From f8c388216ae8182a39b3653f484a16d1bda415be Mon Sep 17 00:00:00 2001 From: darkushin <61732335+darkushin@users.noreply.github.com> Date: Mon, 7 Aug 2023 09:59:33 +0300 Subject: [PATCH] Private upload mode - docs #2 (#28619) * Updated Docs * Added RNs * updated RN * updated known words * updated known words * updated Mandiant RNs * Updated CTIX .pack-ignore --- Packs/CTIX/.pack-ignore | 1 + Packs/CTIX/Integrations/CTIX/CTIX_description.md | 8 +++++++- Packs/CTIX/Integrations/CTIX/README.md | 4 ++++ Packs/CTIX/Integrations/CTIXv3/CTIXv3_description.md | 7 ++++++- Packs/CTIX/Integrations/CTIXv3/README.md | 4 ++++ Packs/CTIX/ReleaseNotes/2_2_12.md | 10 ++++++++++ Packs/CTIX/pack_metadata.json | 2 +- .../Integrations/CheckPhish/CheckPhish_description.md | 5 +++++ Packs/CheckPhish/Integrations/CheckPhish/README.md | 4 ++++ Packs/CheckPhish/ReleaseNotes/1_0_19.md | 6 ++++++ Packs/CheckPhish/pack_metadata.json | 2 +- .../Integrations/JsonWhoIs/JsonWhoIs_description.md | 2 ++ Packs/JsonWhoIs/Integrations/JsonWhoIs/README.md | 3 +++ Packs/JsonWhoIs/ReleaseNotes/1_0_21.md | 6 ++++++ Packs/JsonWhoIs/pack_metadata.json | 2 +- Packs/MandiantAdvantageThreatIntelligence/.pack-ignore | 2 ++ .../MandiantAdvantageThreatIntelligence_description.md | 7 ++++++- .../MandiantAdvantageThreatIntelligence/README.md | 4 ++++ .../ReleaseNotes/1_0_7.md | 6 ++++++ .../pack_metadata.json | 2 +- Packs/McAfee_Advanced_Threat_Defense/.pack-ignore | 2 ++ .../McAfee_Advanced_Threat_Defense_description.md | 2 ++ .../McAfee_Advanced_Threat_Defense/README.md | 2 ++ .../ReleaseNotes/1_0_25.md | 6 ++++++ .../McAfee_Advanced_Threat_Defense/pack_metadata.json | 2 +- 25 files changed, 93 insertions(+), 8 deletions(-) create mode 100644 Packs/CTIX/ReleaseNotes/2_2_12.md create mode 100644 Packs/CheckPhish/ReleaseNotes/1_0_19.md create mode 100644 Packs/JsonWhoIs/ReleaseNotes/1_0_21.md create mode 100644 Packs/MandiantAdvantageThreatIntelligence/ReleaseNotes/1_0_7.md create mode 100644 Packs/McAfee_Advanced_Threat_Defense/ReleaseNotes/1_0_25.md diff --git a/Packs/CTIX/.pack-ignore b/Packs/CTIX/.pack-ignore index b8818744b852..712228aec280 100644 --- a/Packs/CTIX/.pack-ignore +++ b/Packs/CTIX/.pack-ignore @@ -4,4 +4,5 @@ ignore=RM104 [known_words] cyware ctix +eXchange diff --git a/Packs/CTIX/Integrations/CTIX/CTIX_description.md b/Packs/CTIX/Integrations/CTIX/CTIX_description.md index 87b22cd2ead0..29460105e2ce 100644 --- a/Packs/CTIX/Integrations/CTIX/CTIX_description.md +++ b/Packs/CTIX/Integrations/CTIX/CTIX_description.md @@ -6,4 +6,10 @@ b. Endpoint URL: Enter the endpoint URL of your CTIX Instance. The Endpoint URL can be generated by a licensed user from the CTIX application. For example, https:///ctixapi/openapi/ c. Access Key: Enter the Access Key from the CTIX application. The Access Key can be generated by a licensed user from the CTIX application. For example, “74xxxxx7-xxxb-4xxa-xxxx-0xxxxxxxxxx2“. d. Secret Key: Enter the Secret Key from the CTIX application. The Secret Key can be generated by a licensed user from the CTIX application. For example, “0xxxxxx8-xxxx-4xx4-xxx6-5xxxxxxxxxxc”. -5. After finishing, click the “Test“ button to validate the URL, Token, and Connection. \ No newline at end of file +5. After finishing, click the “Test“ button to validate the URL, Token, and Connection. + + +Notice: Submitting indicators using the following commands of this integration might make the indicator data publicly available. +- ***url*** +- ***domain*** +See the vendor’s documentation for more details. \ No newline at end of file diff --git