes * Fix formatting * Change ExtractedIndicators to ExtractedIndicators\.File * Fix release notes --------- Co-authored-by: Yaroslav Nestor <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [JoeSecurity] show partial result in polling commands (#29715) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 (#29761) * updating build docker image to latest devdemisto/gitlab-content-ci:1.0.0.64455 * Private Upload Mode - ThreatExchange v2 (#28249) * ThreatExchange integration * ThreatExchange updates * Added param to instance configuration * pre-commit * updated RN * RN test * CR updates * Removed Threat_Crowd * Update Packs/ThreatExchange/ReleaseNotes/2_0_12.md Co-authored-by: ShirleyDenkberg <[email protected]> * docker * format * skip tests since theres no instance * no testing instance --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: Yehuda <[email protected]> * added plus 1 for each iteration in find destination (#29811) * added plus 1 for each iteration in find destination (#29760) * added plus 1 for each iteration in find destination * added release notes * Update Packs/Cisco-umbrella-cloud-security/ReleaseNotes/2_0_2.md Co-authored-by: ShirleyDenkberg <[email protected]> * updated docker image tag to latest * updated unit test for pagination functions * removed comments --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Update 2_0_2.md --------- Co-authored-by: LiorQM <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: RotemAmit <[email protected]> * Mde list indicator filter (#29640) * Mde list indicator filter (#29338) * init indicator filter * release notes * latest docker image * updated docker image * minor fixes * reslove conflicts * resolve version conflicts * silence linter * format * docker * Apply suggestions from Shirley Co-authored-by: ShirleyDenkberg <[email protected]> * add period * change phrase * adding "is_mockable": false * docker * try change test playbook * empty line * docker * return the mock * Revert "return the mock" This reverts commit da9baeff5cadddf2cd125fb073c266c867f465a5. --------- Co-authored-by: ckaadic <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Audit Logs Endpoints Scripts Aligments for Xsoar-8 (#29781) * test * fix core api * ExportAuditLogsToFile - add support for xsoar-8 * add ExportAuditLogsToFile UTs * add forward audit logs uts * update ut * validation fixes * mypy * bump rns * update docker * update docker image * fix ut * format * Bump pack from version CommonScripts to 1.12.25. * Bump pack from version CommonScripts to 1.12.26. * cr * cr fixes * update * fix uts --------- Co-authored-by: Content Bot <[email protected]> * Add command prisma-cloud-compute-get-file-integrity-events (#29608) * Add command prisma-cloud-compute-get-file-integrity-events (#29187) * Add command prisma-cloud-compute-get-file-integrity-events * Incorporate changes from review comments. Add documentation and unit test. * Add missing lines to YML file (add description of new command) * Update docker image * Incorporate changes from demo * Update docker image * fix validation * fix validation --------- Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> * Bump pack from version PrismaCloudCompute to 1.4.10. * [pre-commit ruff] Align the entire repo with ruff (#29603) * Fix falls of the ruff hook * pre-commit * Fix B003 ruff error * Fix ruff errors on Utils/update_playbook.py * remove code to trigger upload on dev branches (#29621) * [pre-commit pycln] Align the entire repo with pycln (#29611) * Fix falls of the pycln hook * pre-commit * Fix unit test * Add RN * Fix validate in GetDomainDNSDetails * fuff on GetDomainDNSDetails * ignore mypy error in test_content.py:350 * Fix falls of the autopep8 hook (#29638) * add marketplaces to metadata (#29629) * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <[email protected]> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Content Bot <[email protected]> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <[email protected]> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <[email protected]> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <[email protected]> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> * rename image --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * Remove unnecessary recommendations from extensions.json (#29605) * update extensions.json * Update devcontainer.json * Update recommendations list * Zscaler-FW-Logs (#29094) * Zscaler FW Logs Modeling Rules * Zscaler FW logs Modeling Rules * Updated README * Updated ZscalerModelingRule_1_3 * Changed cs5 field name to cat * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Updated README * Updated ModelingRules and Schema * Updated ModelingRules and schema * Updated ModelingRules * Updated ModelingRules --------- Co-authored-by: Eido Epstain <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * PANOS - EXPANDR-5744 (#29223) (#29686) * playbook updates * RN, Readme, screenshot * Apply suggestions from code review * update RN * bump ver * more descriptive task * bump ver --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Audit alert fields fix (#29685) * Add associated types to systemAssociatedTypes * Add associated types to systemAssociatedTypes * fix incident field structure * RN * Workday documentation fix (#29681) * readme * readme * rn * rn * [Marketplace Contribution] Active Directory Query - Content Pack Update (#28633) * [Marketplace Contribution] Active Directory Query - Content Pack Update (#27822) * "contribution update to pack "Active Directory Query"" * revert changes * rl * remove files * removed from rl * Update pack_metadata.json * Create 1_6_19.md * Update 1_6_18.md * Update 1_6_19.md * Delete 1_6_19.md * Update 1_6_18.md * Update pack_metadata.json * Update Active_Directory_Query.yml removed duplicate section and type * pass SERVER_IP as argument to test_credentials function * Create 1_7_0.md * Update pack_metadata.json * Update README.md with ad-test-credentials info * Update Active_Directory_Query.yml * removed duplicate `type: 8` from ntlm * removed duplicate types from integration settings * removed duplicate description from ad-enable-account * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * Update Active_Directory_Query.yml * removing not relevant release note * adding function * update fucntion * cr note * adding NTLM_AUTH option * Update Active_Directory_Query.py * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/Active_Directory_Query.py Co-authored-by: dorschw <[email protected]> * cr notes * update after merging from master * reverting a change in olr rl * added test_test_credentials unit test function * fix unit test * fixing unit tests * fix unit test * fixed lint errors * Update Active_Directory_Query_test.py * empty commit * fix yml and docker file * revert changes in send email manager * fix yml * fix * fix validation error * fixing in129 --------- Co-authored-by: maimorag <[email protected]> Co-authored-by: Randy Baldwin <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: dorschw <[email protected]> * cr notes * Bump pack from version Active_Directory_Query to 1.6.21. * fix yml changes * cr notes * lint fixes * fix test * docker update * Update Packs/Active_Directory_Query/Integrations/Active_Directory_Query/README.md Co-authored-by: dorschw <[email protected]> * fix delete required * Apply suggestions from code review * fix test * docker update * rl * empty commit * docker update * empty commit * empty commit * merge from master * empty commit check * revert changes * Delete Packs/cyberark_AIM/Integrations/CyberArkAIM_v2/integration-CyberArkAIM_v2.yml * docker downgrade * rl * trying new docker image * validate errors fix * revert docker version * [DS108] - Description must end with a period (".") - fix * empty commit check * empty commit check --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: maimorag <[email protected]> Co-authored-by: Randy Baldwin <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: dorschw <[email protected]> Co-authored-by: Content Bot <[email protected]> * Big query bug xsup 28132 (#29680) * bug fix * rn * rn * Apply suggestions from code review Co-authored-by: Dan Tavori <[email protected]> * format * pre commit --------- Co-authored-by: Dan Tavori <[email protected]> * New Prisma Cloud v2 commands (#29323) * resource list command * limit results * user roles list command * pre commit * users list command * edit remediation commands * UTs * update README * update RN * pre commit fixes * edit test playbook * CR changes * Demo changes - remediate 406 raises error new args for resource_list & user_roles * fix test * Apply suggestions from doc review Co-authored-by: ShirleyDenkberg <[email protected]> * fix test playbook * Tomer's changes --------- Co-authored-by: ShirleyDenkberg <[email protected]> * Prisma Cloud Update (#29666) * Updated ModelingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ModelingRules * Updated ModelingRules * Updated ModelingRules * Bump pack from version PrismaCloud to 4.2.4. --------- Co-authored-by: Content Bot <[email protected]> * Rapid7 appsec (#29134) (#29687) * Revert "Add space to conf" This reverts commit 3a74b931d31ae2b33e0e4570c7df7d06c668e9c8. * Updated the packs category to *Authentication & Identity Management* (part 2) (#24876) * Update Docker Image To demisto/fastapi (#24923) * Updated Metadata Of Pack CyberArkIdentity * Added release notes to pack CyberArkIdentity * Packs/CyberArkIdentity/Integrations/CyberArkIdentityEventCollector/CyberArkIdentityEventCollector.yml Docker image update * Update Docker Image To demisto/lxml (#24924) * Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update * Update Docker Image To demisto/crypto (#24922) * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update * Update Docker Image To demisto/python3 (#24921) * Updated Metadata Of Pack Cybereason * Added release notes to pack Cybereason * Packs/Cybereason/Integrations/Cybereason/Cybereason.yml Docker image update * Updated Metadata Of Pack DNSDB * Added release notes to pack DNSDB * Packs/DNSDB/Integrations/DNSDB_v2/DNSDB_v2.yml Docker image update * Updated Metadata Of Pack DeepInstinct * Added release notes to pack DeepInstinct * Packs/DeepInstinct/Integrations/DeepInstinct3x/DeepInstinct3x.yml Docker image update * Updated Metadata Of Pack FeedCyrenThreatInDepth * Added release notes to pack FeedCyrenThreatInDepth * Packs/FeedCyrenThreatInDepth/Integrations/CyrenThreatInDepth/CyrenThreatInDepth.yml Docker image update * Updated Metadata Of Pack IronDefense * Added release notes to pack IronDefense * Packs/IronDefense/Integrations/IronDefense/IronDefense.yml Docker image update * Updated Metadata Of Pack Qintel * Added release notes to pack Qintel * Packs/Qintel/Integrations/QintelPMI/QintelPMI.yml Docker image update * Packs/Qintel/Integrations/QintelQSentry/QintelQSentry.yml Docker image update * Packs/Qintel/Integrations/QintelQWatch/QintelQWatch.yml Docker image update * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Fixed mypy + validation --------- * NGINXApiModule: fix logging typo (#24878) * fix logging typo * bump dependent packs --------- * Downgrade docker to fix banner issue (#24905) * Downgrade docker to fix banner issue * Fix docs * Add UT to prevent Docker bump * Fix yml validation * Adding vulnerability commands * Fixing pagination page index * Updating PR comments and Scan commands * Updating ID in test data. * Updating integration * Updating integration * Updating fromversion * Updating linters * Updating linters * Updating git pre-commit * Updating docstring * Updating the handling of request when limit * Removing get_pagination_params * Updating integration * Updating git-pre commit * Updating integration * Updating integration * Updating unit test * Updating docker image * Updating integration * Updating README version. * Updating secrets * Updating integration * Updating integration * Updating integration * Updating docstrings * Updating doc-review comments. * Updating doc-review comments. * Updating description --------- Co-authored-by: ‪Ron Hadad‬‏ <[email protected]> Co-authored-by: TalGumi <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: sberman <[email protected]> Co-authored-by: Guy Lichtman <[email protected]> Co-authored-by: glicht <[email protected]> Co-authored-by: Andrew Shamah <[email protected]> * Panos add param (#29672) * added param job_polling_max_num_attempts * Added rn * Added missing param type Fixed unit tests * added to readme * fixed readme * Update Packs/PAN-OS/Integrations/Panorama/Panorama.yml Co-authored-by: Guy Afik <[email protected]> * fixed text and namings * Bump pack from version PAN-OS to 2.1.8. --------- Co-authored-by: Guy Afik <[email protected]> Co-authored-by: Content Bot <[email protected]> * Fix proxy usage (#85) (#29630) * Fix proxy usage (#85) (#29181) * Fix proxy usage (#85) * Fix proxy usage in ZF client * Fix variable USE_SSL to verify requests * Remove proxy object from client Given that the proxy works by default with env vars, the proxy object is not necessary * Update version and add release notes * Fix call to modified alerts (#86) * Fix call to modified alerts * Update docker image * Fix tests associated with get modified data * change rn * fix validation --------- Co-authored-by: Felipe Garrido <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> * Missing dependencies when installing packs (#28989) * search and install packs --------- Co-authored-by: kobymeir <[email protected]> * Deprecate Picus Community (#29573) * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Merge branch 'master' into github_workflow_partner # Conflicts: # Utils/github_workflow_scripts/utils.py * Picus NG display name * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update * Picus update --------- Co-authored-by: RotemAmit <[email protected]> * [ASM] - Expander - GCP Hierarchy field - 4376 (#29696) (#29704) * Add assethierarchy field to GCP ASM playbook * Add release notes * Update field json Co-authored-by: John <[email protected]> * fix merge * update rn * remove access code * fix conflicts * update docker * fix validation --------- Co-authored-by: Ali Sawyer <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: Yaakov Praisler <[email protected]> Co-authored-by: Chait A <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> Co-authored-by: michal-dagan <[email protected]> Co-authored-by: Yaroslav Nestor <[email protected]> Co-authored-by: Ido van Dijk <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: sberman <[email protected]> Co-authored-by: DinaMeylakh <[email protected]> Co-authored-by: ilaner <[email protected]> Co-authored-by: Yehonatan Asta <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: sapir shuker <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: samuelFain <[email protected]> Co-authored-by: nkanon <[email protected]> Co-authored-by: Eido Epstain <[email protected]> Co-authored-by: Tomer Haimof <[email protected]> Co-authored-by: EyalPintzov <[email protected]> Co-authored-by: maimorag <[email protected]> Co-authored-by: Randy Baldwin <[email protected]> Co-authored-by: dorschw <[email protected]> Co-authored-by: Adi Bamberger Edri <[email protected]> Co-authored-by: eepstain <[email protected]> Co-authored-by: ‪Ron Hadad‬‏ <[email protected]> Co-authored-by: TalGumi <[email protected]> Co-authored-by: Guy Lichtman <[email protected]> Co-authored-by: glicht <[email protected]> Co-authored-by: Andrew Shamah <[email protected]> Co-authored-by: Shahaf Ben Yakir <[email protected]> Co-authored-by: Guy Afik <[email protected]> Co-authored-by: Felipe Garrido <[email protected]> Co-authored-by: Koby Meir <[email protected]> Co-authored-by: kobymeir <[email protected]> Co-authored-by: Edi Katsenelson <[email protected]> Co-authored-by: RotemAmit <[email protected]> Co-authored-by: John <[email protected]> * [Marketplace Contribution] Okta - Content Pack Update (#29650) * [Marketplace Contribution] Okta - Content Pack Update (#29303) * "contribution update to pack "Okta"" * minor fixes * add outputs and readme * add outputs description * update docker * change outputs --------- Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> * Fixing AWS Project Number in ASM Cloud (#29593) (#29642) Co-authored-by: Chait A <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [MS Teams] support reset_graph_auth (#29644) * fixed * pre-commit * update * Recordedfuture threathunting v2.5.0 (#29641) * Recordedfuture threathunting v2.5.0 (#29025) * Add commands related to Automated Threat hunting recordedfuture-threat-map recordedfuture-threat-links recordedfuture-detection-rules * Add recordedfuture-collective-insight command. Change app version. * Update README.md. Add release notes * Add playbook. Add unittests * Add unittests * Fix test_collective_insight_command * Remove incorrect release note * Add documentation for threat actor search playbook * update Recorded Future Threat actor search playbook. add release note about new playbook. * Update release notes, fix formatting * Format yml files * Update Recorded future threat actor search playbook * Update docker image * Fix linter --------- Co-authored-by: Michael Yochpaz <[email protected]> * Minor README fixes --------- Co-authored-by: Yaroslav Nestor <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * [ASM] Expander 5777 (#29647) * [ASM] Expander 5777 (#29619) * first * RN * Bump pack from version CortexAttackSurfaceManagement to 1.6.36. --------- Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Content Bot <[email protected]> * XDR Malware Enrichment - hotfix for usernames (split) (#29585) * Updated playbook with hotfix where we split usernames from domains and append them to the username list of usernames for account enrichment * Added RN * remove irrelevant test * Updated RN * Bump pack from version CortexXDR to 5.1.6. * Update Packs/CortexXDR/ReleaseNotes/5_1_6.