diff --git a/.orgids b/.orgids index eb24e9c1..a6dfbbc5 100644 --- a/.orgids +++ b/.orgids @@ -1,2 +1,2 @@ -(("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/maison_martigues.org" "bac1c907-5733-4837-83bb-747e189432b5") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/cisco_qdd.org" "32684342-7935-41c3-b855-4a748662b15d") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/permission_outside_scopes.org" "8c6d80b5-dc83-40ee-b187-4b0427c77f78") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org" "8163f2ed-7106-4b4a-93b0-7009fe316172" "1644E007-AFBE-4F4B-9307-B007C60548E8" "8B092321-BA1F-47F9-A927-76D2E232CF51" "49981B50-AFBD-4C93-A9C2-8D88550AB425" "90110976-520D-4B0C-B1D9-3798323C370E" "2110820C-4877-40B3-A351-2DEDE0F222C6" "a4ebd43b-b589-499e-85e1-7ebea0abf3af" "9207b53a-e38e-4996-abc6-140c31f2960a") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/archives/TODO.archive.org" "96343FD2-E7A9-4AAA-A40A-8D048DA340E9" "B72E4288-E96B-4099-8684-37DDF3395C50" "797ba971-6ae3-49a1-9499-928572760d09") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/composable_shell_nix.org" "8c33ebae-bccf-4e73-837b-f52fa4c5e4c6") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/what_i_forsee_about_the_future_of_developers.org" "16bbfe28-ea40-437f-861d-1eacb408d34f") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/custom_routes.org" "0dceeeca-7c23-41a8-b9dc-4642a09618db") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/html_css_web_techs.org" "7431e4a3-4359-4dcb-89e6-c1c700cd4355") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/either_in_clojure.org" "b413e4db-1367-4936-8a46-cd5b86178e29") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/chien_d_assistance.org" "2a3d68cc-4a14-442c-b7f9-c602a2cd25bf") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/template_information_chien_d_assistance.org" "b0b0b46f-a11e-4c4b-8d1f-0d444847aeae") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/browserless_software_project_management_with_git.org" "13c23225-379a-45a8-bed1-24fb6a054454") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/hacker_culture.org" "0caa54f7-bbac-486c-855c-f299943f4226") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/one_hacker_way_by_erik_meijer_goto_2015.org" "02bd2e1e-cd10-4b29-bd03-611edf0c7eab") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/lgtm.org" "cc2e9340-1340-4d28-8f54-47080a569c7e") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/cisco_org_level_entities.org" "b30f9e63-e655-40e6-9a58-5a390a7921bb") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/cisco.org" "ce893df9-32a4-44e0-9eb5-b9817141ee6a") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/iroh_auth_ui_enhancements.org" "fe9118f2-3cf1-4a9c-b97d-d5d58f9d0769") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/cisco_user_data.org" "e6db475b-9ccc-43b2-bcfe-057215ddc1d1") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/high_iq_captcha.org" "b6402aa6-3315-4317-82a5-367af38f0ead") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/management.org" "719fabee-1094-4596-b26e-55fe7a512113") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/one_one_meetings.org" "cd101af9-2dd7-41b7-85d6-4de5c0c594df") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/redirect_to_new_page_with_useridentity_jwt.org" "f46a4a9e-6a06-4b9e-8764-30cd8c501d7e") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/encryption.org" "80630a59-70f2-435b-967b-abb162324be8") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/chat.org" "fb32a68e-b32c-4ce5-9c6a-cc141a122708") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/security.org" "2351f4cb-85a3-45ca-9bb5-f13a559afcfe") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/simplex_chat.org" "5a711803-6a92-40e3-817d-40f564ac5cf8") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/cisco_ft_securex_registration.org" "1208f09c-d37d-4e6b-9110-151f3c6b7d34") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/how_to_speak.org" "4ad5f64e-c330-4f36-8f8a-d82a1ae993a0") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/interview_certification.org" "93027c33-dcf8-4bda-8aee-60f507e0ff4a") ("../y/her.esy.fun/src/posts/0019-utopia-tv-show/index.org" "88e25182-ee54-4d2e-b373-b4e06fc292c8") ("../y/her.esy.fun/src/posts/0013-how-to-choose-your-tools/index.org" "c2e61938-8493-434a-9ffa-9fd4698d9863") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/cisco_team_history.org" "e3296579-2f2e-4f23-92e2-1ce9fef6fe04") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/customer_manager.org" "99fd9444-ae5d-4d51-a295-a936fc01928a") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/artificial_life_game_approach.org" "8a37b5d3-8ee5-45cd-8c32-021b8d42210f") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/factorio_maps.org" "e5c17702-09d5-4d7d-97ff-95a8de353ea0") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/interview_shafiq.org" "094630db-95cf-416f-a147-ca5fdeddd902") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/remove_securex_tg_login_button.org" "3290e028-b7a6-4be3-a5d2-45bf89ff2f0d") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/new_iroh_auth_apis.org" "2c317dbe-4fca-444b-b0bc-f9174522e106") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/cisco_securex_ips.org" "c9e0342f-f082-4c9b-9dcd-f1629124ac71") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/deep_merge_exploration.org" "c1dbe471-a470-4d44-a91c-0bfda0d47d21") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/impots_2021.org" "8daf6185-ad0e-40c2-af79-0bb885505303") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/characteristics_of_pseudoscience.org" "509cbe3e-cf95-4bcd-9f61-9cc74aa35a8c") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/presentation_leads.org" "22d031b5-ff8e-46df-a306-0ca30ab7358b") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/vigiglobe.org" "07412c20-49d3-4616-957f-5ddd246ed080") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/weekly_iroh_auth_notes.org" "8ddf9276-6888-4502-9dd9-943769726ca1") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/weekly_platform.org" "1194cbe4-b31c-4b17-9e0a-f0ee8422292c") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/positive_attitude.org" "8deaa4e4-a96c-4d3c-96df-8f23e0d90f1e") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/amstrad.org" "a9971a5b-6565-4835-9c49-c968011bbc21") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/duo.org" "e9d79b8d-3779-45b7-9360-7bb5558ffbeb") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/one_one_v2.org" "9699f986-29ad-429f-9ca9-1080062ae11c") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/brut_css.org" "cfd05ee0-488d-4b28-ab97-5fe6fe4a5cae") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/maintenance_questions.org" "b55abfad-ea21-4e81-8017-e99b8af33f9c") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/rbac_for_clients.org" "8f30dbd3-8c24-4fd6-b784-2753130453ec") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/capt_website.org" "54f15fc7-8c85-4bde-a15a-ea9fe94e7c2f")) +(("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/cookie_clicker_save.org" "3d75e1da-3fc4-414d-90f8-c3266eed3ddc") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/chien_espoir_handicap_ag.org" "7a934ca5-31c0-4cf8-8a86-1efa89904b31") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/capt_website.org" "54f15fc7-8c85-4bde-a15a-ea9fe94e7c2f") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/rbac_for_clients.org" "8f30dbd3-8c24-4fd6-b784-2753130453ec") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/maintenance_questions.org" "b55abfad-ea21-4e81-8017-e99b8af33f9c") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/brut_css.org" "cfd05ee0-488d-4b28-ab97-5fe6fe4a5cae") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/one_one_v2.org" "9699f986-29ad-429f-9ca9-1080062ae11c") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/duo.org" "e9d79b8d-3779-45b7-9360-7bb5558ffbeb") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/amstrad.org" "a9971a5b-6565-4835-9c49-c968011bbc21") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/positive_attitude.org" "8deaa4e4-a96c-4d3c-96df-8f23e0d90f1e") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/weekly_platform.org" "1194cbe4-b31c-4b17-9e0a-f0ee8422292c") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/weekly_iroh_auth_notes.org" "8ddf9276-6888-4502-9dd9-943769726ca1") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/vigiglobe.org" "07412c20-49d3-4616-957f-5ddd246ed080") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/presentation_leads.org" "22d031b5-ff8e-46df-a306-0ca30ab7358b") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/characteristics_of_pseudoscience.org" "509cbe3e-cf95-4bcd-9f61-9cc74aa35a8c") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/impots_2021.org" "8daf6185-ad0e-40c2-af79-0bb885505303") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/deep_merge_exploration.org" "c1dbe471-a470-4d44-a91c-0bfda0d47d21") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/cisco_securex_ips.org" "c9e0342f-f082-4c9b-9dcd-f1629124ac71") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/new_iroh_auth_apis.org" "2c317dbe-4fca-444b-b0bc-f9174522e106") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/remove_securex_tg_login_button.org" "3290e028-b7a6-4be3-a5d2-45bf89ff2f0d") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/interview_shafiq.org" "094630db-95cf-416f-a147-ca5fdeddd902") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/factorio_maps.org" "e5c17702-09d5-4d7d-97ff-95a8de353ea0") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/artificial_life_game_approach.org" "8a37b5d3-8ee5-45cd-8c32-021b8d42210f") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/customer_manager.org" "99fd9444-ae5d-4d51-a295-a936fc01928a") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/cisco_team_history.org" "e3296579-2f2e-4f23-92e2-1ce9fef6fe04") ("../y/her.esy.fun/src/posts/0013-how-to-choose-your-tools/index.org" "c2e61938-8493-434a-9ffa-9fd4698d9863") ("../y/her.esy.fun/src/posts/0019-utopia-tv-show/index.org" "88e25182-ee54-4d2e-b373-b4e06fc292c8") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/interview_certification.org" "93027c33-dcf8-4bda-8aee-60f507e0ff4a") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/how_to_speak.org" "4ad5f64e-c330-4f36-8f8a-d82a1ae993a0") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/cisco_ft_securex_registration.org" "1208f09c-d37d-4e6b-9110-151f3c6b7d34") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/simplex_chat.org" "5a711803-6a92-40e3-817d-40f564ac5cf8") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/security.org" "2351f4cb-85a3-45ca-9bb5-f13a559afcfe") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/chat.org" "fb32a68e-b32c-4ce5-9c6a-cc141a122708") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/encryption.org" "80630a59-70f2-435b-967b-abb162324be8") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/redirect_to_new_page_with_useridentity_jwt.org" "f46a4a9e-6a06-4b9e-8764-30cd8c501d7e") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/one_one_meetings.org" "cd101af9-2dd7-41b7-85d6-4de5c0c594df") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/management.org" "719fabee-1094-4596-b26e-55fe7a512113") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/high_iq_captcha.org" "b6402aa6-3315-4317-82a5-367af38f0ead") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/cisco_user_data.org" "e6db475b-9ccc-43b2-bcfe-057215ddc1d1") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/iroh_auth_ui_enhancements.org" "fe9118f2-3cf1-4a9c-b97d-d5d58f9d0769") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/cisco.org" "ce893df9-32a4-44e0-9eb5-b9817141ee6a") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/cisco_org_level_entities.org" "b30f9e63-e655-40e6-9a58-5a390a7921bb") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/lgtm.org" "cc2e9340-1340-4d28-8f54-47080a569c7e") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/one_hacker_way_by_erik_meijer_goto_2015.org" "02bd2e1e-cd10-4b29-bd03-611edf0c7eab") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/hacker_culture.org" "0caa54f7-bbac-486c-855c-f299943f4226") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/browserless_software_project_management_with_git.org" "13c23225-379a-45a8-bed1-24fb6a054454") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/template_information_chien_d_assistance.org" "b0b0b46f-a11e-4c4b-8d1f-0d444847aeae") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/chien_d_assistance.org" "2a3d68cc-4a14-442c-b7f9-c602a2cd25bf") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/either_in_clojure.org" "b413e4db-1367-4936-8a46-cd5b86178e29") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/html_css_web_techs.org" "7431e4a3-4359-4dcb-89e6-c1c700cd4355") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/custom_routes.org" "0dceeeca-7c23-41a8-b9dc-4642a09618db") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/what_i_forsee_about_the_future_of_developers.org" "16bbfe28-ea40-437f-861d-1eacb408d34f") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/composable_shell_nix.org" "8c33ebae-bccf-4e73-837b-f52fa4c5e4c6") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/archives/TODO.archive.org" "797ba971-6ae3-49a1-9499-928572760d09" "B72E4288-E96B-4099-8684-37DDF3395C50" "96343FD2-E7A9-4AAA-A40A-8D048DA340E9") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org" "9207b53a-e38e-4996-abc6-140c31f2960a" "a4ebd43b-b589-499e-85e1-7ebea0abf3af" "2110820C-4877-40B3-A351-2DEDE0F222C6" "90110976-520D-4B0C-B1D9-3798323C370E" "49981B50-AFBD-4C93-A9C2-8D88550AB425" "8B092321-BA1F-47F9-A927-76D2E232CF51" "1644E007-AFBE-4F4B-9307-B007C60548E8" "8163f2ed-7106-4b4a-93b0-7009fe316172") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/permission_outside_scopes.org" "8c6d80b5-dc83-40ee-b187-4b0427c77f78") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/cisco_qdd.org" "32684342-7935-41c3-b855-4a748662b15d") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/maison_martigues.org" "bac1c907-5733-4837-83bb-747e189432b5") ("../Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/notes/full_integration_development_doc.org" "b073b659-19e2-4402-b3ef-087ee67aa201")) diff --git a/.projectile b/.projectile new file mode 100644 index 00000000..3e3b3f5f --- /dev/null +++ b/.projectile @@ -0,0 +1 @@ +-/.attach diff --git a/.vale.ini b/.vale.ini new file mode 100644 index 00000000..168dd6b4 --- /dev/null +++ b/.vale.ini @@ -0,0 +1,10 @@ +StylesPath = styles + +MinAlertLevel = suggestion + +Vocab = Cisco + +Packages = write-good + +[*] +BasedOnStyles = Vale, write-good diff --git a/2023-07-11-iroh-monetization.pdf b/2023-07-11-iroh-monetization.pdf new file mode 100644 index 00000000..73ef746a Binary files /dev/null and b/2023-07-11-iroh-monetization.pdf differ diff --git a/Cisco.org.gpg b/Cisco.org.gpg index afef4f60..b20ce595 100644 Binary files a/Cisco.org.gpg and b/Cisco.org.gpg differ diff --git a/Cisco.pdf b/Cisco.pdf new file mode 100644 index 00000000..3800542c Binary files /dev/null and b/Cisco.pdf differ diff --git a/DI_Provisioning b/DI_Provisioning deleted file mode 100644 index 959f3e82..00000000 Binary files a/DI_Provisioning and /dev/null differ diff --git a/archives/TODO.archive.org b/archives/TODO.archive.org index cc9c83f4..c5743100 100644 --- a/archives/TODO.archive.org +++ b/archives/TODO.archive.org @@ -10023,3 +10023,923 @@ SCHEDULED: <2023-05-06 Sat> :ARCHIVE_TODO: DONE :END: [2023-05-06 Sat 18:10] + +* DONE Réserver le camion pour ce week-end +SCHEDULED: <2023-05-16 Tue 19:00> +:PROPERTIES: +:ARCHIVE_TIME: 2023-05-30 Tue 14:28 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Inbox +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_TODO: DONE +:END: +[2023-05-16 Tue 15:42] + +* DONE [#B] Signature notaire +SCHEDULED: <2023-05-15 Mon 13:20> +:PROPERTIES: +:ARCHIVE_TIME: 2023-05-30 Tue 14:28 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Inbox +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_TODO: DONE +:END: +[2023-05-15 Mon 09:18] + +* DONE Aller récupérer dernière quittance de loyer sur foncia.fr +SCHEDULED: <2023-05-08 Mon 10:00> +:PROPERTIES: +:ARCHIVE_TIME: 2023-05-30 Tue 14:28 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Inbox +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_TODO: DONE +:END: +[2023-05-06 Sat 13:02] + +* DONE Demander aux notaires et banquier, virement 24k +SCHEDULED: <2023-05-10 Wed 15:00> +:PROPERTIES: +:ARCHIVE_TIME: 2023-05-30 Tue 14:28 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Inbox +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_TODO: DONE +:END: +[2023-05-06 Sat 12:23] + +* DONE Dossier Courtier prêt +SCHEDULED: <2023-05-10 Wed 11:30> DEADLINE: <2023-05-12 Fri> +:PROPERTIES: +:ARCHIVE_TIME: 2023-05-30 Tue 14:28 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Inbox +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_TODO: DONE +:END: +:LOGBOOK: +CLOCK: [2023-05-11 Thu 09:04]--[2023-05-11 Thu 10:24] => 1:20 +:END: +[2023-05-06 Sat 10:10] + +Bonjour Monsieur Pau, + +Voici un lien qui vous permet d'accéder à l'ensemble des documents que j'ai +rassemblé pour le dossier de crédit. + +Veuillez noter: + +1. Nous n'arrivons pas à retrouver la fiche de paye de décembre de mon épouse de + son emploi précédent. Et nous ne pensons pas pouvoir retrouver ce document. +2. Un de nos véhicule est en LOA et donc il n'y a pas de prêt. Sans avoir le + tableau d'amortissement j'ai tout de même ajouté les documents relatifs à + cette LOA. + +Bien entendu j'ajouterai dans le dossier le compromis signé aussitôt que +possible et je vous en informerai quand je le ferai. + +Très bonne journée à vous, +Yann Esposito + +DONE: +- tableau d'amortissement +- titre de propriété de Duflot +- 3 derniers relevés de comptes. +- RIB compte principal + - Dernière quitance de loyer +- revenus fonciers +- récapitulatif de l'agence +- bulletin de paye d'avril de Krystelle + +TODO: + +- Allocations familiales + +- Banques + - documents pouvant justifier l'apport ; Relevés d'épargne financière + +- tableaux credits des deux voiture +- Dernière quitance de prime assurance habitation + +- compromis de vente + +* DONE Finir dossier changement d'addresse carte Grise +DEADLINE: <2023-05-02 Tue 18:00> +:PROPERTIES: +:ARCHIVE_TIME: 2023-05-30 Tue 14:28 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Inbox +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_TODO: DONE +:END: +[2023-05-02 Tue 10:39] + +* CANCELED Renvoyer ficher de renseignement et changer de ville +DEADLINE: <2023-05-10 Wed 16:30> +:PROPERTIES: +:ARCHIVE_TIME: 2023-05-30 Tue 14:28 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Inbox +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_TODO: CANCELED +:END: +:LOGBOOK: +- State "CANCELED" from "TODO" [2023-05-30 Tue 11:31] \\ + On verra sur Martigues +:END: +[2023-04-24 Mon 15:11] + +Changer d'addresse dans la nouvelle commune. + +Renvoyer le courier et je ne suis plus sur la commune. +notifier que je n'habite plus sur la commune. +Avec justificatif. + +Envoyer par mail: election@ville-valbonne.fr +Envoyer: cmazzocco@ville-valbonne.fr + +* DONE Compte Livret A Krystelle :chore: +:PROPERTIES: +:ARCHIVE_TIME: 2023-05-30 Tue 14:29 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_TODO: DONE +:END: +:LOGBOOK: +CLOCK: [2023-05-12 Fri 14:11]--[2023-05-12 Fri 14:33] => 0:22 +:END: +[2023-05-12 Fri 14:11] + +* DONE [#A] Appeler notaire procuration +SCHEDULED: <2023-05-11 Thu 09:20> +:PROPERTIES: +:ARCHIVE_TIME: 2023-05-30 Tue 14:29 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_TODO: DONE +:END: +[2023-05-10 Wed 20:18] + +* TODO [#A] revision chaudiere +:PROPERTIES: +:ARCHIVE_TIME: 2023-06-07 Wed 17:17 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Famille/Yearly +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_TODO: TODO +:ARCHIVE_ITAGS: family yearly +:END: +DEADLINE : <2023-02-15 Wed +1y -2w> +:PROPERTIES: +:LAST_REPEAT: [2022-02-25 Fri 18:10] +:END: +:LOGBOOK: +- State "DONE" from "TODO" [2022-02-25 Fri 18:10] +- State "DONE" from "IN-PROGRESS" [2021-03-06 Sat 23:48] +:END: +[2020-05-23 Sat 10:26] + +* TODO Fête des mères +:PROPERTIES: +:ARCHIVE_TIME: 2023-06-07 Wed 17:18 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Famille/Yearly +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_TODO: TODO +:ARCHIVE_ITAGS: family yearly +:END: +** [2020-06-07 Sun] +** [2021-05-30 Sun] +*** DONE [#A] Acheter cadeau fête des mères Krystelle :krystelle: +CLOSED: [2021-05-30 Sun 09:26] DEADLINE: <2021-05-30 Sun -2w> +*** DONE [#A] Acheter cadeau fête des mères Maman +CLOSED: [2021-05-30 Sun 09:26] DEADLINE: <2021-05-30 Sun -2w> +** [2022-06-07 Tue] +*** DONE [#A] Acheter cadeau fête des mères Krystelle :krystelle: +DEADLINE: <2022-05-29 Sun -2w> +*** DONE [#A] Acheter cadeau fête des mères Maman +DEADLINE: <2022-05-30 Mon -2w> + +* CANCELED Voir si on doit faire une demande PCH (aide pour le chien) :ATTACH:anna: +SCHEDULED: <2022-12-18 Sun> +:PROPERTIES: +:ID: 8163f2ed-7106-4b4a-93b0-7009fe316172 +:ARCHIVE_TIME: 2023-06-07 Wed 17:18 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Famille/Anna +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_TODO: CANCELED +:ARCHIVE_ITAGS: family +:END: +:LOGBOOK: +- State "CANCELED" from "TODO" [2022-12-21 Wed 14:19] +:END: +[2022-06-08 Wed 10:01] + +Début du message transféré : + +De: francoisem06@free.fr +Date: 1 juin 2022 à 18:23:37 UTC+2 +À: krystelle esposito +Objet: PCH + + +reBonjour Krystelle, + +Je te joins le tableau des remboursements pour la PCH (tableau 1 pour l'aide humaine et tableau 7 pour les aides animalières). Il faut donc prévoir de faire une demande de PCH auprès de la MDPH. + +Pour la demande de PCH +La loi n°2020-220 du 6 mars 2020 vise à améliorer l'accès à la PCH. + +L'article 3 (Article L245-6) parle des modalités et de la durée d'attribution de la PCH. Lorsque le handicap n'est pas susceptible d'évoluer favorablement, un droit à la PCH est ouvert sans limitation de durée, sans préjudice des révisions du plan personnalisé de compensation qu'appellent les besoins de la personne. + +Source : https://www.legifrance.gouv.fr/codes/id/LEGIARTI000041700020/2020-03-08 + +Autres infos : + +- Article sur ce qui change au 1 janvier 2022 en cas de handicap: https://informations.handicap.fr/a-janvier-2022-change-cas-handicap-32099.php/true + +- Togi Santé : https://www.togisante.com/agence/agence-togi-sante-nice-06/ + +A bientôt +Françoise + +* CANCELED Appeler Mr Niss Dominique (fosse septique) :maison: +DEADLINE: <2023-04-25 Tue> +:PROPERTIES: +:ARCHIVE_TIME: 2023-06-07 Wed 17:18 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Famille +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_TODO: CANCELED +:ARCHIVE_ITAGS: family +:END: +:LOGBOOK: +- State "CANCELED" from "TODO" [2023-05-04 Thu 21:57] +- State "TODO" from "CANCELED" [2023-05-04 Thu 21:57] +- State "CANCELED" from "TODO" [2023-05-04 Thu 21:56] \\ + Pas besoin pour l'instant +:END: +[2023-04-18 Tue 09:39] + +* W19 +:PROPERTIES: +:ARCHIVE_TIME: 2023-06-07 Wed 17:18 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Work +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_ITAGS: work +:END: +** Wednesday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-05-10 Wed 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-05-10 Wed 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-05-10 Wed 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-05-10 Wed 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-05-10 Wed 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-05-10 Wed 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-05-10 Wed 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-05-10 Wed 10:00> +** Thursday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-05-11 Thu 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-05-11 Thu 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-05-11 Thu 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-05-11 Thu 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-05-11 Thu 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-05-11 Thu 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-05-11 Thu 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-05-11 Thu 10:00> +** Friday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-05-12 