yogsototh/deft
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
deft/reports/weekly-24.org

398 lines
11 KiB
Org Mode
Raw Permalink Normal View History

save
2023-08-09 13:00:50 +00:00
#+title: Code Weekly Report 24
#+subtitle: logs goes 2 weeks back
#+date: 2023-06-16
#+options: H:6
* IROH
** lead
*** Guillaume Buisson [1]
**** iroh [1]
- Initial XDR Incident Manager Response 1.1 Draft Spec [[https://github.com/advthreat/iroh/pull/7847][#7847]]
** data
*** Mario Aquino [4]
**** iroh [4]
- Fix flaky test [[https://github.com/advthreat/iroh/pull/7971][#7971]]
- Partition and batch threat hunt observables [[https://github.com/advthreat/iroh/pull/7958][#7958]]
#+BEGIN_QUOTE
_>1w_
- Establish a task timeout option for async work [[https://github.com/advthreat/iroh/pull/7948][#7948]]
- Issue 7823/incident summary mapping [[https://github.com/advthreat/iroh/pull/7907][#7907]]
#+END_QUOTE
*** Guillaume Erétéo [2]
**** iroh [2]
- Update risk-score.md [[https://github.com/advthreat/iroh/pull/7974][#7974]]
#+BEGIN_QUOTE
_>1w_
- adding org mode for calculating data volume [[https://github.com/advthreat/iroh/pull/7941][#7941]]
#+END_QUOTE
*** Ambrose Bonnaire-Sergeant [1]
**** ctia [1]
#+BEGIN_QUOTE
_>1w_
- Disable /metric/average route for irrelevant entities [[https://github.com/advthreat/ctia/pull/1372][#1372]]
#+END_QUOTE
** integrations
*** Matthieu Sprunck [2]
**** tenzin-config [2]
#+BEGIN_QUOTE
_>1w_
- Share the same module configurations in iroh and iroh-async in PROD [[https://github.com/advthreat/tenzin-config/pull/905][#905]]
- Disable HTTP Proxy in IROH proxy (PROD)[[https://github.com/advthreat/tenzin-config/pull/903][#903]]
#+END_QUOTE
*** Kirill Chernyshov [8]
**** iroh [3]
- Remove try/catch for better error handling [[https://github.com/advthreat/iroh/pull/7980][#7980]]
- Fix NullPointerException [[https://github.com/advthreat/iroh/pull/7961][#7961]]
#+BEGIN_QUOTE
_>1w_
- Use event id for the key of kafka record [[https://github.com/advthreat/iroh/pull/7923][#7923]]
#+END_QUOTE
**** tenzin-config [5]
- Enable KafkaServices on INT [[https://github.com/advthreat/tenzin-config/pull/921][#921]]
- Disable KafkaServices once again [[https://github.com/advthreat/tenzin-config/pull/918][#918]]
- Enable Kafka related services on INT [[https://github.com/advthreat/tenzin-config/pull/916][#916]]
#+BEGIN_QUOTE
_>1w_
- Temporary disable services [[https://github.com/advthreat/tenzin-config/pull/914][#914]]
- Set SSL kafka security protocol on INT [[https://github.com/advthreat/tenzin-config/pull/912][#912]]
#+END_QUOTE
*** Shafiq [1]
**** iroh [1]
- Creating iroh-events datastream should succeed even if it exists already [[https://github.com/advthreat/iroh/pull/7959][#7959]]
** auth
*** bartuka [1]
**** iroh [1]
- [IROH Auth] RBAC JWT Revocation on ~role~ change [[https://github.com/advthreat/iroh/pull/7875][#7875]]
*** Yann Esposito [16]
**** iroh [4]
- Upgrade SX to XDR org via provisioning [[https://github.com/advthreat/iroh/pull/7981][#7981]]
- feature-flag scopes are considered as special [[https://github.com/advthreat/iroh/pull/7985][#7985]]
- fix local dev environment to be able to start locally without docker [[https://github.com/advthreat/iroh/pull/7944][#7944]]
#+BEGIN_QUOTE
_>1w_
- Use org to display the roles as expected [[https://github.com/advthreat/iroh/pull/7952][#7952]]
#+END_QUOTE
**** ring-jwt-middleware [3]
- Version 1.1.4-SNAPSHOT
- Version 1.1.3
- Support external error via is-revoked-fn
**** tenzin-config [9]
- Enable XDR roles in PROD [[https://github.com/advthreat/tenzin-config/pull/919][#919]]
- factorize PROD [[https://github.com/advthreat/tenzin-config/pull/917][#917]]
- Add role-web-service config everywhere [[https://github.com/advthreat/tenzin-config/pull/911][#911]]