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * Update Docker Image To demisto/pyjwt3 (#29656) * Updated Metadata Of Pack Silverfort * Added release notes to pack Silverfort * Packs/Silverfort/Integrations/Silverfort/Silverfort.yml Docker image update * Update Docker Image To demisto/trustar (#29660) * Updated Metadata Of Pack TruSTAR * Added release notes to pack TruSTAR * Update Docker Image To demisto/keeper-ksm (#29661) * Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update * Update Docker Image To demisto/py3-tools (#29654) * Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * Update Docker Image To demisto/taxii-server (#29659) * Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * Update Docker Image To demisto/datadog-api-client (#29662) * Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * Add reliability parameter to cves and pipl integration (#28703) * commiting PrismaCloudCompute * release notes added * changed couldcompute, CVESearchV2, pipl * added pack metadata * fixed pipl readme * reverting changes in CVESearch since it was deprecated * removed redundant * committing pre commit changes * added known words * added known words * fixed lint error * changed according to review * updated docker version in PrismaCloudCompute * changed according to doc review * Added condition for not receiving new incidents in the test playbook * updating release notes * reverting fetch changes * fixed playbook * formatted playbook * new validation, new run * new validation, new run * Bump pack from version PrismaCloudCompute to 1.4.10. * update the docker image --------- Co-authored-by: Content Bot <[email protected]> * Proofpoint email security pack: update description (#29651) * update description * Updated the schema file. * Updated the schema file. --------- Co-authored-by: Yehonatan Asta <[email protected]> * Jira v2 deprecated (#29649) * Deprecate to jira v2 * update RN * update conf.json file * add task to the Create Jira Issue playbook that check if jira v3 is enable * add image.png of the playbook * update the playbook (yml, readme, image) and RN * Update Docker Image To demisto/python3 (#29652) * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack FeedThreatConnect * Added release notes to pack FeedThreatConnect * Packs/FeedThreatConnect/Integrations/FeedThreatConnect/FeedThreatConnect.yml Docker image update * Updated Metadata Of Pack BitSight * Added release notes to pack BitSight * Packs/BitSight/Integrations/BitSightForSecurityPerformanceManagement/BitSightForSecurityPerformanceManagement.yml Docker image update * Updated Metadata Of Pack AWS-ILM * Added release notes to pack AWS-ILM * Packs/AWS-ILM/Integrations/AWSILM/AWSILM.yml Docker image update * Updated Metadata Of Pack CiscoWSA * Added release notes to pack CiscoWSA * Packs/CiscoWSA/Integrations/CiscoWSAV2/CiscoWSAV2.yml Docker image update * Updated Metadata Of Pack SysAid * Added release notes to pack SysAid * Packs/SysAid/Integrations/SysAid/SysAid.yml Docker image update * Updated Metadata Of Pack ManageEngine_PAM360 * Added release notes to pack ManageEngine_PAM360 * Packs/ManageEngine_PAM360/Integrations/ManageEnginePAM360/ManageEnginePAM360.yml Docker image update * Updated Metadata Of Pack CiscoUmbrellaReporting * Added release notes to pack CiscoUmbrellaReporting * Packs/CiscoUmbrellaReporting/Integrations/CiscoUmbrellaReporting/CiscoUmbrellaReporting.yml Docker image update * Fix DS108 --------- Co-authored-by: sberman <[email protected]> * XSUP-27717/FortiSIEM (#29458) * add tests * add RN,fix,logs * Update 2_0_21.md * add period * add a name to incident * fixes CR * update docker image * delete logs * CR fixes * Update 2_0_21.md * Update FortiSIEMV2.py * reverting the Docker image (#29607) * reverting the Docker image * Update Packs/cyberark_AIM/ReleaseNotes/1_0_14.md --------- Co-authored-by: Dan Tavori <[email protected]> * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29663) * [Marketplace Contribution] Roksit DNS Security Integration - Sarp (#29314) * "pack contribution initial commit" * Update RoksitDNSSecurityIntegrationSarp.py * Update RoksitDNSSecurityIntegrationSarp.py * Yehuda's version * test module * readme * new logo * Update RoksitDNSSecurityIntegrationSarp.yml * Apply suggestions from code review * Update RoksitDNSSecurityIntegrationSarp_description.md * Update pack_metadata.json * Update README.md * Update pack_metadata.json * Update pack_metadata.json * Update Packs/RoksitDNSSecurityIntegration-Sarp/pack_metadata.json * fixes * change name * folder name * file names * version * rename sub folder * remove (DNSSense) from the integration name * rename folder * docker * replace image * fix image name --------- Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> * rename image --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> * add unstuck fetch stream command (#29646) * add unstuck fetch stream command * added RN * fixes * add note * cr fixes * fix conflicts * reverts * [pre-commit pycln] Align the entire repo with pycln #4 (#29665) * Fix pycln errors * Update the docker images * Run demisto-sdk pre-commit * update docker --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: ostolero <[email protected]> Co-authored-by: Chait A <[email protected]> Co-authored-by: johnnywilkes <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> Co-authored-by: michal-dagan <[email protected]> Co-authored-by: Yaroslav Nestor <[email protected]> Co-authored-by: Content Bot <[email protected]> Co-authored-by: Ido van Dijk <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: sberman <[email protected]> Co-authored-by: DinaMeylakh <[email protected]> Co-authored-by: ilaner <[email protected]> Co-authored-by: Yehonatan Asta <[email protected]> Co-authored-by: israelpoli <[email protected]> Co-authored-by: sapir shuker <[email protected]> Co-authored-by: Mai Morag <[email protected]> Co-authored-by: Dan Tavori <[email protected]> Co-authored-by: asimsarpkurt <[email protected]> Co-authored-by: Yehuda <[email protected]> Co-authored-by: Yehuda Rosenberg <[email protected]> Co-authored-by: Yuval Hayun <[email protected]> Co-authored-by: Menachem Weinfeld <[email protected]> * If-Elif Transformer (#27763) * IfElif init * minor changes * parse single strings not json * fixed regex * fixed json bug * removed context * created eval blacklist * added json KW to eval * Update bucket-upload.yml * added ast for parsing * use hash for context grab * added value arg * quick * added unit-tests * added README.md * added RN * added flags arg; use dt for context grabbing * fixed context grabbing * added regex support * finished readme * finished readme 2 * added variables arg * changed vars to upper * changed to class * prefixed variable bug * some tests * finished unit-tests * completed tests * finished docs * finished docs in yml * new design for 'value' * unit-tests complete * docs part 1 * docs complete * added if-elif TPB * fixed TPB * fixed mypy error * fixed mypy error * fixed injection issue; added + op * name changes * added injection test in TPB * CR changes * error for unknown variables * reformat 'from_context' func * resolve conflicts * demo changes * demo changes part 2 * bug fix * updated docker * added list_compare flag * added error catcher for comp funcs * readme update; textArea for conditions * resolve conflicts * resolve conflicts * updated docker * name changes * fixed unit-tests * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * added missing flag to readme * CR changes * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * name changes * added suppres_error behaviuor to docs * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * updated docker --------- Co-authored-by: ShirleyDenkberg <[email protected]> * revert removal of release notes generator (#29828) * revert * validations * rn * search_and_install_packs.py - less strict when installing packs during nightly. should be reverted in (#29806) Co-authored-by: kobymeir <[email protected]> * exit on error alignment.fixing echo message when exiting the uninstallation script. (#29821) * exit on error alignment. fixing echo message when exiting the uninstallation script. * installing specific poetry version (#29812) * installing specific poetry version - moving the logic to bootstrap * Cs falcon detections revert (#29833) * Revert "Cs falcon fetch limit issue (#29411)" This reverts commit f7b7d5c6 * Revert "Cs limit in idp detections (#29550)" This reverts commit 47738d56 * Added rn * Added rn * SQL Alchemy 2.x.x (#29436) * MySQL and Postgress works * MSSQL, My SQL and postgres works with bind_variables from the second form * resolve conflicts * fix CR's comments * pre commit * parsing the results * Add UT * same name and right docker * RN * sourcery * another docker image * revert docker image * Update Packs/GenericSQL/ReleaseNotes/1_0_25.md Co-authored-by: dorschw <[email protected]> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <[email protected]> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <[email protected]> * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <[email protected]> * fix variable name * constants * mapping instead of conditions * unskip Oracle TPB * resolve conflicts * resolve conflicts * Constants * Update Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.py Co-authored-by: dorschw <[email protected]> * CR fixes * Update Packs/GenericSQL/ReleaseNotes/1_1_0.md Co-authored-by: dorschw <[email protected]> * add commit after executing a query * fix UT * remove autocommit true from MSSQL * fix UT * autocommit for MSSQL, commit for the others * commit for the others DBs, since in MSSQL is automatically * docker image --------- Co-authored-by: dorschw <[email protected]> * Generic playbooks fixes (#29711) * fixes for generic playbooks * fixes for generic playbooks * fixes for generic playbooks * Use Case Builder Development stage Field update (#29771) (#29825) * pushing changes to the use case stage * adding release notes * Update pack_metadata.json * Rename 1_1_0.md to 1_0_4.md * Update 1_0_4.md * Update 1_0_4.md --------- Co-authored-by: Joe Cosgrove <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]> * Add mapper and disable auto extraction for ThinkstCanary (#29756) * Add Classification and Mapping to ThinkstCanary Integration * Duo Mapping Enrichment (#29139) * Updated DuoModelingRule_1_3 * Updated ModelingRules and ReleaseNotes * Updated ModelingRules and ReleaseNotes * Updated DuoModelingRule_1_3_schema and README * Rev DuoModelingRule_1_3 | add DuoModelingRule_2_0 * Updated .yml and ReleaseNotes * Updated DuoModelingRule_2_0 * Updated ReleaseNotes * Updated .yml with toversion: 8.3.0 * Updated DuoModelingRule_2_0_schema * Updated ModelingRules * Updated ReleaseNotes * Bump pack from version DuoAdminApi to 4.0.8. * Updated DuoModelingRule_1_3 * azure * Updated DuoModelingRule_2_0 * Updated DuoModelingRule_2_0 * Updated ParsingRules * Updated ReleaseNotes * Updated ReleaseNotes * Updated ReleaseNotes * Updated pack_metadata * Updated pack_metadata * Updated pack_metadata * Updated README * Updated README * Updated README * Updated ReleaseNotes * Updated ReleaseNotes * Updated DuoModelingRule_2_0 * Reverted MS packs * Reverted MS packs * Updated DuoModelingRule_1_3_schema * Updated ReleaseNotes * Update Packs/DuoAdminApi/ReleaseNotes/4_0_10.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: Content Bot <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> * [AWS System Manager] New Pack (#28992) * init - new pack * 2 commands * aws-ssm-inventory-entry-list * list_associations_command * remove boto stubs * remove boto stubs * improve * poetry * revert poetry * aws-ssm-association-list * aws-ssm-association-get * aws-ssm-association-get * aws-ssm-association-version-list * format * aws-ssm-document-list * ruff * ruff * ssmclient test * test * doc get * docs * Update pyproject.toml * Update poetry.lock * Update .pre-commit-config_template.yaml * regex * aws-ssm-tag-remove * improve * aws-ssm-automation-execution-list * pack * aws-ssm-command-list * aws-ssm-command-run aws-ssm-command-cancel * ruff * Apply suggestions from code review Co-authored-by: Jacob Levy <[email protected]> * Apply suggestions from code review Co-authored-by: Jacob Levy <[email protected]> * UT * UT * cr and docs * black * black and ruff * format * description * format description * pack metadata * fix ut * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * cr * cr * fix yml * add outputs * Update Packs/AWS_SystemManager/Integrations/AWSSystemManager/AWSSystemManager.py Co-authored-by: dorschw <[email protected]> * fix cr * run command and fix UT * automation run * fix output add playbook * docs * docs * docs * docs * ruff and black * fix demo * fix demo * update docker and fix line to long * Apply suggestions from code review (docs) Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: dorschw <[email protected]> * cr fix * update docker * fix line * Fix an issue * Fix an issue * Update playbook description * Update docker --------- Co-authored-by: Jacob Levy <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: dorschw <[email protected]> * Fix splunk search in incident context (#29763) * fixes * fixes * fixes * update docker * added rn * add bc rn * Empty-Commit * Test For 'WildFire Malware' Playbook (#29404) * Test For 'WildFire Malware' Playbook * PR * RN * added the "is_mockable" config to the conf file * removed the "is_mockable" config to the conf file * Bump pack from version Core to 2.0.14. * Bump pack from version Core to 2.0.15. * Increased timeout configs * Added VirusTotal to the conf file * added virustotal instance name * changed the 'AutoContainment' playbook input config to 'true' * changed 'timeout' * changed 'timeout' * changed 'timeout' to 1600 * changed the 'ShouldCloseAutomatically' playbook input to 'false' * added the test playbook name to the playbook YML file * RN * removed the close note alert field verification * added the 'marketplacev2' to the test playbook YML file * added the '000001e7a228b2a7abdf7f7e404bc8522df32b725e86907dde32176bccbbbb27' malicious file hash to secrets ignore file. the file hash is used within the test playbook for enrichment and test purposes. --------- Co-authored-by: Content Bot <[email protected]> * update docker image (#29845) * added functionallity to download index by marketplace (#29834) * added functionallity to download index by marketplace * added some logs for validation * commit * removed logs * [pre-commit MyPy] Align the entire repo with MyPy #2 (#29799) * [pre-commit MyPy] Align the entire repo with MyPy #2 * Add RN * Revert changes in 1.12.26 RN * Update the docker images * [pre-commit MyPy] Align the entire repo with MyPy #1 (#29798) * [pre-commit MyPy] Align the entire repo with MyPy #1 * Xsup 27738 DBotFindSimilarIncidents NoneType Error (#29701) * failed ut * fix * rn * pre-commit * pre commit * just the fix * fix description in yml * fix * docker * Update Packs/Base/ReleaseNotes/1_32_34.md Co-authored-by: Dan Tavori <[email protected]> * test * test * removed import --------- Co-authored-by: Dan Tavori <[email protected]> * Wiz v1 2 11 (#29719) * Wiz v1 2 11 (#29688) * remove redundant parenthesis * ../Packs/Wiz/Integrations/Wiz/Wiz.py * add Wiz user agent * rephrase re…

