2021-01-21 13:20:59 +00:00
* 2021
2021-08-17 12:46:34 +00:00
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W03.org][2021-W03]]
2021-08-17 12:48:47 +00:00
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W04.org][2021-W04]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W05.org][2021-W05]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W06.org][2021-W06]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W07.org][2021-W07]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W08.org][2021-W08]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W09.org][2021-W09]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W10.org][2021-W10]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W11.org][2021-W11]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W12.org][2021-W12]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W13.org][2021-W13]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W14.org][2021-W14]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W15.org][2021-W15]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W16.org][2021-W16]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W17.org][2021-W17]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W18.org][2021-W18]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W19.org][2021-W19]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W20.org][2021-W20]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W21.org][2021-W21]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W22.org][2021-W22]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W23.org][2021-W23]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W24.org][2021-W24]]
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W25.org][2021-W25]]
2021-08-16 13:05:35 +00:00
** 2021-W33
2021-08-19 09:05:55 +00:00
#+BEGIN : clocktable :scope subtree :maxlevel 4 :timestamp t :link t :tags t :narrow 36! :match "work"
#+CAPTION : Clock summary at [2021-08-19 Thu 11:04]
| Timestamp | Tags | Headline | Time | | | |
|------------------------+------------+----------------------------------------------+------+------+------+------|
| | | *Total time* | *4:40* | | | |
|------------------------+------------+----------------------------------------------+------+------+------+------|
| <2021-08-16 Mon> | | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*2021-W33][2021-W33]] | | 4:40 | | |
| | | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*2021-08-16 Monday][2021-08-16 Monday]] | | | 1:52 | |
| [2021-08-16 Mon 15:11] | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Fix Carlos Hidalgo account][Fix Carlos Hidalgo account]] | | | | 0:20 |
| <2021-08-16 Mon> | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*create an issue about email search case sensitivity][create an issue about email...]] | | | | 1:32 |
| | | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*2021-08-17 Tuesday][2021-08-17 Tuesday]] | | | 2:48 | |
| <2021-08-18 Wed> | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Add scope to TG clients][Add scope to TG clients]] | | | | 0:38 |
| <2021-08-17 Tue> | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Write an issue about 1-click module setup][Write an issue about 1-click...]] | | | | 2:03 |
| [2021-08-17 Tue 15:44] | work, chat | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Jyoti about CDO 1-click module setup][Jyoti about CDO 1-click module setup]] | | | | 0:07 |
#+END :
2021-08-17 13:45:35 +00:00
#+BEGIN : clocktable :scope subtree :maxlevel 4 :timestamp t :link t :tags t :narrow 36! :match "work"
#+CAPTION : Clock summary at [2021-08-17 Tue 15:45]
| Timestamp | Tags | Headline | Time | | | |
|------------------------+------+----------------------------------------+------+------+------+------|
| | | *Total time* | *1:52* | | | |
|------------------------+------+----------------------------------------+------+------+------+------|
| | | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*2021-W33][2021-W33]] | | 1:52 | | |
| | | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*2021-08-16 Monday][2021-08-16 Monday]] | | | 1:52 | |
| [2021-08-16 Mon 15:11] | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Fix Carlos Hidalgo account][Fix Carlos Hidalgo account]] | | | | 0:20 |
| <2021-08-16 Mon> | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*create an issue about email search case sensitivity][create an issue about email...]] | | | | 1:32 |
#+END :
2021-08-16 13:05:35 +00:00
*** 2021-08-16 Monday
2021-08-17 12:18:01 +00:00
**** DONE Fix Carlos Hidalgo account :work:
2021-08-16 13:12:28 +00:00
:LOGBOOK:
2021-08-16 13:33:01 +00:00
CLOCK: [2021-08-16 Mon 15:11]--[2021-08-16 Mon 15:31] => 0:20
2021-08-16 13:12:28 +00:00
:END:
[2021-08-16 Mon 15:11]
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*create an issue about email search case sensitivity ][create an issue about email search case sensitivity ]]
2021-08-19 07:37:45 +00:00
**** DONE create an issue about email search case sensitivity :work:
2021-08-16 13:05:35 +00:00
SCHEDULED: <2021-08-16 Mon>
:LOGBOOK:
2021-08-17 13:45:35 +00:00
CLOCK: [2021-08-17 Tue 14:16]--[2021-08-17 Tue 15:44] => 1:28
2021-08-16 13:12:28 +00:00
CLOCK: [2021-08-16 Mon 15:03]--[2021-08-16 Mon 15:07] => 0:04
2021-08-16 13:05:35 +00:00
:END:
[2021-08-16 Mon 15:03]
- ref :: https://github.com/threatgrid/response/issues/818
2021-08-17 12:19:41 +00:00
***** Fix email case sensitivity
2021-08-17 14:27:57 +00:00
> Related https://github.com/threatgrid/response/issues/818
We often need to search by email. The main issue being that, currently our
search mechanism does not support case insensitive matches.