Fri 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-05-12 Fri 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-05-12 Fri 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-05-12 Fri 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-05-12 Fri 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-05-12 Fri 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-05-12 Fri 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-05-12 Fri 10:00> + +* W20 +:PROPERTIES: +:ARCHIVE_TIME: 2023-06-07 Wed 17:18 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Work +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_ITAGS: work +:END: +** Monday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-05-15 Mon 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-05-15 Mon 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-05-15 Mon 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-05-15 Mon 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-05-15 Mon 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-05-15 Mon 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-05-15 Mon 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-05-15 Mon 10:00> +** Tuesday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-05-16 Tue 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-05-16 Tue 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-05-16 Tue 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-05-16 Tue 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-05-16 Tue 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-05-16 Tue 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-05-16 Tue 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-05-16 Tue 10:00> +** Wednesday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-05-17 Wed 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-05-17 Wed 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-05-17 Wed 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-05-17 Wed 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-05-17 Wed 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-05-17 Wed 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-05-17 Wed 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-05-17 Wed 10:00> + +* W21 +:PROPERTIES: +:ARCHIVE_TIME: 2023-06-07 Wed 17:18 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Work +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_ITAGS: work +:END: +** Tuesday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-05-23 Tue 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-05-23 Tue 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-05-23 Tue 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-05-23 Tue 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-05-23 Tue 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-05-23 Tue 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-05-23 Tue 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-05-23 Tue 10:00> +** Wednesday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-05-24 Wed 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-05-24 Wed 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-05-24 Wed 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-05-24 Wed 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-05-24 Wed 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-05-24 Wed 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-05-24 Wed 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-05-24 Wed 10:00> +** Thursday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-05-25 Thu 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-05-25 Thu 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-05-25 Thu 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-05-25 Thu 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-05-25 Thu 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-05-25 Thu 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-05-25 Thu 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-05-25 Thu 10:00> +** Friday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-05-26 Fri 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-05-26 Fri 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-05-26 Fri 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-05-26 Fri 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-05-26 Fri 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-05-26 Fri 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-05-26 Fri 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-05-26 Fri 10:00> + +* Tuesday +:PROPERTIES: +:ARCHIVE_TIME: 2023-06-07 Wed 17:19 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Work/W23 +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_ITAGS: work +:END: +** DONE [create-tasks] Webex +SCHEDULED: <2023-06-06 Tue 09:00> +** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-06 Tue 09:10> +** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-06 Tue 09:20> +** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-06 Tue 09:25> +** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-06 Tue 09:30> +** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-06 Tue 09:45> +** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-06 Tue 09:50> +** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-06 Tue 10:00> + +* DONE Monday +:PROPERTIES: +:ARCHIVE_TIME: 2023-06-07 Wed 17:20 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Work/W23 +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_TODO: DONE +:ARCHIVE_ITAGS: work +:END: +** DONE [create-tasks] Webex +SCHEDULED: <2023-06-05 Mon 09:00> +** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-05 Mon 09:10> +** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-05 Mon 09:20> +** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-05 Mon 09:25> +** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-05 Mon 09:30> +** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-05 Mon 09:45> +** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-05 Mon 09:50> +** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-05 Mon 10:00> + +* W22 +:PROPERTIES: +:ARCHIVE_TIME: 2023-06-07 Wed 17:20 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Work +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_ITAGS: work +:END: +** DONE Tuesday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-05-30 Tue 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-05-30 Tue 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-05-30 Tue 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-05-30 Tue 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-05-30 Tue 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-05-30 Tue 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-05-30 Tue 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-05-30 Tue 10:00> +** DONE Wednesday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-05-31 Wed 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-05-31 Wed 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-05-31 Wed 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-05-31 Wed 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-05-31 Wed 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-05-31 Wed 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-05-31 Wed 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-05-31 Wed 10:00> +** DONE Thursday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-06-01 Thu 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-01 Thu 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-01 Thu 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-01 Thu 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-01 Thu 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-01 Thu 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-01 Thu 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-01 Thu 10:00> +** DONE Friday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-06-02 Fri 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-02 Fri 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-02 Fri 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-02 Fri 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-02 Fri 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-02 Fri 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-02 Fri 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-02 Fri 10:00> + +* W23 +:PROPERTIES: +:ARCHIVE_TIME: 2023-07-11 Tue 10:13 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Work +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_ITAGS: work +:END: +** Wednesday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-06-07 Wed 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-07 Wed 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-07 Wed 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-07 Wed 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-07 Wed 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-07 Wed 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-07 Wed 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-07 Wed 10:00> +** Thursday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-06-08 Thu 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-08 Thu 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-08 Thu 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-08 Thu 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-08 Thu 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-08 Thu 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-08 Thu 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-08 Thu 10:00> +** Friday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-06-09 Fri 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-09 Fri 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-09 Fri 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-09 Fri 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-09 Fri 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-09 Fri 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-09 Fri 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-09 Fri 10:00> + +* W24 +:PROPERTIES: +:ARCHIVE_TIME: 2023-07-11 Tue 10:13 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Work +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_ITAGS: work +:END: +** Monday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-06-12 Mon 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-12 Mon 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-12 Mon 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-12 Mon 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-12 Mon 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-12 Mon 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-12 Mon 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-12 Mon 10:00> +** Tuesday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-06-13 Tue 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-13 Tue 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-13 Tue 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-13 Tue 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-13 Tue 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-13 Tue 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-13 Tue 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-13 Tue 10:00> +** Wednesday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-06-14 Wed 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-14 Wed 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-14 Wed 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-14 Wed 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-14 Wed 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-14 Wed 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-14 Wed 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-14 Wed 10:00> +** Thursday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-06-15 Thu 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-15 Thu 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-15 Thu 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-15 Thu 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-15 Thu 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-15 Thu 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-15 Thu 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-15 Thu 10:00> +** Friday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-06-16 Fri 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-16 Fri 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-16 Fri 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-16 Fri 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-16 Fri 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-16 Fri 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-16 Fri 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-16 Fri 10:00> + +* W25 +:PROPERTIES: +:ARCHIVE_TIME: 2023-07-11 Tue 10:13 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Work +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_ITAGS: work +:END: +** Monday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-06-19 Mon 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-19 Mon 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-19 Mon 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-19 Mon 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-19 Mon 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-19 Mon 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-19 Mon 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-19 Mon 10:00> +** Tuesday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-06-20 Tue 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-20 Tue 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-20 Tue 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-20 Tue 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-20 Tue 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-20 Tue 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-20 Tue 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-20 Tue 10:00> +** Wednesday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-06-21 Wed 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-21 Wed 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-21 Wed 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-21 Wed 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-21 Wed 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-21 Wed 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-21 Wed 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-21 Wed 10:00> +** Thursday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-06-22 Thu 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-22 Thu 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-22 Thu 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-22 Thu 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-22 Thu 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-22 Thu 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-22 Thu 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-22 Thu 10:00> +** Friday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-06-23 Fri 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-06-23 Fri 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-06-23 Fri 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-06-23 Fri 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-06-23 Fri 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-06-23 Fri 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-06-23 Fri 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-06-23 Fri 10:00> + +* W27 +:PROPERTIES: +:ARCHIVE_TIME: 2023-07-11 Tue 10:13 +:ARCHIVE_FILE: ~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/inbox.org +:ARCHIVE_OLPATH: Work +:ARCHIVE_CATEGORY: inbox +:ARCHIVE_ITAGS: work +:END: +** Tuesday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-07-04 Tue 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-07-04 Tue 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-07-04 Tue 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-07-04 Tue 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-07-04 Tue 09:30> +*** CANCELED [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-07-04 Tue 09:45> +:LOGBOOK: +- State "CANCELED" from "TODO" [2023-07-05 Wed 21:42] +:END: + +*** CANCELED [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-07-04 Tue 09:50> +:LOGBOOK: +- State "CANCELED" from "TODO" [2023-07-05 Wed 21:42] +:END: + +*** CANCELED [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-07-04 Tue 10:00> +:LOGBOOK: +- State "CANCELED" from "TODO" [2023-07-05 Wed 21:43] +:END: + +** Wednesday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-07-05 Wed 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-07-05 Wed 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-07-05 Wed 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-07-05 Wed 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-07-05 Wed 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-07-05 Wed 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-07-05 Wed 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-07-05 Wed 10:00> +** Thursday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-07-06 Thu 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-07-06 Thu 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-07-06 Thu 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-07-06 Thu 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-07-06 Thu 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-07-06 Thu 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-07-06 Thu 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-07-06 Thu 10:00> +** Friday +*** DONE [create-tasks] Webex +SCHEDULED: <2023-07-07 Fri 09:00> +*** DONE [create-tasks] Agenda +SCHEDULED: <2023-07-07 Fri 09:10> +*** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-07-07 Fri 09:20> +*** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-07-07 Fri 09:25> +*** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-07-07 Fri 09:30> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-07-07 Fri 09:45> +*** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-07-07 Fri 09:50> +*** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-07-07 Fri 10:00> diff --git a/elfeed.org b/elfeed.org index 41a3566d..1123b3fb 100644 --- a/elfeed.org +++ b/elfeed.org @@ -38,12 +38,16 @@ *** [[https://philjackson.github.io/feed.xml][Phil Jackson]] *** [[https://blog.ambrosebs.com/atom.xml][Ambrose]] ** misc :misc: + *** [[http://www.madore.org/~david/weblog/weblog.rss][David Madore's WebLog ]] *** [[http://verisimilitudes.net/rss.xml][verisimilitudes]] *** [[https://emacsformacosx.com/atom/release][Emacs]] :tool: *** [[https://solar.lowtechmagazine.com/feeds/all.rss.xml][lowtechmag]] *** [[https://gwern.substack.com/feed][Gwern]] *** [[http://backreaction.blogspot.com/feeds/posts/default][Backreaction]] +*** [[https://ploum.net/atom_fr.xml][ploum.net [fr]​]] +*** [[https://ploum.net/atom_en.xml][ploum.net [en]​]] + ** Threat Intelligence :ignore:work: *** [[http://feeds.feedburner.com/feedburner/Talos][Talos Blog]] *** [[https://feeds.feedburner.com/TheHackersNews][TheHackersNews]] @@ -58,3 +62,667 @@ *** [[https://bluelabyrinths.com/category/philosophy/feed/][bluelabyrinths]] ** Security :secu: *** [[https://portswigger.net/research/rss][PortSwigger Research]] +** Entertainment +*** [[https://welcometotwinpeaks.com/feed/][Welcome to Twin Peaks]] +** HN Personal Blogs :hn: +*** [[https://blog.jgc.org/feeds/posts/default][jgrahamc]] +*** [[https://jakeseliger.com/feed/][jseliger]] +*** [[https://letterstoanewdeveloper.com/feed/][mooreds]] +*** [[https://feeds.feedburner.com/stavrosstuff][stavros]] +*** [[https://www.bookofjoe.com/atom.xml][bookofjoe]] +*** [[https://www.bookofjoe.com/atom.xml][bookofjoe]] +*** [[https://blog.fogus.me/feed/][fogus]] +*** [[https://blog.rongarret.info/feeds/posts/default][lisper]] +*** [[https://blog.metaobject.com/feeds/posts/default][mpweiher]] +*** [[http://giuliomagnifico.blog/feed.xml][giuliomagnifico]] +*** [[https://boilingsteam.com/feed/][ekianjo]] +*** [[https://medium.com/feed/luminasticity][bryanrasmussen]] +*** [[https://www.craigkerstiens.com//index.xml][craigkerstiens]] +*** [[https://blog.yossarian.net/feed.xml][woodruffw]] +*** [[http://blog.dijit.sh/feed][dijit]] +*** [[https://shkspr.mobi/blog/feed/atom/][edent]] +*** [[https://littlegreenviper.com/feed/][ChrisMarshallNY]] +*** [[https://tiltingatwindmills.dev//feed.xml][imgabe]] +*** [[https://sneak.berlin/feed.xml][sneak]] +*** [[https://www.jefftk.com//news.rss][jefftk]] +*** [[https://taoofmac.com/atom.xml][rcarmo]] +*** [[https://notes.eatonphil.com/zigrocks-sql.html/rss.xml][eatonphil]] +*** [[https://sschueller.github.io//index.xml][sschueller]] +*** [[http://prepend.com/feed.xml][prepend]] +*** [[https://www.jeffgeerling.com/blog.xml][geerlingguy]] +*** [[https://www.swyx.io//rss.xml][swyx]] +*** [[https://riffraff.info/feed/][riffraff]] +*** [[https://omarabid.com/feed.xml][csomar]] +*** [[https://blog.nindalf.com/index.xml][nindalf]] +*** [[https://danpalmer.me//rss.xml][danpalmer]] +*** [[https://j11g.com/feed/][janvdberg]] +*** [[https://www.brightball.com//www.brightball.com/articles.rss][brightball]] +*** [[https://donatstudios.com/feed.rss][donatj]] +*** [[https://anisse.astier.eu/feed/][Aissen]] +*** [[https://honeypot.net//index.xml][kstrauser]] +*** [[https://andyjohnson.uk/blog/feed/][andyjohnson0]] +*** [[http://feeds.akkartik.name/kartiks-scrapbook][akkartik]] +*** [[https://annoying.technology/index.xml][dewey]] +*** [[https://jacobaldridge.com/feed/][JacobAldridge]] +*** [[https://nickjanetakis.com/atom.xml][nickjj]] +*** [[https://caseysoftware.com/feed][caseysoftware]] +*** [[https://healthydev.substack.com//feed][fredley]] +*** [[https://www.codeulike.com//feed.rss][codeulike]] +*** [[https://thecodist.com/rss/][coldcode]] +*** [[https://spindas.dreamwidth.org/data/rss][mintplant]] +*** [[https://blog.tedivm.com/feed/][tedivm]] +*** [[https://www.philipithomas.com/posts.rss][philip1209]] +*** [[https://www.friendlyskies.net/atom/][themodelplumber]] +*** [[https://paulstamatiou.com/posts.xml][PStamatiou]] +*** [[https://kevincox.ca/posts//feed.atom][kevincox]] +*** [[https://specbranch.com/index.xml][pclmulqdq]] +*** [[http://softwaredoug.com/feed.xml][softwaredoug]] +*** [[https://blog.bayindirh.io/rss/][bayindirh]] +*** [[https://captnemo.in/atom.xml][captn3m0]] +*** [[https://blog.steve.fi/index.rss][stevekemp]] +*** [[https://www.petekeen.net/index.xml][zrail]] +*** [[https://iamnotarobot.substack.com//feed][diego]] +*** [[https://invertedpassion.com/feed/][paraschopra]] +*** [[https://mikewarot.blogspot.com/feeds/posts/default][mikewarot]] +*** [[https://learnbyexample.github.io/atom.xml][asicsp]] +*** [[https://mikeseidle.com/feed/][indymike]] +*** [[https://burakku.com/blog//feed.xml][Hamuko]] +*** [[https://bergie.iki.fi//./blog/rss.xml][bergie]] +*** [[https://boyter.org/index.xml][boyter]] +*** [[https://www.adamconrad.dev/rss.xml][acconrad]] +*** [[https://svedic.org/feed][ZeljkoS]] +*** [[https://blog.damnscout.com/feed.xml][jasonlotito]] +*** [[https://feeds.feedburner.com/initiative][est]] +*** [[https://www.benovermyer.com/atom.xml][bovermyer]] +*** [[https://matteomanferdini.com/feed/][DeusExMachina]] +*** [[https://smcleod.net/index.xml][smcleod]] +*** [[http://blog.stargrave.org/russian/feed.atom][stargrave]] +*** [[https://xnux.eu/log//rss.xml][megous]] :ignore: +*** [[https://blog.allen0s.com/rss.xml][allenleein]] +*** [[https://blog.darkmere.gen.nz/feed/][slyall]] +*** [[https://amadeuspagel.com/feed][amadeuspagel]] +*** [[https://medium.com/feed/@trendguardian][mgh2]] +*** [[https://uptointerpretation.com/rss/][hardwaregeek]] +*** [[https://feeds.feedburner.com/damninteresting/all][DamnInteresting]] +*** [[https://blog.senko.net/feed/][senko]] +*** [[https://benhoyt.com/writings//writings/rss.xml][benhoyt]] +*** [[https://steve-adams.me/rss/][steve_adams_86]] +*** [[https://porkrind.org/missives/feed/][__david__]] +*** [[https://rrich.io/writing/feed.xml][ryanSrich]] +*** [[https://ivymike.dev/feeds/all.atom.xml][IvyMike]] +*** [[https://mattkeeter.com/blog/atom.xml][mkeeter]] +*** [[https://banagale.com/feed][bredren]] +*** [[https://notes.billmill.org/atom.xml][llimllib]] +*** [[https://devlog.hexops.com/feed.xml][slimsag]] +*** [[https://ebiester.com/feed.xml][ebiester]] +*** [[https://wyclif.substack.com/feed][dash2]] +*** [[https://herbertlui.net/feed/][herbertl]] +*** [[https://hymnos.existenz.ch/feed/][cstuder]] +*** [[https://raesene.github.io/feed.xml][raesene9]] +*** [[https://xosh.org/index.xml][smusamashah]] +*** [[https://www.codingvc.com//feed][lpolovets]] +*** [[http://sebinsua.com/feed.xml][lhnz]] +*** [[https://vonguard.net/feed/][VonGuard]] +*** [[https://kevinohashi.com/rss.xml][ohashi]] +*** [[https://xeiaso.net/blog.rss][xena]] +*** [[https://jezenthomas.com//feed.xml][yakshaving_jgt]] +*** [[https://solomon.io/feed/][samsolomon]] +*** [[https://one.mikro2nd.net/index.xml][mikro2nd]] +*** [[https://canolcer.com//index.xml][shafyy]] +*** [[https://cushychicken.github.io/feed.xml][cushychicken]] +*** [[https://blog.danieljanus.pl//atom.xml][nathell]] +*** [[https://minireference.com/blog/feed/][ivan_ah]] +*** [[https://blog.daniemon.com/feed/][tagawa]] +*** [[https://bfontaine.net/blog//blog/atom.xml][hk__2]] +*** [[https://liam-on-linux.dreamwidth.org/data/rss][lproven]] +*** [[https://www.fortressofdoors.com/rss/][larsiusprime]] +*** [[https://blog.kinglycrow.com/rss/][ianbutler]] +*** [[https://greaterdanorequalto.com/rss/][DanHulton]] +*** [[https://www.masswerk.at/nowgobang//nowgobang/feed.xml][masswerk]] +*** [[https://da-data.blogspot.com/feeds/posts/default][dgacmu]] +*** [[https://www.jamesshore.com/s/new/v2/feed][jdlshore]] +*** [[https://muxup.com//feed.xml][asb]] +*** [[https://dylanfitzgerald.net/index.xml][Arubis]] +*** [[https://predr.ag/atom.xml][obi1kenobi]] +*** [[https://mustafaakin.dev//./index.xml][CSDude]] +*** [[https://thetechee.com/feed/][boeingUH60]] +*** [[https://cookie.engineer/weblog/feed.xml][cookiengineer]] +*** [[https://joshmanders.com/rss/][joshmanders]] +*** [[https://eftegarie.com/feed/][amin]] +*** [[https://alinpanaitiu.com/index.xml][alin23]] +*** [[https://win-vector.com/feed/][jmount]] +*** [[https://craigmod.com/index.xml][cmod]] +*** [[https://werd.io/?