* Working changes. * Introducing instance cache. * - Instance cache work - Unit tests - New commands * - Fix unit tests - Document changes * Logging improvements * Pre-commit findings. * pre-commit readme changes * Removed unwanted test. * Fix for failing tests. * Local pre-commit changes * Review comments. * Bug fix, improvement in query performance, and documentation. * Updating version number in the header. * Bug fix and additional review comments. * pre-commit - upgrading docker image version * Pre-committ recommendation and review comments. - Changed the image version in the Release notes - Changed the version number to use the get_pack_version function instead. * Review comments * Review comments. * Removing the use of get_pack_version() as it is not working in testing. * Cleanup cache stale entries * Changed Docker image tag to latest. * Clear cache only if fetch_unique_incidents is enabled. * - Readme changes to make it similar to the last version and also include commands in the correct format - updated Traceable_description.md - parameterized `pack_version` in Traceable.py - Added `additionalinfo` to a couple of parameters in Traceable.yaml * Pre-commit changes. Co-authored-by: Mayuresh Kshirsagar <[email protected]>

* added-test-xdr-prefix-tests * pre-commit * fixed validation

…30370) * Changes related to Securonix release 2.0.13 * Update Packs/Securonix/ReleaseNotes/2_0_13.md * Update Packs/Securonix/ReleaseNotes/2_0_13.md * Update 2_0_13.md --------- Co-authored-by: scnx-knathani <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]>

* Added alert fields, RDP brute-force playbooks, XDR layout * formatted fields, layout and playbooks * Regenerated RDP Brute Force playbook README * Updated playbook images * Release notes and versions * Changed reason fields to be unsearchable due to performance implications * Validation fixes * Update Packs/Core/Playbooks/playbook-Possible_External_RDP_Brute-Force.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Core/Playbooks/playbook-Possible_External_RDP_Brute-Force.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Bump pack from version Core to 2.1.0. * Bump pack from version Core to 2.1.0. * Bump pack from version Core to 2.1.0. --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Content Bot <[email protected]>

* Process email generic v2 (demisto#30159) * Allow rasterization of plain-text mails * update relase notes * apply format for release notes * Remove Period in yml file --------- Co-authored-by: Moshe Eichler <[email protected]> * revert to master * RN * Update Packs/Phishing/ReleaseNotes/3_5_29.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: rundssoar <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: MosheEichler <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]>

* packs/reco: change path of url (demisto#30204) * packs/reco: change path of url Change alerts path Signed-off-by: Gal Nakash <[email protected]> * Update Packs/Reco/ReleaseNotes/1_1_7.md Co-authored-by: sapir shuker <[email protected]> --------- Signed-off-by: Gal Nakash <[email protected]> Co-authored-by: sapir shuker <[email protected]> * update docker image and period issue --------- Signed-off-by: Gal Nakash <[email protected]> Co-authored-by: GalNakash-RecoLabs <[email protected]> Co-authored-by: sapir shuker <[email protected]> Co-authored-by: sapirshuker <[email protected]>

* Add multiple new commands and arguments * Add multiple new commands and arguments * Release Notes * fix command output * documentation and test updates * test files * remove case_id_list * unit test fixes * validation errors * validation errors retry * reliability * build failures * API error * required integration param * PR feedback * Apply suggestions from code review * Apply suggestions from code review * update subject name * PR feedback * readme formatting * docker version --------- Co-authored-by: Andrew Scott <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Sapir Shuker <[email protected]>

…demisto#30176)

* test file type variable * test * removed test

* dont clean packs from xsoar_saas * remove repeated code * create_dependencies as well * Removed from the dependency

…PI of ArcSight. (demisto#30365) * support the new detect-api for add-entries command * Added support to use the new detect api * add Collect/Connect sections * formatted yml * fix review notes

* added new workflow * added checkout step * test * final changes * Update .github/workflows/clean_stale_branches.yml Co-authored-by: Shahaf Ben Yakir <[email protected]> * test * wet run * wet run * last changes * Update .github/workflows/clean_stale_branches.yml Co-authored-by: Shahaf Ben Yakir <[email protected]> --------- Co-authored-by: Shahaf Ben Yakir <[email protected]>

* Updated Metadata Of Pack rasterize * Added release notes to pack rasterize * Packs/rasterize/Integrations/rasterize/rasterize.yml Docker image update * Updated Metadata Of Pack ExpanseV2 * Added release notes to pack ExpanseV2 * Packs/ExpanseV2/Scripts/ExpanseGenerateIssueMapWidgetScript/ExpanseGenerateIssueMapWidgetScript.yml Docker image update * fix TPB * Apply suggestions from code review --------- Co-authored-by: israelpolishook <[email protected]> Co-authored-by: israelpoli <[email protected]>

… missing (demisto#30328) * Fixed an issue with redcanary-get-detection when affected_endpoint attribute is missing * rn

…emisto#30372) * ReadMe and PNG * Add ASM ServiceNow ITSM Enrichment playbook - Fix format of ASM Enrichment playbook - Add SN ITSM Enrichment to main Enrichment playbook * Add release notes * Update release notes * Update README, formatting, pack ignore * Validation fix * Change fromversion * Add integration enabled check * Fix formatting * Doc revisions Co-authored-by: John <[email protected]>

Adding junit output support for test-content command demisto#29906

gitlab CI build parameters demisto#30392

fix merge to master pipeline demisto#30396

…sto#30397) fix SDK nightly build on destroy instance & Content Merge build demisto#30397

* implemented fetch-events * add tests * fix tests * change to empty list upon error

…0398) * Slack notify on merge fixes, test-upload-flow fix job-done * removing jira server url as it's different per environment. * fixing contrib rule

hotfix contrib branches demisto#30458

* fixing contrib rule for docker builds

* fixed rules * fixed rules * fixed rules

* Add potential fix * Add AttributeError handling * format * Update release notes * ruff fixes * Add UT * Fix typo * Add UT * Update Packs/MicrosoftExchangeOnPremise/Integrations/EWSv2/EWSv2.py Co-authored-by: Jasmine Beilin <[email protected]> --------- Co-authored-by: Jasmine Beilin <[email protected]>

* Updated Metadata Of Pack CyCognito * Added release notes to pack CyCognito * Packs/CyCognito/Integrations/CyCognito/CyCognito.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

* Updated Metadata Of Pack SMIME_Messaging * Added release notes to pack SMIME_Messaging * Packs/SMIME_Messaging/Integrations/SMIME_Messaging/SMIME_Messaging.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

* Updated Metadata Of Pack DatadogCloudSIEM * Added release notes to pack DatadogCloudSIEM * Packs/DatadogCloudSIEM/Integrations/DatadogCloudSIEM/DatadogCloudSIEM.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

* Updated Metadata Of Pack Devo * Added release notes to pack Devo * Packs/Devo/Integrations/Devo_v2/Devo_v2.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

fixing instance_role.txt not written to artifacts folder demisto#30463

* Updated Metadata Of Pack RubrikPolaris * Added release notes to pack RubrikPolaris * Packs/RubrikPolaris/Integrations/RubrikPolaris/RubrikPolaris.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

* Updated Metadata Of Pack OctoxLabs * Added release notes to pack OctoxLabs * Packs/OctoxLabs/Integrations/OctoxLabs/OctoxLabs.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

* Updated Metadata Of Pack Illumio * Added release notes to pack Illumio * Packs/Illumio/Integrations/IllumioCore/IllumioCore.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

* Updated Metadata Of Pack BreachRx * Added release notes to pack BreachRx * Packs/BreachRx/Integrations/BreachRx/BreachRx.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

* Updated Metadata Of Pack Netmiko * Added release notes to pack Netmiko * Packs/Netmiko/Integrations/Netmiko/Netmiko.yml Docker image update * Updated Metadata Of Pack RemoteAccess * Added release notes to pack RemoteAccess * Packs/RemoteAccess/Integrations/RemoteAccessv2/RemoteAccessv2.yml Docker image update --------- Co-authored-by: israelpolishook <[email protected]>

* Updated Metadata Of Pack GLPI * Added release notes to pack GLPI * Packs/GLPI/Integrations/GLPI/GLPI.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

* Updated Metadata Of Pack ContentManagement * Added release notes to pack ContentManagement * Packs/ContentManagement/Scripts/GetIdsFromCustomContent/GetIdsFromCustomContent.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: israelpolishook <[email protected]>