2021-08-17 12:19:41 +00:00
2021-08-17 14:29:21 +00:00
We have 4 possible solutions:
1. Lower case the user email at creation. We need to also update the user
emails in our DB. The safest route to achieve this will be via the
iroh-migration service.
2. Keep the email case sensitive and add a new case insensitive field =lc-user-email=
2021-08-17 14:30:34 +00:00
for example. But same as for case 1, we need to perform a DB migration to
add this new field to all existing user in DB.
3. Add support for case insensitive search in tk-store, perhaps with a new
tk-store service, or improving current =CRUDStoreService.=
2021-08-17 14:32:09 +00:00
4. Add a specific service just for search user emails that could take care
of this specific case by using a Postgres specific query. This could
also be the occasion to provide a tk-store hole in the abstraction service.
The simplest is probably option 1.
2021-08-17 14:33:16 +00:00
Option 2 would be slightly more complex and we would not lose any detail.
Option 3 seems the most generic one, and we could totally imagine we would
appreciate a case insensitive search support.
2021-08-17 14:38:27 +00:00
Option 4 looks like a specific case of 3.
2021-08-17 14:34:33 +00:00
2021-08-17 14:37:26 +00:00
My preference then goes to option 3, but we need to understand if this is
2021-08-17 14:34:33 +00:00
not too difficult to achieve, what would be the API? The most natural one
2021-08-17 14:35:54 +00:00
would probably add an option along =filter-map= like =case-insensitive-fields= .
2021-08-17 14:37:26 +00:00
One issue would be to write the support for case insensitive match for =atom=
and =redis= .
2021-08-17 14:32:09 +00:00
2021-08-17 12:18:01 +00:00
**** TODO Interview Steven Collins
2021-08-16 13:51:29 +00:00
:LOGBOOK:
2021-08-17 09:07:53 +00:00
CLOCK: [2021-08-16 Mon 15:49]--[2021-08-16 Mon 19:04] => 3:15
2021-08-16 13:51:29 +00:00
:END:
2021-08-17 13:45:35 +00:00
*** 2021-08-17 Tuesday
2021-08-19 09:33:55 +00:00
**** DONE Add scope to TG clients :work:
2021-08-17 15:56:34 +00:00
DEADLINE: <2021-08-18 Wed>
:LOGBOOK:
2021-08-19 07:37:45 +00:00
CLOCK: [2021-08-17 Tue 17:54]--[2021-08-17 Tue 18:32] => 0:38
2021-08-17 15:56:34 +00:00
:END:
[2021-08-17 Tue 17:54]
In tenzin config:
#+begin_src
- INT: 34d94c8c-2041-4708-8172-ebe2df295ca7-2
- TEST: f993f6a0-8075-43e0-a9e5-dae9c3980513
- NAM: 7b8d9fef-bd93-4ef3-88af-ae4174ee02e5
- EU: a1662193-9155-44fd-aa1f-43afd42c889c
#+end_src
2021-08-24 14:39:05 +00:00
**** DONE Write an issue about 1-click module setup :work:
2021-08-17 13:53:08 +00:00
SCHEDULED: <2021-08-17 Tue>
:LOGBOOK:
2021-08-17 15:56:34 +00:00
CLOCK: [2021-08-17 Tue 15:51]--[2021-08-17 Tue 17:54] => 2:03
2021-08-17 13:53:08 +00:00
:END:
[2021-08-17 Tue 15:51]
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/Cisco.org.gpg::*Activation Optimization ][Activation Optimization ]]
2021-08-17 13:45:35 +00:00
**** CHAT Jyoti about CDO 1-click module setup :work:chat:
:LOGBOOK:
2021-08-17 13:53:08 +00:00
CLOCK: [2021-08-17 Tue 15:44]--[2021-08-17 Tue 15:51] => 0:07
2021-08-17 13:45:35 +00:00
:END:
[2021-08-17 Tue 15:44]
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/Cisco.org.gpg::*Epics ][Epics ]]
2021-08-19 14:05:16 +00:00
*** 2021-08-19 Thursday
2021-08-19 15:44:05 +00:00
#+BEGIN : clocktable :scope subtree :maxlevel 4 :timestamp t :link t :tags t :narrow 36! :match "work"
#+CAPTION : Clock summary at [2021-08-19 Thu 17:43]
| Timestamp | Tags | Headline | Time | | | |
|------------------------+---------------+-----------------------------------+------+---+------+------|
| | | *Total time* | *1:39* | | | |
|------------------------+---------------+-----------------------------------+------+---+------+------|
| | | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*2021-08-19 Thursday][2021-08-19 Thursday]] | | | 1:39 | |
| [2021-08-19 Thu 16:04] | work, meeting | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Interview Olivier Barbeau][Interview Olivier Barbeau]] | | | | 1:39 |
#+END :
2021-08-19 14:05:16 +00:00
**** MEETING Interview Olivier Barbeau :work:meeting:
:LOGBOOK:
2021-08-19 15:44:05 +00:00
CLOCK: [2021-08-19 Thu 16:04]--[2021-08-19 Thu 17:43] => 1:39
2021-08-19 14:05:16 +00:00
:END:
[2021-08-19 Thu 16:04]
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/Cisco.org.gpg::*Self Presentation ][Self Presentation ]]
2021-09-02 15:07:57 +00:00
** 2021-W35
*** 2021-09-02 Thursday
**** MEETING Weekly meeting :work:meeting:
:LOGBOOK:
2021-09-08 15:31:55 +00:00
CLOCK: [2021-09-02 Thu 17:06]--[2021-09-02 Thu 20:00] => 2:54
2021-09-02 15:07:57 +00:00
:END:
[2021-09-02 Thu 17:06]
Guillaume start about the *Design Planning* github project.
