Tags: GreatHorn/content
Tags
Hod/mitre layout (demisto#8955) * Adding indicator fields neccessery for the new layout * Removed modification of mitreplatforms incidenttype * Backwards compatability for layout in 5.5 * Renaming fields * PR changes * Additional PR changes * Updated * Updated * Updating docker images Co-authored-by: Bar Hochman <11165655+jochman@users.noreply.github.com> Co-authored-by: hod-alpert <haplert@paloaltonetworks.com> Co-authored-by: Alex Fiedler <38628621+kirbles19@users.noreply.github.com>
Added support for attachments with EWS V2 and Gmail (demisto#8707) * Added support for attachments with EWS V2 * minor fix * Works with Gmail Fix for Bar * added RN * Update 1_1_0.md * changes with master * pack version * Removed mark as evidence as agreed * Formatted layouts * RN Co-authored-by: roysagi <50295826+roysagi@users.noreply.github.com>
Fixed context outputs - FailedInstances Script (demisto#8503) * Fixed context outputs * Added rn and updated README * Updated test with new outputs * Added comment in rn and change type in context * Update script-FailedInstances.yml Reviewed and updated. * Update 1_2_32.md Reviewed and updated Co-authored-by: Richard Bluestone <53567272+richardbluestone@users.noreply.github.com>
Pcap extractor playbook (demisto#8077) * Added new playbook * Added test playbook. * Added test playbook. * Conf json. * Improved descriptions. * Improved descriptions. * Improved descriptions. * Update playbook-PCAP_File_Carving.yml * Update playbook-PCAP_File_Carving.yml Co-authored-by: dbaumstein <dbaumstein@paloaltonetwork.com> Co-authored-by: yaron-libman <43783884+yaron-libman@users.noreply.github.com>
[risksense-835] Contrib/crestdatasys risksense enhancement (demisto#7853 ) * [risksense-835] Contrib/crestdatasys risksense enhancement (demisto#7272) * [risksense-835] RiskSense enhanced integration ### New Features - 3 new playbooks - Ransomware exposure - BlueKeep CVE exposure - DHS-CISA-FBI Top 10 CVE exposure - Helper script for ransomware exposure - risksense-apply-tag command ### Enhancement - new RiskSense branding logo - minor argument name change - minor context data change * [risksense-835] RiskSense enhanced integration - secret words added in .secrets-ignore * [risksense-835] RiskSense enhanced integration ### Removed duplicate condition. * [risksense-835] RiskSense enhanced integration ### Minor fix - README.md validation fix ### Docker image updated * [risksense-835] RiskSense enhanced integration ### New Features - 3 new playbooks - Ransomware exposure - BlueKeep CVE exposure - DHS-CISA-FBI Top 10 CVE exposure - Helper script for ransomware exposure - risksense-apply-tag command ### Enhancement - new RiskSense branding logo - minor argument name change - minor context data change * [risksense-835] RiskSense enhanced integration updated release notes * [risksense-835] RiskSense enhanced integration updated release notes * Update Packs/RiskSense/Integrations/RiskSense/RiskSense.py Co-authored-by: Anar Azadaliyev <aazadaliyev@paloaltonetworks.com> * CHANGELOG.md updated * [risksense-835] RiskSense enhanced integration changes - change in automation script, added generic script that displays bar chart for CVEs and trending CVEs. - merged BlueKeep_CVE_Exposure_-_RiskSense.yml and DHS-CISA-FBI_Top_10_CVE_Exposure_-_RiskSense.yml playbook into one. - exclusivity changed to exclude. - minor fixes. * [risksense-835] RiskSense enhanced integration changes - excluded few items * Removed default value from playbook input. * Removed default value from playbook-CVE_Exposure_-_RiskSense_README.md * Update playbook-CVE_Exposure_-_RiskSense.yml * Update playbook-CVE_Exposure_-_RiskSense_README.md * Update playbook-Ransomware_Exposure_-_RiskSense.yml * Update playbook-Ransomware_Exposure_-_RiskSense_README.md * Update README.md Co-authored-by: crestdatasystems <60967033+crestdatasystems@users.noreply.github.com> Co-authored-by: Anar Azadaliyev <aazadaliyev@paloaltonetworks.com> Co-authored-by: yaron-libman <43783884+yaron-libman@users.noreply.github.com> * update version * update version Co-authored-by: santosh.giri <61006659+crestsantoshgiri@users.noreply.github.com> Co-authored-by: crestdatasystems <60967033+crestdatasystems@users.noreply.github.com> Co-authored-by: Anar Azadaliyev <aazadaliyev@paloaltonetworks.com> Co-authored-by: yaron-libman <43783884+yaron-libman@users.noreply.github.com>
Added a change that allows phishing incidents to display email header… …s if the original email was retrieved. (demisto#7679)
PreviousNext