a/Packs/CTIX/Integrations/CTIX/README.md b/Packs/CTIX/Integrations/CTIX/README.md index 1e95ea5c59b2..d04e5bf7e933 100644 --- a/Packs/CTIX/Integrations/CTIX/README.md +++ b/Packs/CTIX/Integrations/CTIX/README.md @@ -233,6 +233,8 @@ Return IP Details. *** Return Domain Details. +Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details. + #### Base Command @@ -418,6 +420,8 @@ Return Domain Details. *** Return URL Details. +Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details. + #### Base Command diff --git a/Packs/CTIX/Integrations/CTIXv3/CTIXv3_description.md b/Packs/CTIX/Integrations/CTIXv3/CTIXv3_description.md index 87b22cd2ead0..d6bf0cd9d6ce 100644 --- a/Packs/CTIX/Integrations/CTIXv3/CTIXv3_description.md +++ b/Packs/CTIX/Integrations/CTIXv3/CTIXv3_description.md @@ -6,4 +6,9 @@ b. Endpoint URL: Enter the endpoint URL of your CTIX Instance. The Endpoint URL can be generated by a licensed user from the CTIX application. For example, https:///ctixapi/openapi/ c. Access Key: Enter the Access Key from the CTIX application. The Access Key can be generated by a licensed user from the CTIX application. For example, “74xxxxx7-xxxb-4xxa-xxxx-0xxxxxxxxxx2“. d. Secret Key: Enter the Secret Key from the CTIX application. The Secret Key can be generated by a licensed user from the CTIX application. For example, “0xxxxxx8-xxxx-4xx4-xxx6-5xxxxxxxxxxc”. -5. After finishing, click the “Test“ button to validate the URL, Token, and Connection. \ No newline at end of file +5. After finishing, click the “Test“ button to validate the URL, Token, and Connection. + +Notice: Submitting indicators using the following commands of this integration might make the indicator data publicly available. +- ***url*** +- ***domain*** +See the vendor’s documentation for more details. \ No newline at end of file diff --git a/Packs/CTIX/Integrations/CTIXv3/README.md b/Packs/CTIX/Integrations/CTIXv3/README.md index c7c5c87b1b5f..4c634883d4fa 100644 --- a/Packs/CTIX/Integrations/CTIXv3/README.md +++ b/Packs/CTIX/Integrations/CTIXv3/README.md @@ -1645,6 +1645,8 @@ Gets or creates threat data *** Lookup domain threat data +Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details. + #### Base Command `domain` @@ -2013,6 +2015,8 @@ Lookup file threat data *** Lookup url threat data +Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details. + #### Base Command `url` diff --git a/Packs/CTIX/ReleaseNotes/2_2_12.md b/Packs/CTIX/ReleaseNotes/2_2_12.md new file mode 100644 index 000000000000..4105c9f443c7 --- /dev/null +++ b/Packs/CTIX/ReleaseNotes/2_2_12.md @@ -0,0 +1,10 @@ + +#### Integrations + +##### Cyware Threat Intelligence eXchange + +Documentation and metadata improvements. + +##### CTIX v3 + +Documentation and metadata improvements. diff --git a/Packs/CTIX/pack_metadata.json b/Packs/CTIX/pack_metadata.json index cb42ca8e9714..c57a95990547 100644 --- a/Packs/CTIX/pack_metadata.json +++ b/Packs/CTIX/pack_metadata.json @@ -2,7 +2,7 @@ "name": "CTIX", "description": "Cyware Threat Intelligence eXchange", "support": "partner", - "currentVersion": "2.2.11", + "currentVersion": "2.2.12", "author": "Cyware Labs", "url": "https://cyware.com/", "email": "connector-dev@cyware.com", diff --git a/Packs/CheckPhish/Integrations/CheckPhish/CheckPhish_description.md b/Packs/CheckPhish/Integrations/CheckPhish/CheckPhish_description.md index 90ab59712dbe..de1c54d7e489 100644 --- a/Packs/CheckPhish/Integrations/CheckPhish/CheckPhish_description.md +++ b/Packs/CheckPhish/Integrations/CheckPhish/CheckPhish_description.md @@ -22,3 +22,8 @@ You