2021-09-02 15:11:24 +00:00
- SecureX session
- High Impact Incident
2021-09-02 15:30:18 +00:00
Sorry
2021-09-08 15:31:55 +00:00
** 2021-W36
*** 2021-09-08 Wednesday
**** MEETING 1-click module setup weekly meeting :work:meeting:
:LOGBOOK:
2021-09-09 13:50:38 +00:00
CLOCK: [2021-09-08 Wed 17:30]--[2021-09-08 Wed 18:22] => 0:52
2021-09-08 15:31:55 +00:00
:END:
[2021-09-08 Wed 17:30]
2021-09-08 15:46:29 +00:00
- ref :: https://miro.com/app/board/o9J_l57_gro=/
Miro dashboard from Chloe:
https://miro.com/app/board/o9J_l57_gro=/
2021-09-08 16:02:10 +00:00
Discussion:
When to TEST, tomorrow.
Asking for client_id in TEST.
2021-09-08 16:18:14 +00:00
Client-id: client-555c1f7a-b57b-4a6b-9f0b-015e311a6d06
2021-09-09 13:50:38 +00:00
*** 2021-09-09 Thursday
**** MEETING Interview: Florin Braghis :work:meeting:
:LOGBOOK:
2021-09-09 16:46:41 +00:00
CLOCK: [2021-09-09 Thu 15:49]--[2021-09-09 Thu 18:45] => 2:56
2021-09-09 13:50:38 +00:00
:END:
[2021-09-09 Thu 15:49]
2021-09-14 17:33:00 +00:00
** 2021-W37
*** 2021-09-14 Tuesday
**** IN-PROGRESS Device Grant :work:
:LOGBOOK:
2021-09-15 07:12:29 +00:00
CLOCK: [2021-09-14 Tue 19:31]--[2021-09-14 Tue 20:35] => 1:04
2021-09-14 17:33:00 +00:00
:END:
[2021-09-14 Tue 19:31]
2021-09-14 17:34:22 +00:00
- ref ::
2021-09-16 15:26:29 +00:00
*** 2021-09-16 Thursday
**** MEETING Team weekly :work:meeting:
:LOGBOOK:
2021-09-17 12:33:55 +00:00
CLOCK: [2021-09-16 Thu 17:25]--[2021-09-17 Fri 14:32] => 21:07
2021-09-16 15:26:29 +00:00
:END:
[2021-09-16 Thu 17:25]
Ambrose, Irina, Guillaume, Matt, Yann
2021-09-16 15:45:49 +00:00
TO MENTION: Device Grant with FMC => Public clients
2021-09-16 15:26:29 +00:00
***** Incident discussion
2021-09-17 12:33:55 +00:00
*** 2021-09-17 Friday
**** MEETING Presenting the projects :work:meeting:
[2021-09-17 Fri 14:32]
2021-09-17 12:34:57 +00:00
- ref :: https://github.com/advthreat/iroh/projects
2021-09-17 12:36:01 +00:00
.
2021-09-17 14:48:17 +00:00
***** Pres
2021-09-17 12:36:01 +00:00
2021-09-17 14:48:17 +00:00
****** General
2021-09-17 12:36:01 +00:00
2021-09-17 14:48:17 +00:00
******* Project Organization
2021-09-17 12:37:08 +00:00
Every project has an owner (main point of contact for the FT)
Now only leads, but could be anyone in the future.
2021-09-17 14:12:49 +00:00
2021-09-17 14:48:17 +00:00
****** [Design] Shared IROH Auth Session
2021-09-17 12:38:33 +00:00
Goal of this Project which is not an official FT is to reflect and write
proposals to reach the feeling of a shared session across all Cisco
Security products via SecureX.