* Updated Metadata Of Pack KeeperSecretsManager * Added release notes to pack KeeperSecretsManager * Packs/KeeperSecretsManager/Integrations/KeeperSecretsManager/KeeperSecretsManager.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

* Updated Metadata Of Pack Workday * Added release notes to pack Workday * Packs/Workday/Integrations/WorkdaySignonEventGenerator/WorkdaySignonEventGenerator.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

) * Update uptycs logo and update get alerts command * update release notes * update yml file as per guidelines * update image * update release notes --------- Co-authored-by: Chandrasekhar Gadde <[email protected]> Co-authored-by: Israel Lappe <[email protected]>

* Updated Metadata Of Pack VMwareWorkspaceONEUEM * Added release notes to pack VMwareWorkspaceONEUEM * Packs/VMwareWorkspaceONEUEM/Integrations/VMwareWorkspaceONEUEM/VMwareWorkspaceONEUEM.yml Docker image update * Updated Metadata Of Pack SalesforceFusion * Added release notes to pack SalesforceFusion * Packs/SalesforceFusion/Integrations/SalesforceFusionIAM/SalesforceFusionIAM.yml Docker image update * Updated Metadata Of Pack ZeroFox * Added release notes to pack ZeroFox * Packs/ZeroFox/Integrations/ZeroFox/ZeroFox.yml Docker image update * Updated Metadata Of Pack AppNovi * Added release notes to pack AppNovi * Packs/AppNovi/Integrations/appNovi/appNovi.yml Docker image update * Updated Metadata Of Pack FireMonSecurityManager * Added release notes to pack FireMonSecurityManager * Packs/FireMonSecurityManager/Integrations/FireMonSecurityManager/FireMonSecurityManager.yml Docker image update * Updated Metadata Of Pack AHA * Added release notes to pack AHA * Packs/AHA/Integrations/AHA/AHA.yml Docker image update * Updated Metadata Of Pack Unit42Intel * Added release notes to pack Unit42Intel * Packs/Unit42Intel/Integrations/FeedUnit42IntelObjects/FeedUnit42IntelObjects.yml Docker image update * Updated Metadata Of Pack AzureStorageFileShare * Added release notes to pack AzureStorageFileShare * Packs/AzureStorageFileShare/Integrations/AzureStorageFileShare/AzureStorageFileShare.yml Docker image update * Updated Metadata Of Pack CiscoSMA * Added release notes to pack CiscoSMA * Packs/CiscoSMA/Integrations/CiscoSMA/CiscoSMA.yml Docker image update * Updated Metadata Of Pack AMP * Added release notes to pack AMP * Packs/AMP/Integrations/AMPv2/AMPv2.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpolishook <[email protected]>

… to time out (demisto#30362) * Fix ANSI escape character issue

…#30220) * update descriptions * dockerimage

* Updated Metadata Of Pack PhishingURL * Added release notes to pack PhishingURL * Packs/PhishingURL/Scripts/DBotPredictURLPhishing/DBotPredictURLPhishing.yml Docker image update * fix DS108 --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: israelpolishook <[email protected]>

* Updated Metadata Of Pack CloudIncidentResponse * Added release notes to pack CloudIncidentResponse * Packs/CloudIncidentResponse/Scripts/ExtractIndicatorsCloudLogging/ExtractIndicatorsCloudLogging.yml Docker image update * fix DS108 --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: israelpolishook <[email protected]>

* Updated Metadata Of Pack Oletools * Added release notes to pack Oletools * Packs/Oletools/Scripts/OletoolsScript/OletoolsScript.yml Docker image update * Fix DS108 --------- Co-authored-by: israelpoli <[email protected]> Co-authored-by: israelpolishook <[email protected]>

* Updated Metadata Of Pack HashiCorp-Vault * Added release notes to pack HashiCorp-Vault * Packs/HashiCorp-Vault/Integrations/HashiCorpVault/HashiCorpVault.yml Docker image update * Updated Metadata Of Pack DuoAdminApi * Added release notes to pack DuoAdminApi * Packs/DuoAdminApi/Integrations/DuoEventCollector/DuoEventCollector.yml Docker image update * Packs/DuoAdminApi/Integrations/DuoAdminApi/DuoAdminApi.yml Docker image update * Updated Metadata Of Pack TeamCymru * Added release notes to pack TeamCymru * Packs/TeamCymru/Integrations/TeamCymru/TeamCymru.yml Docker image update * Updated Metadata Of Pack Kafka * Added release notes to pack Kafka * Packs/Kafka/Integrations/KafkaV3/KafkaV3.yml Docker image update * fix DS108 --------- Co-authored-by: israelpolishook <[email protected]>

* Updated Metadata Of Pack MicrosoftGraphApplications * Added release notes to pack MicrosoftGraphApplications * Packs/MicrosoftGraphApplications/Integrations/MicrosoftGraphApplications/MicrosoftGraphApplications.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphIdentityandAccess * Added release notes to pack MicrosoftGraphIdentityandAccess * Packs/MicrosoftGraphIdentityandAccess/Integrations/MicrosoftGraphIdentityandAccess/MicrosoftGraphIdentityandAccess.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

* Updated Metadata Of Pack GoogleCloudSCC * Added release notes to pack GoogleCloudSCC * Packs/GoogleCloudSCC/Integrations/GoogleCloudSCC/GoogleCloudSCC.yml Docker image update * Updated Metadata Of Pack GoogleCloudLogging * Added release notes to pack GoogleCloudLogging * Packs/GoogleCloudLogging/Integrations/GoogleCloudLogging/GoogleCloudLogging.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

* Updated Metadata Of Pack GreyNoise * Added release notes to pack GreyNoise * Packs/GreyNoise/Integrations/GreyNoise_Community/GreyNoise_Community.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

* Updated Metadata Of Pack CybleThreatIntel * Added release notes to pack CybleThreatIntel * Packs/CybleThreatIntel/Integrations/CybleThreatIntel/CybleThreatIntel.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

* Updated Metadata Of Pack TaniumThreatResponse * Added release notes to pack TaniumThreatResponse * Packs/TaniumThreatResponse/Integrations/TaniumThreatResponseV2/TaniumThreatResponseV2.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

…date (demisto#30391) * [Marketplace Contribution] Recorded Future Identity - Content Pack Update (demisto#30246) * "contribution update to pack "Recorded Future Identity"" * Update Packs/IdentityRecordedFuture/ReleaseNotes/1_2_0.md Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/IdentityRecordedFuture/Integrations/IdentityRecordedFuture/IdentityRecordedFuture.yml Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/IdentityRecordedFuture/Integrations/IdentityRecordedFuture/IdentityRecordedFuture.py Add credential backwards compatibility. Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/IdentityRecordedFuture/Integrations/IdentityRecordedFuture/IdentityRecordedFuture.yml Add credential backwards compatibility. Co-authored-by: Moshe Eichler <[email protected]> * Added credential backwards compatibility * Update IdentityRecordedFuture.yml Require credential parameter to be mandatory to ensure there is an API token before saving the instance. * Changed parameter name from 'token' to 'credential' * Uses new 'credential' parameter for api token * Update Packs/IdentityRecordedFuture/Integrations/IdentityRecordedFuture/IdentityRecordedFuture.yml Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/IdentityRecordedFuture/Integrations/IdentityRecordedFuture/IdentityRecordedFuture.yml Co-authored-by: Moshe Eichler <[email protected]> * Fixed formatting and updated docker image * Updated docker image --------- Co-authored-by: Nicole Casartelli <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> * Adding junit output support for test-content command (demisto#29906) Adding junit output support for test-content command demisto#29906 * gitlab CI build parameters (demisto#30392) gitlab CI build parameters demisto#30392 * fix merge to master pipeline (demisto#30396) fix merge to master pipeline demisto#30396 * fix SDK nightly build on destroy instance & Content Merge build (demisto#30397) fix SDK nightly build on destroy instance & Content Merge build demisto#30397 * RegexGroups - Empty Results on Error (demisto#30386) * implemented fetch-events * add tests * fix tests * change to empty list upon error * revert * fixes --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Nicole Casartelli <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: Koby Meir <[email protected]> Co-authored-by: Dean Arbel <[email protected]> Co-authored-by: MosheEichler <[email protected]>

…demisto#30473) fixing jira search for issues to perform less API calls on the server demisto#30473

fixing jira convert to tickets, wrong path. demisto#30483

* New playbook and trigger for data exfiltration * Added marketplacev2 to the XSIAM playbook and from version * Added image and readme * Added the XSOAR playbook * Added the XSOAR playbook readme and image * Added the XSOAR playbook readme and image * renamed image XSIAM playbook image * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Added playbook inputs * Updated readme * release notes * Update Packs/CloudIncidentResponse/Playbooks/playbook-Cortex_XDR_-_Cloud_Data_Exfiltration_Response.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/CloudIncidentResponse/Playbooks/playbook-Cortex_XDR_-_Cloud_Data_Exfiltration_Response.yml Co-authored-by: ShirleyDenkberg <[email protected]> * change value of subplaybook skipunavailable to true * Added validation errors to pack ignore * Added data exfiltration playbook to the alert handling playbook * Added data exfiltration playbook to the alert handling playbook * Changed condition names due to a bug * removed pack ignore * Fixed s big in the persistence playbook * releasenotes * Fixing errors * Fixing errors * Bump pack from version CloudIncidentResponse to 1.0.6. * Fixing issues after review * Fixing issues after review * Fixing issues after review * Fixing issues after review --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Content Bot <[email protected]>

* add empty option * update RN * Update Packs/CommonTypes/ReleaseNotes/3_3_88.md Co-authored-by: yuvalbenshalom <[email protected]> --------- Co-authored-by: yuvalbenshalom <[email protected]>

* Updated Metadata Of Pack OPNSense * Added release notes to pack OPNSense * Packs/OPNSense/Integrations/OPNSense/OPNSense.yml Docker image update

* Updated Metadata Of Pack Armorblox * Added release notes to pack Armorblox * Packs/Armorblox/Integrations/Armorblox/Armorblox.yml Docker image update

* Added regex to catch the Jira DC issues * wip * wip * WIP * wip * testing * testing * removed debug print * test fix * fix test

msgraphSecurity fix typo demisto#30482

* added bot name without space * fixed echo cat

* init-commit * enrich-modeling-rules * add-appwall-parsing-rule * add-appwall-modeling-rules * migrate-to-radware-generic-pack * refactor-modeling-rules * refactor-modeling-rules * update-release-notes * update-known-words * update-README.md * refactor-modeling-rules * refactor-parsing-rules * exclude-docs-url-from-secrets * refactor-modeling-rules * README.md add escape character * exclude-docs-url-from-secrets * README.MD fix typo * Update Packs/RadwareCloudServices/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/RadwareCloudServices/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/RadwareCloudServices/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/RadwareCloudServices/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/RadwareCloudServices/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/RadwareCloudServices/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/RadwareCloudServices/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/RadwareCloudServices/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * waap-minor-fix-README --------- Co-authored-by: ShirleyDenkberg <[email protected]>

* Making the documents look better * pre-commit changes. * store * Changing the api to use the new pack version Co-authored-by: Mayuresh Kshirsagar <[email protected]>

…to#30486) fixing jira convert to tickets, wrong path to artifacts folder demisto#30486

…#30485) * [Marketplace Contribution] Netskope v2 - Content Pack Update (demisto#30476) * "contribution update to pack "Netskope v2"" * Added 'hidden: true' to encrypted parameter * Added periods to match formatting requirements * Update Packs/NetskopeV2/Integrations/NetskopeV2/NetskopeV2.yml Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/NetskopeV2/Integrations/NetskopeV2/NetskopeV2.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/NetskopeV2/Integrations/NetskopeV2/NetskopeV2.yml Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/NetskopeV2/Integrations/NetskopeV2/NetskopeV2.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/NetskopeV2/pack_metadata.json Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/NetskopeV2/ReleaseNotes/1_1_0.md Co-authored-by: Moshe Eichler <[email protected]> * Rename 1_1_0.md to 1_0_2.md --------- Co-authored-by: Nicole Casartelli <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> * RN --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Nicole Casartelli <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: MosheEichler <[email protected]>

* Updated a deprecated SecurityAndCompliance integration to it's newer version SecurityAndComplianceV2 * updated RN

…t Pack Update (demisto#30360) (demisto#30461) * "contribution update to pack "Prisma SASE by Palo Alto Networks"" * Apply suggestions from code review * few small fixes * ruff changes * correction + test * fix error --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Israel Lappe <[email protected]> Co-authored-by: ilappe <[email protected]>