can modify the severity levels of any disposition received from CheckPhish. - Bad = cryptojacking, phish, likely_phish, scam\ **Note**: The worst category in which a label is included will be the effective one. + +Notice: Submitting indicators using the following commands of this integration might make the indicator data publicly available. +- ***url*** +- ***CheckPhish-check-urls*** +See the vendor’s documentation for more details. diff --git a/Packs/CheckPhish/Integrations/CheckPhish/README.md b/Packs/CheckPhish/Integrations/CheckPhish/README.md index 4d22c77191ae..df1959a08944 100644 --- a/Packs/CheckPhish/Integrations/CheckPhish/README.md +++ b/Packs/CheckPhish/Integrations/CheckPhish/README.md @@ -24,6 +24,8 @@ After you successfully execute a command, a DBot message appears in the War Room *** Checks URLs against the CheckPhish database and returns the results. +Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details. + #### Base Command @@ -94,6 +96,8 @@ Checks URLs against the CheckPhish database and returns the results. *** Retrieves URL information from CheckPhish. +Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details. + #### Base Command diff --git a/Packs/CheckPhish/ReleaseNotes/1_0_19.md b/Packs/CheckPhish/ReleaseNotes/1_0_19.md new file mode 100644 index 000000000000..b15b33a78bb2 --- /dev/null +++ b/Packs/CheckPhish/ReleaseNotes/1_0_19.md @@ -0,0 +1,6 @@ + +#### Integrations + +##### CheckPhish + +Documentation and metadata improvements. diff --git a/Packs/CheckPhish/pack_metadata.json b/Packs/CheckPhish/pack_metadata.json index 637c70cca517..a9a644998520 100644 --- a/Packs/CheckPhish/pack_metadata.json +++ b/Packs/CheckPhish/pack_metadata.json @@ -2,7 +2,7 @@ "name": "CheckPhish", "description": "Check any URL to detect supsicious behavior.", "support": "xsoar", - "currentVersion": "1.0.18", + "currentVersion": "1.0.19", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/JsonWhoIs/Integrations/JsonWhoIs/JsonWhoIs_description.md b/Packs/JsonWhoIs/Integrations/JsonWhoIs/JsonWhoIs_description.md index 54475f42d873..909acae409b4 100644 --- a/Packs/JsonWhoIs/Integrations/JsonWhoIs/JsonWhoIs_description.md +++ b/Packs/JsonWhoIs/Integrations/JsonWhoIs/JsonWhoIs_description.md @@ -4,3 +4,5 @@ Execute queries on URLs and IP addresses, and get information for domains. **API Token** The credentials entered here should be those created in the [JsonWhoIs site](https://jsonwhois.com/) for REST API. + +Notice: Submitting indicators using the ***whois*** command of this integration might make the indicator data publicly available. See the vendor’s documentation for more details. diff --git a/Packs/JsonWhoIs/Integrations/JsonWhoIs/README.md b/Packs/JsonWhoIs/Integrations/JsonWhoIs/README.md index 9b8bd5455f67..7a80bb952626 100644 --- a/Packs/JsonWhoIs/Integrations/JsonWhoIs/README.md +++ b/Packs/JsonWhoIs/Integrations/JsonWhoIs/README.md @@ -25,6 +25,9 @@ You can execute these commands from the Cortex XSOAR CLI, as part of an automati Returns enriched data for Domains, URLs, and IP addresses. +Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details. + + ##### Base Command `whois` diff --git a/Packs/JsonWhoIs/ReleaseNotes/1_0_21.md b/Packs/JsonWhoIs/ReleaseNotes/1_0_21.md new file mode 100644 index 000000000000..aff7f9017d3d --- /dev/null +++ b/Packs/JsonWhoIs/ReleaseNotes/1_0_21.md @@ -0,0 +1,6 @@ + +#### Integrations + +##### JsonWhoIs + +Documentation and metadata improvements. diff --git a/Packs/JsonWhoIs/pack_metadata.json b/Packs/JsonWhoIs/pack_metadata.json index 4ac70143556e..bc9f620faf0c 