+ solution using cookies
+ solution using Open ID Connect
.
2021-09-17 14:48:17 +00:00
****** [Design] High Impact Incident
2021-09-17 12:39:59 +00:00
2021-09-17 12:43:18 +00:00
/Guillaume Ereteo/ made an awesome work to provide multiple proposals to be
able to deliver the feature as fast as possible.
1. filter on source (only AMP)
2021-09-17 12:58:56 +00:00
2. Add severity on incident model
3. Incident with high impact via an IROH route: https://github.com/advthreat/iroh/issues/5710
2021-09-17 12:49:01 +00:00
+ needs the proxy from Ambrose
+ need sync with engine team too
2021-09-17 12:57:49 +00:00
2021-09-17 14:48:17 +00:00
****** SecureX Suite Session Improvement
2021-09-17 12:54:32 +00:00
Delivered yesterday in v1.81
2021-09-17 12:55:50 +00:00
Limit the number of interstitial pages between SecureX and CTR/SSE
+ For orbital, missing the Launch button, the back end work is done as we do
not need any SXSO app link.
2021-09-17 12:54:32 +00:00
2021-09-17 14:48:17 +00:00
****** [HOLD] Cisco Secure Client Integration
2021-09-17 12:53:29 +00:00
Still no work to be done by the IROH Services team
2021-09-17 12:54:32 +00:00
2021-09-17 14:48:17 +00:00
****** Hiring
2021-09-17 12:55:50 +00:00
Since last meeting two new hires will join us in next few weeks.
Kiril and Olivier.
2021-09-17 12:58:56 +00:00
Kiril lives in Germany and Olivier in France.
2021-09-17 14:48:17 +00:00
****** 1-Click Module Setup
2021-09-17 13:00:05 +00:00
2021-09-17 13:09:04 +00:00
In progress integration by CDO and SWC
2021-09-17 13:14:32 +00:00
2021-09-17 13:55:38 +00:00
/Irina/ worked to provide the vault metadata API for SWC.
2021-09-17 13:14:32 +00:00
2021-09-17 13:00:05 +00:00
AMP is in the QA test phase.
2021-09-17 13:10:20 +00:00
2021-09-17 14:48:17 +00:00
****** ModuleType updates
2021-09-17 13:11:24 +00:00
Just saw the rename of "Threat Grid" into "Secure Malware Analytics"
2021-09-17 14:48:17 +00:00
****** [HOLD] CTIA Hydrant support
****** CTIA Incident Manager Improvement
****** Bug Squashing
2021-09-17 13:20:56 +00:00
2021-09-17 13:39:58 +00:00
+ Fix a bug where a user could login to org that reject non-admin user login
+ Fix a refresh token bug that would provide too much scopes to an access token
2021-09-17 13:40:59 +00:00
+ Login Page url parsing potential discrepancy fixed
2021-09-17 13:43:33 +00:00
2021-09-17 14:48:17 +00:00
****** [HOLD] ES 7 Migration
****** Device Insights Integration
2021-09-17 13:47:44 +00:00
- Wanderson: Webhooks work, trigger a notification for every
module-instance configuration change.
2021-09-17 14:48:17 +00:00
****** AppLinks API
****** SSE API Extension & OAuth2 Device Grant
2021-09-17 13:44:46 +00:00
+ FMC ⇒ public clients for Device Grants
2021-09-17 14:48:17 +00:00
****** Incident Assignment Notifications
2021-09-17 13:50:05 +00:00
2021-09-17 13:53:44 +00:00
/Ambrose/ worked to make IROH a proxy to private intel for incident
assignments notifications.