#+BEGIN_QUOTE
_>1w_
- Canonicalize the configs (#913) [[https://github.com/advthreat/tenzin-config/pull/915][#915]]
- Canonicalize the configs [[https://github.com/advthreat/tenzin-config/pull/913][#913]]
- Add missing role-web-service everywhere [[https://github.com/advthreat/tenzin-config/pull/910][#910]]
- Gen configs git pre-commit hook [[https://github.com/advthreat/tenzin-config/pull/908][#908]]
- Factorisation iroh/iroh-async confs [[https://github.com/advthreat/tenzin-config/pull/904][#904]]
- Tree config structures to prevent config duplication. [[https://github.com/advthreat/tenzin-config/pull/901][#901]]
#+END_QUOTE
*** Olivier Barbeau [7]
**** iroh [7]
- Upgrade Babashka [[https://github.com/advthreat/iroh/pull/7967][#7967]]
- add missing exclusions for uberjar [[https://github.com/advthreat/iroh/pull/7963][#7963]]
- fix bug when Org has no entitlement [[https://github.com/advthreat/iroh/pull/7956][#7956]]
- [IROH configuration]: Generate service diagram [[https://github.com/advthreat/iroh/pull/7872][#7872]]
- GH pages updates [[https://github.com/advthreat/iroh/pull/7960][#7960]]
#+BEGIN_QUOTE
_>1w_
- fix alias arguments [[https://github.com/advthreat/iroh/pull/7954][#7954]]
- Issue 7930 GitHub pages styling [[https://github.com/advthreat/iroh/pull/7932][#7932]]
#+END_QUOTE
*** (Yogsototh) [3]
**** ring-jwt-middleware [3]
- Version 1.1.4-SNAPSHOT
- Version 1.1.3
- Support external error via is-revoked-fn
** iroh-ops
*** Jerome Schneider [1]
**** tenzin [1]
- Kafka Connect: fixed cluster conf and use our own cacerts file
*** Patrick Patat [1]
**** iroh-ops [1]
- Merge pull request #75 from advthreat/squid
*** Patrick Patat [1]
**** iroh-ops [1]
- add squid server for vector in public subnet
* Other
** Other
*** Robert Levy [2]
**** iroh [1]
#+BEGIN_QUOTE
_>1w_
- user and team mean time tiles [[https://github.com/advthreat/iroh/pull/7873][#7873]]
#+END_QUOTE
**** tenzin-config [1]
#+BEGIN_QUOTE
_>1w_
- add migration for iroh issue #7819 to TEST and PROD environments [[https://github.com/advthreat/tenzin-config/pull/902][#902]]
#+END_QUOTE
*** Devin Walters [2]
**** tenzin-config [2]
- Add config.edn for other conure-distributor environments [[https://github.com/advthreat/tenzin-config/pull/920][#920]]
#+BEGIN_QUOTE
_>1w_
- Reduce conure-distributor worker count [[https://github.com/advthreat/tenzin-config/pull/906][#906]]
#+END_QUOTE
*** Mia [3]
**** iroh [1]
- Snapshot for risk score [[https://github.com/advthreat/iroh/pull/7964][#7964]]
**** iroh-engine [2]
#+BEGIN_QUOTE
_>1w_
- Merge pull request #1394 from advthreat/v0.15.6-rc
- Merge pull request #1393 from advthreat/save-asset-snapshot
#+END_QUOTE
*** Scott McLeod [1]
**** tenzin-config [1]
#+BEGIN_QUOTE
_>1w_
- Config changes supporting IROH PR #7934 [[https://github.com/advthreat/tenzin-config/pull/899][#899]]
#+END_QUOTE
*** krishna Ganugapenta [4]
**** tenzin [4]
- COnure-distributor PROD ASG modules fix [[https://github.com/advthreat/tenzin/pull/3062][#3062]]
- ops_vpn_cidr removal from TEST and other backup regions as ops vpn not present there [[https://github.com/advthreat/tenzin/pull/3061][#3061]]
- Conure-distributor setup config for TEST/PROD [[https://github.com/advthreat/tenzin/pull/3049][#3049]]
#+BEGIN_QUOTE
_>1w_
- Conure_distributor terraform modules config updates [[https://github.com/advthreat/tenzin/pull/3027][#3027]]
#+END_QUOTE
*** milehrer [2]
**** iroh-engine [2]
#+BEGIN_QUOTE
_>1w_
- prepare for v0.15.6
- Remove sightings from asset enrichment response, save snapshot instead
#+END_QUOTE
*** Martin Bruchanov [2]
**** tenzin [2]
- Clean-up of the old ES5 deployment code [[https://github.com/advthreat/tenzin/pull/3053][#3053]]
#+BEGIN_QUOTE
_>1w_