100644 --- a/Packs/JsonWhoIs/pack_metadata.json +++ b/Packs/JsonWhoIs/pack_metadata.json @@ -2,7 +2,7 @@ "name": "JsonWhoIs", "description": "Provides data enrichment for domains and IP addresses.", "support": "xsoar", - "currentVersion": "1.0.20", + "currentVersion": "1.0.21", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "", diff --git a/Packs/MandiantAdvantageThreatIntelligence/.pack-ignore b/Packs/MandiantAdvantageThreatIntelligence/.pack-ignore index e69de29bb2d1..8dbaf67f0044 100644 --- a/Packs/MandiantAdvantageThreatIntelligence/.pack-ignore +++ b/Packs/MandiantAdvantageThreatIntelligence/.pack-ignore @@ -0,0 +1,2 @@ +[known_words] +Mandiant \ No newline at end of file diff --git a/Packs/MandiantAdvantageThreatIntelligence/Integrations/MandiantAdvantageThreatIntelligence/MandiantAdvantageThreatIntelligence_description.md b/Packs/MandiantAdvantageThreatIntelligence/Integrations/MandiantAdvantageThreatIntelligence/MandiantAdvantageThreatIntelligence_description.md index 32e61842f15a..03490b3c794b 100644 --- a/Packs/MandiantAdvantageThreatIntelligence/Integrations/MandiantAdvantageThreatIntelligence/MandiantAdvantageThreatIntelligence_description.md +++ b/Packs/MandiantAdvantageThreatIntelligence/Integrations/MandiantAdvantageThreatIntelligence/MandiantAdvantageThreatIntelligence_description.md @@ -6,4 +6,9 @@ Mandiant Advantage Threat Intelligence Integration ### Get Credentials - Log into `advantage.mandiant.com` - Navigate to `Settings`, then scroll down to `APIv4 Access and Key` -- Click `Get Key ID and Secret` \ No newline at end of file +- Click `Get Key ID and Secret` + +Notice: Submitting indicators using the following commands of this integration might make the indicator data publicly available. +- ***url*** +- ***domain*** +See the vendor’s documentation for more details. \ No newline at end of file diff --git a/Packs/MandiantAdvantageThreatIntelligence/Integrations/MandiantAdvantageThreatIntelligence/README.md b/Packs/MandiantAdvantageThreatIntelligence/Integrations/MandiantAdvantageThreatIntelligence/README.md index 7519a5eb2d7b..6c16d66dfd8c 100644 --- a/Packs/MandiantAdvantageThreatIntelligence/Integrations/MandiantAdvantageThreatIntelligence/README.md +++ b/Packs/MandiantAdvantageThreatIntelligence/Integrations/MandiantAdvantageThreatIntelligence/README.md @@ -1528,6 +1528,8 @@ Retrieve information about an IP Address from Mandiant *** Retrieve information about a URL from Mandiant +Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details. + #### Base Command `url` @@ -1643,6 +1645,8 @@ Retrieve information about a URL from Mandiant *** Retrieve information about an FQDN from Mandiant +Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details. + #### Base Command `domain` diff --git a/Packs/MandiantAdvantageThreatIntelligence/ReleaseNotes/1_0_7.md b/Packs/MandiantAdvantageThreatIntelligence/ReleaseNotes/1_0_7.md new file mode 100644 index 000000000000..64974df1e2ac --- /dev/null +++ b/Packs/MandiantAdvantageThreatIntelligence/ReleaseNotes/1_0_7.md @@ -0,0 +1,6 @@ + +#### Integrations + +##### Mandiant Advantage Threat Intelligence + +Documentation and metadata improvements. diff --git a/Packs/MandiantAdvantageThreatIntelligence/pack_metadata.json b/Packs/MandiantAdvantageThreatIntelligence/pack_metadata.json index 691562fe8412..22f722d223fb 100644 --- a/Packs/MandiantAdvantageThreatIntelligence/pack_metadata.json +++ b/Packs/MandiantAdvantageThreatIntelligence/pack_metadata.json @@ -2,7 +2,7 @@ "name": "Mandiant Advantage Threat Intelligence", "description": "Integrate