Should be delivered in v1.82
2021-09-29 14:13:37 +00:00
** 2021-W39
*** 2021-09-29 Wednesday
**** MEETING Interview :work:meeting:
:LOGBOOK:
2021-09-30 09:17:27 +00:00
CLOCK: [2021-09-29 Wed 16:12]--[2021-09-29 Wed 19:30] => 3:18
2021-09-29 14:13:37 +00:00
:END:
[2021-09-29 Wed 16:12]
- ref :: [[file:~/dev/ring-jwt-middleware/src/ring_jwt_middleware/core.clj::jwt-check-fn (s/=> s/Any s/Str JwtClaims) ]]
2021-10-01 13:57:00 +00:00
*** 2021-10-01 Friday
2021-10-01 15:28:04 +00:00
**** MEETING App Links :work:meeting:
:LOGBOOK:
2021-10-05 12:45:33 +00:00
CLOCK: [2021-10-01 Fri 17:26]--[2021-10-01 Fri 19:07] => 1:41
2021-10-01 15:28:04 +00:00
:END:
[2021-10-01 Fri 17:26]
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Secure Client ][Secure Client ]]
2021-10-01 13:57:00 +00:00
**** MEETING Secure Client :work:meeting:
:LOGBOOK:
2021-10-01 15:28:04 +00:00
CLOCK: [2021-10-01 Fri 15:55]--[2021-10-01 Fri 17:26] => 1:31
2021-10-01 13:57:00 +00:00
:END:
[2021-10-01 Fri 15:55]
Meeting link:
https://cisco.webex.com/cisco/j.php?MTID=m5814a8530a0870a19a57230bfd6d4b0e
2021-10-05 12:45:33 +00:00
** 2021-W40
*** 2021-10-05 Tuesday
2021-10-05 13:30:40 +00:00
**** MEETING DI weekly :work:meeting:
[2021-10-05 Tue 15:30]
2021-10-05 13:31:46 +00:00
#+begin_quote
From Yuri
Hi,
2021-10-05 13:35:03 +00:00
Things I’
2021-10-05 13:31:46 +00:00
1. The integration modules screen:
a. When will all the modules be updated with the relevant text?
b. When will all the modules be deployed to production?
c. Same goes for the DI module? Need help in updating its text and taking it to production as well
d. The filter by capability for device insights currently shows an empty result in production
2. Integration code
a. Is there still some integration code that is pending?
i. What is the status of https://github.com/advthreat/iroh/issues/5680?
ii. Any other open issues?
b. Any blockers that you see for deploying to production?
3. Assets API QA?
#+end_quote
2021-10-05 13:52:56 +00:00
1.a. doc team
2021-10-05 14:01:55 +00:00
1.b
2.a
2021-10-05 13:35:03 +00:00
2021-10-05 12:45:33 +00:00
**** IN-PROGRESS Training Interviewing :work:
:LOGBOOK:
2021-10-05 13:30:40 +00:00
CLOCK: [2021-10-05 Tue 14:44]--[2021-10-05 Tue 15:30] => 0:46
2021-10-05 12:45:33 +00:00
:END:
[2021-10-05 Tue 14:44]
***** Past Perf Predict the Future
2021-10-05 12:50:49 +00:00
*Behaviorial questions*
2021-10-05 12:45:33 +00:00
- tell me about a time when...
- Where and how have you used ,,, to achieve ,,,
2021-10-05 12:50:49 +00:00
- Walk me through the system/process/etc...
*Behavioral questions better*
2021-10-05 12:53:10 +00:00
More specific to their experience, not generic.
2021-10-05 12:54:24 +00:00
- concise
- clear
- relevant
- practiced
- tailored to the job
2021-10-05 12:57:10 +00:00
***** Real Purpose of interviewing
2021-10-05 12:59:52 +00:00
Predict whether or not they'd be successful in our company
Evidence?
- Yes, specific examples
- Yes, demonstration
2021-10-05 13:02:59 +00:00
What the candidate will think about the question.
****** Clear on hiring criteria
2021-10-05 13:29:23 +00:00
*skills & knownledge, attributes, achievements, motivations*
2021-10-05 13:04:08 +00:00
targeted probing behavioral interviewing.
2021-10-05 13:06:55 +00:00
Go deep, specific, examples.
2021-10-05 13:10:17 +00:00
Ask the *how* to detect liars, lack of honesty.
- what ,,, what did you do, what was your role, etc...
2021-10-05 13:11:25 +00:00
Question need specific responses.
2021-10-05 13:14:03 +00:00
Do brainteasers work? no
Use problem solving questions; how would you do/solve/etc...?
Examples:
2021-10-05 13:15:20 +00:00
2021-10-05 13:16:25 +00:00
- role play question. ×
- problem they solved. ✓
What work-related experience(s) changed your opinion(s) on something?
2021-10-05 13:20:50 +00:00
****** On Question to rule them all?
Combination question.
2021-10-05 13:29:23 +00:00
Find combo questions.