* Add date format for ServiceNow v2 * update Docker and RN

…misto#30207) (demisto#30504) * "contribution update to pack "Dragos Worldview"" * Update DragosWorldview.yml FIxed error with missing period in description * Update DragosWorldview_description.md Fixed spelling mistake * Update DragosWorldview.yml Added a period to the end of all command, argument, and output descriptions * Update README.md Added input and output tables for dragos-get-indicators() * Changed credential for backwards compatibility Split username/password setup of credential into two password only ones. Added back old encrypted parameters for backwards compatibility * Added backwards compatibility for credentials Updated key and token check to support old encryption and new credential parameters. * Updated docker image tag * Added back link * Updating docker image * Update Packs/DragosWorldview/Integrations/DragosWorldview/DragosWorldview.yml * Update Packs/DragosWorldview/Integrations/DragosWorldview/DragosWorldview.yml * Update DragosWorldview.py Added bug fix where multiple page numbers could be in an api call Added suggested Boolean wrapper and default * Removed redundant boolean check * changed output's key field back to indicator_id * Added suggested int wrapper for page * Fixed formatting issues and updated docker * Changed id > indicator_id in outputs * Removed parathesis for bug fix * Type casted raw_response[...] to int * Added requested changes Added descriptions to the integration parameters Changed order of columns for !dragos-get-indicators() output table Added example commands for all 4 integration commands * Added human readable output for dragos-get-indicators() * Added human readable output example for dragos-get-indicators() * Update 1_1_3.md * update README - fix validation * update correct README --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Nicole Casartelli <[email protected]> Co-authored-by: Israel Lappe <[email protected]> Co-authored-by: ilappe <[email protected]>

… (demisto#30503) * Update search_terms to optional * Update readme * Add release notes * EXPANDR-6808 --------- Co-authored-by: John <[email protected]> Co-authored-by: jwilkes <[email protected]> Co-authored-by: johnnywilkes <[email protected]>

demisto#30484) Stopping running existing test upload flow pipelines for pull requests demisto#30484

* Changed error printing to return error function * Format and docker image update * Format and docker image update * Format and docker image update

* fixed a bug * docker fix * fix rl

* Create cisco umbrella pack. * Updated the readme and the modeling rule. * modified the modeling rule and the readme file. * Added parsing rules. * Added parsing rules. * Added xdm.event.type field. * Updated the readme * Update Packs/Cisco-umbrella-cloud-security/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Cisco-umbrella-cloud-security/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Cisco-umbrella-cloud-security/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Cisco-umbrella-cloud-security/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Cisco-umbrella-cloud-security/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Cisco-umbrella-cloud-security/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Added release notes * Added folder to cisco umbrella parsing rules. * Modified the readme --------- Co-authored-by: ShirleyDenkberg <[email protected]>

* Updated Metadata Of Pack CarbonBlackDefense * Added release notes to pack CarbonBlackDefense * Packs/CarbonBlackDefense/Integrations/CarbonBlackLiveResponseCloud/CarbonBlackLiveResponseCloud.yml Docker image update

* Updated Metadata Of Pack FeedDHS * Added release notes to pack FeedDHS * Packs/FeedDHS/Integrations/DHSFeedV2/DHSFeedV2.yml Docker image update * Updated Metadata Of Pack FeedUnit42v2 * Added release notes to pack FeedUnit42v2 * Packs/FeedUnit42v2/Integrations/FeedUnit42v2/FeedUnit42v2.yml Docker image update

* Updated Metadata Of Pack AzureKeyVault * Added release notes to pack AzureKeyVault * Packs/AzureKeyVault/Integrations/AzureKeyVault/AzureKeyVault.yml Docker image update * Updated Metadata Of Pack AzureDevOps * Added release notes to pack AzureDevOps * Packs/AzureDevOps/Integrations/AzureDevOps/AzureDevOps.yml Docker image update * Updated Metadata Of Pack AzureRiskyUsers * Added release notes to pack AzureRiskyUsers * Packs/AzureRiskyUsers/Integrations/AzureRiskyUsers/AzureRiskyUsers.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphGroups * Added release notes to pack MicrosoftGraphGroups * Packs/MicrosoftGraphGroups/Integrations/MicrosoftGraphGroups/MicrosoftGraphGroups.yml Docker image update * Updated Metadata Of Pack AzureSQLManagement * Added release notes to pack AzureSQLManagement * Packs/AzureSQLManagement/Integrations/AzureSQLManagement/AzureSQLManagement.yml Docker image update * Updated Metadata Of Pack MicrosoftGraphAPI * Added release notes to pack MicrosoftGraphAPI * Packs/MicrosoftGraphAPI/Integrations/MicrosoftGraphAPI/MicrosoftGraphAPI.yml Docker image update * Updated Metadata Of Pack MicrosoftTeams * Added release notes to pack MicrosoftTeams * Packs/MicrosoftTeams/Integrations/MicrosoftTeamsManagement/MicrosoftTeamsManagement.yml Docker image update * Updated Metadata Of Pack AzureFirewall * Added release notes to pack AzureFirewall * Packs/AzureFirewall/Integrations/AzureFirewall/AzureFirewall.yml Docker image update * Updated Metadata Of Pack X509Certificate * Added release notes to pack X509Certificate * Packs/X509Certificate/Scripts/CertificateExtract/CertificateExtract.yml Docker image update

* Updated Metadata Of Pack IronPort * Added release notes to pack IronPort * Packs/IronPort/Integrations/CiscoEmailSecurityApplianceIronPortV2/CiscoEmailSecurityApplianceIronPortV2.yml Docker image update * Updated Metadata Of Pack QutteraWebsiteMalwareScanner * Added release notes to pack QutteraWebsiteMalwareScanner * Packs/QutteraWebsiteMalwareScanner/Integrations/QutteraWebsiteMalwareScanner/QutteraWebsiteMalwareScanner.yml Docker image update * Updated Metadata Of Pack HYASProtect * Added release notes to pack HYASProtect * Packs/HYASProtect/Integrations/HYASProtect/HYASProtect.yml Docker image update * Updated Metadata Of Pack epo * Added release notes to pack epo * Packs/epo/Integrations/epoV2/epoV2.yml Docker image update * Updated Metadata Of Pack CiscoStealthwatch * Added release notes to pack CiscoStealthwatch * Packs/CiscoStealthwatch/Integrations/CiscoStealthwatch/CiscoStealthwatch.yml Docker image update * Updated Metadata Of Pack ThreatConnect * Added release notes to pack ThreatConnect * Packs/ThreatConnect/Integrations/ThreatConnectV3/ThreatConnectV3.yml Docker image update * Updated Metadata Of Pack RiskIQDigitalFootprint * Added release notes to pack RiskIQDigitalFootprint * Packs/RiskIQDigitalFootprint/Integrations/RiskIQDigitalFootprint/RiskIQDigitalFootprint.yml Docker image update * Updated Metadata Of Pack DomainToolsIrisDetect * Added release notes to pack DomainToolsIrisDetect * Packs/DomainToolsIrisDetect/Integrations/DomainToolsIrisDetect/DomainToolsIrisDetect.yml Docker image update * Updated Metadata Of Pack AtlassianConfluenceCloud * Added release notes to pack AtlassianConfluenceCloud * Packs/AtlassianConfluenceCloud/Integrations/AtlassianConfluenceCloud/AtlassianConfluenceCloud.yml Docker image update * Updated Metadata Of Pack Gatewatcher-AionIQ * Added release notes to pack Gatewatcher-AionIQ * Packs/Gatewatcher-AionIQ/Integrations/GCenter/GCenter.yml Docker image update * fix DS108 --------- Co-authored-by: israelpolishook <[email protected]>

* [RTIR] Support Tocken and Certificate Authentication * format * Update the description * Add RN, Update the README * Update the docker image * Fix the unit tests * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]>

* failing unit test * fix

…demisto#30536) * Remediaiton guidance API changes * Release notes updates * Fixes * Update readme * Misc changes to release notes * Misc changes * Update docker tags * Updated results and response files * Reverting few changes * Updated logic * Updated wording on inputs * Misc changes * Updated release version * Udpated if logic condition * Description changes * Update Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_ServiceNow_Notification_README.md * Update Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_8.md * Update Packs/CortexAttackSurfaceManagement/Integrations/CortexAttackSurfaceManagement/README.md * Update Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_Jira_Notification_README.md * Update Packs/CortexAttackSurfaceManagement/Integrations/CortexAttackSurfaceManagement/README.md * Update Packs/CortexAttackSurfaceManagement/Integrations/CortexAttackSurfaceManagement/README.md * Update Packs/CortexAttackSurfaceManagement/Integrations/CortexAttackSurfaceManagement/README.md * Update Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_Jira_Notification.yml * Update Packs/CortexAttackSurfaceManagement/Integrations/CortexAttackSurfaceManagement/README.md * Update Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_ASM_Alert.yml * Update Packs/CortexAttackSurfaceManagement/Playbooks/Cortex_ASM_-_Email_Notification.yml * Update Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_8.md * Update Packs/CortexAttackSurfaceManagement/ReleaseNotes/1_7_8.md * Read me updates --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: John <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Moshe Eichler <[email protected]>

…demisto#30472) (demisto#30535) * "contribution update to pack "SailPoint IdentityIQ"" * fix validation error * Update 1_0_15.md --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: ilappe <[email protected]> Co-authored-by: Israel Lappe <[email protected]>

* init-dell-emc-pack * fix-parsing-rule-metadata * add README.md * enrich-modeling-rules * refactor-modeling-rules * update-README.md * fix-parsing-rule-metadata * secret-ignore * refactor-modeling-rules * add-edge-use-case-on-parsing-rule * Update Packs/DellEMCUnity/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DellEMCUnity/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/DellEMCUnity/README.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]>

* adding delete dataset call for cleaning; changing Qualys for testing; adding reinstall packs list to collect tests; * fix pre-commit * auth id should be str * adding logs * adding global varible to download conf * adding more logging * delete logs * add reinstall script * fix path * test without un-installation * test without un-installation * uninstallatio is mandatory * adding got here logging * adding more logs * remove some logs to not wait * save more logs, ucomment * fixes to trigger nightly * revert unnessasary changes * delete logs * testing * revert changes * ruining modeling rules before installation * save second check * check nightly * revert changes * save changed from cr * save changed from cr * revert qualys changes * pre-commit fix

…dents (demisto#30527)

fixed Tests/scripts/reinstall_packs_on_cloud_instances.sh to support XDR migration demisto#30575

* Updated Metadata Of Pack GenericSQL * Added release notes to pack GenericSQL * Packs/GenericSQL/Integrations/GenericSQL/GenericSQL.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

…30533) * Fixed content search not found error

* AWS Expandr-6710 (demisto#30541) * Initial commit * Script updates and playbook updates * removed additional files * fix yml * review fixes * Update Packs/AWS-Enrichment-Remediation/ReleaseNotes/1_1_7.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/AWSRecreateSG.yml Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/AWS-Enrichment-Remediation/Scripts/AWSRecreateSG/README.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: Chait A <[email protected]> Co-authored-by: MosheEichler <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]>

* Updated Metadata Of Pack Slack * Added release notes to pack Slack * Packs/Slack/Integrations/SlackV3/SlackV3.yml Docker image update --------- Co-authored-by: israelpoli <[email protected]>

* Created pack Cisco WLC * Updated README * Updated .yml configs * Updated ModelingRules .yml * Update Packs/Cisco_Wireless_LAN_Controller/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Cisco_Wireless_LAN_Controller/README.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]>

fix jira convert bot of test playbooks demisto#30574

* enhancement for fortigate * added release notes and added values ot the schema --------- Co-authored-by: yasta5 <[email protected]>

* initial commit * README changes * Added support for devices last run time, devices max fetch * Version bump and RN * Change unit test for new changes. Parse event type correctly. Make changes to comply with dict events instead of list events. * Changes to events from list to dict. * Remove redundant after AQL date filter * Alerts and Activity default max = 5k Devices default max = 10k * Remove redundant description in yml. * Updated the README * fix flake8 long line issues * Change param name to snake_case. No need to demisto.setLastRun multiple times. * Apply suggestions from code review Tech doc review changes. Co-authored-by: ShirleyDenkberg <[email protected]> * update RN. --------- Co-authored-by: ShirleyDenkberg <[email protected]>

…sto#30213) * added double chck by id * fixed * added rn * update test * Bump pack from version ThreatConnect to 3.0.13. * added test * fixed except * pre commit --------- Co-authored-by: Content Bot <[email protected]>

…emisto#30576) * Make not mandatory in Packs supported by the community

…0242) (demisto#30582) * "contribution update to pack "GreyNoise"" * Update docker image and add periods to descriptions * Update GreyNoise.py Reverted line 1 Added suggested support for new parameter called api_credentials instead of replacing api_key's parameter type * Update GreyNoise.yml Added new credential parameter 'api_credentials', reverted apikey to encrypted * Added backwards compatibility for credentials * Added credential backwards compatibility Added hidden encrypted parameter to allow backwards compatibility Added new authentication parameter * Removed trailing new lines * Updated docker image * Update GreyNoise.py * Update Packs/GreyNoise/Integrations/GreyNoise/GreyNoise.yml * Update Packs/GreyNoise/Integrations/GreyNoise/GreyNoise.yml * Fixed formatting and updated docker * Fixed formatting * Updated docker image * add tests,change yml * delete noqa: F401 * update readme * RN change version number --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Nicole Casartelli <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: sapirshuker <[email protected]>