your Mandiant Advantage Threat Intelligence data with Cortex XSOAR", "support": "partner", - "currentVersion": "1.0.6", + "currentVersion": "1.0.7", "author": "Mandiant", "hidden": false, "url": "https://www.mandiant.com/support", diff --git a/Packs/McAfee_Advanced_Threat_Defense/.pack-ignore b/Packs/McAfee_Advanced_Threat_Defense/.pack-ignore index 06c136f74dbf..02532580794e 100644 --- a/Packs/McAfee_Advanced_Threat_Defense/.pack-ignore +++ b/Packs/McAfee_Advanced_Threat_Defense/.pack-ignore @@ -10,3 +10,5 @@ ignore=BA108,BA109,IN124 [file:McAfee_Advanced_Threat_Defense_image.png] ignore=IM111 +[known_words] +McAfee \ No newline at end of file diff --git a/Packs/McAfee_Advanced_Threat_Defense/Integrations/McAfee_Advanced_Threat_Defense/McAfee_Advanced_Threat_Defense_description.md b/Packs/McAfee_Advanced_Threat_Defense/Integrations/McAfee_Advanced_Threat_Defense/McAfee_Advanced_Threat_Defense_description.md index 6a295d482f8a..617e6b7c6667 100644 --- a/Packs/McAfee_Advanced_Threat_Defense/Integrations/McAfee_Advanced_Threat_Defense/McAfee_Advanced_Threat_Defense_description.md +++ b/Packs/McAfee_Advanced_Threat_Defense/Integrations/McAfee_Advanced_Threat_Defense/McAfee_Advanced_Threat_Defense_description.md @@ -5,3 +5,5 @@ To use the full capabilities of this integration, make sure your user has the fo The user must also have the "Allow Multiple Logins" capability. Go to Manage -> ATD Configuration -> ATD Users -> User Configuration Enable the "Allow Multiple Logins" checkbox for the relevant user. + +Notice: Submitting indicators using the ***atd-file-upload*** command of this integration might make the indicator data publicly available. See the vendor’s documentation for more details. \ No newline at end of file diff --git a/Packs/McAfee_Advanced_Threat_Defense/Integrations/McAfee_Advanced_Threat_Defense/README.md b/Packs/McAfee_Advanced_Threat_Defense/Integrations/McAfee_Advanced_Threat_Defense/README.md index 73daedb53e04..efd6ce296384 100644 --- a/Packs/McAfee_Advanced_Threat_Defense/Integrations/McAfee_Advanced_Threat_Defense/README.md +++ b/Packs/McAfee_Advanced_Threat_Defense/Integrations/McAfee_Advanced_Threat_Defense/README.md @@ -54,6 +54,8 @@

1. Upload a file

Upload a file or Web URL for dynamic analysis using the specified Analyzer Profile. You can only submit a single file or Web URL in each command.

+

Notice: Submitting indicators using this command might make the indicator data publicly available. See the vendor’s documentation for more details. +

Base Command

atd-file-upload

Input
diff --git a/Packs/McAfee_Advanced_Threat_Defense/ReleaseNotes/1_0_25.md b/Packs/McAfee_Advanced_Threat_Defense/ReleaseNotes/1_0_25.md new file mode 100644 index 000000000000..941c307140a6 --- /dev/null +++ b/Packs/McAfee_Advanced_Threat_Defense/ReleaseNotes/1_0_25.md @@ -0,0 +1,6 @@ + +#### Integrations + +##### McAfee Advanced Threat Defense + +Documentation and metadata improvements. diff --git a/Packs/McAfee_Advanced_Threat_Defense/pack_metadata.json b/Packs/McAfee_Advanced_Threat_Defense/pack_metadata.json index 71e3adaa3bb8..4f2a04dc0c8e 100644 --- a/Packs/McAfee_Advanced_Threat_Defense/pack_metadata.json +++ b/Packs/McAfee_Advanced_Threat_Defense/pack_metadata.json @@ -2,7 +2,7 @@ "name": "McAfee Advanced Threat Defense", "description": "Integrated advanced threat detection: Enhancing protection from network edge to endpoint", "support": "xsoar", - "currentVersion": "1.0.24", + "currentVersion": "1.0.25", "author": "Cortex XSOAR", "url": "https://www.paloaltonetworks.com/cortex", "email": "",