_t=rss][benwerd]] +*** [[https://feeds.feedburner.com/eligrey][Sephr]] +*** [[https://www.attejuvonen.fi//rss.xml][baobabKoodaa]] +*** [[https://zellyn.com/index.xml][zellyn]] +*** [[https://michael-lewis.com//index.xml][m-i-l]] +*** [[https://amistrongeryet.substack.com//feed][snewman]] +*** [[https://www.dotcoma.it/english/feed][dotcoma]] +*** [[https://bastibe.de/rss.xml][Derbasti]] +*** [[http://ssp.impulsetrain.com//rss.xml][ssp]] +*** [[https://jakebasile.com/index.xml][jakebasile]] +*** [[https://fev.al/feed.xml][charles_f]] +*** [[https://www.devever.net/~hl//index.feed][hlandau]] +*** [[https://medium.com/feed/@ssg][sedatk]] +*** [[https://klinger.io/rss.xml][andreasklinger]] +*** [[https://lambdaland.org/index.xml][ashton314]] +*** [[https://www.ryancompton.net/feed.xml][rcpt]] +*** [[https://serhack.me/index.xml][serhack_]] +*** [[https://blog.gingerlime.com/feed/][gingerlime]] +*** [[https://quaxio.com//feed.xml][amenghra]] +*** [[https://bobbiechen.com/blog?format=rss][bobbiechen]] +*** [[https://ruky.me/feed/][rukshn]] +*** [[https://neil.computer/rss/][neilpanchal]] +*** [[https://boston.conman.org//index.atom][spc476]] +*** [[https://blog.winricklabs.com/rss.xml][winrid]] +*** [[https://rya.nc/feeds/all.atom][ryan-c]] +*** [[https://nyanpasu64.gitlab.io/atom.xml][nyanpasu64]] +*** [[https://www.kcoleman.me/feed.xml][itake]] +*** [[https://bill.harding.blog/feed/][wbharding]] +*** [[https://yieldthought.com/rss][moconnor]] +*** [[https://paperless.blog/feed.xml][l0b0]] +*** [[https://padiracinnovation.org/News//News/feed/rss][JPLeRouzic]] +*** [[https://hugotunius.se/feed.xml][K0nserv]] +*** [[https://www.insurgent.ca/feed][nickelcitymario]] +*** [[https://blog.untrod.com/feeds/all.atom.xml][numlocked]] +*** [[https://0xc0ffee.ca//index.xml][ghostpepper]] +*** [[https://www.databasesandlife.com//index.xml][adrianmsmith]] +*** [[https://dissociatedpress.net/feed/][jzb]] +*** [[https://blog.dianazink.com/feed:atom][dzink]] +*** [[https://cheeaun.com/blog//blog/feed.xml][cheeaun]] +*** [[https://0xfe.blogspot.com/feeds/posts/default][zeroxfe]] +*** [[https://golfcoursewiki.substack.com//feed][scoofy]] +*** [[https://blog.yelinaung.com/index.xml][yla92]] +*** [[https://ricardoanderegg.com/posts/index.xml][polyrand]] +*** [[https://jklinger.co/blog//feed/?type=rss][jklinger410]] +*** [[https://maxleiter.com/feed.xml][MaxLeiter]] +*** [[https://sklivvz.com/feed][sklivvz1971]] +*** [[https://sheep.horse//rss.xml][AndrewStephens]] +*** [[http://jeremymikkola.com/./atom.xml][piinbinary]] +*** [[https://www.chestergrant.com/posts.atom][chegra]] +*** [[https://b.agilob.net//index.xml][agilob]] +*** [[https://antipaucity.com/feed/][warrenm]] +*** [[https://http://knaik94.github.io//feed.xml][knaik94]] +*** [[https://www.oblomovka.com/wp/feed/atom/][dannyobrien]] +*** [[https://yannesposito.com/rss.xml][yogsototh]] +*** [[https://cscrunch.com/rss.xml][coreyp_1]] +*** [[http://blog.alanbernstein.net//index.xml][alanbernstein]] +*** [[https://www.pinecoder.dev/index.xml][cloverich]] +*** [[https://www.xitijpatel.com/rss/][HorizonXP]] +*** [[https://medium.com/feed/@eugeniyoz][EugeneOZ]] +*** [[https://daniel.do//rss.xml][dimmke]] +*** [[https://duncanlock.net//feeds/all.rss.xml][dflock]] +*** [[https://medium.com/feed/@matthewsinclair][matthewsinclair]] +*** [[https://ajxs.me//site.rss][ajxs]] +*** [[https://www.scottgoci.com/feed/][eggbrain]] +*** [[https://lovebloodrhetoric.com/feed/][Zanni]] +*** [[https://sonnet.io/feed.xml][rpastuszak]] +*** [[https://davepeck.org//feed/master.xml][davepeck]] +*** [[https://jamie.ideasasylum.com/feed.xml][hopeless]] +*** [[https://evjang.com//feed.xml][ericjang]] +*** [[https://etodd.io/index.xml][et1337]] +*** [[https://superbowl.substack.com/feed][superb-owl]] +*** [[https://bt.ht/atom.xml][bradley_taunt]] +*** [[https://loufranco.com/feed][loumf]] +*** [[https://philbooth.me/blog/blog.atom][philbo]] +*** [[https://abhijithota.me/index.xml][kretaceous]] +*** [[https://jonathanchang.org/feed.xml][jonchang]] +*** [[https://elliotec.com/feed.xml][elliotec]] +*** [[https://blog.steren.fr/atom.xml][steren]] +*** [[https://www.usebox.net/jjm/blog//jjm/blog/index.xml][reidrac]] +*** [[https://www.dannyguo.com/blog/feed.xml][dguo]] +*** [[https://jonpauluritis.com/feed.xml][jppope]] +*** [[https://blog.yiningkarlli.com/feeds/posts/default/][ykl]] +*** [[http://bastian.rieck.me/blog/index.xml][Pseudomanifold]] +*** [[https://oo.svbtle.com/feed][miduil]] +*** [[https://coredumped.dev/index.xml][celeritascelery]] +*** [[https://mattmichie.com/index.xml][influx]] +*** [[https://www.jackriminton.com/rss/][jack_riminton]] +*** [[https://matt-rickard.com/rss/][rckrd]] +*** [[https://everttimberg.io/blog//blog/index.xml][etimberg]] +*** [[https://vadimkravcenko.com/feed/][bndr]] +*** [[https://www.micahlerner.com/atom.xml][mlerner]] +*** [[https://overthinkingmoney.com/feed/][gsaines]] +*** [[https://www.barbariangrunge.com//feed][barbariangrunge]] +*** [[http://justinhj.github.io/feed.xml][justinhj]] +*** [[https://akalin.com/feed/atom][akalin]] +*** [[https://muratbuffalo.blogspot.com/feeds/posts/default][mad44]] +*** [[http://www.trickjarrett.com/feed.rss][trickjarrett]] +*** [[https://denovo.substack.com/feed][Metacelsus]] +*** [[http://future-secured.com/feed/][adrianwaj]] +*** [[https://weekly.elfitz.com/rss/][ElFitz]] +*** [[https://mattrighetti.com/feed.xml][mattrighetti]] +*** [[http://www.mschaef.com/feed/atom][mschaef]] +*** [[https://law.gmnz.xyz/feed.xml][lawgimenez]] +*** [[https://savraj.co/feed.xml][savrajsingh]] +*** [[https://tylerneylon.com/feed][tylerneylon]] +*** [[https://arnorhs.dev/rss.xml][arnorhs]] +*** [[https://blog.klungo.no//atom.xml][danielskogly]] +*** [[https://vincent.bernat.ch/en/blog/atom.xml][vbernat]] +*** [[https://tanelpoder.com/index.xml][tanelpoder]] +*** [[https://myownfortune.wordpress.com/feed/][SonOfLilit]] +*** [[https://nuxx.net/blog/feed/][c0nsumer]] +*** [[https://rd.nz/feeds/posts/default][richdougherty]] +*** [[https://divan.dev/index.xml][divan]] +*** [[https://den.dev/index.xml][dend]] +*** [[https://urda.com/feed.xml][urda]] +*** [[https://muhammadraza.me///muhammadraza.me/feed.xml][mr_o47]] +*** [[https://muhammadraza.me///muhammadraza.me/feed.xml][mr_o47]] +*** [[https://blog.jonlu.ca/feed.xml][jonluca]] +*** [[https://manuel.kiessling.net/index.xml][ManuelKiessling]] +*** [[https://hypertexthero.com/index.xml][hypertexthero]] +*** [[https://francoisbest.com/posts/feed/rss.xml][franky47]] +*** [[https://avodonosov.blogspot.com/feeds/posts/default][avodonosov]] +*** [[https://jsavage.xyz/feed/][JSavageOne]] +*** [[https://log.schemescape.com//feed.xml][schemescape]] +*** [[https://darekkay.com/atom.xml][darekkay]] +*** [[https://blog.flurdy.com//feed.xml][flurdy]] +*** [[https://www.gregnavis.com/feed.xml][gregnavis]] +*** [[https://paulw.tokyo//index.xml][m3at]] +*** [[https://beuke.org//atom.xml][tutfbhuf]] +*** [[https://blog.adnansiddiqi.me/feed/][pknerd]] +*** [[https://buildingbetterteams.de/profiles/brian-graham?format=rss][bdg]] +*** [[https://www.gkbrk.com/feed.xml][gkbrk]] +*** [[https://michaelscepaniak.com/feed.xml][hispanic]] +*** [[https://ifelse.io/index.xml][markthethomas]] +*** [[https://david.coffee/index.xml>][dvcrn]] +*** [[https://rachitsingh.com/rss.xml][singhrac]] +*** [[https://connortumbleson.com/rss/][iBotPeaches]] +*** [[https://seirdy.one/atom.xml][Seirdy]] +*** [[https://blog.vito.nyc/index.xml][nickelpro]] +*** [[https://cretezy.com/rss.xml][CraftThatBlock]] +*** [[https://james.brooks.page/rss/feed.xml][jbrooksuk]] +*** [[https://tomk32.de/feed.xml][TomK32]] +*** [[https://er4hn.info/index.xml][er4hn]] +*** [[https://ounapuu.ee//index.xml][hddherman]] +*** [[https://valbaca.com/feed.xml][valbaca]] +*** [[https://parallelthoughts.xyz/index.xml][manish_gill]] +*** [[https://bytesizetheories.com/index.xml][nichochar]] +*** [[https://thenewleafjournal.com/feed/][nafnlj]] +*** [[https://t-ravis.com/index.xml][abathur]] +*** [[https://www.srijn.net/blog/rss/][srijan4]] +*** [[https://notes.ghed.in/index.xml][rpgbr]] +*** [[https://allenpike.com//feed/][apike]] +*** [[https://mssv.net/feed/][adrianhon]] +*** [[https://lucasfcosta.com/feed.xml][lucasfcosta]] +*** [[https://benjcal.space//feed.xml][_benj]] +*** [[https://stephanango.com/feed.xml][kepano]] +*** [[https://lengrand.fr/rss/][jlengrand]] +*** [[https://thomashunter.name//feed.rss][tlhunter]] +*** [[https://fasterthanli.me/index.xml][fasterthanlime]] +*** [[https://truthindustri.es/feed.xml][tessierashpool]] +*** [[https://olin.monster/index.xml][fsiefken]] +*** [[https://e-dorigatti.github.io/feed.xml][blackbear_]] +*** [[https://joelx.com/feed/][silexia]] +*** [[https://jfoucher.com/feed.xml][jfoucher]] +*** [[https://alexandre.storelli.fr/rss/][dest]] +*** [[https://mhitza.github.io/atom.xml][mhitza]] +*** [[https://blog.eutopian.io/index.xml][nickdothutton]] +*** [[https://benigninteroperability.com/feed/][DarrenDev]] +*** [[https://synack.me/feed/blog.atom][synack]] +*** [[https://chris.cothrun.com/feed/][mutagen]] +*** [[https://jpreston.xyz/feed.xml][wcerfgba]] +*** [[https://swiftfox.co/feed/][jclardy]] +*** [[https://jloh.co/index.xml][itsjloh]] +*** [[https://bernsteinbear.com/feed.xml][tekknolagi]] +*** [[https://grady.io/rss.xml][gradys]] +*** [[https://www.dquach.com/feed/][palidanx]] +*** [[https://www.danstroot.com//feed.xml][dstroot]] +*** [[https://xavd.id/blog/blog/feeds/rss.xml][xavdid]] +*** [[https://briansunter.com/index.xml>][bribri]] +*** [[https://ageofai.substack.com//feed][arikrak]] +*** [[https://graypegg.com/feed.xml][graypegg]] +*** [[https://mempko.wordpress.com/feed/][mempko]] +*** [[https://ochagavia.nl/index.xml][wofo]] +*** [[https://rolisz.ro/rss/][rolisz]] +*** [[https://yeri.be/feed][Yeri]] +*** [[https://indieblog.page//dailyfeed][splitbrain]] +*** [[https://matthewc.dev/index.xml][matthewfcarlson]] +*** [[https://josh.works/blog/atom.xml][wonder_er]] +*** [[http://mbutler.org/feed/][stolenmerch]] +*** [[https://rodolphoarruda.pro.br/feed/][rodolphoarruda]] +*** [[https://pomb.us//rss.xml][pomber]] +*** [[https://wdkwwdk.com/atom.xml][kevin_nisbet]] +*** [[https://blog.separateconcerns.com/feed.atom][catwell]] +*** [[https://karmanyaah.malhotra.cc/feed.xml][karmanyaahm]] +*** [[https://jordemort.dev/blog//atom.xml][jordemort]] +*** [[http://www.rockoder.com//atom.xml][pagade]] +*** [[https://blog.marbu.eu//./atom.xml][marbu]] +*** [[https://zef.studio//feed.rss][zefhous]] +*** [[https://defn.io/index.xml][Bogdanp]] +*** [[https://alesruzicka.eu/blog/eng//blog/eng/index.xml][czechdeveloper]] +*** [[https://dimle.wordpress.com/feed/][myle]] +*** [[https://soatok.blog/feed/][some_furry]] +*** [[http://evanfields.net/feed.xml][Tarrosion]] +*** [[https://digitalnomadder.micro.blog/feed.xml][scarface_74]] +*** [[https://jmmv.dev//feed.xml>][jmmv]] +*** [[https://andersource.dev/andersource.github.io/feed.xml][andersource]] +*** [[https://www.anfractuosity.com/feed/][anfractuosity]] +*** [[https://rybakov.com/blog/index.xml][spython]] +*** [[https://faingezicht.com/atom.xml][avyfain]] +*** [[https://amerine.net/feed.xml][amerine]] +*** [[https://max.engineer/feed.rss][hakunin]] +*** [[https://nutcroft.com//rss/][sirodoht]] +*** [[https://nikhilism.com/index.xml][nsm]] +*** [[https://everything.intellectronica.net//feed][intellectronica]] +*** [[https://nsirap.com//feed/feed.xml][Nic0]] +*** [[https://www.carrozo.com/cascade?format=rss][carrozo]] +*** [[https://honestmusings.wordpress.com/feed/][realrocker]] +*** [[https://nullonerror.org//feed.xml][delduca]] +*** [[https://phili.pe/feed.xml][fphilipe]] +*** [[https://medium.com/feed/full-stack-architecture][ericHosick]] +*** [[https://tomverbeure.github.io/feed.xml][tverbeure]] +*** [[https://www.nothingeasyaboutthis.com/rss/][bberenberg]] +*** [[https://www.weeklycspaper.com/archive/feed/][l1am0]] +*** [[https://gyani.net/feed.xml][break_the_bank]] +*** [[https://www.alicegg.tech//feed.xml][zer0tonin]] +*** [[https://blog.scottlogic.com/atom.xml][ColinEberhardt]] +*** [[https://dheinemann.com/atom][Auguste]] +*** [[https://thomask.sdf.org/feed.xml][thombles]] +*** [[https://muffinman.io//atom.xml][stankot]] +*** [[https://fractalco.re/index.xml][qmarchi]] +*** [[https://www.jimwestergren.com/rss.xml][JimWestergren]] +*** [[https://adriano.fyi/index.xml][acaloiar]] +*** [[https://brett.coulstock.id.au/rss.xml][MrVandemar]] +*** [[https://daveon.design/rss.xml][vintagedave]] +*** [[https://du.nkel.dev/feed_rss_created.xml][Helmut10001]] +*** [[https://thraxil.org/feeds/main][thraxil]] +*** [[https://blog.perryizgr8.com//feed.xml][perryizgr8]] +*** [[https://adnankhan.space//undefined/rss/feed.xml][capex]] +*** [[https://aurametrix.weebly.com/blog][Irene]] +*** [[https://blog.plover.com/index.rss][mjd]] :ignore: +*** [[https://walkabout165.blogspot.com/feeds/posts/default][ricksunny]] +*** [[https://blog.kaetemi.be/feed/][kaetemi]] +*** [[https://www.hoelzel.it/feed.xml][jhoelzel]] +*** [[https://blog.martijnarts.com/rss/][TotempaaltJ]] +*** [[https://matduggan.com/rss/][mduggles]] +*** [[https://skife.org//index.xml][brianm]] +*** [[https://diffxweyl.wordpress.com/feed/][fferen]] +*** [[https://leadership.garden/rss/][ochronus]] +*** [[https://medium.com/feed/@ahnfelt][continuational]] +*** [[https://javiergarmon.com/rss/][openmaze]] +*** [[https://www.galacticbeyond.com/rss/][nz]] +*** [[https://d13v.com/atom.xml][mitko]] +*** [[https://blog.skouf.com/index.xml][Niksko]] +*** [[https://www.hypergeometric.com/feed/][gpapilion]] +*** [[https://www.satisfice.com/feed][satisfice]] +*** [[https://iam.mt/feed/][thallavajhula]] +*** [[https://www.justus.pw/index.xml][justusw]] +*** [[https://shadowfacts.net/feed.xml][shadowfacts]] +*** [[https://falconius.com/index.php/feed/][mfalcon]] +*** [[https://ayewo.com/rss/][ayewo]] +*** [[https://blog.adrianistan.eu/rss.xml][aarroyoc]] +*** [[https://hyperific.bearblog.dev//feed/?type=rss][hyperific]] +*** [[https://feeds.feedburner.com/confessionsoftheprofessions][mattbgates]] +*** [[https://antoinevastel.com//feed.xml][avastel]] +*** [[https://avikdas.com/feed.xml][akdas]] +*** [[https://ethanmick.com/rss/][Ethan_Mick]] +*** [[https://reidburke.com/feed/][reid]] +*** [[https://98.codes/rss/][98codes]] +*** [[https://www.khanna.law/rss/feed.xml][hkhanna]] +*** [[https://lizmars.net/feed][1attice]] +*** [[https://rohitjha.com/blog/rss/][jharohit]] +*** [[https://paul.totterman.name//index.xml][ptman]] +*** [[https://wasi0013.com/feed/][wasi0013]] +*** [[https://ferrucc.io/index.xml][0xferruccio]] +*** [[https://blog.tracefunc.com//index.xml][jamie_ca]] +*** [[https://emphaticallystatic.org/feed/][hnarayanan]] +*** [[https://www.davidpriver.com/feed.xml][david2ndaccount]] +*** [[https://dominik.net/index.xml][dominik]] +*** [[https://www.mattstrayer.com/index.xml][mattstrayer]] +*** [[https://blog.lawrencejones.dev//feed.xml][lawrjone]] +*** [[https://justingarrison.com/index.xml][JustinGarrison]] +*** [[https://rtnf.substack.com/feed][altilunium]] +*** [[https://b.yuxuan.org/rss.xml][fishywang]] +*** [[https://akashrajpurohit.com/blogs//rss.xml][ghostfoxgod]] +*** [[https://ishan.co/index.xml][ishansharma]] +*** [[https://origami.kosmulski.org//feed.xml][mkosmul]] +*** [[https://www.ashish.zip/feeds/posts/default][kasperset]] +*** [[http://blaise.bike/feed.xml][ch33zer]] +*** [[https://dwarfdreams.com/rss.xml][rootw0rm]] +*** [[https://feeds.feedburner.com/gatsby/blog][iddan]] +*** [[https://blog.qiqitori.com/feed/][qiqitori]] +*** [[https://www.craigpardey.com/index.xml][pards]] +*** [[https://blog.awaxman.com//feed.xml][awaxman11]] +*** [[https://yulian.kuncheff.com/index.xml][Daegalus]] +*** [[https://martinrue.com/rss.xml][martinrue]] +*** [[https://luten.dev//feed.xml][netule]] +*** [[https://www.brycewray.com/index.xml][brycewray]] +*** [[https://pawelurbanek.com//feed.xml][pawurb]] +*** [[https://vandragt.com/feed][pacifika]] +*** [[https://anderegg.ca//feed.xml][GavinAnderegg]] +*** [[https://staysaasy.com/feed.xml][hackitup7]] +*** [[https://www.leehauser.com/feed.xml][themadturk]] +*** [[https://fserb.com/flux//../site.rss][fserb]] +*** [[https://ryanblakeley.net/feed][ryanblakeley]] +*** [[https://www.dsebastien.net/rss/][dSebastien]] +*** [[https://blog.usmanity.com/rss/][muhammadusman]] +*** [[https://purpleidea.com/blog/index.xml][purpleidea]] +*** [[https://blog.vasi.li/feed/][vsviridov]] +*** [[https://web.navan.dev/feed.rss][navanchauhan]] +*** [[https://leblancfg.com/feeds/all.atom.xml][leblancfg]] +*** [[https://geekmonkey.org/rss/][halfdan]] +*** [[https://gaganpreet.in/index.xml][gsa]] +*** [[https://dustinfreeman.org/feed/][escapecharacter]] +*** [[https://www.bbkane.com/atom.xml][bbkane]] +*** [[https://tholman.com//feed.xml][tholman]] +*** [[https://nadh.in/blog/index.xml][knadh]] +*** [[https://murat.bio/index.xml][timeoperator]] +*** [[https://chrisfrew.in/rss.xml][fullstackchris]] +*** [[https://caiustheory.com/feed.xml][caiusdurling]] +*** [[https://ntietz.com/atom.xml][ntietz]] +*** [[https://zserge.com/rss.xml>][zserge]] +*** [[https://blog.tafkas.net/index.xml][stadeschuldt]] +*** [[https://ploum.net//atom.xml][ploum]] +*** [[https://www.jerpint.io/feed.xml][jerpint]] +*** [[https://dragoshmocrii.com/feed/][dragosmocrii]] +*** [[https://gustavohidalgo.com//index.xml][guhidalg]] +*** [[https://langsoul.com/feed][langsoul-com]] +*** [[https://sigwait.org/~alex/blog//rss.xml][henry_flower]] +*** [[https://domenicoluciani.com/feed.xml][DLion]] +*** [[https://murphyslab.ca/notes/index.xml][murphyslab]] +*** [[https://www.joshbeckman.org/rss/][bckmn]] +*** [[https://dustin.lammiman.ca//feed/feed.xml][nosecreek]] +*** [[https://reticulated.net/index.xml>][pwillia7]] +*** [[https://ryanbigg.com/feed.xml][ryanbigg]] +*** [[https://noahnorman.substack.com//feed][doctorhandshake]] +*** [[https://andreschweighofer.com/feed/][fidrelity]] +*** [[https://www.csun.io//feed.xml][igpay]] +*** [[https://shashanksthoughts.blogspot.com/feeds/posts/default][start123]] +*** [[https://www.leandrosf.com/rss/][lsferreira42]] +*** [[https://musings.yasyf.com/rss/][yasyfm]] +*** [[https://dev.to/feed/johntellsall][john-tells-all]] +*** [[https://phacks.dev/rss/feed.xml][phacks]] +*** [[https://www.werder.space/feed.xml][Jack5500]] +*** [[https://dystroy.org/blog/atom.xml][dystroy]] +*** [[http://www.gregreda.com/feeds/all.atom.xml][gjreda]] +*** [[https://www.morling.dev/index.xml][gunnarmorling]] +*** [[https://korz.dev/feed.xml][dindresto]] +*** [[https://www.jonandnic.com/feed/][codepoet80]] +*** [[https://www.sicpers.info/feed/][grahamlee]] +*** [[https://jasonraimondi.com/'/index.xml'>][jmondi]] +*** [[https://liorsinai.github.io//feed.xml][the_origami_fox]] +*** [[https://marcolabarile.me/feed.xml][labarilem]] +*** [[https://vikramoberoi.com/rss/][voberoi]] +*** [[https://voussoir.net/writing/writing/writing.atom][voussoir]] +*** [[https://swaits.com/atom.xml][swaits]] +*** [[https://cache.substack.com//feed][hiidrew]] +*** [[https://shahinrostami.com/rss/feed.xml][batterylow]] +*** [[https://blog.charliemeyer.co/feed/?type=rss][csmeyer]] +*** [[https://blackshaw.substack.com//feed][blackshaw]] +*** [[https://heidenstedt.org/./index.xml][i5heu]] +*** [[https://www.macchaffee.com/blog//blog/atom.xml][mac-chaffee]] +*** [[https://www.softwareatscale.dev//feed][ublaze]] +*** [[https://mbork.pl?action=rss][mbork_pl]] +*** [[https://tynan.com/feed/][tynan]] +*** [[http://groverlab.org/feed.xml][wgrover]] +*** [[https://photonlines.substack.com//feed][photon_lines]] +*** [[https://simonhartcher.com/feed][deevus]] +*** [[https://ph-uhl.com/rss.xml][adminu]] +*** [[https://christophvoigt.com//rss.xml][voigt]] +*** [[https://www.evalapply.org/index.xml][adityaathalye]] +*** [[https://blog.janetacarr.com/rss/][janetacarr]] +*** [[https://juliette.page/rss][julietteeb]] :ignore: +*** [[https://danielcorin.com/index.xml][danielcorin]] +*** [[https://siddhesh.substack.com/feed][weekendvampire]] +*** [[https://iamvishnu.com/feed.xml][vishnuharidas]] +*** [[https://www.thecapegreek.com/rss.xml][TheCapeGreek]] +*** [[https://johnmathews.is/feed.xml][mthwsjc_]] +*** [[https://paulbridger.com/index.xml][briggers]] +*** [[https://unintendedconsequenc.es/feed/][paulorlando]] +*** [[https://startupsunplugged.com/feed/][paulorlando]] +*** [[https://jdsalaro.com/blog/atom.xml][jdsalaro]] +*** [[https://jamesg.blog/feeds/posts.xml][zerojames]] +*** [[https://dannas.name/feed.xml][dannas]] +*** [[https://kinoshita.eti.br/feed.xml][kinow]] +*** [[https://andrewferguson.net/feed/][fergbrain]] +*** [[https://github.com/feed.xml][boricj]] +*** [[https://jasono.co/feed/][joneil]] +*** [[https://heitorpb.github.io/atom.xml][hpb42]] +*** [[https://jiml.us//index.xml][jim_lawless]] +*** [[https://mrkaran.dev/rss/][mr-karan]] +*** [[https://allanrbo.blogspot.com/feeds/posts/default][allanrbo]] +*** [[https://fbrs.io/atom.xml][YuukiRey]] +*** [[https://joisig.com/feed.xml][joisig]] +*** [[https://rohitgupta.xyz/blog/index.xml][guptarohit]] +*** [[https://ernest.oppet.it/feed/][ernopp]] +*** [[https://www.suren.fyi/rss/][snihalani]] +*** [[https://mahdi.blog/feed.xml][mdibaiee]] +*** [[https://keita.blog/feed/][sleepy_keita]] +*** [[https://raynicholus.com/feed.xml][rnicholus]] +*** [[https://world.hey.com/sunjain/feed.atom][sunjain]] +*** [[https://www.masterorganicchemistry.com/feed/][jamesash]] +*** [[http://localhost:4000/feed.xml][k-ian]] +*** [[https://ajkueterman.dev/feed.atom][robotsquidward]] +*** [[https://www.heneli.dev//feed.xml][hkailahi]] +*** [[http://fernandomeyer.com/index.xml][fmeyer]] +*** [[https://yehudacohen.substack.com//feed][ManWith2Plans]] +*** [[https://nectarine.sh/index.xml][GOATS-]] +*** [[https://www.cricalix.net/feed/][cricalix]] +*** [[https://blog.marcua.net/feed.xml][marcua]] +*** [[https://onatm.dev/feed.xml][onatm]] +*** [[https://julianwachholz.dev/feed/?type=rss][julianwachholz]] +*** [[https://jay.jvf.cc/index.xml][jayofdoom]] +*** [[https://www.nkantar.com/blog/feed][nkantar]] +*** [[https://synystron.substack.com//feed][syngrog66]] +*** [[https://imrannazar.com//rss.xml][Two9A]] +*** [[https://blog.herlein.com//'https://blog.herlein.com/index.xml'][gherlein]] +*** [[https://www.troyhunt.com/rss/][user7878]] +*** [[https://medium.com/feed/@lmy][tslmy]] +*** [[https://xnacly.me/index.xml][xnacly]] +*** [[https://peekread.info/rss.xml][dugite-code]] +*** [[https://www.alexanderlolis.com//rss.xml][damethos]] +*** [[https://jupblb.prose.sh/rss][jupblb]] +*** [[https://blog.robertsimoes.org/index.xml][devrob]] +*** [[https://qubyte.codes/atom.xml][qubyte]] +*** [[https://podviaznikov.com/writings/feed.xml][podviaznikov]] +*** [[https://blakeashleyjr.com/index.xml][chillycurve]] +*** [[https://cendyne.dev/feed.xml][cendyne]] +*** [[https://lukeplant.me.uk/blog//atom/index.xml][spookylukey]] +*** [[https://wcedmisten.fyi/feed.xml][wcedmisten]] +*** [[https://bartlomiejmika.com/index.xml>][bartmika]] +*** [[https://blog.ovalerio.net/feed][dethos]] +*** [[https://theblackcat102.github.io//feed.xml][blackcat201]] +*** [[https://peterlyons.com/problog//rss.xml][focusaurus]] +*** [[https://siwei.io/en//en/index.xml][wey-gu]] +*** [[http://michaelhoney.com/writing?format=rss][michaelhoney]] +*** [[https://tashian.com/articles/index.xml][tashian]] +*** [[https://nithinbekal.com/feed.xml][nithinbekal]] +*** [[https://www.joshcanhelp.com//rss.xml][joshcanhelp]] +*** [[https://brntn.me/rss/][brntn]] +*** [[https://jiby.tech/index.xml][FrenchyJiby]] +*** [[https://drakerossman.com/feed.xml][drakerossman]] +*** [[https://nathanfriend.io//feed.xml][nfriend]] +*** [[https://balanarayan.com/feed/][chupchap]] +*** [[https://devinprater.micro.blog/feed.xml][devinprater]] +*** [[https://www.matthewhowell.net//atom.xml][mthwl]] +*** [[https://sayr.us/feed.xml][Sayrus]] +*** [[https://0180744d.maciej-litwiniuk-net.pages.dev/index.xml][mlitwiniuk]] +*** [[https://apogliaghi.com//index.xml][tatoalo]] +*** [[https://blog.randombits.host/rss/][conor_f]] +*** [[http://martinantos.com/feed.xml][inferense]] +*** [[https://www.circusscientist.com/feed/][tomjuggler]] +*** [[https://www.swilliams.io//atom.xml][swilliamsio]] +*** [[https://ktkaufman03.github.io//feed.xml][ktkaufman]] +*** [[https://tommasoamici.com/rss.xml][tommasoamici]] +*** [[https://blog.andyglassman.com/feeds/posts/default][gnutrino]] +*** [[https://codeconfessions.substack.com//feed][abhi9u]] +*** [[https://adamcraven.com/writing//writing/index.xml][AdamCraven]] +*** [[https://asemichorizon.wordpress.com/feed/][syntaxfree]] +*** [[https://andrewodendaal.com/index.xml>][aoms]] +*** [[https://qsantos.fr/feed/][qsantos]] +*** [[https://tomhummel.com/index.xml][tphummel]] +*** [[https://janejeon.dev/rss/][janejeon]] +*** [[https://amols.blog/rss.xml][mindhash]] +*** [[https://www.wildernessprime.com/feed.xml][davelondon]] +*** [[https://blog.imraniqbal.org/atom.xml][imran-iq]] +*** [[https://markjgsmith.com/feeds/blog/rss/feed.xml][mjgs]] +*** [[https://medium.com/feed/@fredgrott][fredgrott]] +*** [[https://blog.tjll.net/feed.xml][tylerjl]] +*** [[http://baotiao.github.io/feed.xml][baotiao]] +*** [[https://philippzentner.com/feed.xml][philippz]] +*** [[https://blog.varunramesh.net/rss.xml][varunramesh]] +*** [[https://stribny.name/blog/feed.xml][petr25102018]] +*** [[https://artem.krylysov.com/blog//atom.xml][KAdot]] +*** [[https://quinnkeast.com/writing/feed.xml][qkeast]] +*** [[https://sophiabits.com/blog/feed.rss.xml][sophiabits]] +*** [[https://nicolaiarocci.com/index.xml][nicola]] +*** [[https://shadow.sombragris.org/?feed=rss2][sombragris]] +*** [[https://www.waynehaber.com/feeds/posts/default][waynesoftware]] +*** [[https://ph4ni.github.io/index.xml][ph4ni]] +*** [[http://live.julik.nl/feed.atom.xml][julik]] +*** [[https://joshbaldwin.substack.com//feed][valgor]] +*** [[https://rnikhil.com/feed.xml][whoami_nr]] +*** [[https://zacs.site//rss.xml][zacssite]] +*** [[https://blog.gnoack.org//index.xml][gnoack]] +*** [[https://honza.pokorny.ca//index.xml][mrhonza]] +*** [[https://ciesie.com/index.xml][mronetwo]] +*** [[https://kajic.com/rss][kajic]] +*** [[https://sklar.rocks/atom.xml][sklarsa]] +*** [[https://www.troyshu.com/blog/rss/][tmshu1]] +*** [[https://www.4async.com/atom.xml>][kevinU]] +*** [[https://somethingdecent.co.uk/feed/][makingstuffs]] +*** [[https://www.qword.net/feed.xml][qword]] +*** [[https://earth.hoyd.net/feed/][hoyd]] +*** [[https://medium.com/feed/@billylo][billylo]] +*** [[https://cskwrd.github.io/atom.xml][c0wb0yc0d3r]] +*** [[https://ellie.wtf/index.xml>][ellieh]] +*** [[https://www.albertyw.com//atom.xml][albertyw]] +*** [[https://bcmullins.github.io/blog//feed.xml][wannabebarista]] +*** [[https://www.austinatchley.xyz/index.xml][bigfoot675]] +*** [[https://www.patrickdap.com//index.xml>][pdappollonio]] +*** [[https://evancordell.com/index.xml][evancordell]] +*** [[https://rushter.com/blog/feed/][rushter]] +*** [[https://idogawa.dev/p/feed.xml][aidog]] +*** [[https://holzer.online/feed.xml][fabianholzer]] +*** [[https://SeanKilleen.com/feed.xml][SeanKilleen]] +*** [[https://umarniz.com//rss.xml][umarniz]] +*** [[https://bytesdataaction.substack.com//feed][blakeburch]] +*** [[https://kdheepak.com/blog//index.xml][kdheepak]] +*** [[https://thoughts.greyh.at/index.xml][zquestz]] +*** [[https://open.substack.com/pub/spyderdoc?r=kolbc&utm_medium=ios/feed][sumanmd]] +*** [[https://hartenfeller.dev/blog/rss.xml][phartenfeller]] +*** [[https://andrewpwheeler.com/feed/][apwheele]] +*** [[https://www.quantable.com/feed/][jhpacker]] +*** [[https://andreabergia.com/./index.xml][andreabergia]] +*** [[http://overthehills.in//feed.xml][akrain]] +*** [[https://www.simonam.dev//rss.xml][purrcat259]] +*** [[https://themythicalengineer.com/feed.xml][sks147]] +*** [[https://ayazhafiz.com/cc/feed-rrs2.xml][fourteenminutes]] +*** [[https://www.xythobuz.de//rss.xml][xythobuz]] +*** [[https://vanja.oljaca.me/feed.xml][vanjajaja1]] +*** [[https://www.youtube.com/feeds/videos.xml?channel_id=UCe-ccO8qK2YH8O7ZjK8XVCQ][c0nrad]] +*** [[https://mmathias.com/home/rss][mmathias]] +*** [[https://snevsky.com/feed.xml][Dejital]] +*** [[https://www.jvt.me/feed.xml][jamietanna]] +*** [[https://cyberwarhead.com/feed/][wessorh]] +*** [[https://world.hey.com/joaoqalves/feed.atom][joaoqalves]] +*** [[https://thehousecarpenter.wordpress.com/feed/][housecarpenter]] +*** [[https://gallant.dev/rss.xml][agallant]] +*** [[https://snowingpine.com/atom.xml][snowypine]] +*** [[https://bengarney.com/feed/][bengarney]] +*** [[https://www.bentaylor.co.uk/feed.xml][benjamta]] +*** [[https://thomascountz.com/atom.xml][thomascountz]] +*** [[https://www.aareet.com/poetry//Aareet][aareet]] +*** [[https://newsletter.disappearingmoment.com/archive/rss.xml][abc3]] diff --git a/img/piam-entitlement-summary.png b/img/piam-entitlement-summary.png new file mode 100644 index 00000000..10b9ae7a Binary files /dev/null and b/img/piam-entitlement-summary.png differ diff --git a/img/piam-entitlements.png b/img/piam-entitlements.png new file mode 100644 index 00000000..8b56c8dd Binary files /dev/null and b/img/piam-entitlements.png differ diff --git a/inbox.org b/inbox.org index 208acf19..af3d2dde 100644 --- a/inbox.org +++ b/inbox.org @@ -10,192 +10,163 @@ SPC y o c => DISPLAY org columns #+end_comment * Inbox -** TODO Déclarer occupants des locaux impots -DEADLINE: <2023-05-22 Mon 14:00> +** TODO Compléter compte Solidarite Depot 7597,84€ +DEADLINE: <2023-08-10 Thu 15:00> +[2023-08-09 Wed 14:50] + + +** TODO Signer Assurance Habitation +DEADLINE: <2023-08-09 Wed 18:00> +[2023-08-09 Wed 14:43] +** TODO Réserver restaurant +DEADLINE: <2023-08-09 Wed 18:00> +[2023-08-09 Wed 13:18] +** TODO Envoyer demande de virement +DEADLINE: <2023-08-09 Wed 14:00> +[2023-08-09 Wed 13:18] +** DONE Envoyer lettre de resiliation bail +SCHEDULED: <2023-08-09 Wed> +[2023-08-09 Wed 13:16] +** TODO Prendre RDV carrossier +SCHEDULED: <2023-08-21 Mon 10:00> +[2023-07-26 Wed 11:37] + +https://carrosserie-maurice.fr/contact + + +** DONE Envoyer mail Mme Verdier +DEADLINE: <2023-07-24 Mon 13:00> +[2023-07-24 Mon 12:19] + +Bonjour Mme Verdier, + +Après nous être renseigné, il apparaît que pour le dossier MDPH d'Anna, dans le dossier medical il faudra insister sur ses besoins et sur les situations qui sont définitives et ne changeront pas. + +En vous laissant évidemment le soins d'évaluer chaque demande. +Les points les plus importants pour Anna nous semble êtres: + +- Son besoin d'avoir un *chien d'assistance*. Sans lui, elle est incapable de + sortir de le maison, de prendre les transports en communs, et d'accomplir les + actes courants de la vie en société. + Le chien est une aide essentielle à la gestion de ses crises d'angoisses et à + leur réduction en intensité. + Et pour y avoir droit, il lui faut absolument une carte CMI, qui n'est + accordée dans le cas d'Anna qu'avec un taux d'incapacité d'au moins 80% (c.f. https://www.monparcourshandicap.gouv.fr/aides/la-carte-mobilite-inclusion-mention-invalidite). + Idealement avec la mention a « besoin d’accompagnement », pour celà il faudra + qu'Anna bénéficie de la PCH. +- Ses *appareils auditifs* qui rendent plus supportable l'environnement dans les + lieux publics et privés (réunions en famille avec présence d'enfants ou de musique). Il me semble que cela +sera un besoin qu'elle aura jusqu'à la fin de sa vie. +- *Un suivi de psychoéducation*, un suivi par un psychologue spécialisé, des + groupes d'activités sociales, l'aider a prendre des transports en commun. + + Pour justifier tous ces besoins il me semble qu'il faut insister sur: + +- Sa fatiguabilité qui l'empêche de suivre des études normales ou d'avoir un travail à temps plein. Et qu'il s'agit d'une situation qui ne pourra pas changer. C'est pourquoi nous allons demander la reconnaissance à vie de la RQTH. +- Ses anxiétés (TAG) +- La permanence de sa situation. Étant donné la situation actuelle des troubles anxieux et des phobies sociales d'Anna il nous semble que le chien lui sera nécessaire pour de nombreuses années et très probablement jusqu'à la fin de sa vie. C'est pourquoi nous demanderons une reconnaissance à vie de la CMI. Et si non accordée au moins pour une vingtaine d'années. +** DONE Imprimer Dossier médical MDPH Anna +SCHEDULED: <2023-07-19 Wed 11:00> +[2023-07-18 Tue 20:26] +** CANCELED Appeler Toyota (nouvelle voiture) +SCHEDULED: <2023-07-19 Wed 10:30> +:LOGBOOK: +- State "CANCELED" from "TODO" [2023-07-26 Wed 11:36] +:END: +[2023-07-18 Tue 20:26] +** DONE Aller chercher Krystelle +SCHEDULED: <2023-07-11 Tue 17:25> +[2023-07-11 Tue 10:50] +** DONE Amener Anna chez l'ergothérapeute +SCHEDULED: <2023-05-31 Wed 11:00> +[2023-05-31 Wed 10:56] +** DONE Appeler agence pour remplir la déclaration immo +DEADLINE: <2023-05-30 Tue 11:00> +:LOGBOOK: +- State "DONE" from "WAITING" [2023-05-31 Wed 18:45] +- State "WAITING" from "TODO" [2023-05-30 Tue 14:42] \\ + J'ai laissé un message, j'attend leur appel. +:END: +[2023-05-28 Sun 20:21] + +Marie Paumier Jamet +CONSEILLÈRE IMMOBILIER +AGENCE Flash Immobilier SE +13 Cours du 4 septembre +13500 Martigues +Tél: 04 42 07 10 12 +Mob: 06 18 44 17 53 + +Garage: +- Montant du loyer mensuel théorique hors charges : +- Le loyer est-il plafonné ? + +Appartement: +- Montant du loyer mensuel théorique hors charges : +- Le loyer est-il plafonné ? +** CANCELED Appeler les contacts asperger [[https://www.autisme13.fr/articles/][link]] +SCHEDULED: <2023-06-02 Fri 14:00> +:LOGBOOK: +- State "CANCELED" from "TODO" [2023-06-07 Wed 17:16] \\ + Krystelle n'a finalement pas été intéressé tout de suite. +:END: +[2023-05-28 Sun 10:51] + +https://www.autisme13.fr/articles/ +** DONE Appeler Autisme Info Service +SCHEDULED: <2023-07-19 Wed 10:00> +:LOGBOOK: +- State "TODO" from "CANCELED" [2023-06-12 Mon 18:17] +:END: +[2023-05-28 Sun 10:50] +** DONE Déclarer occupants des locaux impots +DEADLINE: <2023-06-30 Fri 14:00> SCHEDULED: <2023-05-30 Tue 14:30> [2023-05-20 Sat 11:17] impots.gouv.fr>Votre espace particulier>Biens Immobiliers -** DONE Réserver le camion pour ce week-end -SCHEDULED: <2023-05-16 Tue 19:00> -[2023-05-16 Tue 15:42] -** DONE [#B] Signature notaire -SCHEDULED: <2023-05-15 Mon 13:20> -[2023-05-15 Mon 09:18] -** DONE Aller récupérer dernière quittance de loyer sur foncia.fr -SCHEDULED: <2023-05-08 Mon 10:00> -[2023-05-06 Sat 13:02] -** DONE Demander aux notaires et banquier, virement 24k -SCHEDULED: <2023-05-10 Wed 15:00> -[2023-05-06 Sat 12:23] -** DONE Dossier Courtier prêt -SCHEDULED: <2023-05-10 Wed 11:30> DEADLINE: <2023-05-12 Fri> +** CANCELED Rappeler mairie de Valbonne pour suivi dossier juré. +DEADLINE: <2023-06-02 Fri 12:00> :LOGBOOK: -CLOCK: [2023-05-11 Thu 09:04]--[2023-05-11 Thu 10:24] => 1:20 +- State "CANCELED" from "TODO" [2023-06-12 Mon 18:17] :END: -[2023-05-06 Sat 10:10] - -Bonjour Monsieur Pau, - -Voici un lien qui vous permet d'accéder à l'ensemble des documents que j'ai -rassemblé pour le dossier de crédit. - -Veuillez noter: - -1. Nous n'arrivons pas à retrouver la fiche de paye de décembre de mon épouse de - son emploi précédent. Et nous ne pensons pas pouvoir retrouver ce document. -2. Un de nos véhicule est en LOA et donc il n'y a pas de prêt. Sans avoir le - tableau d'amortissement j'ai tout de même ajouté les documents relatifs à - cette LOA. - -Bien entendu j'ajouterai dans le dossier le compromis signé aussitôt que -possible et je vous en informerai quand je le ferai. - -Très bonne journée à vous, -Yann Esposito - -DONE: -- tableau d'amortissement -- titre de propriété de Duflot -- 3 derniers relevés de comptes. -- RIB compte principal - - Dernière quitance de loyer -- revenus fonciers -- récapitulatif de l'agence -- bulletin de paye d'avril de Krystelle - -TODO: - -- Allocations familiales - -- Banques - - documents pouvant justifier l'apport ; Relevés d'épargne financière - -- tableaux credits des deux voiture -- Dernière quitance de prime assurance habitation - -- compromis de vente -** TODO Rappeler mairie de Valbonne pour suivi dossier juré. -DEADLINE: <2023-05-10 Wed 12:00> [2023-05-02 Tue 10:40] -** DONE Finir dossier changement d'addresse carte Grise -DEADLINE: <2023-05-02 Tue 18:00> -[2023-05-02 Tue 10:39] ** TODO [#B] Préparer une TODO list post-mortem pour la famille :family: -SCHEDULED: <2023-05-19 Fri 10:00> +SCHEDULED: <2023-08-15 Tue 10:00> [2023-04-30 Sun 09:06] 1. Fermer mes serveurs 2. Trouver mes comptes 3. Récupérer mes access (mots de passe, keychain, etc…) -** TODO Renvoyer ficher de renseignement et changer de ville -DEADLINE: <2023-05-10 Wed 16:30> -[2023-04-24 Mon 15:11] - -Changer d'addresse dans la nouvelle commune. - -Renvoyer le courier et je ne suis plus sur la commune. -notifier que je n'habite plus sur la commune. -Avec justificatif. - -Envoyer par mail: election@ville-valbonne.fr -Envoyer: cmazzocco@ville-valbonne.fr +** TODO Acheter vignettes critair +SCHEDULED: <2023-08-08 Tue 18:00> +[2023-06-18 Sun 17:53] * Perso :perso: ** Habits :habit: -*** TODO [create-tasks] Personal Flagged emails -SCHEDULED: <2023-05-21 Sun 08:50 .+1d> -:PROPERTIES: -:LAST_REPEAT: [2023-05-20 Sat 11:19] -:END: -:LOGBOOK: -- State "DONE" from "TODO" [2023-05-20 Sat 11:19] -- State "DONE" from "TODO" [2023-05-17 Wed 11:21] -- State "DONE" from "TODO" [2023-05-16 Tue 15:41] -- State "DONE" from "TODO" [2023-05-12 Fri 13:44] -- State "DONE" from "TODO" [2023-05-11 Thu 10:09] -- State "DONE" from "TODO" [2023-05-10 Wed 09:44] -- State "DONE" from "TODO" [2023-05-09 Tue 11:00] -- State "DONE" from "" [2023-05-06 Sat 09:06] -- State "DONE" from "" [2023-05-04 Thu 11:34] -- State "DONE" from "" [2023-05-03 Wed 10:17] -- State "DONE" from "" [2023-05-02 Tue 17:50] -:END: -*** TODO Reading List notes -SCHEDULED: <2023-03-21 Tue 09:00 .+1d> -:PROPERTIES: -:STYLE: habit -:LAST_REPEAT: [2023-03-20 Mon 10:00] -:END: -:LOGBOOK: -- State "CANCELED" from "TODO" [2023-03-20 Mon 10:00] -- State "CANCELED" from "TODO" [2023-02-21 Tue 14:22] -- State "CANCELED" from "TODO" [2023-02-17 Fri 08:57] \\ - Trop à faire aujourd'hui -- State "CANCELED" from "TODO" [2023-02-16 Thu 18:14] -- State "CANCELED" from "TODO" [2023-02-14 Tue 15:47] -- State "CANCELED" from "TODO" [2023-01-15 Sun 09:40] -- State "CANCELED" from "TODO" [2023-01-11 Wed 20:19] -- State "CANCELED" from "TODO" [2022-11-29 Tue 15:56] -- State "CANCELED" from "TODO" [2022-11-18 Fri 15:17] -- State "CANCELED" from "TODO" [2022-11-14 Mon 10:42] -- State "DONE" from "TODO" [2022-11-14 Mon 10:42] -- State "CANCELED" from "TODO" [2022-11-10 Thu 18:00] -- State "CANCELED" from "TODO" [2022-11-09 Wed 19:28] -- State "DONE" from "TODO" [2022-11-09 Wed 19:28] -- State "CANCELED" from "TODO" [2022-11-02 Wed 09:57] -- State "CANCELED" from "TODO" [2022-11-01 Tue 12:58] -- State "CANCELED" from "TODO" [2022-10-25 Tue 17:51] \\ - not today -- State "CANCELED" from "TODO" [2022-10-24 Mon 16:27] -- State "DONE" from "TODO" [2022-09-19 Mon 10:59] -- State "DONE" from "TODO" [2022-09-17 Sat 11:53] -- State "DONE" from "TODO" [2022-08-31 Wed 09:24] -- State "CANCELED" from "TODO" [2022-07-05 Tue 15:50] -- State "CANCELED" from "TODO" [2022-07-04 Mon 12:00] -- State "CANCELED" from "TODO" [2022-07-04 Mon 12:00] -- State "CANCELED" from "TODO" [2022-07-04 Mon 12:00] -- State "DONE" from "TODO" [2022-07-01 Fri 20:53] -- State "DONE" from "TODO" [2022-06-30 Thu 17:57] -- State "DONE" from "TODO" [2022-06-30 Thu 17:57] -- State "DONE" from "TODO" [2022-06-30 Thu 17:57] -- State "DONE" from "TODO" [2022-06-30 Thu 17:57] -- State "DONE" from "TODO" [2022-06-30 Thu 17:56] -- State "CANCELED" from "TODO" [2022-06-26 Sun 11:33] \\ - Another day -- State "DONE" from "TODO" [2022-06-24 Fri 10:41] -- State "DONE" from "TODO" [2022-06-24 Fri 10:41] -- State "DONE" from "TODO" [2022-06-24 Fri 10:41] -- State "DONE" from "TODO" [2022-06-24 Fri 10:41] -- State "DONE" from "TODO" [2022-06-20 Mon 16:00] -- State "DONE" from "TODO" [2022-06-19 Sun 19:08] -- State "DONE" from "TODO" [2022-06-19 Sun 19:08] -- State "DONE" from "TODO" [2022-06-17 Fri 11:06] -- State "CANCELED" from "TODO" [2022-06-14 Tue 15:04] \\ - Not today -- State "CANCELED" from "TODO" [2022-06-13 Mon 11:15] -- State "CANCELED" from "TODO" [2022-06-13 Mon 11:15] -- State "DONE" from "TODO" [2022-06-11 Sat 09:59] -- State "DONE" from "TODO" [2022-06-11 Sat 09:59] -- State "DONE" from "IN-PROGRESS" [2022-06-09 Thu 11:54] -CLOCK: [2022-06-09 Thu 08:54]--[2022-06-09 Thu 09:32] => 0:38 -- State "DONE" from "TODO" [2022-06-08 Wed 09:59] -CLOCK: [2022-06-08 Wed 09:37]--[2022-06-08 Wed 09:59] => 0:22 -- State "CANCELED" from "TODO" [2022-06-07 Tue 10:06] \\ - I don't have time today -- State "DONE" from "TODO" [2022-06-07 Tue 09:44] -- State "DONE" from "TODO" [2022-06-07 Tue 09:44] -- State "DONE" from "TODO" [2022-06-07 Tue 09:44] -- State "CANCELED" from "TODO" [2022-06-07 Tue 09:44] -- State "DONE" from "TODO" [2022-06-02 Thu 15:33] -:END: ** Maybe :maybe: * Famille :family: ** Daily :daily: *** TODO Attention gentille -SCHEDULED: <2023-05-21 Sun .+1d> +SCHEDULED: <2023-08-10 Thu .+1d> :PROPERTIES: -:LAST_REPEAT: [2023-05-20 Sat 11:19] +:LAST_REPEAT: [2023-08-09 Wed 13:15] :END: :LOGBOOK: +- State "DONE" from "TODO" [2023-08-09 Wed 13:15] +- State "DONE" from "TODO" [2023-07-28 Fri 17:58] +- State "DONE" from "TODO" [2023-07-27 Thu 11:32] +- State "DONE" from "TODO" [2023-07-20 Thu 14:21] +- State "DONE" from "TODO" [2023-07-18 Tue 20:33] +- State "DONE" from "TODO" [2023-07-17 Mon 09:05] +- State "DONE" from "TODO" [2023-07-13 Thu 12:11] +- State "DONE" from "TODO" [2023-07-11 Tue 10:52] +- State "DONE" from "TODO" [2023-07-05 Wed 21:43] +- State "DONE" from "TODO" [2023-06-29 Thu 10:18] +- State "DONE" from "TODO" [2023-06-16 Fri 17:50] +- State "DONE" from "TODO" [2023-06-07 Wed 17:17] +- State "DONE" from "TODO" [2023-06-02 Fri 19:55] +- State "DONE" from "TODO" [2023-05-31 Wed 18:45] +- State "DONE" from "TODO" [2023-05-30 Tue 11:31] +- State "DONE" from "TODO" [2023-05-28 Sun 10:50] - State "DONE" from "TODO" [2023-05-20 Sat 11:19] - State "DONE" from "TODO" [2023-05-17 Wed 15:58] - State "DONE" from "TODO" [2023-05-16 Tue 15:41] @@ -245,12 +216,15 @@ SCHEDULED: <2023-05-04 Thu 14:00 .+1w> - State "DONE" from "TODO" [2022-12-02 Fri 19:10] :END: *** TODO Appeler Maman -SCHEDULED: <2023-05-09 Tue 12:00 .+1w> +SCHEDULED: <2023-07-25 Tue 12:00 .+1w> :PROPERTIES: :STYLE: habit -:LAST_REPEAT: [2023-05-02 Tue 17:50] +:LAST_REPEAT: [2023-07-18 Tue 20:33] :END: :LOGBOOK: +- State "DONE" from "TODO" [2023-07-18 Tue 20:33] +- State "DONE" from "TODO" [2023-06-21 Wed 15:40] +- State "DONE" from "TODO" [2023-05-30 Tue 11:33] - State "DONE" from "TODO" [2023-05-02 Tue 17:50] - State "DONE" from "TODO" [2023-03-31 Fri 14:07] - State "DONE" from "TODO" [2023-03-20 Mon 10:00] @@ -264,16 +238,6 @@ SCHEDULED: <2023-05-09 Tue 12:00 .+1w> - State "DONE" from "TODO" [2022-11-26 Sat 10:16] :END: ** Yearly :yearly: -*** TODO [#A] revision chaudiere -DEADLINE : <2023-02-15 Wed +1y -2w> -:PROPERTIES: -:LAST_REPEAT: [2022-02-25 Fri 18:10] -:END: -:LOGBOOK: -- State "DONE" from "TODO" [2022-02-25 Fri 18:10] -- State "DONE" from "IN-PROGRESS" [2021-03-06 Sat 23:48] -:END: -[2020-05-23 Sat 10:26] *** TODO vaccination leichmaniose Oslo DEADLINE: <2024-01-20 Sat +1y> :PROPERTIES: @@ -322,18 +286,6 @@ DEADLINE: <2024-04-26 Fri +1y -2w> - State "DONE" from "TODO" [2023-04-20 Thu 15:42] - State "DONE" from "TODO" [2022-04-26 Tue 18:53] :END: -*** Fête des mères -**** [2020-06-07 Sun] -**** [2021-05-30 Sun] -***** DONE [#A] Acheter cadeau fête des mères Krystelle :krystelle: -CLOSED: [2021-05-30 Sun 09:26] DEADLINE: <2021-05-30 Sun -2w> -***** DONE [#A] Acheter cadeau fête des mères Maman -CLOSED: [2021-05-30 Sun 09:26] DEADLINE: <2021-05-30 Sun -2w> -**** [2022-06-07 Tue] -***** DONE [#A] Acheter cadeau fête des mères Krystelle :krystelle: -DEADLINE: <2022-05-29 Sun -2w> -***** DONE [#A] Acheter cadeau fête des mères Maman -DEADLINE: <2022-05-30 Mon -2w> *** TODO Appeler Thierry DEADLINE: <2024-01-04 Thu +1y> :PROPERTIES: @@ -349,53 +301,60 @@ DEADLINE: <2024-01-04 Thu +1y> [2020-12-26 Sat 13:03] ** Krystelle :krystelle: ** Anna :anna: -*** CANCELED Voir si on doit faire une demande PCH (aide pour le chien) :ATTACH:anna: -SCHEDULED: <2022-12-18 Sun> -:PROPERTIES: -:ID: 8163f2ed-7106-4b4a-93b0-7009fe316172 -:END: -:LOGBOOK: -- State "CANCELED" from "TODO" [2022-12-21 Wed 14:19] -:END: -[2022-06-08 Wed 10:01] - -Début du message transféré : - -De: francoisem06@free.fr -Date: 1 juin 2022 à 18:23:37 UTC+2 -À: krystelle esposito -Objet: PCH - - -reBonjour Krystelle, - -Je te joins le tableau des remboursements pour la PCH (tableau 1 pour l'aide humaine et tableau 7 pour les aides animalières). Il faut donc prévoir de faire une demande de PCH auprès de la MDPH. - -Pour la demande de PCH -La loi n°2020-220 du 6 mars 2020 vise à améliorer l'accès à la PCH. - -L'article 3 (Article L245-6) parle des modalités et de la durée d'attribution de la PCH. Lorsque le handicap n'est pas susceptible d'évoluer favorablement, un droit à la PCH est ouvert sans limitation de durée, sans préjudice des révisions du plan personnalisé de compensation qu'appellent les besoins de la personne. - -Source : https://www.legifrance.gouv.fr/codes/id/LEGIARTI000041700020/2020-03-08 - -Autres infos : - -- Article sur ce qui change au 1 janvier 2022 en cas de handicap: https://informations.handicap.fr/a-janvier-2022-change-cas-handicap-32099.php/true - -- Togi Santé : https://www.togisante.com/agence/agence-togi-sante-nice-06/ - -A bientôt -Françoise ** Bastien :bastien: -** CANCELED Appeler Mr Niss Dominique (fosse septique) :maison: -DEADLINE: <2023-04-25 Tue> -:LOGBOOK: -- State "CANCELED" from "TODO" [2023-05-04 Thu 21:57] -- State "TODO" from "CANCELED" [2023-05-04 Thu 21:57] -- State "CANCELED" from "TODO" [2023-05-04 Thu 21:56] \\ - Pas besoin pour l'instant -:END: -[2023-04-18 Tue 09:39] +** Entitlements + +#+begin_src js +[{"name": "tier", + "value": "essentials", + "quantity": {"value": 1000, "unit": "users"}, + "enforce_quantity": true}, + {"name": "extra_data_retention", + "value": "", + "quantity": {"value": 2, "unit": "days"}, + "enforce_quantity": true}] +#+end_src + +#+begin_quote +*entitlements*: + A list of entitlements the tenant is allowed to use. Each item in the list is + an object with the following fields: +#+end_quote +*** name + +#+begin_quote +- name - The name of the entitlement (defined as part of the entitlement + controlled vocabulary between PIAM and the product) +#+end_quote +*** value + +#+begin_quote +- value - Some entitlements will have a string value that serves to qualify the + entitlement, for example an entitlement with name=tier may have three + different manifestations if there are three different tiers (e.g., {"name": + "tier", "value": "essentials"}, {"name": "tier", "value": "premier"}, {"name": + "tier", "value": "advantage"}) +#+end_quote +*** quantity + +#+begin_quote +- quantity - Some entitlements will have numeric quantity associated with the + entitlement, this represents the amount of this entitlement the tenant is + permitted to consume. Each quantity field will contain an object with the + following values: + - value - The number holding the actual quantity. + - unit - A string representing what unit to use when interpreting the + quantity. +#+end_quote +*** quantity_enforced + +#+begin_quote +- quantity_enforced - A boolean field, if true it means that the product + should enforce the allocated quantity of the entitlement for this tenant. It + is up to the product to determine how to do this. Cases where this will be + false are if the customer purchased via a buying program that supports a + "pay as you go" pricing model. +#+end_quote * Memory :PROPERTIES: :ID: 1644E007-AFBE-4F4B-9307-B007C60548E8 @@ -485,614 +444,633 @@ CLOCK: [2020-09-01 Tue 12:13]--[2020-09-01 Tue 12:13] => 0:00 - =SPC m s c= =- org-clone-subtree-with-time-shift= #+end_comment -** W19 -*** Wednesday -**** DONE [create-tasks] Webex -SCHEDULED: <2023-05-10 Wed 09:00> -**** DONE [create-tasks] Agenda -SCHEDULED: <2023-05-10 Wed 09:10> -**** DONE [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-05-10 Wed 09:20> -**** DONE [create-tasks] Outlooks emails -SCHEDULED: <2023-05-10 Wed 09:25> -**** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-05-10 Wed 09:30> -**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-05-10 Wed 09:45> -**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-05-10 Wed 09:50> -**** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-05-10 Wed 10:00> -*** Thursday -**** DONE [create-tasks] Webex -SCHEDULED: <2023-05-11 Thu 09:00> -**** DONE [create-tasks] Agenda -SCHEDULED: <2023-05-11 Thu 09:10> -**** DONE [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-05-11 Thu 09:20> -**** DONE [create-tasks] Outlooks emails -SCHEDULED: <2023-05-11 Thu 09:25> -**** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-05-11 Thu 09:30> -**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-05-11 Thu 09:45> -**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-05-11 Thu 09:50> -**** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-05-11 Thu 10:00> -*** Friday -**** DONE [create-tasks] Webex -SCHEDULED: <2023-05-12 Fri 09:00> -**** DONE [create-tasks] Agenda -SCHEDULED: <2023-05-12 Fri 09:10> -**** DONE [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-05-12 Fri 09:20> -**** DONE [create-tasks] Outlooks emails -SCHEDULED: <2023-05-12 Fri 09:25> -**** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-05-12 Fri 09:30> -**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-05-12 Fri 09:45> -**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-05-12 Fri 09:50> -**** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-05-12 Fri 10:00> -** W20 +** W28 *** Monday **** DONE [create-tasks] Webex -SCHEDULED: <2023-05-15 Mon 09:00> +SCHEDULED: <2023-07-10 Mon 09:00> **** DONE [create-tasks] Agenda -SCHEDULED: <2023-05-15 Mon 09:10> +SCHEDULED: <2023-07-10 Mon 09:10> **** DONE [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-05-15 Mon 09:20> +SCHEDULED: <2023-07-10 Mon 09:20> **** DONE [create-tasks] Outlooks emails -SCHEDULED: <2023-05-15 Mon 09:25> +SCHEDULED: <2023-07-10 Mon 09:25> **** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-05-15 Mon 09:30> +SCHEDULED: <2023-07-10 Mon 09:30> **** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-05-15 Mon 09:45> +SCHEDULED: <2023-07-10 Mon 09:45> **** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-05-15 Mon 09:50> +SCHEDULED: <2023-07-10 Mon 09:50> **** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-05-15 Mon 10:00> +SCHEDULED: <2023-07-10 Mon 10:00> *** Tuesday **** DONE [create-tasks] Webex -SCHEDULED: <2023-05-16 Tue 09:00> +SCHEDULED: <2023-07-11 Tue 09:00> **** DONE [create-tasks] Agenda -SCHEDULED: <2023-05-16 Tue 09:10> +SCHEDULED: <2023-07-11 Tue 09:10> **** DONE [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-05-16 Tue 09:20> +SCHEDULED: <2023-07-11 Tue 09:20> **** DONE [create-tasks] Outlooks emails -SCHEDULED: <2023-05-16 Tue 09:25> +SCHEDULED: <2023-07-11 Tue 09:25> **** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-05-16 Tue 09:30> +SCHEDULED: <2023-07-11 Tue 09:30> **** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-05-16 Tue 09:45> +SCHEDULED: <2023-07-11 Tue 09:45> **** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-05-16 Tue 09:50> +SCHEDULED: <2023-07-11 Tue 09:50> **** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-05-16 Tue 10:00> +SCHEDULED: <2023-07-11 Tue 10:00> *** Wednesday **** DONE [create-tasks] Webex -SCHEDULED: <2023-05-17 Wed 09:00> +SCHEDULED: <2023-07-12 Wed 09:00> **** DONE [create-tasks] Agenda -SCHEDULED: <2023-05-17 Wed 09:10> +SCHEDULED: <2023-07-12 Wed 09:10> **** DONE [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-05-17 Wed 09:20> +SCHEDULED: <2023-07-12 Wed 09:20> **** DONE [create-tasks] Outlooks emails -SCHEDULED: <2023-05-17 Wed 09:25> +SCHEDULED: <2023-07-12 Wed 09:25> **** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-05-17 Wed 09:30> +SCHEDULED: <2023-07-12 Wed 09:30> **** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-05-17 Wed 09:45> +SCHEDULED: <2023-07-12 Wed 09:45> **** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-05-17 Wed 09:50> +SCHEDULED: <2023-07-12 Wed 09:50> **** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-05-17 Wed 10:00> -** W21 -*** Tuesday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-05-23 Tue 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-05-23 Tue 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-05-23 Tue 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-05-23 Tue 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-05-23 Tue 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-05-23 Tue 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-05-23 Tue 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-05-23 Tue 10:00> -*** Wednesday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-05-24 Wed 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-05-24 Wed 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-05-24 Wed 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-05-24 Wed 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-05-24 Wed 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-05-24 Wed 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-05-24 Wed 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-05-24 Wed 10:00> +SCHEDULED: <2023-07-12 Wed 10:00> *** Thursday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-05-25 Thu 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-05-25 Thu 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-05-25 Thu 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-05-25 Thu 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-05-25 Thu 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-05-25 Thu 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-05-25 Thu 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-05-25 Thu 10:00> -*** Friday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-05-26 Fri 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-05-26 Fri 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-05-26 Fri 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-05-26 Fri 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-05-26 Fri 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-05-26 Fri 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-05-26 Fri 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-05-26 Fri 10:00> -** W22 +**** DONE [create-tasks] Webex +SCHEDULED: <2023-07-13 Thu 09:00> +**** DONE [create-tasks] Agenda +SCHEDULED: <2023-07-13 Thu 09:10> +**** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-07-13 Thu 09:20> +**** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-07-13 Thu 09:25> +**** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-07-13 Thu 09:30> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-07-13 Thu 09:45> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-07-13 Thu 09:50> +**** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-07-13 Thu 10:00> +** W29 *** Monday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-05-29 Mon 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-05-29 Mon 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-05-29 Mon 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-05-29 Mon 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-05-29 Mon 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-05-29 Mon 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-05-29 Mon 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-05-29 Mon 10:00> +**** DONE [create-tasks] Webex +SCHEDULED: <2023-07-17 Mon 09:00> +**** DONE [create-tasks] Agenda +SCHEDULED: <2023-07-17 Mon 09:10> +**** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-07-17 Mon 09:20> +**** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-07-17 Mon 09:25> +**** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-07-17 Mon 09:30> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-07-17 Mon 09:45> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-07-17 Mon 09:50> +**** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-07-17 Mon 10:00> *** Tuesday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-05-30 Tue 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-05-30 Tue 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-05-30 Tue 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-05-30 Tue 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-05-30 Tue 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-05-30 Tue 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-05-30 Tue 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-05-30 Tue 10:00> +**** DONE [create-tasks] Webex +SCHEDULED: <2023-07-18 Tue 09:00> +**** DONE [create-tasks] Agenda +SCHEDULED: <2023-07-18 Tue 09:10> +**** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-07-18 Tue 09:20> +**** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-07-18 Tue 09:25> +**** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-07-18 Tue 09:30> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-07-18 Tue 09:45> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-07-18 Tue 09:50> +**** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-07-18 Tue 10:00> *** Wednesday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-05-31 Wed 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-05-31 Wed 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-05-31 Wed 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-05-31 Wed 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-05-31 Wed 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-05-31 Wed 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-05-31 Wed 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-05-31 Wed 10:00> +**** DONE [create-tasks] Webex +SCHEDULED: <2023-07-19 Wed 09:00> +**** DONE [create-tasks] Agenda +SCHEDULED: <2023-07-19 Wed 09:10> +**** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-07-19 Wed 09:20> +**** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-07-19 Wed 09:25> +**** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-07-19 Wed 09:30> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-07-19 Wed 09:45> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-07-19 Wed 09:50> +**** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-07-19 Wed 10:00> *** Thursday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-01 Thu 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-01 Thu 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-01 Thu 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-01 Thu 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-01 Thu 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-01 Thu 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-01 Thu 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-01 Thu 10:00> +**** DONE [create-tasks] Webex +SCHEDULED: <2023-07-20 Thu 09:00> +**** DONE [create-tasks] Agenda +SCHEDULED: <2023-07-20 Thu 09:10> +**** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-07-20 Thu 09:20> +**** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-07-20 Thu 09:25> +**** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-07-20 Thu 09:30> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-07-20 Thu 09:45> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-07-20 Thu 09:50> +**** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-07-20 Thu 10:00> *** Friday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-02 Fri 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-02 Fri 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-02 Fri 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-02 Fri 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-02 Fri 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-02 Fri 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-02 Fri 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-02 Fri 10:00> -** W23 +**** DONE [create-tasks] Webex +SCHEDULED: <2023-07-21 Fri 09:00> +**** DONE [create-tasks] Agenda +SCHEDULED: <2023-07-21 Fri 09:10> +**** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-07-21 Fri 09:20> +**** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-07-21 Fri 09:25> +**** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-07-21 Fri 09:30> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-07-21 Fri 09:45> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-07-21 Fri 09:50> +**** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-07-21 Fri 10:00> +** W30 *** Monday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-05 Mon 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-05 Mon 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-05 Mon 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-05 Mon 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-05 Mon 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-05 Mon 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-05 Mon 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-05 Mon 10:00> -*** Tuesday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-06 Tue 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-06 Tue 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-06 Tue 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-06 Tue 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-06 Tue 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-06 Tue 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-06 Tue 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-06 Tue 10:00> -*** Wednesday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-07 Wed 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-07 Wed 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-07 Wed 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-07 Wed 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-07 Wed 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-07 Wed 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-07 Wed 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-07 Wed 10:00> -*** Thursday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-08 Thu 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-08 Thu 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-08 Thu 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-08 Thu 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-08 Thu 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-08 Thu 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-08 Thu 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-08 Thu 10:00> -*** Friday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-09 Fri 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-09 Fri 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-09 Fri 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-09 Fri 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-09 Fri 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-09 Fri 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-09 Fri 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-09 Fri 10:00> -** W24 -*** Monday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-12 Mon 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-12 Mon 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-12 Mon 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-12 Mon 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-12 Mon 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-12 Mon 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-12 Mon 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-12 Mon 10:00> -*** Tuesday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-13 Tue 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-13 Tue 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-13 Tue 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-13 Tue 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-13 Tue 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-13 Tue 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-13 Tue 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-13 Tue 10:00> -*** Wednesday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-14 Wed 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-14 Wed 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-14 Wed 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-14 Wed 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-14 Wed 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-14 Wed 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-14 Wed 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-14 Wed 10:00> -*** Thursday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-15 Thu 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-15 Thu 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-15 Thu 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-15 Thu 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-15 Thu 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-15 Thu 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-15 Thu 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-15 Thu 10:00> -*** Friday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-16 Fri 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-16 Fri 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-16 Fri 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-16 Fri 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-16 Fri 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-16 Fri 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-16 Fri 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-16 Fri 10:00> -** W25 -*** Monday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-19 Mon 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-19 Mon 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-19 Mon 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-19 Mon 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-19 Mon 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-19 Mon 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-19 Mon 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-19 Mon 10:00> -*** Tuesday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-20 Tue 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-20 Tue 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-20 Tue 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-20 Tue 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-20 Tue 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-20 Tue 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-20 Tue 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-20 Tue 10:00> -*** Wednesday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-21 Wed 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-21 Wed 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-21 Wed 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-21 Wed 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-21 Wed 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-21 Wed 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-21 Wed 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-21 Wed 10:00> -*** Thursday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-22 Thu 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-22 Thu 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-22 Thu 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-22 Thu 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-22 Thu 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-22 Thu 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-22 Thu 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-22 Thu 10:00> -*** Friday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-23 Fri 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-23 Fri 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-23 Fri 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-23 Fri 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-23 Fri 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-23 Fri 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-23 Fri 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-23 Fri 10:00> -** W26 -*** Monday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-26 Mon 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-26 Mon 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-26 Mon 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-26 Mon 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-26 Mon 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-26 Mon 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-26 Mon 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-26 Mon 10:00> -*** Tuesday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-27 Tue 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-27 Tue 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-27 Tue 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-27 Tue 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-27 Tue 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-27 Tue 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-27 Tue 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-27 Tue 10:00> -*** Wednesday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-28 Wed 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-28 Wed 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-28 Wed 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-28 Wed 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-28 Wed 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-28 Wed 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-28 Wed 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-28 Wed 10:00> -*** Thursday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-29 Thu 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-29 Thu 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-29 Thu 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-29 Thu 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-29 Thu 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-29 Thu 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-29 Thu 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-29 Thu 10:00> -*** Friday -**** TODO [create-tasks] Webex -SCHEDULED: <2023-06-30 Fri 09:00> -**** TODO [create-tasks] Agenda -SCHEDULED: <2023-06-30 Fri 09:10> -**** TODO [create-tasks] Outlooks Flagged emails -SCHEDULED: <2023-06-30 Fri 09:20> -**** TODO [create-tasks] Outlooks emails -SCHEDULED: <2023-06-30 Fri 09:25> -**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks -SCHEDULED: <2023-06-30 Fri 09:30> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] -SCHEDULED: <2023-06-30 Fri 09:45> -**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] -SCHEDULED: <2023-06-30 Fri 09:50> -**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] -SCHEDULED: <2023-06-30 Fri 10:00> -* DONE [#A] Appeler notaire procuration -SCHEDULED: <2023-05-11 Thu 09:20> -[2023-05-10 Wed 20:18] -* DONE Compte Livret A Krystelle :chore: +**** DONE [create-tasks] Webex +SCHEDULED: <2023-07-24 Mon 09:00> +**** CANCELED [create-tasks] Agenda +SCHEDULED: <2023-07-24 Mon 09:10> :LOGBOOK: -CLOCK: [2023-05-12 Fri 14:11]--[2023-05-12 Fri 14:33] => 0:22 +- State "CANCELED" from "TODO" [2023-07-25 Tue 11:00] :END: -[2023-05-12 Fri 14:11] +**** CANCELED [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-07-24 Mon 09:20> +:LOGBOOK: +- State "CANCELED" from "TODO" [2023-07-25 Tue 11:00] +:END: +**** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-07-24 Mon 09:25> +**** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-07-24 Mon 09:30> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-07-24 Mon 09:45> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-07-24 Mon 09:50> +**** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-07-24 Mon 10:00> +*** Tuesday +**** DONE [create-tasks] Webex +SCHEDULED: <2023-07-25 Tue 09:00> +**** DONE [create-tasks] Agenda +SCHEDULED: <2023-07-25 Tue 09:10> +**** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-07-25 Tue 09:20> +**** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-07-25 Tue 09:25> +**** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-07-25 Tue 09:30> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-07-25 Tue 09:45> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-07-25 Tue 09:50> +**** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-07-25 Tue 10:00> +*** Wednesday +**** DONE [create-tasks] Webex +SCHEDULED: <2023-07-26 Wed 09:00> +**** DONE [create-tasks] Agenda +SCHEDULED: <2023-07-26 Wed 09:10> +**** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-07-26 Wed 09:20> +**** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-07-26 Wed 09:25> +**** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-07-26 Wed 09:30> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-07-26 Wed 09:45> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-07-26 Wed 09:50> +**** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-07-26 Wed 10:00> +*** Thursday +**** DONE [create-tasks] Webex +SCHEDULED: <2023-07-27 Thu 09:00> +**** DONE [create-tasks] Agenda +SCHEDULED: <2023-07-27 Thu 09:10> +**** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-07-27 Thu 09:20> +**** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-07-27 Thu 09:25> +**** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-07-27 Thu 09:30> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-07-27 Thu 09:45> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-07-27 Thu 09:50> +**** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-07-27 Thu 10:00> +*** Friday +**** DONE [create-tasks] Webex +SCHEDULED: <2023-07-28 Fri 09:00> +**** DONE [create-tasks] Agenda +SCHEDULED: <2023-07-28 Fri 09:10> +**** DONE [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-07-28 Fri 09:20> +**** DONE [create-tasks] Outlooks emails +SCHEDULED: <2023-07-28 Fri 09:25> +**** DONE [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-07-28 Fri 09:30> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-07-28 Fri 09:45> +**** DONE [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-07-28 Fri 09:50> +**** DONE [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-07-28 Fri 10:00> +** W33 +*** Wednesday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-08-16 Wed 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-08-16 Wed 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-08-16 Wed 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-08-16 Wed 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-08-16 Wed 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-08-16 Wed 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-08-16 Wed 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-08-16 Wed 10:00> +*** Thursday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-08-17 Thu 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-08-17 Thu 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-08-17 Thu 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-08-17 Thu 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-08-17 Thu 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-08-17 Thu 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-08-17 Thu 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-08-17 Thu 10:00> +*** Friday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-08-18 Fri 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-08-18 Fri 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-08-18 Fri 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-08-18 Fri 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-08-18 Fri 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-08-18 Fri 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-08-18 Fri 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-08-18 Fri 10:00> +** W34 +*** Monday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-08-21 Mon 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-08-21 Mon 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-08-21 Mon 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-08-21 Mon 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-08-21 Mon 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-08-21 Mon 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-08-21 Mon 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-08-21 Mon 10:00> +*** Tuesday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-08-22 Tue 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-08-22 Tue 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-08-22 Tue 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-08-22 Tue 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-08-22 Tue 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-08-22 Tue 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-08-22 Tue 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-08-22 Tue 10:00> +*** Wednesday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-08-23 Wed 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-08-23 Wed 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-08-23 Wed 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-08-23 Wed 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-08-23 Wed 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-08-23 Wed 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-08-23 Wed 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-08-23 Wed 10:00> +*** Thursday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-08-24 Thu 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-08-24 Thu 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-08-24 Thu 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-08-24 Thu 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-08-24 Thu 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-08-24 Thu 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-08-24 Thu 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-08-24 Thu 10:00> +*** Friday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-08-25 Fri 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-08-25 Fri 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-08-25 Fri 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-08-25 Fri 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-08-25 Fri 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-08-25 Fri 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-08-25 Fri 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-08-25 Fri 10:00> +** W35 +*** Monday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-08-28 Mon 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-08-28 Mon 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-08-28 Mon 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-08-28 Mon 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-08-28 Mon 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-08-28 Mon 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-08-28 Mon 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-08-28 Mon 10:00> +*** Tuesday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-08-29 Tue 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-08-29 Tue 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-08-29 Tue 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-08-29 Tue 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-08-29 Tue 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-08-29 Tue 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-08-29 Tue 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-08-29 Tue 10:00> +*** Wednesday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-08-30 Wed 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-08-30 Wed 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-08-30 Wed 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-08-30 Wed 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-08-30 Wed 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-08-30 Wed 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-08-30 Wed 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-08-30 Wed 10:00> +*** Thursday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-08-31 Thu 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-08-31 Thu 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-08-31 Thu 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-08-31 Thu 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-08-31 Thu 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-08-31 Thu 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-08-31 Thu 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-08-31 Thu 10:00> +*** Friday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-09-01 Fri 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-09-01 Fri 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-09-01 Fri 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-09-01 Fri 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-09-01 Fri 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-09-01 Fri 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-09-01 Fri 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-09-01 Fri 10:00> +** W36 +*** Monday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-09-04 Mon 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-09-04 Mon 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-09-04 Mon 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-09-04 Mon 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-09-04 Mon 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-09-04 Mon 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-09-04 Mon 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-09-04 Mon 10:00> +*** Tuesday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-09-05 Tue 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-09-05 Tue 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-09-05 Tue 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-09-05 Tue 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-09-05 Tue 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-09-05 Tue 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-09-05 Tue 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-09-05 Tue 10:00> +*** Wednesday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-09-06 Wed 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-09-06 Wed 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-09-06 Wed 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-09-06 Wed 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-09-06 Wed 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-09-06 Wed 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-09-06 Wed 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-09-06 Wed 10:00> +*** Thursday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-09-07 Thu 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-09-07 Thu 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-09-07 Thu 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-09-07 Thu 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-09-07 Thu 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-09-07 Thu 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-09-07 Thu 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-09-07 Thu 10:00> +*** Friday +**** TODO [create-tasks] Webex +SCHEDULED: <2023-09-08 Fri 09:00> +**** TODO [create-tasks] Agenda +SCHEDULED: <2023-09-08 Fri 09:10> +**** TODO [create-tasks] Outlooks Flagged emails +SCHEDULED: <2023-09-08 Fri 09:20> +**** TODO [create-tasks] Outlooks emails +SCHEDULED: <2023-09-08 Fri 09:25> +**** TODO [create-tasks] Create [[https://github.com/notifications][Github notifications]] tasks +SCHEDULED: <2023-09-08 Fri 09:30> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/obarbeau][Olivier's PRs]] +SCHEDULED: <2023-09-08 Fri 09:45> +**** TODO [create-tasks] [[https://github.com/advthreat/iroh/pulls/wandersoncferreira][Wanderson's PRs]] +SCHEDULED: <2023-09-08 Fri 09:50> +**** TODO [create-tasks] [[https://github.com/pulls?q=is%3Aopen+is%3Apr+archived%3Afalse+user%3Aadvthreat+author%3Ayogsototh][My PRs]] +SCHEDULED: <2023-09-08 Fri 10:00> +* DONE Repondre Joey Gibson +SCHEDULED: <2023-07-13 Thu 14:00> +[2023-07-13 Thu 07:32] +* DONE GitHub - oliyh/superlifter: A DataLoader for Clojure/script +SCHEDULED: <2023-07-27 Thu 10:00> +[2023-07-27 Thu 05:28] +https://github.com/oliyh/superlifter +* DONE Appeler l’agence Arbre +SCHEDULED: <2023-07-28 Fri 10:30> +:LOGBOOK: +CLOCK: [2023-07-28 Fri 13:22]--[2023-07-28 Fri 13:28] => 0:06 +:END: +[2023-07-27 Thu 20:42] +* TODO Antitrust google WEI +SCHEDULED: <2023-08-15 Tue 12:00> +[2023-08-01 Tue 07:47] +https://competition-policy.ec.europa.eu/antitrust/contact_en +* TODO greuze mallet jean baptispte +[2023-08-01 Tue 16:52] +* TODO Stroboscopic Artefacts +SCHEDULED: <2023-08-10 Thu 13:00> +[2023-08-02 Wed 12:59] +https://stroboscopicartefacts.com/ +* TODO Trouver un établissement – DAEU +SCHEDULED: <2023-08-10 Thu 12:00> +[2023-08-02 Wed 12:39] +https://www.daeu.fr/sinscrire-au-daeu/trouver-un-etablissement/ +* TODO The Battleground +SCHEDULED: <2023-08-09 Wed 13:00> +[2023-08-02 Wed 12:06] +https://thebattleground.eu/book/ +* TODO The half-life of code & the ship of Theseus · Erik Bernhardsson +SCHEDULED: <2023-08-09 Wed 12:00> +[2023-08-02 Wed 11:30] +https://erikbern.com/2016/12/05/the-half-life-of-code.html +* DONE The Lodge (film) - Wikipedia +SCHEDULED: <2023-08-05 Sat 11:00> +[2023-08-02 Wed 12:41] +https://en.wikipedia.org/wiki/The_Lodge_(film) +* TODO Olivier Rey (philosophe) — Wikipédia +SCHEDULED: <2023-08-11 Fri 11:00> +[2023-08-02 Wed 13:09] +https://fr.wikipedia.org/wiki/Olivier_Rey_(philosophe) +* TODO Writing a Lisp, Part 0: Fundamentals | Max Bernstein +SCHEDULED: <2023-08-10 Thu 11:00> +[2023-08-02 Wed 12:31] +https://bernsteinbear.com/blog/lisp/00_fundamentals/ +* TODO DeVilDead : Critique du film GA, GA - CHWALA BOHATEROM (1985) et du DVD Zone 0 +SCHEDULED: <2023-08-09 Wed 13:00> +[2023-08-02 Wed 12:23] +https://www.devildead.com/review/1618/ga-ga-chwala-bohaterom +* TODO https://www.goodreads.com/book/show/16032842-the-krone-experiment +SCHEDULED: <2023-08-11 Fri 11:00> +[2023-08-02 Wed 12:46] +* TODO AI Endgame +:LOGBOOK: +- Note taken on [2023-08-02 Wed 13:56] \\ + Comment le jeu final de l'IA ne sera pas l'IA qui prendra le dessus de l'humanité. Mais qui rendra l'humanité moins nécessaire aux personnes de pouvoir qui se débarrasseront de nous comme les chevaux qui ont été remplacés par les voitures. + + Un fantasme du contrôle poussé jusqu'à son paroxysme. + + Mettre en relation l'automatisation de l'humain et son remplacement. Avec Amazon, mechanical turk. +:END: +[2023-08-02 Wed 13:46] +* TODO Why Does My Forgejo Instance Have Thousands of Accounts? +SCHEDULED: <2023-08-08 Tue 10:00> +[2023-08-02 Wed 14:07] +https://a.exozy.me/posts/forgejo-instance-thousands-accounts/ +* TODO Programming Language Ideas +[2023-08-02 Wed 17:03] +AST agnostics/copies by syntax + +explcit constraints. doc type system, tests diff --git a/journal.org.gpg b/journal.org.gpg deleted file mode 100644 index f6a1be55..00000000 Binary files a/journal.org.gpg and /dev/null differ diff --git a/notes.org.gpg b/notes.org.gpg index 90c7f102..1dafe3db 100644 Binary files a/notes.org.gpg and b/notes.org.gpg differ diff --git a/notes/alternative_nets.org b/notes/alternative_nets.org new file mode 100644 index 00000000..2dab7379 --- /dev/null +++ b/notes/alternative_nets.org @@ -0,0 +1,297 @@ +:PROPERTIES: +:ID: 463c0152-b16a-4cfb-8590-acc0bf71d0c8 +:END: +Alternative Nets +#+Author: Yann Esposito +#+Date: [2023-07-29] +- tags :: [[id:e7f8ce2b-3c40-4f5d-bed7-fe6b97e7a460][small-web]] +- source :: + +#+begin_comment +Potential titles + +- It's time to pay! +#+end_comment + +* It's Time to PAY! + +Dear enjoyers of the web, the social networks and free search engines. +I have a bad news for you. + +It's time to pay the real price for it. + +Not so long ago, it was the time of free money, where the central banks paid +banks to have more money to redistribute to everybody. +But this time is reaching an end. +Now, it is time to engrange more liquidities. +And this mean, it costs a lot more to + +Perhaps there is a relation perhaps none. +But if you haven't paid attention to the world of web companies, then... +The message is clear: + +*IT IS TIME TO PAY* + +So Netflix, push more money. + +Youtube... make ads-blocker life a lot more difficult. + +Twitter and Reddit, hey, of course, let's use our control over API to force our +UI to all our users, no way to bypass our ads now. And we can gather more +metrics about you to also improve the ROI of our ads. +And why not, add some new feature whose ovious goal is... make our user pay more. + +Google... now that we control the most popular browser, the most popular search +engine, can impose some web standard to everyone de-facto. Hey, let's provide a +way to ensure any website could only be used via a few controlled clients. +The goal, again the same, by coupling the client with the server, it is +impossible for anyone to create a non-controlled way to use the server. +And so it is impossible to block ads, impossible to hide your profile (even your +identity if needed). + +I repeat, to me it seems the message is clear. + +IT'S FINALLY TIME TO PAY THE FULL PRICE FOR THESE PREVIOUSLY FREE SERVICES. + +So we could react differently. +The first obvious reaction from the user perspective is that the situation is +just worse for the users. Final point. + +But I think the situation is more complex. +These company could afford to offer these service for free for a long time. +Because the money came from a bet that in the future these company will earn +tons of money. +And currently they are. +But apparently not enough. +For some reason, they all want to make real money, NOW! +Which is a strong reminder of the chiken with golden eggs story. +Or is it? + +I think they all waited as long as they could, because they were all afraid to +see their user base flee at the first pressure. +But, hey... Look what twitter did. +The new CEO made a massive FUCK YOU to a big part of its own user base. +And guess what, ... THIS IS TOTALLY FINE. + +As usual, only a minority of vocal people were impacted. +Some left, some ranted, but the big majority didn't move more than a small rant. +The company is still there, many people still use twitter... +And even if this move will ultimately kill the company (which is not at all obvious) +one thing is clear, they could make at least temporarily more money. + +Netflix make it obvious that for the same service people should pay more. +And... most did. + +So yes, this is a fact, you could totally push anti-features to your customers. +And most of your customer will eat it. +Nice find! + +Enough of a rant. + +So to me, it is clear that the Google EMI is the biggest attack on the web as we +all knew it. +After this will be pushed on us, this is the end. +A big part of the web will stop to be usable for: + +- people with disabilities that need to consume the web with specific clients +- people using Linux + +This will terminate the transition of a big part of the from, web of documents, +to web of medias, to web of applications to web of products to ... web of closed +controlled products. + +And to be honest, this is not all black. +The web technologies are... to say the least, fragiles. +This is so easy to make a small mistake that will completly break the security +of your online application. +With these kind of new technologies, the overall security of the product will be improved. +The risk to have your personal data leaked will be reduced. +The risk to have your account being hacked will also be reduced. +For real. + +So if you agree that, some products are goods, then, these technologies will +improve the security. +Think about a real "online application". +Like an already closed application, that ask you for example to use only the +recent version of Chrome, Safari or Firefox. That are already not compatible with +other browsers. +A tool that you need to pay to use. +With the new startdards pushed by google, these product will improve their quality. +Their security, but also their "portability". Because, if you target only very +few clients, it is easier to test. The other clients, will simply be refused. + +Again, this goes against the spirit of the Open Web. +These is the closes Web. The monetized web. +And I don't see how this could be prevented. + +* Alternative Nets + +It becomes clear now, that the ads industry want to gather more money that the +future of the web will be a web of products and no more a web of users. + +The main distinction is that users do not want to monetize much, while products +are backed by company that want to optimize the monetization of their products. + +Typically, someone could produce videos and if they could gain a bit of money +with it, and even enough for a living. This is for the best. + +But a web of product, is a web of very few giants websites were all users +activity are centralized. So every media you produce, text, images, videos +should be in their system. +They offer both producer and customer a great UI/UX. +Make it easy to receive money, get feedback via comments, make it easy to find +people with matching interest, etc… +In return, you agree to either pay something or most commonly pay via ads. + +Honestly, there is nothing wrong for company to want to make money. +They provide a service, and happy customer pay for it. +But a big issue was that all these services were totally free for a while, no +payment, no ads. And now, ads are pushed into everyone eyeballs. +And to improve the revenue from ads, they are gathering as much data from you as +possible in order to create a personal profile and show you more and more +precise ads, in a more and more efficient way. Efficient in the sense that the +probably for you to click on the ad and finalize by a buy is higher. + +So, the web started as a web of users, and has become almost exclusively a web +of products and companies. +That's simply a fact. In the beginning of the web, if you typed any kind of work +in a search engine you mostly ended up to a personal website or a forum from a +multitude of forums. +There were ads, sometime very intrusive, but often not that much. +The content were mostly text with a few images, like a magazine. +Sometime you could get a few videos. + +But now, there is too much money involved, giant company are "managing" the web +as they control essential component of what makes the Web what it is. In +particular Google. They control the most popular web browser as well as the most +popular search engine, as well as the most popular ads-network. +So... What could go wrong? + +The latest "attack" on the old Web of users is "Web Environment Integrity". +So let's be honest. For the Web of product, this will be a very positive change. +You want to sell your product, whatever it is. +Providing this products cost you money. +So you want to only serve the product to valid users and prevent people from +pirating or abusing your product. +So a simple solution is to rely on a big player, say Google, Apple an Microsoft +to prove that the client making a request really use a "valid" and controlled browser. +So clients cannot lie, and use bots, or spam your other customers, etc… + +On the other hand, for the Web of users, this is a terrible nightmare against +the