* save fix * save

…tructions (?)" from 3 fields (demisto#30588) * remove the "advanced: true" * remove "see Detailed Instructions (?)" * rn * docker * fix * Update Packs/MicrosoftGraphMail/ReleaseNotes/1_5_20.md Shirley Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]>

* Fixing issue with empty actor/malware list (demisto#30540) * update docker image --------- Co-authored-by: Christopher Hultin <[email protected]> Co-authored-by: ilappe <[email protected]> Co-authored-by: Israel Lappe <[email protected]>

* Add support for open-answer questions * Update Docker images * Bump version & add release-notes * Make `form_type` argument optional * Fix unit-tests

* Updated Metadata Of Pack AzureSecurityCenter * Added release notes to pack AzureSecurityCenter * Packs/AzureSecurityCenter/Integrations/AzureSecurityCenter_v2/AzureSecurityCenter_v2.yml Docker image update

fix jira convert issues print demisto#30608

fix merge dev secrets and sync buckets demisto#30609

* Fix GitLab collector * release notes * pre-commit fix * pre-commit fix * increase coverage * CR fixes * fix * Update 2_2_19.md * CR fix * default limit to 500 * update docker

* removed usage of is_ge_version function with server version less than 6.2.0. * added rn * updated docker image * added rn * removed unit tests * fixed unittests * edit unittest * fixed unittest * edited unittests * edited unittests * mypy fixes * fixes * fixes * updated docker image * added rn * mypy fixes * edited unittests * edit * edit unit tests * edited the tpb to work with ng server * edited tpb * removed paging unit tests, removed arguments * reverted removing the args

* Updated the modeling rule of microsoft dhcp * Updated the modeling rule of microsoft dhcp * Update 1_0_3.md --------- Co-authored-by: eepstain <[email protected]>

* new incidents fields * New playbook,incident type,script,layout for xdr lite changing integration default incident type and classifier * resolve conflicts - RN * update RN, update unsearchable to true in incident fields and remove unnecessary incident fields from the layout * updated layout - InvestigationVerdict dynamic section * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * fixes after review * Update Packs/CortexXDR/Scripts/InvestigationVerdict/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * fix for test playbooks Test_XDR_Playbook_execute_script_commands.yml * fix after review. change script name * RN after fixes * RN after fixes * change name of the script yml file in pack ignore * lint fix * time range fix --------- Co-authored-by: ShirleyDenkberg <[email protected]>

…nged_files (demisto#30632)

* fix get_request_command method * update RN * validate results.content is not empty * add "." to missing descriptions * added test_get_request_command_valid_raw_response * fix mypy * fix flake8

…sto#30512) * [Marketplace Contribution] Atlassian Jira - Content Pack Update (demisto#29838) * "contribution update to pack "Atlassian Jira"" * Update YML * Update Readme * Add missing docstrings * Apply suggestions from code review Co-authored-by: anas-yousef <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> * Adjust response type to empty body response * Added periods on various strings, per pre-commit test failure * Unit tests for JIRA assignee --------- Co-authored-by: 68zuhKQfKPk <[email protected]> Co-authored-by: kPKfQKhuz86 <[email protected]> Co-authored-by: anas-yousef <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: Jakob Weinzettl <[email protected]> * updated docker and fixed RN * added self to the class function * restored some yml marketplace download changeS * fixed the unit test * typing --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: 68zuhKQfKPk <[email protected]> Co-authored-by: kPKfQKhuz86 <[email protected]> Co-authored-by: anas-yousef <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: Jakob Weinzettl <[email protected]> Co-authored-by: okarkkatz <[email protected]>

* send notification * send notification * zoom ask * zoom async * zoom async * zoom readme * secret token for mirroring * send-notification command+ mirroring * unit tests * fix * add context cache * add context cache * zoom ask tests * remove unnecessary debug logs * remove debug logs * CR comments * CR comments * rn * format * zoomask tests * cr * small fix * known_words * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * Update ZoomAsk.yml * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * zoom basic authentication * comments * add certificate to uvicorn to support https * yml * readme --------- Co-authored-by: ShirleyDenkberg <[email protected]>

* add a way to upload binary file (demisto#30532) * add a way to upload binary file * patch ci/cd error * patch ci/cd error * Apply suggestions from code review Co-authored-by: Moshe Eichler <[email protected]> --------- Co-authored-by: Pierre SOLER <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> * Update Docker Image To demisto/crypto (demisto#30624) * Updated Metadata Of Pack AzureSecurityCenter * Added release notes to pack AzureSecurityCenter * Packs/AzureSecurityCenter/Integrations/AzureSecurityCenter_v2/AzureSecurityCenter_v2.yml Docker image update * fix jira convert issues print (demisto#30608) fix jira convert issues print demisto#30608 * fix merge dev secrets and sync buckets (demisto#30609) fix merge dev secrets and sync buckets demisto#30609 * Fixed Gitlab event collector fetch (demisto#30379) * Fix GitLab collector * release notes * pre-commit fix * pre-commit fix * increase coverage * CR fixes * fix * Update 2_2_19.md * CR fix * default limit to 500 * update docker * Remove checking 6.2 server version (demisto#30351) * removed usage of is_ge_version function with server version less than 6.2.0. * added rn * updated docker image * added rn * removed unit tests * fixed unittests * edit unittest * fixed unittest * edited unittests * edited unittests * mypy fixes * fixes * fixes * updated docker image * added rn * mypy fixes * edited unittests * edit * edit unit tests * edited the tpb to work with ng server * edited tpb * removed paging unit tests, removed arguments * reverted removing the args * Fix for dhcp (demisto#30610) * Updated the modeling rule of microsoft dhcp * Updated the modeling rule of microsoft dhcp * Update 1_0_3.md --------- Co-authored-by: eepstain <[email protected]> * Xdr lite playbbok (demisto#30497) * new incidents fields * New playbook,incident type,script,layout for xdr lite changing integration default incident type and classifier * resolve conflicts - RN * update RN, update unsearchable to true in incident fields and remove unnecessary incident fields from the layout * updated layout - InvestigationVerdict dynamic section * Apply suggestions from code review Co-authored-by: ShirleyDenkberg <[email protected]> * fixes after review * Update Packs/CortexXDR/Scripts/InvestigationVerdict/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * fix for test playbooks Test_XDR_Playbook_execute_script_commands.yml * fix after review. change script name * RN after fixes * RN after fixes * change name of the script yml file in pack ignore * lint fix * time range fix --------- Co-authored-by: ShirleyDenkberg <[email protected]> * comment out us its looks unused and adding unchanged_files to the changed_files (demisto#30632) * OpsGenie v3 - Fix polling commands (demisto#30579) * fix get_request_command method * update RN * validate results.content is not empty * add "." to missing descriptions * added test_get_request_command_valid_raw_response * fix mypy * fix flake8 * [Marketplace Contribution] Atlassian Jira - Content Pack Update (demisto#30512) * [Marketplace Contribution] Atlassian Jira - Content Pack Update (demisto#29838) * "contribution update to pack "Atlassian Jira"" * Update YML * Update Readme * Add missing docstrings * Apply suggestions from code review Co-authored-by: anas-yousef <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> * Adjust response type to empty body response * Added periods on various strings, per pre-commit test failure * Unit tests for JIRA assignee --------- Co-authored-by: 68zuhKQfKPk <[email protected]> Co-authored-by: kPKfQKhuz86 <[email protected]> Co-authored-by: anas-yousef <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: Jakob Weinzettl <[email protected]> * updated docker and fixed RN * added self to the class function * restored some yml marketplace download changeS * fixed the unit test * typing --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: 68zuhKQfKPk <[email protected]> Co-authored-by: kPKfQKhuz86 <[email protected]> Co-authored-by: anas-yousef <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: Jakob Weinzettl <[email protected]> Co-authored-by: okarkkatz <[email protected]> --------- Co-authored-by: Pierre <[email protected]> Co-authored-by: Pierre SOLER <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: Koby Meir <[email protected]> Co-authored-by: Yaakov Praisler <[email protected]> Co-authored-by: merit-maita <[email protected]> Co-authored-by: yasta5 <[email protected]> Co-authored-by: eepstain <[email protected]> Co-authored-by: OmriItzhak <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: Moshe Galitzky <[email protected]> Co-authored-by: Adi Daud <[email protected]> Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: 68zuhKQfKPk <[email protected]> Co-authored-by: kPKfQKhuz86 <[email protected]> Co-authored-by: anas-yousef <[email protected]> Co-authored-by: omerKarkKatz <[email protected]> Co-authored-by: Jakob Weinzettl <[email protected]> Co-authored-by: okarkkatz <[email protected]> Co-authored-by: MosheEichler <[email protected]>

…rom latest upload commit (demisto#30073) * install nightly packs from artifacts * fix * add checkout upload commit nightly * remove comment * remove deprecated checks * update branch, make sure to revert to master * revert marketplace const * use -f git worktree * use git checkout specific file * lint fixes * fix nightly installation failure * collect tests - do not collect hidden packs * packs * fix lint on collect tests * fix lint issues * run against current packs commit and not against master * handle prev-ver validate * remove redundent g * use latest packs commit to compare * validate * git commit * commit -m * update checkout implementation * no need for post-commit when using validate -a * fix " * handle deleted files * test against branch * test against head * remove git commit * another fix * git status before reset * do not print last packs upload * comments * Update .gitlab/ci/.gitlab-ci.global.yml

…k Update (demisto#30603) * [Marketplace Contribution] Recorded Future Intelligence - Content Pack Update (demisto#30475) * "contribution update to pack "Recorded Future Intelligence"" * Added 'hidden: true' to encrypted parameter * Fixed formatting * Reverted defaultmapper and defaultclassifier * Update version number * Rename 1_8_0.md to 1.7.4.md --------- Co-authored-by: Nicole Casartelli <[email protected]> Co-authored-by: Israel Lappe <[email protected]> * fix RN file name --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Nicole Casartelli <[email protected]> Co-authored-by: Israel Lappe <[email protected]> Co-authored-by: ilappe <[email protected]>

* fix script * RN * fix * fixing * RN * fix to array * testing * Fix * fix * Fix * test * test * RN * fix * fix * fix unittest * fix * fix * fix * Bump pack from version CommonScripts to 1.12.39. * Review Fixes * ReleaseNotes fix --------- Co-authored-by: Content Bot <[email protected]>

* test * skip test_socks_proxy if TEST_XDR_ENV * fixed * fixed * fixed Flake8

…isto#30640) * Add case_id_list param * update release notes * handle merge conflict * bump to 1.0.13 * list as ints * Apply suggestions from code review * doc update --------- Co-authored-by: Andrew Scott <[email protected]> Co-authored-by: Sapir Shuker <[email protected]> Co-authored-by: ShirleyDenkberg <[email protected]>

…dy parameter. (demisto#30628) (demisto#30652) Co-authored-by: Crest Data Systems <[email protected]> Co-authored-by: crestdatasystems <[email protected]> Co-authored-by: Israel Lappe <[email protected]>