2021-10-05 13:30:40 +00:00
*Probing*
2021-10-07 07:21:20 +00:00
*** 2021-10-07 Thursday
2021-10-07 16:02:14 +00:00
**** MEETING DI blockers :work:meeting:
:LOGBOOK:
2021-10-08 15:34:08 +00:00
CLOCK: [2021-10-07 Thu 18:01]--[2021-10-08 Fri 17:33] => 23:32
2021-10-07 16:02:14 +00:00
:END:
[2021-10-07 Thu 18:01]
#+begin_quote
@Yuri:
2021-10-07 16:03:29 +00:00
I’
Here is the list of the issues I’
for the release:
1. https://github.com/advthreat/iroh/issues/5680 - didn’
2021-10-07 16:02:14 +00:00
2. Umbrella module -
a. Allow configuring only DI relevant fields - https://github.com/threatgrid/response/issues/933 b. Placement of fields https:/ /github.com/threatgrid/response/issues/934 c. Add explanations of DI relevant fields - https:/ /github.com/threatgrid/response/issues/935 d. Umbrella doesn't send the external reference info - https:/ /github.com/threatgrid/response/issues/936
3. filtering for the device insights SecureX modules in the Integration Modules screen - results in an empty set - https://github.com/threatgrid/response/issues/937
If you know of something else, please add here
@Matt:
2.a is also tracked here https://github.com/advthreat/iroh/issues/5821
#+end_quote
2021-10-07 16:32:29 +00:00
1. Doc discussion 30min
2. show time (Yuri share chat)
2021-10-07 16:02:14 +00:00
2021-10-07 14:46:18 +00:00
**** IN-PROGRESS support :work:
:LOGBOOK:
2021-10-07 16:02:14 +00:00
CLOCK: [2021-10-07 Thu 16:45]--[2021-10-07 Thu 18:01] => 1:16
2021-10-07 14:46:18 +00:00
:END:
[2021-10-07 Thu 16:45]
2021-10-07 14:47:31 +00:00
- ref :: https://github.com/threatgrid/tenzin/issues/1530
new-org
2021-10-07 14:51:05 +00:00
#+begin_src js
2021-10-07 14:47:31 +00:00
{
"id": "00000000-0000-0000-6473-000028fbaa95",
"name": "GATE/Tier3",
"enabled?": true,
"created-at": "2021-10-07T17:00:00.000Z",
2021-10-07 14:49:21 +00:00
"scim-status": "activated",
"additional-scopes": [
"iroh-master:read",
"iroh-admin:read",
"iroh-master/tac",
"iroh-auth:read"]
2021-10-07 14:47:31 +00:00
}
#+end_src
2021-10-07 14:51:05 +00:00
Idp Mapping INT/TEST
#+begin_src js
{
2021-10-07 14:52:12 +00:00
"idp": "sxso",
"user-identity-id": "00uox5862kEG8G0CD0h7",
"enabled?": true
}
#+end_src
IdP Mapping PROD
#+begin_src js
{
"idp": "sxso",
"user-identity-id": "00u4dmbgyjnx4glS2357",
"enabled?": true
}
2021-10-07 14:51:05 +00:00
#+end_src
2021-10-07 14:49:21 +00:00
2021-10-07 15:02:50 +00:00
Users to invite:
2021-10-07 15:07:23 +00:00
#+begin_src js
[{"invitee-email":"ashakarc@cisco.com","role":"admin"},
{"invitee-email":"bmacer@cisco.com", "role":"admin"},
{"invitee-email":"caknowle@cisco.com","role":"admin"},
{"invitee-email":"cdeleanu@cisco.com","role":"admin"},
{"invitee-email":"daphgalm@cisco.com","role":"admin"},
{"invitee-email":"djanulik@cisco.com","role":"admin"},
{"invitee-email":"bmahsan@cisco.com", "role":"admin"},
{"invitee-email":"majacob2@cisco.com","role":"admin"},
{"invitee-email":"sorianto@cisco.com","role":"admin"},
{"invitee-email":"stabulic@cisco.com","role":"admin"}]
#+end_src
2021-10-07 15:02:50 +00:00
2021-10-07 08:08:33 +00:00
**** CHAT check continu :work:chat:
:LOGBOOK:
2021-10-07 14:46:18 +00:00
CLOCK: [2021-10-07 Thu 10:07]--[2021-10-07 Thu 16:45] => 6:38
2021-10-07 08:08:33 +00:00
:END:
[2021-10-07 Thu 10:07]
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*support DI JWT signature ][support DI JWT signature ]]
2021-10-07 07:47:06 +00:00
**** CHAT support DI JWT signature :work:chat:
:LOGBOOK:
2021-10-07 08:05:43 +00:00
CLOCK: [2021-10-07 Thu 09:45]--[2021-10-07 Thu 10:04] => 0:19
2021-10-07 07:47:06 +00:00
:END:
[2021-10-07 Thu 09:45]
- ref :: https://github.com/advthreat/iroh/issues/5680
2021-10-07 07:28:50 +00:00
**** IN-PROGRESS client update via admin for CMD :work:support:
:LOGBOOK:
2021-10-07 07:47:06 +00:00