spirit of the Web. +This would prevent users with disabilities that are using non-validated clients +to access and consume the websites protected by this technology. +This will make impossible to technically don't share your private data. +Even with GDPR that will force these product-website to show you a clear +question. +If this technology become more popular, then rejecting this usage will simply +result in a full ban of accessing your product. +This is already the case for a few websites. +But I think with this technology it will be harder to support serving your +product for people rejecting data sharing. + +I made a comment in lemmy about this and here is it: + +> I don’t see how this could be prevented. +> +> There are already many “small web” movements. +> With different proposals. +> Like gemini, sub-set of currently supported web standards (typically no-js, +> no-css, no POST, etc…) +> +> But the monetized web is doomed to reach a point were it will be controlled +> in such a way that you will not be able to block ads, not be able to hide +> your pseudonymous identity. +> I remember reading an article many years ago about the cat and mouse game +> between ads publishers and ad-blockers. +> +> The conclusion were that in the end, ads blocker will lose the final war. +> And with these kind of system we are closer and closer to reach it. +> I think we need to collectively find a way to have sub-nets. +> +> For example declare that our website conform to certain sub-net properties. +> +> - no-ads +> - privacy (no cookie/no js/no user-agent header/no canvas, no css) - +> - etc… +> +> The small webs are different for everyone. +> +> It would be very nice if we could put an HTML header that would list which +> small webs pattern this page is compatible with. +> And have a browser that would adapt to your preferences and also a way to +> filter your small-web preferences in search engine. +> The closest to this we have today is probably gemini. +> But this a very small but friendly web. +> I am sure we could find other solutions to create an alternative +> “respecting his users” web. + +So I would like to write a bit more about this. +And useful concepts to discuss about it. + +With experience I discover that we makes a very bad usage of concepts. And we +are easily induced in error (I didn't say manipulated) by specific vocabulary +that aggregated imprecise concepts. +In fact, as the modern web grow, it is more and more important to be as +imprecise as possible to gather as much people as possible. +To optimize engagement, growth, etc… +One dire consequence is an impoverishment of the quality of the discussion. + +And this is a very old problem which will not be easily addressed. +If you start to be too specific you loose too many people that are not expert, +not even very familiar with the subject you are talking about. +If you are not specific enough, your message is wrongly interpretted. + +But another effect, is that some words start to disappear in favor of more +impoverished ones. +Because the imprecise words improve the popularity of your post. +For example, it is very clear that if you show a single mathematical formula to +a blog post, you lose many people. +Simply because, this is like writing a full paragraph in another language in the +middle of your article. +If you don't speak it, this is are to continue. +Even if you translate it later. + +Useful concepts to talk about Web alternatives: + +- Multitude of Small Webs. We often see "small web", while we should in fact use + "small webs" (plural). + + + First there are many different proposal of web alternatives. Most of them want + to be more or less difficult to monetize. + Each proposal as its advantages and errors. + + Associated with the small web is the terrible realization that discoverability + becomes again a major issue. + How could you prevent to protect against spam, scam, etc… + + Closer to this is the notion of "social network". + And decentralized social network. + And not far from here, the notion of monetization. + Also a notion of Web of products / Web of applications / Web of documents, etc… + +* Proposal a future Open Web +Before writing this section I wrote a long lament about the predictable future +of the web, and at large. The future of the computer-related world. + +But, hey, I will make it a lot shorter. + +If you didn't pay attention recently is clear that many products on the that +were proposed for free, or mostly free changed their politic. +It is time to pay. +So we can clearly make a distinction between a monetized web, and a free web. +Or I would like to make it broader by saying a monetized Internet, and a free +Internet, even if recently for most people Internet is only the Web. + +In reaction to these changes, there are more and more discussion about "The +Small Web". +And before going further, let me just say there are multiple propositions and +the small web means different things to different people. +Small Web does not necessarily means to prevent monetization, nor, necessarily +protecting our privacy, nor necessarily have an improved experience for disabled +people, nor necessarily a web of document vs a web of applications. Etc… + +So my wish: + +Have a web without most "Web" features. diff --git a/notes/capt_website.org b/notes/capt_website.org index c9d22378..4ea403a0 100644 --- a/notes/capt_website.org +++ b/notes/capt_website.org @@ -22,7 +22,7 @@ Base statique ** Beneficiaire 1. B: Cliquer devenir beneficiaire. => Explication, etc….. -2. B: Action "je suis intéresser" => Formulaire +2. B: Action "je suis intéressé" => Formulaire 3. B: Formulaire: questionnaire, envoie un email/notification + creation de compte (bloqué). 4. L: check oui/non répond; si oui envoie du docusign si non envoie mail. 5. L: Après signature déblocage du compte (sans paiement). diff --git a/notes/chien_espoir_handicap_ag.org b/notes/chien_espoir_handicap_ag.org new file mode 100644 index 00000000..90bcbbf0 --- /dev/null +++ b/notes/chien_espoir_handicap_ag.org @@ -0,0 +1,43 @@ +:PROPERTIES: +:ID: 7a934ca5-31c0-4cf8-8a86-1efa89904b31 +:END: +#+title: Chien Espoir Handicap AG +#+Author: Yann Esposito +#+Date: [2023-06-13] + +- tags :: +- source :: + +* [2023-06-13 Tue] +- Matt +- Melo +- Yann & Krystelle + +** 3 demandes + +*** Demande 1 +Dame, difficulté CMR, déanbulateur, chien 8 ans, HLM, fils de 15 ans. +Pas de sortie 2 ou 3 semaines. +Fauteuil électrique. + +@Matthieu: environement pb, intervention cerveau, crises epilepsie. + +Je veux qu'un chien puisse rester devant le magasin sans bouger. +Taxi, musulman accepte pas le chien. +Grand chien, très grand. + +Décision, incompatible. + +*** Demande 2 Victoria (Juan les pins) + +Prévoir entretient avec Melo. + +*** Demande 3 ok (recherche d'un chien) + +** Notes + +@Matt: 4 chiens à aller voir à Trets. +- croisé malinoi. +- dogue femelle +- femelle berger australien +- jeune croisé labrador diff --git a/notes/cisco_communication_checker.org b/notes/cisco_communication_checker.org new file mode 100644 index 00000000..c656a54a --- /dev/null +++ b/notes/cisco_communication_checker.org @@ -0,0 +1,20 @@ +:PROPERTIES: +:ID: 79939cd7-5b0d-4526-94a2-e2a6b84d2e4a +:END: +#+title: CCisco Communication Checker +#+Author: Yann Esposito +#+Date: [2023-06-16] + +- tags :: +- source :: + +* Cisco + +** Teamspace Check-in + +*** [2023-06-16 Fri] + +- find answers and solutions for SX to XDR upgrade +- improve XDR provisioning +- Improved the future design of the Entitlement Summary +- Merged a new revocation mechanism more powerful and more suitable for our needs (first usage revoke user whose role changed) diff --git a/notes/cookie_clicker_save.org b/notes/cookie_clicker_save.org new file mode 100644 index 00000000..2d9e85cc --- /dev/null +++ b/notes/cookie_clicker_save.org @@ -0,0 +1,12 @@ +:PROPERTIES: +:ID: 3d75e1da-3fc4-414d-90f8-c3266eed3ddc +:END: +Cookie Clicker save +#+Author: Yann Esposito +#+Date: [2023-07-27] + +- tags :: +- source :: +* Save + +Mi4wNTJ8fDE2OTA0OTk2MDI0OTM7MTY5MDQ5OTYwMjQ5MzsxNjkwNTAwODMxODQxO0ZhbnRhc3RpYyBTbG90aDt3dndhcDswLDEsMCwwLDAsMCwwfDExMTExMTAxMTAwMTAxMTAwMTAxMDExMDAwMXwxNzc2My4wNTU0OTk5OTkwMTY7MzgzMzAyLjA1NTUwMDAyOTk7MjI0NzsyOzEwMTE1OzA7MDswOzA7MDswOzA7MDswOzA7MjswOzA7MDswOzA7MDs7MDswOzA7MDswOzA7MDstMTstMTstMTstMTstMTswOzA7MDswOzc1OzA7MDstMTstMTsxNjkwNDk5NjAyNDkzOzA7MDs7NDE7MDswOzg3NDs1MDswOzA7fDQwLDQwLDE1MTA3LDAsLDAsNDA7MzAsMzAsNzAzMDEsMCwsMCwzMDsyMCwyMCwxMzg3ODYsMCwsMCwyMDs2LDYsMTQ4MTA3LDAsLDAsNjswLDAsMCwwLCwwLDA7MCwwLDAsMCwsMCwwOzAsMCwwLDAsLDAsMDswLDAsMCwwLCwwLDA7MCwwLDAsMCwsMCwwOzAsMCwwLDAsLDAsMDswLDAsMCwwLCwwLDA7MCwwLDAsMCwsMCwwOzAsMCwwLDAsLDAsMDswLDAsMCwwLCwwLDA7MCwwLDAsMCwsMCwwOzAsMCwwLDAsLDAsMDswLDAsMCwwLCwwLDA7MCwwLDAsMCwsMCwwOzAsMCwwLDAsLDAsMDswLDAsMCwwLCwwLDA7fDExMTExMTEwMDAwMDAwMTExMTExMTExMDAwMDAwMDAwMTAxMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMTAwMDEwMTAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDEwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDEwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDB8MTExMDAwMDAwMDAwMDAwMDExMTAwMDAwMDAwMDAwMTAwMDExMDAwMDEwMDEwMDAwMDEwMDAwMDAwMDAwMDAwMDAwMDEwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMHx8 diff --git a/notes/dossier_mdph_anna_2023.org b/notes/dossier_mdph_anna_2023.org new file mode 100644 index 00000000..1f0c7329 --- /dev/null +++ b/notes/dossier_mdph_anna_2023.org @@ -0,0 +1,26 @@ +:PROPERTIES: +:ID: 9bc34305-e885-4578-9f2c-85c09681638d +:END: +#+title: dossier MDPH Anna 2023 +#+Author: Yann Esposito +#+Date: [2023-06-19] +#+lang: fr + +- tags :: +- source :: +* Liens + +- Formulaires: https://www.mdph13.fr/Pages/Formulaires.aspx +- https://mdphenligne.cnsa.fr/mdph/13 +- dossier: [[file:~/Library/Mobile Documents/com~apple~CloudDocs/Documents/1-Administration/MDPH/MDPH-2023][dossier 2023]] + +** Addresse + +Maison Départementale des Personnes Handicapées des Bouches du Rhône +4 quai d’Arenc, 13304 Marseille Cedex 02 + +0800 814 844 +accueil.information.mdph@mdph13.fr + +Accueil Physique : du lundi au jeudi de 9h00 à 16h00 +Accueil Téléphonique : du lundi au vendredi de 9h00 à 12h30 et de 13h30 à 17h00 (appel gratuit depuis un poste fixe) diff --git a/notes/full_integration_development_doc.org b/notes/full_integration_development_doc.org new file mode 100644 index 00000000..5436281a --- /dev/null +++ b/notes/full_integration_development_doc.org @@ -0,0 +1,32 @@ +:PROPERTIES: +:ID: b073b659-19e2-4402-b3ef-087ee67aa201 +:END: +#+Title: Full Integration Development Doc +#+Author: Yann Esposito +#+Date: [2023-07-17] + +- tags :: +- source :: + +* Full Integration Development Doc + +*Full Integration with XDR:* +Your UI is hosted on the same URL as XDR. + +Steps: + +1. Check which URL/APIs your integration will use (check the scope in Swagger UI) +2. Create a client with these scopes (Authorization Code Grant) +3. Test your integration with this client: + - With normal clients: use =/iroh/oauth2/authorize= to retrieve a refresh token. + - With trusted clients (you must ask the IROH team to bless it) + Retrieve a refresh token from any account of your own IROH org + by using =/iroh/ouauth2/cumstom= endpoints using your own session token. +4. Once the tests are conclusive: + - create a new client per IROH environment (INT, TEST, PROD NAM, PROD EU, + PROD APJC) + - Ask the IROH (XDR-backend) team to bless these new clients as "trusted" and + change their availability to =everyone=. + +*Optionally*, improve the security of your API by asking to add an audience to +your client. diff --git a/notes/impots2022/20230414120304587.pdf b/notes/impots2022/20230414120304587.pdf new file mode 100644 index 00000000..2b683128 Binary files /dev/null and b/notes/impots2022/20230414120304587.pdf differ diff --git a/notes/impots2022/Facture_Déc_2022_Client_1047.pdf b/notes/impots2022/Facture_Déc_2022_Client_1047.pdf new file mode 100644 index 00000000..c5591a4c Binary files /dev/null and b/notes/impots2022/Facture_Déc_2022_Client_1047.pdf differ diff --git a/notes/impots2022/Facture_Nov_2022_Client_1047.pdf b/notes/impots2022/Facture_Nov_2022_Client_1047.pdf new file mode 100644 index 00000000..d78cb55e Binary files /dev/null and b/notes/impots2022/Facture_Nov_2022_Client_1047.pdf differ diff --git a/notes/impots2022/Facture_Oct_2022_Client_1047.pdf b/notes/impots2022/Facture_Oct_2022_Client_1047.pdf new file mode 100644 index 00000000..72eff76b Binary files /dev/null and b/notes/impots2022/Facture_Oct_2022_Client_1047.pdf differ diff --git a/notes/impots2022/Facture_Sep_2022_Client_1047.pdf b/notes/impots2022/Facture_Sep_2022_Client_1047.pdf new file mode 100644 index 00000000..cdcbba72 Binary files /dev/null and b/notes/impots2022/Facture_Sep_2022_Client_1047.pdf differ diff --git a/notes/impots2022/fiche_fiscale_cisco.pdf b/notes/impots2022/fiche_fiscale_cisco.pdf new file mode 100644 index 00000000..3da7e2a3 Binary files /dev/null and b/notes/impots2022/fiche_fiscale_cisco.pdf differ diff --git a/notes/impots_2022.org b/notes/impots_2022.org index e5eab86c..fed17b71 100644 --- a/notes/impots_2022.org +++ b/notes/impots_2022.org @@ -189,3 +189,17 @@ Gain ou Perte * Dons (7UF) Chien Espoir & Handicap: 2000€ + +* Aide à la Personne ; Togi Sante (7DB) + +Factures Togi + +| Date | Facture | +|-----------+---------| +| Sept 2022 | 304.00 | +| Oct 2022 | 243.20 | +| Nov 2022 | 185.60 | +| Dec 2022 | 121.60 | +|-----------+---------| +| Total | 854.4 | +#+TBLFM: @>$2=vsum(@I..@II) diff --git a/notes/journal/2023/2023-06-25.org b/notes/journal/2023/2023-06-25.org new file mode 100644 index 00000000..f0d8aea1 --- /dev/null +++ b/notes/journal/2023/2023-06-25.org @@ -0,0 +1,94 @@ +#+Title: Journal (2023-06-25 - ∆y=46.31 (16913)) +#+Author: Yann Esposito +#+Date: [2023-06-25] +#+LANG: fr + +* Résume Journée +:PROPERTIES: +:VISIBILITY: content +:CREATED: 20230625 +:END: + +** Matin +:PROPERTIES: +:VISIBILITY: content +:CREATED: 20230625 +:END: + + | Pression au travail ? | 3/5 | + | Motivé de commencer la journée ? | 3/5 | + | Est-ce que je me sens plein d'énergie ? | 3/5 | + | Est-ce que je me sens concentré et préparé ? | 3/5 | + +- Que dois-je faire en dehors du travail ? + +** Soirée +:PROPERTIES: +:CREATED: 20230625 +:END: + | activité φ | ?/5 | au lit -> sport | + | nourriture | ?/5 | mal-bouffe -> saine | + | humeur | ?/5 | exécrable -> excellente | + | énergie | ?/5 | exécrable -> excellente | + | intérêt | ?/5 | ennuie -> exceptionnel | +* 2023-06-25 Sunday +** 12:31 + +Aujourd'hui, je prends l'avion pour partir à un offsite à Atlanta. + +Le programme ne semble pas vraiment adapté à mon type de personnalité. +Plutôt introverti. +Depuis hier, j'ai une sensation d'anxiété qui ne s'est pas atténuée. +Et c'est difficile de mettre exactement le doigt sur la raison précise. +J'ai déjà fait beaucoup de voyages, mais à chaque fois, j'ai une façon de me +présenter ou de gérer le voyage qui me fait apparaître comme un "débutant" des +voyages d'avion alors que j'ai pas mal d'expérience en réalité. +Le pire, c'est que je fais un effort conscient pour apparaître comme une +personne qui a l'habitude. +Donc évidemment j'ai cette sensation d'échec complet de mes efforts. + +Ensuite, cette semaine Krystelle va se retrouver toute seule, sans les chien +dans la maison. +Et c'est probablement ce qui consciemment me pose le plus d'inquiétudes. +Il y a une question de sécurité, mais aussi peut-être une remise en question de +moi-même. +Combien de fois m'a-t-elle reprochée d'être inutile, pire un poids mort. +Sans moi, ça lui donnera probablement de l'eau à son moulin. +Elle sera seule, j'imagine qu'il n'y aura quasi pas du tout de "travail" de +maison à faire. +De plus, il y a comme une sorte de mur invisible, une incompréhension de ce que +ma femme pense pendant que je me sens inquiet du voyage. + +Le voyage a été décalé, plusieurs fois. +Hier soir à 21h00, j'ai vu le mail par chance. +J'ai un autre vol qui me décale le tout de 4h. +J'arriverai assez tard à Atlanta, vers 21h00, le temps de passer la sécurité, et +de prendre le taxi, je ne serai probablement pas à mon hôtel avant 22h00. Soit, +pour mon horloge interne 4h du matin (il y a 6h de décalage). + +Je suis arrivé bien trop tôt (et je le savais) parce que je n'ai pas pu faire le +check-in via le net. Le site, et l'application d'Airfrance/Delta, tout ça marche +très mal ensemble. +J'ai donc pris beaucoup de précautions. + +Et donc, ce matin, un petit au-revoir rapide avec Krystelle. Je lui avait payé +des cours de cuisine et c'était aujourd'hui. +Petit au-revoir rapide avec mes enfants avant de prendre le taxi. + +Pendant mon attente, j'appelle mon père et ma mère juste pour discuter. +La discussion reste courte et un peu distante. +Tout ça mis bout à bout, avec le fait que je suis seul à partir de Marseille, +Guillaume, Mat et G2 sont partis ensemble de Nice, fait que je me sens vraiment +très seul. + +Parfois j'aime ma solitude, mais il y a deux mots en anglais pour désigner une +solitude positive et une autre avec une interprétation plus négative. +Et bien, j'ai bien ressenti ça, la sensation d'être loin de mes proches. +Le pire avec ça, c'est cette sensation d'être la ressource principale de la +famille. Je veux dire, la ressource financière, sans moi, je pense que leur vie +deviendrait très dure. + +Enfin, voilà, j'essaye de, pour une fois, écrire à plat ce que je pense. +Écrire cette petite entrée de journal me permet de changer mes petites habitudes +et c'est pas mal. +Cela aiderait probablement si j'arrivais à en faire une habitude. diff --git a/notes/mdph_2023.org b/notes/mdph_2023.org new file mode 100644 index 00000000..1cc9a88d --- /dev/null +++ b/notes/mdph_2023.org @@ -0,0 +1,24 @@ +:PROPERTIES: +:ID: 571da5f1-e069-4a19-8181-756f24ca9740 +:END: +MDPH 2023 +#+Author: Yann Esposito +#+Date: [2023-05-22] +- tags :: +- source :: https://www.mdph13.fr/Pages/Formulaires.aspx + +* MDPH :anna:mdph: + +** Documents + + +*** Certificat Medical de moins de 6 mois +*** Une photocopie recto verso d’un justificatif d’identité de la personne handicapée et, le cas échéant, de son représentant légal +*** Une photocopie d’un justificatif de domicile + +** Questions pour Autisme Info Service + +*** Vaut-il mieux demander un renouvellement des droits ? + +- Passage à l'age adulte. +- Demande de reconnaissance à vie diff --git a/notes/programming_langage_ideas.org b/notes/programming_langage_ideas.org new file mode 100644 index 00000000..9c7a13cf --- /dev/null +++ b/notes/programming_langage_ideas.org @@ -0,0 +1,103 @@ +:PROPERTIES: +:ID: 31da574a-3a97-41e7-9513-764b55830ff1 +:END: +Programming Langage Ideas +#+Author: Yann Esposito +#+Date: [2023-08-05] + +- tags :: [[id:bec11f07-ffed-487b-9059-bdf6696548ab][programming]] +- source :: +* Ideas + +This is about a few nice ideas I had about what would be *my* ultimate programming language. +I am not sure they all make perfect sense. But we'll see. + +First, most of them are kind of inspired by practice, idea about LISP. I think +most of these ideas aren't new at all. But their combination might be useful. + +* Syntax Agnostic + +The programming world uses text editors and not AST editor. +That's a fact and anyway, I don't want a programming language that would force +tooling on its users. Typically this is what made DrRacket not enjoyable. +I like my vim or emacs system. I don't want to use a strange IDE. + +Also, people are generally used to a specific syntax. And let's be clear. +This TOTALLY SUCKS. Yep, this adds an obfuscation layer to the semantic. +Here, I am in the camp of LISPers that makes it a lost easier to internalize +the AST of your program. +But, even LISPs are not perfectly syntax agnostic. + +Here is my proposed solution: + +1. Have an internal AST representation. +2. From this representation ability to generate Text in different syntaxes, + mainly LISP or C/Java/Javascript/shitty one. Perhaps even Haskell/OCaml-like. +3. Have a builder that take the last modified date and sync every + representations. If you change the LISP file, it will update the internal + AST and the C-like. + If you change the C-like, update the LISP and internal AST. + If you directly modify the AST, then update all declared representations. + Mainly this jobs should be run a bit like a background make. + + What should this solve: + +1. If you join a new project, you can expose multiple syntaxes. So you can read + the code via Github for example by looking at your preferred syntax. +2. If you want to be 1337 dev, you can code a direct AST editor and this will + still make the change visible as Text for other editors. + =git diff= might kind of suck, but I think with minimal tooling this makes this acceptable. + + +* Compile-Time Meta-constraints + +Add a "mods" mechanism (a bit like in games like Factorio if you like) +that add "features" to your specific project (or even sub-part of your projects). + +Typically I want to be able to express either for the whole project or specific +parts of the project: + + every new namespace must be tested. + + every new function must be unit-tested + + Every namespace must have docstring + + Every function must have a docstring + + The project must have a sync'ed documentation + + Force generative testing on pure functions + + Every variable must have declared types for a specific type-system. + + This sub-part of the project must be checked via a specific type-system + (hindly-milner, dependent typing with a specific base, linear typing, etc…) + +More importantly, the important part is that this must be explicit. +One function wouldn't add a unit-test. No problem, but you MUST explicitly +say so. + +How could we do this. Mainly by creating "Macros", mainly ability to add code +that will be run on your code at compile time to check that your code obey some +specific rules. +This would make a lot clearer that some code will be run at compile time. +This will also make possible to add different type-system depending on what your +project is focused on. For example, you can build specific type system to control +the complexity of a function. But for that, you will need a mechanism that will +take the AST and analyze it. And for that to work, you will need a system that +will "only" add metas (so AST-level annotation) for a few core functions in the language. +And if you use an "external", the module should ask you to manually annotate +these unknown functions. + +But mainly we want a mechanism like the clojure metas, that could be used to run +compile-time checks. + +Note, it would still be helpful to keep this metas at runtime depending on your need. +But I am not sure how to correctly choose between compile-time only vs compile+run-time. +Because if we allow run-time AST evaluation then, this will make the language a +lot more powerful at the risk of making it a lot more difficult to check at +compile-time and reduce a lot of compile-time advantages. + +* Service-compatible in the Language + +The Service-Pattern is probably universal but there are many choices here. +Perhaps, the best place to put this would be to put this structure in the mods +and not directly in the language. +But it would be very nice to have a well-designed service-dependency system. + +More precisely, we want to be able to write programs with: + +- Run ~main~ with this LogService, and DBService and, intialized with this ConfigService diff --git a/notes/small_web.org b/notes/small_web.org new file mode 100644 index 00000000..c29a1efc --- /dev/null +++ b/notes/small_web.org @@ -0,0 +1,8 @@ +:PROPERTIES: +:ID: e7f8ce2b-3c40-4f5d-bed7-fe6b97e7a460 +:END: +small-web +#+Author: Yann Esposito +#+Date: [2023-07-29] +- tags :: +- source :: diff --git a/notes/xdr-monetization-piam-entitlement-summary.png b/notes/xdr-monetization-piam-entitlement-summary.png new file mode 100644 index 00000000..10b9ae7a Binary files /dev/null and b/notes/xdr-monetization-piam-entitlement-summary.png differ diff --git a/notes/xdr-monetization-piam-entitlements.png b/notes/xdr-monetization-piam-entitlements.png new file mode 100644 index 00000000..7b3cea34 Binary files /dev/null and b/notes/xdr-monetization-piam-entitlements.png differ diff --git a/notes/xdr_monetization.html b/notes/xdr_monetization.html new file mode 100644 index 00000000..e91b2df5 --- /dev/null +++ b/notes/xdr_monetization.html @@ -0,0 +1,543 @@ + + + + +XDR Monetization + + + + + + + +
+
+
+