* Fixed validations * Updated 1 of the tasks. * Updated 1 of the tasks. * Added default mapper and classifier * Fixed review comments * fixed review comments * fixed review comments * fixed conflicts * Added additional hard input * Added a review comment * Added a review comment * Added more incidents * Added more incidents to the flow * Fixed issue with value for brute force RDP * Changed timeRange for additional alerts * update threshold * Fixed answer for CTF1 * Fixed answers and hints for CTF1 * Fixed answers and hints for CTF2 * Added gif - let's do this * fixed issues + added some more comments * fixed issues * Add additional items * Dixed review comments * False was changed to 0 * Added feedback from users * Fixed issues with the CTF3 - Changed the client in the command to be overwritten - Added missing mapper items * Fixed layout issue * Removed Logs questions section * Updated some items per feedbacks * Updated some items per feedbacks * Updated some items per feedbacks * Updated some items per feedbacks * Fixed typo issue * Fixed scripts * Added function to support multiple incidents * fixed conflicts * fixed fetch issue * Added delete context task * Added delete context task * Added gif * Fixed bugs / other stuff * fixed review comments * fixed review comments * fixed other issues * fixed other issues * fixed other issues * fixed other issues * Fixed typos + missing items * fixed conflicts * Updated the file name * Pushed additional possible answers * Added validation for the file retrival command * Fixed ctf3 issues * Fixed ctf3 issues * fixed conflicts * Updated gif in the welcome message * removed dedup from ctf3 * fixed fetch to 201 * bypass for the phishing layout - to display the email body as an image * fixed conflicts * Fixed typo on error message * CTF * Updated content to support custom XDR integration * Restore Cortex XDR content from Master * Format * Removed un-required commands + added default mapper and classifier * Fixed PlaybookID key * Fixed the Get-Alerts-Command * Fixed UserEngagementThreshold * Fixed an issue with the user engament input * Fixed validation issues * Removed Q8 from Ctf 2 about EDL Added the docs links to each CTF ( Lab Guid + walkthrough cheatsheet) * remove student from the incident's name * Added indicators extraction * Added indicators extraction * Added thirteen * Added mitre Tactic name so the investigation panel will be displayed * removed all the guides * removed un required hashes * removed un required hashes * Added missing question * Removed additional PB item * Fixed review comments * Fixed review comments * Fixed review comments * added gif * added gif * Script improvement * Updated Gifs in Scripts and PBs to new ones * Updated PB descriptions * Updated Images * Updated Pack MetaData * Fixed all the issues added preparation playbook Added min server version for the packs * Moved inc field * Removed incident for ctf3 * Format * Format * Fixed issue with prepare ctf playbook * Removed CTF 3 and changed ctf 2 last task to notify the user on finishing the CTF * Feedbacks * Updated ReadMe files in both packs. * Update links in the questions' description * added dashboard * Removed the special character * Added more images * Changed the gifs in the items * Changed the gifs in the items * Changed the Dashboard * Removed un-required gifs * Updated README.md * added image for the "prepare your CTF" playbook * Updated README.md * Updated the time range for the CTF dashboard * Changed image url in ReadME * Reverted phishing layout * Removed un required gifs * Test images * Added gif to README.md * Removed min server requirement * READ me change again * READ me change again * READ me change again * Fix validations * Fix validations * Fix validations * Fix validations * Fix validations * Updated gifs on CTF2BF.py * push fix for the investigation tab and the rdp brute force tab * Fixing validations * Format + Generate docs * Format / Validations * Format / Validations * Format / Validations * Format / Validations * python fixes + tests skeleton * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * Format / Validations * fix test * fix test * fix test * Fix predefined values * Changed malicious hashes * Changed the size of the presented gif * Review fixes * Review fixes * Review fixes * Review fixes * Review fixes * Review fixes * Updated docker image * Removed threat hunting section to avoid polling mechanism * Fixed the incident field association with an incident type * Fixed the incident field association with an incident type * fixed default fromversion on all content items * fixed default fromversion on all content items * Format * Format * Format * Format * Format * updated pack MP * update pack ignore * reverted pack ignore + changed fromVersion 6.9/6.10 to 8.2 + changed MP to xsoar * fix * Reverted changes on test_content.py --------- Co-authored-by: Jas Beilin <[email protected]> Co-authored-by: yucohen <[email protected]>

…demisto#30537) * [Marketplace Contribution] Anomali ThreatStream - Content Pack Update (demisto#30154) * "contribution update to pack "Anomali ThreatStream"" * Fixes * Fix * Fix unit-tests * Bump version to resolve conflicts * Bump Docker version * Minor change * pre-commit * Update Docker version * Fix linting issue --------- Co-authored-by: Michael Yochpaz <[email protected]> * Bump Docker version --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Michael Yochpaz <[email protected]>

Co-authored-by: Content Bot <[email protected]>

* Dont allow pipe in first char * Small regex fix * Updated email extraction playbook * Bump pack from version CommonTypes to 3.3.90. --------- Co-authored-by: Content Bot <[email protected]>

* Documentation and metadata improvements. * pre-commit * fixed yml * fixed yml * fixed * thanks sk * last fix * updated docker * updated docker

…to#30651)

* Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack Lumu * Added release notes to pack Lumu * Packs/Lumu/Integrations/Lumu/Lumu.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update

* Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update

* Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update

* Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update

* Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update

* Updated Metadata Of Pack CiscoWebExFeed * Added release notes to pack CiscoWebExFeed * Packs/CiscoWebExFeed/Integrations/CiscoWebExFeed/CiscoWebExFeed.yml Docker image update

* [Marketplace Contribution] Exabeam - Content Pack Update (demisto#30625) * "contribution update to pack "Exabeam"" * Reverted automated changes to content pack that I didn't request * update fix + docker --------- Co-authored-by: Christian King <[email protected]> Co-authored-by: ilappe <[email protected]> Co-authored-by: Israel Lappe <[email protected]> * beter solution * adding no cover --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Christian King <[email protected]> Co-authored-by: ilappe <[email protected]> Co-authored-by: Israel Lappe <[email protected]>

* Updated Metadata Of Pack GSuiteAdmin * Added release notes to pack GSuiteAdmin * Packs/GSuiteAdmin/Integrations/GSuiteAdmin/GSuiteAdmin.yml Docker image update * Updated Metadata Of Pack GoogleSheets * Added release notes to pack GoogleSheets * Packs/GoogleSheets/Integrations/GoogleSheets/GoogleSheets.yml Docker image update * Updated Metadata Of Pack GoogleChronicleBackstory * Added release notes to pack GoogleChronicleBackstory * Packs/GoogleChronicleBackstory/Integrations/GoogleChronicleBackstory/GoogleChronicleBackstory.yml Docker image update * Updated Metadata Of Pack GSuiteSecurityAlertCenter * Added release notes to pack GSuiteSecurityAlertCenter * Packs/GSuiteSecurityAlertCenter/Integrations/GSuiteSecurityAlertCenter/GSuiteSecurityAlertCenter.yml Docker image update * Updated Metadata Of Pack GoogleDrive * Added release notes to pack GoogleDrive * Packs/GoogleDrive/Integrations/GoogleDrive/GoogleDrive.yml Docker image update * Updated Metadata Of Pack GoogleCalendar * Added release notes to pack GoogleCalendar * Packs/GoogleCalendar/Integrations/GoogleCalendar/GoogleCalendar.yml Docker image update

* Updated Metadata Of Pack TAXIIServer * Added release notes to pack TAXIIServer * Packs/TAXIIServer/Integrations/TAXII2Server/TAXII2Server.yml Docker image update

* Updated Metadata Of Pack WebFileRepository * Added release notes to pack WebFileRepository * Packs/WebFileRepository/Integrations/WebFileRepository/WebFileRepository.yml Docker image update

* Updated Metadata Of Pack FeedCyCognito * Added release notes to pack FeedCyCognito * Packs/FeedCyCognito/Integrations/FeedCyCognito/FeedCyCognito.yml Docker image update

…30668) * [trend-micro-vision-one] - update wrong link to search logs * bump rn * rn fix

* Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Scripts/CompareIndicators/CompareIndicators.yml Docker image update --------- Co-authored-by: israelpolishook <[email protected]>

* Updated Metadata Of Pack Intezer * Added release notes to pack Intezer * Packs/Intezer/Integrations/IntezerV2/IntezerV2.yml Docker image update * Updated Metadata Of Pack Zabbix * Added release notes to pack Zabbix * Packs/Zabbix/Integrations/Zabbix/Zabbix.yml Docker image update * Updated Metadata Of Pack FeedMalwareBazaar * Added release notes to pack FeedMalwareBazaar * Packs/FeedMalwareBazaar/Integrations/MalwareBazaarFeed/MalwareBazaarFeed.yml Docker image update * Updated Metadata Of Pack FeedGCPWhitelist * Added release notes to pack FeedGCPWhitelist * Packs/FeedGCPWhitelist/Integrations/FeedGoogleIPRanges/FeedGoogleIPRanges.yml Docker image update * Updated Metadata Of Pack AccentureCTI_Feed * Added release notes to pack AccentureCTI_Feed * Packs/AccentureCTI_Feed/Integrations/ACTIIndicatorFeed/ACTIIndicatorFeed.yml Docker image update * Updated Metadata Of Pack SEKOIAIntelligenceCenter * Added release notes to pack SEKOIAIntelligenceCenter * Packs/SEKOIAIntelligenceCenter/Integrations/SEKOIAIntelligenceCenter/SEKOIAIntelligenceCenter.yml Docker image update * Updated Metadata Of Pack CommonWidgets * Added release notes to pack CommonWidgets * Packs/CommonWidgets/Scripts/RSSWidget/RSSWidget.yml Docker image update * Fix UT --------- Co-authored-by: israelpolishook <[email protected]>

* init * init * changed fine_score to severity in classifier * unit-tests * aligned with design * cosmetic changes * removed severity from incident_context * candidate * undid cosmetci changes * fix flake8 line-too-long * possible fix: mirror only with types specified * fixed unit-tests * update release notes, docker * name change * conflict fix * removed update docker from RN * resolve conflicts * update docker * fix TPB

* [Marketplace Contribution] Github Maltrail Feed (demisto#30052) * "pack contribution initial commit" * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.yml Co-authored-by: Moshe Eichler <[email protected]> * Update GithubMaltrailFeed.yml * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.yml Co-authored-by: Moshe Eichler <[email protected]> * Update GithubMaltrailFeed.py * Update GithubMaltrailFeed.py * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.yml * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.py Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/GithubMaltrailFeed.py Co-authored-by: Moshe Eichler <[email protected]> * Delete Packs/GithubMaltrailFeed/Integrations/GithubMaltrailFeed/integration-Github_Maltrail_Feed.yml * Update pack_metadata.json * Update GithubMaltrailFeed.yml * Update GithubMaltrailFeed.py * Update GithubMaltrailFeed.py * Update GithubMaltrailFeed.yml * Update GithubMaltrailFeed.py * Update GithubMaltrailFeed.yml * Update GithubMaltrailFeed.py --------- Co-authored-by: Abel S. Santamarina <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> * pre-commit fixes * add README.md * fix json * format * from version * categories * validate fixes * remove f string --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Abel S. Santamarina <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: MosheEichler <[email protected]>