CLOCK: [2021-10-07 Thu 09:27]--[2021-10-07 Thu 09:45] => 0:18
2021-10-07 07:28:50 +00:00
:END:
[2021-10-07 Thu 09:27]
2021-10-07 07:29:57 +00:00
- ref :: https://github.com/advthreat/iroh/issues/5827
Cisco Secure Email Cloud Mailbox
2021-10-07 07:32:28 +00:00
- module NAM client-0be615ab-b0ff-4c12-8a85-f16c95e7d396
- ribbon NAM client-e36ba40b-5710-402d-b036-ada6d7817c55
- module EU client-6fc3230c-936a-40c1-ad73-f9f28700804e
- ribbon EU client-164688ee-cd5d-44b6-be3d-5e255955e969
2021-10-07 07:47:06 +00:00
2021-10-07 07:27:28 +00:00
**** CHAT Check webex matinal. :work:chat:
:LOGBOOK:
2021-10-07 07:28:50 +00:00
CLOCK: [2021-10-07 Thu 09:26]--[2021-10-07 Thu 09:27] => 0:01
2021-10-07 07:27:28 +00:00
:END:
[2021-10-07 Thu 09:26]
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/journal/2021/2021-10-07.org::*09:20 ][09:20 ]]
2021-10-07 07:21:20 +00:00
**** PAUSE Journal :pause:
:LOGBOOK:
2021-10-07 07:27:28 +00:00
CLOCK: [2021-10-07 Thu 09:20]--[2021-10-07 Thu 09:26] => 0:06
2021-10-07 07:21:20 +00:00
:END:
[2021-10-07 Thu 09:20]
2021-10-08 15:34:08 +00:00
*** 2021-10-08 Friday
2021-10-08 18:35:03 +00:00
**** MEETING IDB decomissioning :work:meeting:
:LOGBOOK:
2021-10-14 12:59:53 +00:00
CLOCK: [2021-10-08 Fri 20:33]--[2021-10-08 Fri 23:01] => 2:28
2021-10-08 18:35:03 +00:00
:END:
[2021-10-08 Fri 20:33]
- ref :: [[file:~/dev/iroh/services/iroh-auth/test/iroh_auth/oauth2_web_service_test.clj ][file:~/dev/iroh/services/iroh-auth/test/iroh_auth/oauth2_web_service_test.clj ]]
- SSE side decomission
2021-10-08 18:36:11 +00:00
Chander Goyal
context; SX released as a platform, SSE had a PingFed ID Broker.
Also for CSA.
We want to user IROH-Auth.
We want to use directly IROH-Auth.
2021-10-08 18:37:23 +00:00
CSA Migration was launched.
SSE-side done.
CSA should be completed very soon.
Let's not change PingFed.
2021-10-08 18:38:26 +00:00
Nov 1919 -> nobody left in PingFed at SSE.
2021-10-08 18:37:23 +00:00
2021-10-08 18:38:26 +00:00
Very limited knowledge.
The license was Cisco Wideside license.
end in 2022.
We want to duplicate PingFed.
2021-10-08 15:34:08 +00:00
**** MEETING Customer Manager :work:meeting:
:LOGBOOK:
2021-10-08 18:35:03 +00:00
CLOCK: [2021-10-08 Fri 17:33]--[2021-10-08 Fri 20:33] => 3:00
2021-10-08 15:34:08 +00:00
:END:
[2021-10-08 Fri 17:33]
- ref :: ,,,
2021-10-14 12:59:53 +00:00
** 2021-W41
*** 2021-10-14 Thursday
2021-10-14 13:24:37 +00:00
**** IN-PROGRESS Write Customer Manager doc :work:
:LOGBOOK:
2021-10-17 20:20:19 +00:00
CLOCK: [2021-10-14 Thu 15:23]--[2021-10-14 Thu 16:33] => 1:10
2021-10-14 13:24:37 +00:00
:END:
[2021-10-14 Thu 15:23]
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*write attack on Webhooks with JWT from emitters ][write attack on Webhooks with JWT from emitters ]]
2021-10-14 12:59:53 +00:00
**** IN-PROGRESS write attack on Webhooks with JWT from emitters :work:
:LOGBOOK:
2021-10-14 13:24:37 +00:00
CLOCK: [2021-10-14 Thu 14:58]--[2021-10-14 Thu 15:23] => 0:25
2021-10-14 12:59:53 +00:00
:END:
[2021-10-14 Thu 14:58]
Attack using access_token/id_token from emitters and not webhook owner.
2021-10-14 13:04:17 +00:00
Webhooks are a generic mechanism; but here we only focus on webhook used by
internal Cisco team integration.
So the webhook mechanism should be used to push a trusted API that a
2021-10-14 13:05:20 +00:00
changed occurred in SecureX (typically module instance change).
2021-10-14 13:04:17 +00:00
The call must be authenticated by the API.
2021-10-14 13:06:34 +00:00
The call should also optionally contain access/refresh tokens to the
destination so the integration team could access IROH as the event's
emitter user.
2021-10-14 13:10:21 +00:00
The issue is that, nothing is explicitly done to prevent any user to get an
access/id token generated from the same client we use to forge the
authentication headers.
