Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Documents reputation service #3855

Merged
merged 4 commits into from
Sep 11, 2023
Merged

Documents reputation service #3855

merged 4 commits into from
Sep 11, 2023

Conversation

natasha-moore-elastic
Copy link
Contributor

@natasha-moore-elastic natasha-moore-elastic commented Sep 4, 2023
edited
Loading

@natasha-moore-elastic natasha-moore-elastic added Team: EDR Workflows Formerly Defend Workflows, Onboarding and Lifecycle Management Feature: Policy Elastic Defend integration policy and configuration Priority: Medium Issues that have relevance, but aren't urgent v8.10.0 Effort: Medium Issues that take moderate but not substantial time to complete labels Sep 4, 2023
@natasha-moore-elastic natasha-moore-elastic self-assigned this Sep 4, 2023
@github-actions
Copy link

github-actions bot commented Sep 4, 2023

Documentation previews:

@natasha-moore-elastic natasha-moore-elastic marked this pull request as ready for review September 4, 2023 11:37
@szwarckonrad
Copy link

I believe it might be worth highlighting that only cloud users will see this option; for any other installation type, this option simply won't be there :). The sentence Select whether you want to use Reputation service for additional malware analysis. This is a cloud service that can identify malicious activity and false positives... makes it sound like the service itself is cloud-based, rather than indicating the availability of the feature. What do you think?

@natasha-moore-elastic
Copy link
Contributor Author

I believe it might be worth highlighting that only cloud users will see this option; for any other installation type, this option simply won't be there :). The sentence Select whether you want to use Reputation service for additional malware analysis. This is a cloud service that can identify malicious activity and false positives... makes it sound like the service itself is cloud-based, rather than indicating the availability of the feature. What do you think?

That makes sense, thanks @szwarckonrad! How does this sound:

Select whether you want to use Reputation service for additional malware analysis. This service identifes malicious activity and false positives, and enriches alerts using data from various sources...

...

NOTE: Reputation service is available to Elastic Cloud users only and requires an active Platinum or Enterprise subscription.

@szwarckonrad
Copy link

Sounds good to me!

@natasha-moore-elastic
Copy link
Contributor Author

Sounds good to me!

👍
Resolved in 26437fa.

@szwarckonrad
Copy link

@kevinlog
Could you have a look?

kevinlog
kevinlog approved these changes Sep 4, 2023
View reviewed changes
Copy link
Contributor

@kevinlog kevinlog left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for the ping @szwarckonrad - this looks good to me. I think @roxana-gheorghe should but the main approver of how the feature is described to users.

@roxana-gheorghe
Copy link

I think we should avoid the confusion between Elastic Cloud and Cloud Security, the current offering on our website.
Can we say something like:

NOTE: Reputation service requires an active Platinum or Enterprise subscription and is available to Cloud users only.

or

NOTE: Reputation service requires an active Platinum or Enterprise subscription and is not available to Self-managed users.

@natasha-moore-elastic
Copy link
Contributor Author

I think we should avoid the confusion between Elastic Cloud and Cloud Security, the current offering on our website. Can we say something like:

NOTE: Reputation service requires an active Platinum or Enterprise subscription and is available to Cloud users only.

or

NOTE: Reputation service requires an active Platinum or Enterprise subscription and is not available to Self-managed users.

Thanks for this @roxana-gheorghe!
@elastic/security-docs, could you let me know how we would typically refer to this in the docs?

@natasha-moore-elastic
Copy link
Contributor Author

natasha-moore-elastic commented Sep 8, 2023
edited
Loading

I think we should avoid the confusion between Elastic Cloud and Cloud Security, the current offering on our website. Can we say something like:

NOTE: Reputation service requires an active Platinum or Enterprise subscription and is available to Cloud users only.

or

NOTE: Reputation service requires an active Platinum or Enterprise subscription and is not available to Self-managed users.

Hey @roxana-gheorghe, I've modified the note slightly to hopefully make this clearer:
NOTE: Reputation service requires an active Platinum or Enterprise subscription and is available on cloud deployments only.
Let me know if that sounds good to you.

@natasha-moore-elastic natasha-moore-elastic mentioned this pull request Sep 8, 2023
Closed
12 tasks
benironside
benironside approved these changes Sep 8, 2023
View reviewed changes
Copy link
Contributor

@benironside benironside left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@benironside benironside requested a review from a team September 8, 2023 17:17
@natasha-moore-elastic natasha-moore-elastic merged commit e2517b0 into main Sep 11, 2023
1 check passed
@natasha-moore-elastic natasha-moore-elastic deleted the issue-3810-reputation-service branch September 11, 2023 10:47
mergify bot pushed a commit that referenced this pull request Sep 11, 2023
@natasha-moore-elastic @mergify
Documents reputation service (#3855)
5eec042 
* Documents reputation service

* Applies tech review feedback

* tweaks wording

(cherry picked from commit e2517b0)
@mergify mergify bot mentioned this pull request Sep 11, 2023
Merged
natasha-moore-elastic added a commit that referenced this pull request Sep 11, 2023
@mergify @natasha-moore-elastic
Documents reputation service (#3855) (#3899)
35c9fcb 
* Documents reputation service

* Applies tech review feedback

* tweaks wording

(cherry picked from commit e2517b0)

Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@benironside benironside benironside approved these changes

@kevinlog kevinlog kevinlog approved these changes

@szwarckonrad szwarckonrad Awaiting requested review from szwarckonrad

@roxana-gheorghe roxana-gheorghe Awaiting requested review from roxana-gheorghe

Assignees

@natasha-moore-elastic natasha-moore-elastic

Labels
Effort: Medium Issues that take moderate but not substantial time to complete Feature: Policy Elastic Defend integration policy and configuration Priority: Medium Issues that have relevance, but aren't urgent Team: EDR Workflows Formerly Defend Workflows, Onboarding and Lifecycle Management v8.10.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Reputation Service option added to Malicious Behavior Policy card
5 participants
@natasha-moore-elastic @szwarckonrad @roxana-gheorghe @kevinlog @benironside