- Fix for consul registration of ops-openvpn service [[https://github.com/advthreat/tenzin/pull/2968][#2968]]
#+END_QUOTE
*** Kirill Chernyshov [1]
**** tenzin-config [1]
#+BEGIN_QUOTE
_>1w_
- IROH Events migration to Elasticsearch [[https://github.com/advthreat/tenzin-config/pull/909][#909]]
#+END_QUOTE
*** John Jardine [2]
**** tenzin [2]
- Add endpoint generation procedure and update endpoints. [[https://github.com/advthreat/tenzin/pull/3058][#3058]]
- SXOPS-792: QA complaining of long queue times for incidents enrichment [[https://github.com/advthreat/tenzin/pull/3054][#3054]]
*** Sofiia Mykytiuk [9]
**** tenzin [9]
- Update ASG for ES metrics in NAM and EU [[https://github.com/advthreat/tenzin/pull/3063][#3063]]
- Update vpnator list [[https://github.com/advthreat/tenzin/pull/3050][#3050]]
#+BEGIN_QUOTE
_>1w_
- Remove CSIRT_Investigator role [[https://github.com/advthreat/tenzin/pull/3045][#3045]]
- Policy to allow access to DynamoDB items for ROAdmin [[https://github.com/advthreat/tenzin/pull/3043][#3043]]
- Remove jbusboom ssh configs [[https://github.com/advthreat/tenzin/pull/3042][#3042]]
- Dmarc record for STAGE [[https://github.com/advthreat/tenzin/pull/3040][#3040]]
- Remove ssh access for Michael Simonson [[https://github.com/advthreat/tenzin/pull/3035][#3035]]
- Update OPS vpnator list [[https://github.com/advthreat/tenzin/pull/3034][#3034]]
- Consul fix for ops vpn [[https://github.com/advthreat/tenzin/pull/3032][#3032]]
#+END_QUOTE
*** muhammad-xdr-ops [4]
**** tenzin [4]
- SXOPS-805 - adding CNAMEs for secure-client-forms MFE [[https://github.com/advthreat/tenzin/pull/3065][#3065]]
- enabled trendmicro and defender in all prod regions [[https://github.com/advthreat/tenzin/pull/3055][#3055]]
- SXOPS-763 - updating integrations version [[https://github.com/advthreat/tenzin/pull/3052][#3052]]
#+BEGIN_QUOTE
_>1w_
- SXOPS-702 removing INT access to PROD S3 bucket [[https://github.com/advthreat/tenzin/pull/3024][#3024]]
#+END_QUOTE
*** Dmytro Budko [5]
**** tenzin [5]
- SXOPS-191 Terraform: Bring INT and Test into sync with AWS [[https://github.com/advthreat/tenzin/pull/3056][#3056]]
#+BEGIN_QUOTE
_>1w_
- SXOPS-766 [PROD] Fix 'docs' related Terraform Delta [[https://github.com/advthreat/tenzin/pull/3046][#3046]]
- SXOPS-636 Docs XDR Deployment, Publish and Host [[https://github.com/advthreat/tenzin/pull/3048][#3048]]
- SXOPS-636 Docs XDR Deployment, Publish and Host [[https://github.com/advthreat/tenzin/pull/3041][#3041]]
- SXOPS-636 Docs XDR Deployment, Publish and Host [[https://github.com/advthreat/tenzin/pull/3016][#3016]]
#+END_QUOTE
*** Scott McLeod [1]
**** iroh [1]
#+BEGIN_QUOTE
_>1w_
- Use filter-map-search directly from CRUDStoreService [[https://github.com/advthreat/iroh/pull/7934][#7934]]
#+END_QUOTE
*** Rekha Gupta [2]
**** tenzin-config [2]
- fix: to port 4008 because ribbon uses 4007 [[https://github.com/advthreat/tenzin-config/pull/925][#925]]
- feat: port for new client management MFE [[https://github.com/advthreat/tenzin-config/pull/924][#924]]
*** Jerome Schneider [1]
**** tenzin [1]
- SXOPS 801: Kafka connect open port 8083 and use static port in Nomad [[https://github.com/advthreat/tenzin/pull/3059][#3059]]
*** Yurii Ivanisenko [2]
**** tenzin [2]
#+BEGIN_QUOTE
_>1w_
- connected self-hosted runner [[https://github.com/advthreat/tenzin/pull/3038][#3038]]
- added wokeignore file [[https://github.com/advthreat/tenzin/pull/3036][#3036]]
#+END_QUOTE
*** Gayan Jayasundara [2]
**** tenzin [2]
- Add Adam as codeowner to Tenzin repo [[https://github.com/advthreat/tenzin/pull/3060][#3060]]
#+BEGIN_QUOTE
_>1w_
- SXOPS-472 & SXOPS-498 - Enable sentinelone and crowdstrike in Production for v1.122 Release [[https://github.com/advthreat/tenzin/pull/3031][#3031]]
#+END_QUOTE
Reference in a new issue Copy permalink