So it means, that a SecureX user from any org that could get access to its
own access token/id token (which is entirely possible, and easy to get for
DI as their client is public).
So any user could call the API endpoint to fake real webhook events, and
potentially using cross-tenancy/cross-user false events.
So to mitigate this issue, we suggest to:
1. Always use the owner of the webhook & the client of the team to build
id_tokens, (if possible not access_token).
The forged JWT should have a specific audience (this is already the case
2021-10-14 13:11:28 +00:00
for DI at least). The API team *MUST* check that the =sub= claim matches the
=owner-id= field of the webhook as well as verifying the JWT signature.
2. Provide the emitter tokens in the body of the HTTP call made during
webhook trigger.
2021-10-14 13:13:22 +00:00
- With 1, we prevent this cross-tenant/cross-user attack.
- With 2, we not only provide even more data than before but the team could
directly use the token without using the "custom route" to retrieve the
refresh token (as it is already provided in the webhook HTTP body)
2021-10-18 08:57:26 +00:00
** 2021-W42
*** 2021-10-18 Monday
**** TODO Write Weekly todos :work:
[2021-10-18 Mon 10:56]
- ref ::
2021-10-18 20:34:25 +00:00
***** DONE Check Wanderson PRs/Webhooks
2021-10-18 08:58:31 +00:00
SCHEDULED: <2021-10-18 Mon>
2021-10-18 08:57:26 +00:00
***** TODO Customer Manager Doc
2021-10-18 08:58:31 +00:00
SCHEDULED: <2021-10-19 Tue>
***** TODO IROH-Auth tour
2021-10-20 11:31:16 +00:00
****** DONE Organize invitations for IROH-Auth tour + bugfix, etc...
2021-10-18 08:58:31 +00:00
DEADLINE: <2021-10-18 Mon>
2021-10-19 07:05:18 +00:00
***** IN-PROGRESS Discuss Exceptions organization
2021-10-18 09:01:41 +00:00
SCHEDULED: <2021-10-18 Mon>
2021-10-18 09:04:09 +00:00
***** TODO Team notes
DEADLINE: <2021-10-22 Fri>
****** Ag
2021-10-18 09:05:17 +00:00
Talk about taking care before PR approval:
Cf. Approved PR severe bugs: https://github.com/advthreat/iroh/pull/5849
2021-10-18 09:04:09 +00:00
****** Wanderson
****** Olivier
2021-10-19 07:05:18 +00:00
*** 2021-10-19 Tuesday
2021-10-19 14:05:20 +00:00
**** DONE whitelist synopsis.com in TEST :work:
2021-10-19 07:13:52 +00:00
DEADLINE: <2021-10-19 Tue>
2021-10-19 07:05:18 +00:00
:LOGBOOK:
2021-10-19 14:05:20 +00:00
CLOCK: [2021-10-19 Tue 09:04]--[2021-10-19 Tue 16:03] => 6:59
2021-10-19 07:05:18 +00:00
:END:
[2021-10-19 Tue 09:04]
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Olivier ][Olivier ]]
2021-10-21 13:34:10 +00:00
*** 2021-10-21 Thursday
2021-10-21 15:17:17 +00:00
**** MEETING Weekly IROH Service Team :work:meeting:
:LOGBOOK:
CLOCK: [2021-10-21 Thu 17:16]
:END:
[2021-10-21 Thu 17:16]
2021-10-21 14:29:13 +00:00
**** MEETING FMC - Device Grant OAuth2 Flow Sync :work:meeting:
:LOGBOOK:
2021-10-21 14:52:53 +00:00
CLOCK: [2021-10-21 Thu 16:27]--[2021-10-21 Thu 16:51] => 0:24
2021-10-21 14:29:13 +00:00
:END:
[2021-10-21 Thu 16:27]
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Secure Client ][Secure Client ]]
2021-10-21 14:32:53 +00:00
Updated Target Date.
No blocking issue or concerns.
2021-10-21 14:33:55 +00:00
We just finish delivering the feature.
2021-10-21 14:32:53 +00:00
2021-10-21 14:33:55 +00:00
Good to go for 7.2 release (in April).
2021-10-21 14:36:58 +00:00
Maybe maintenance release 7.0.2 in Feb.
2021-10-21 14:33:55 +00:00
2021-10-21 13:34:10 +00:00
**** MEETING Secure Client :work:meeting:me:
:LOGBOOK:
2021-10-21 14:13:07 +00:00
CLOCK: [2021-10-21 Thu 15:32]--[2021-10-21 Thu 16:12] => 0:40
2021-10-21 13:34:10 +00:00
:END:
[2021-10-21 Thu 15:32]
2021-10-21 13:48:06 +00:00
2021-10-21 14:13:07 +00:00
Jyoti discuss with a document how the 1-click module setup
should work and the constraints to obey.