…sto#30692) * [Marketplace Contribution] VMRay Analyzer - Content Pack Update (demisto#30390) * "contribution update to pack "VMRay Analyzer"" * Update README.md Added to docs * Update Packs/VMRay/ReleaseNotes/1_2_0.md Ok Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/VMRay/Integrations/VMRay/VMRay.py OK Co-authored-by: Moshe Eichler <[email protected]> * Update Packs/VMRay/Integrations/VMRay/VMRay.py Co-authored-by: Moshe Eichler <[email protected]> * Updated release notes --------- Co-authored-by: Konrad <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> * Update Docker Image To demisto/python3 (demisto#30669) * Updated Metadata Of Pack QualysFIM * Added release notes to pack QualysFIM * Packs/QualysFIM/Integrations/QualysFIM/QualysFIM.yml Docker image update * Updated Metadata Of Pack FortiSIEM * Added release notes to pack FortiSIEM * Packs/FortiSIEM/Integrations/FortiSIEMV2/FortiSIEMV2.yml Docker image update * Updated Metadata Of Pack FreshworksFreshservice * Added release notes to pack FreshworksFreshservice * Packs/FreshworksFreshservice/Integrations/FreshworksFreshservice/FreshworksFreshservice.yml Docker image update * Updated Metadata Of Pack KnowBe4_KMSAT * Added release notes to pack KnowBe4_KMSAT * Packs/KnowBe4_KMSAT/Integrations/KnowBe4KMSAT/KnowBe4KMSAT.yml Docker image update * Updated Metadata Of Pack DelineaSS * Added release notes to pack DelineaSS * Packs/DelineaSS/Integrations/DelineaSS/DelineaSS.yml Docker image update * Updated Metadata Of Pack Cryptocurrency * Added release notes to pack Cryptocurrency * Packs/Cryptocurrency/Integrations/Cryptocurrency/Cryptocurrency.yml Docker image update * Updated Metadata Of Pack PANOSPolicyOptimizer * Added release notes to pack PANOSPolicyOptimizer * Packs/PANOSPolicyOptimizer/Integrations/PANOSPolicyOptimizer/PANOSPolicyOptimizer.yml Docker image update * Updated Metadata Of Pack DeveloperTools * Added release notes to pack DeveloperTools * Packs/DeveloperTools/Integrations/CreateIncidents/CreateIncidents.yml Docker image update * Updated Metadata Of Pack Lumu * Added release notes to pack Lumu * Packs/Lumu/Integrations/Lumu/Lumu.yml Docker image update * Updated Metadata Of Pack FlashpointFeed * Added release notes to pack FlashpointFeed * Packs/FlashpointFeed/Integrations/FlashpointFeed/FlashpointFeed.yml Docker image update * Update Docker Image To demisto/boto3py3 (demisto#30670) * Updated Metadata Of Pack SecurityIntelligenceServicesFeed * Added release notes to pack SecurityIntelligenceServicesFeed * Packs/SecurityIntelligenceServicesFeed/Integrations/SecurityIntelligenceServicesFeed/SecurityIntelligenceServicesFeed.yml Docker image update * Updated Metadata Of Pack AWS-IAM * Added release notes to pack AWS-IAM * Packs/AWS-IAM/Integrations/AWS-IAM/AWS-IAM.yml Docker image update * Updated Metadata Of Pack AWS-Route53 * Added release notes to pack AWS-Route53 * Packs/AWS-Route53/Integrations/AWSRoute53/AWSRoute53.yml Docker image update * Updated Metadata Of Pack AWS-AccessAnalyzer * Added release notes to pack AWS-AccessAnalyzer * Packs/AWS-AccessAnalyzer/Integrations/AWS-AccessAnalyzer/AWS-AccessAnalyzer.yml Docker image update * Updated Metadata Of Pack AWS-GuardDuty * Added release notes to pack AWS-GuardDuty * Packs/AWS-GuardDuty/Integrations/AWSGuardDutyEventCollector/AWSGuardDutyEventCollector.yml Docker image update * Packs/AWS-GuardDuty/Integrations/AWSGuardDuty/AWSGuardDuty.yml Docker image update * Updated Metadata Of Pack Aws-SecretsManager * Added release notes to pack Aws-SecretsManager * Packs/Aws-SecretsManager/Integrations/AwsSecretsManager/AwsSecretsManager.yml Docker image update * Update Docker Image To demisto/crypto (demisto#30673) * Updated Metadata Of Pack AzureSentinel * Added release notes to pack AzureSentinel * Packs/AzureSentinel/Integrations/AzureSentinel/AzureSentinel.yml Docker image update * Updated Metadata Of Pack MicrosoftCloudAppSecurity * Added release notes to pack MicrosoftCloudAppSecurity * Packs/MicrosoftCloudAppSecurity/Integrations/MicrosoftCloudAppSecurity/MicrosoftCloudAppSecurity.yml Docker image update * Update Docker Image To demisto/oci (demisto#30672) * Updated Metadata Of Pack OracleCloudInfrastructure * Added release notes to pack OracleCloudInfrastructure * Packs/OracleCloudInfrastructure/Integrations/OracleCloudInfrastructureEventCollector/OracleCloudInfrastructureEventCollector.yml Docker image update * Update Docker Image To demisto/sixgill (demisto#30674) * Updated Metadata Of Pack Cybersixgill-ActionableAlerts * Added release notes to pack Cybersixgill-ActionableAlerts * Packs/Cybersixgill-ActionableAlerts/Integrations/CybersixgillActionableAlerts/CybersixgillActionableAlerts.yml Docker image update * Updated Metadata Of Pack Sixgill-Darkfeed * Added release notes to pack Sixgill-Darkfeed * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed_Enrichment/Sixgill_Darkfeed_Enrichment.yml Docker image update * Packs/Sixgill-Darkfeed/Integrations/Sixgill_Darkfeed/Sixgill_Darkfeed.yml Docker image update * Update Docker Image To demisto/btfl-soup (demisto#30678) * Updated Metadata Of Pack CiscoWebExFeed * Added release notes to pack CiscoWebExFeed * Packs/CiscoWebExFeed/Integrations/CiscoWebExFeed/CiscoWebExFeed.yml Docker image update * [Marketplace Contribution] Exabeam - Content Pack Update (demisto#30655) * [Marketplace Contribution] Exabeam - Content Pack Update (demisto#30625) * "contribution update to pack "Exabeam"" * Reverted automated changes to content pack that I didn't request * update fix + docker --------- Co-authored-by: Christian King <[email protected]> Co-authored-by: ilappe <[email protected]> Co-authored-by: Israel Lappe <[email protected]> * beter solution * adding no cover --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Christian King <[email protected]> Co-authored-by: ilappe <[email protected]> Co-authored-by: Israel Lappe <[email protected]> * Update Docker Image To demisto/googleapi-python3 (demisto#30677) * Updated Metadata Of Pack GSuiteAdmin * Added release notes to pack GSuiteAdmin * Packs/GSuiteAdmin/Integrations/GSuiteAdmin/GSuiteAdmin.yml Docker image update * Updated Metadata Of Pack GoogleSheets * Added release notes to pack GoogleSheets * Packs/GoogleSheets/Integrations/GoogleSheets/GoogleSheets.yml Docker image update * Updated Metadata Of Pack GoogleChronicleBackstory * Added release notes to pack GoogleChronicleBackstory * Packs/GoogleChronicleBackstory/Integrations/GoogleChronicleBackstory/GoogleChronicleBackstory.yml Docker image update * Updated Metadata Of Pack GSuiteSecurityAlertCenter * Added release notes to pack GSuiteSecurityAlertCenter * Packs/GSuiteSecurityAlertCenter/Integrations/GSuiteSecurityAlertCenter/GSuiteSecurityAlertCenter.yml Docker image update * Updated Metadata Of Pack GoogleDrive * Added release notes to pack GoogleDrive * Packs/GoogleDrive/Integrations/GoogleDrive/GoogleDrive.yml Docker image update * Updated Metadata Of Pack GoogleCalendar * Added release notes to pack GoogleCalendar * Packs/GoogleCalendar/Integrations/GoogleCalendar/GoogleCalendar.yml Docker image update * Update Docker Image To demisto/flask-nginx (demisto#30682) * Updated Metadata Of Pack TAXIIServer * Added release notes to pack TAXIIServer * Packs/TAXIIServer/Integrations/TAXII2Server/TAXII2Server.yml Docker image update * Update Docker Image To demisto/bottle (demisto#30681) * Updated Metadata Of Pack WebFileRepository * Added release notes to pack WebFileRepository * Packs/WebFileRepository/Integrations/WebFileRepository/WebFileRepository.yml Docker image update * Update Docker Image To demisto/pycountry (demisto#30684) * Updated Metadata Of Pack FeedCyCognito * Added release notes to pack FeedCyCognito * Packs/FeedCyCognito/Integrations/FeedCyCognito/FeedCyCognito.yml Docker image update * [trend-micro-vision-one] - update wrong link to search logs (demisto#30668) * [trend-micro-vision-one] - update wrong link to search logs * bump rn * rn fix --------- Co-authored-by: xsoar-bot <[email protected]> Co-authored-by: Konrad <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: Christian King <[email protected]> Co-authored-by: ilappe <[email protected]> Co-authored-by: Israel Lappe <[email protected]> Co-authored-by: Guy Afik <[email protected]> Co-authored-by: MosheEichler <[email protected]>

* fix handle values bug [Google Sheets] * update RN * update Docker and RN * flake8 * Bump pack from version GoogleSheets to 1.0.36. * add docstring to "handle_values_input" function --------- Co-authored-by: Content Bot <[email protected]>

* improve email squatting script faster * format yml * format script * Bump pack from version CommonScripts to 1.12.40. * remove usage of Array.from since it is not supported in 6.9 --------- Co-authored-by: Content Bot <[email protected]>

…o#30509) Splitting prepare-testing-bucket output to be per server type demisto#30509

demisto#30361) (demisto#30691) * Made premium packs free. Added new alert states to the Code42 Check Incydr Status And Close XSOAR Incident playbook. Deprecated commands. * Removed more unused methods and added tests to get back above the 90% threshold. * Updated playbooks to use non-deprecated commands Co-authored-by: jdullum <[email protected]> Co-authored-by: Israel Lappe <[email protected]>

…ch (demisto#30650)

* Updated TenableioEventCollector_1_3_schema * Updated ReleaseNotes * Updated ReleaseNotes

* init-modeling-rules * enrich-modeling-rules * modeling-rules * update-README.md * update pack keywords * update-release-notes * update-modeling-rules * add-known-words * refactor-modeling-rules * Update Packs/Claroty/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Claroty/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * Update Packs/Claroty/README.md Co-authored-by: ShirleyDenkberg <[email protected]> * fix-README.md-table * refactor-modeling-rules * add-disclaimer-on-README.md * add-disclaimer-on-README.md * Update README.md --------- Co-authored-by: ShirleyDenkberg <[email protected]> Co-authored-by: eepstain <[email protected]>

* edl enhancements * update RN * update hidden value update RN * add xsoar_saas to hidden * Update Packs/EDL/ReleaseNotes/3_2_13.md Co-authored-by: ShirleyDenkberg <[email protected]> --------- Co-authored-by: ShirleyDenkberg <[email protected]>

fixing the check validating build files are up to date demisto#30703

* Updated Metadata Of Pack AWS-SecurityHub * Added release notes to pack AWS-SecurityHub * Packs/AWS-SecurityHub/Integrations/AWSSecurityHubEventCollector/AWSSecurityHubEventCollector.yml Docker image update

* Updated Metadata Of Pack SafeNet_Trusted_Access * Added release notes to pack SafeNet_Trusted_Access * Packs/SafeNet_Trusted_Access/Integrations/SafeNetTrustedAccessEventCollector/SafeNetTrustedAccessEventCollector.yml Docker image update * Updated Metadata Of Pack Wiz * Added release notes to pack Wiz * Packs/Wiz/Integrations/Wiz/Wiz.yml Docker image update * Updated Metadata Of Pack AbnormalSecurity * Added release notes to pack AbnormalSecurity * Packs/AbnormalSecurity/Integrations/AbnormalSecurity/AbnormalSecurity.yml Docker image update * Updated Metadata Of Pack FeedLOLBAS * Added release notes to pack FeedLOLBAS * Packs/FeedLOLBAS/Integrations/FeedLOLBAS/FeedLOLBAS.yml Docker image update * Updated Metadata Of Pack Hackuity * Added release notes to pack Hackuity * Packs/Hackuity/Integrations/Hackuity/Hackuity.yml Docker image update * Updated Metadata Of Pack Grafana * Added release notes to pack Grafana * Packs/Grafana/Integrations/Grafana/Grafana.yml Docker image update * Updated Metadata Of Pack Binalyze * Added release notes to pack Binalyze * Packs/Binalyze/Integrations/BinalyzeAIR/BinalyzeAIR.yml Docker image update * Updated Metadata Of Pack ServiceDeskPlus * Added release notes to pack ServiceDeskPlus * Packs/ServiceDeskPlus/Integrations/ServiceDeskPlus/ServiceDeskPlus.yml Docker image update * Updated Metadata Of Pack Oracle_IAM * Added release notes to pack Oracle_IAM * Packs/Oracle_IAM/Integrations/OracleIAM/OracleIAM.yml Docker image update * Updated Metadata Of Pack AccentureCTI * Added release notes to pack AccentureCTI * Packs/AccentureCTI/Integrations/ACTIIndicatorQuery/ACTIIndicatorQuery.yml Docker image update

fix bucket upload demisto#30711

* XSOAR EDL Checker - Add support for XSOAR 8.x - Oct 2023 (demisto#30539) * after format * updated description, integration readme, and increased pack version * updating pack metadata to use my Palo Alto information * updated readme for integration --------- Co-authored-by: Moshe Eichler <[email protected]> * remove hourly * add image * docker image * RN * docker * period * RN --------- Co-authored-by: Mike Beauchamp <[email protected]> Co-authored-by: Moshe Eichler <[email protected]> Co-authored-by: MosheEichler <[email protected]>

Bumps [pyyaml](https://github.com/yaml/pyyaml) from 3.12 to 5.4. - [Changelog](https://github.com/yaml/pyyaml/blob/main/CHANGES) - [Commits](yaml/pyyaml@3.12...5.4) --- updated-dependencies: - dependency-name: pyyaml dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump pyyaml from 3.12 to 5.4 in /Packs/Exchange2016_Compliance/Integrations/Exchange2016_Compliance/doc_files #87

Bump pyyaml from 3.12 to 5.4 in /Packs/Exchange2016_Compliance/Integrations/Exchange2016_Compliance/doc_files #87

Commits on Oct 17, 2023

Commits on Oct 18, 2023

Commits on Oct 19, 2023

Commits on Oct 22, 2023

Commits on Oct 23, 2023

Commits on Oct 24, 2023

Commits on Oct 25, 2023

Commits on Oct 26, 2023

Commits on Oct 27, 2023

Commits on Oct 28, 2023

Commits on Oct 29, 2023

Commits on Oct 30, 2023

Commits on Oct 31, 2023

Commits on Nov 1, 2023

Commits on Nov 2, 2023

Commits on Nov 5, 2023

Commits on Nov 6, 2023

Commits on Nov 7, 2023

Bump pyyaml from 3.12 to 5.4 in /Packs/Exchange2016_Compliance/Integrations/Exchange2016_Compliance/doc_files #87

Are you sure you want to change the base?

Bump pyyaml from 3.12 to 5.4 in /Packs/Exchange2016_Compliance/Integrations/Exchange2016_Compliance/doc_files #87

Commits on Oct 17, 2023

Commits on Oct 18, 2023

Commits on Oct 19, 2023

Commits on Oct 22, 2023

Commits on Oct 23, 2023

Commits on Oct 24, 2023

Commits on Oct 25, 2023

Commits on Oct 26, 2023

Commits on Oct 27, 2023

Commits on Oct 28, 2023

Commits on Oct 29, 2023

Commits on Oct 30, 2023

Commits on Oct 31, 2023

Commits on Nov 1, 2023

Commits on Nov 2, 2023

Commits on Nov 5, 2023

Commits on Nov 6, 2023

Commits on Nov 7, 2023