XDR Monetization

Yann Esposito

2023-07-12 Wed 00:00

Created: 2023-07-12 Wed 17:38

+
+
+ +
+ +
+
+

1. Intro

+
+
+
+
+

1.1. What?

+
    +
  • Entitlements: What the customer is paying for.
    • +
  • Access Rules: What services should allow, restrict.
    • + +
+ +
+
+

1.2. Example

+
+
+
+
+

1.2.1. Entitlements:

+
    +
  • Tier: Essentials for 1000 users (number of Lees).
    • +
  • Extra Data Retention “add-on”: 180 days
    • +
  • Extra Ingest “add-on”: 2 GB
    • + +
+ +
+
+

1.2.2. Access Rule example:

+
    +
  • Total Ingest: 4000GB (1000 user × (2GB + 2GB))
    • +
  • Time to Keep Data: 180 days (yes, extra might not mean what we could expect)
    • + +
+ +

+ref: https://wwwin-github.cisco.com/cisco-sbgidm/docs/blob/master/provisioning/xdr/xdr-ga.md#entitlements +

+ +
+
+

1.3. How?

+

+Entitlement represent what the customer pays for. +PIAM creates and updates them. +

+ + +
+

xdr-monetization-piam-entitlements.png +

+
+ +
+
+

1.4. Also Entitlement Summary

+

+IROH exposes an API to retrieve an EntitlementSummary. +A data structure easier to consume than the list of entitlements. +

+ + +
+

xdr-monetization-piam-entitlement-summary.png +

+
+ +
+
+
+
+

2. Entitlements (technically)

+

+Example of a list of Entitlements sent by PIAM to IROH: +

+ +
+
+

2.1. Just the Tier, no add-on:

+
+ +
[{"name" "tier",
+  "value" "advantage",
+  "quantity" {"value" 1000, "unit" "users"},
+  "enforce-quantity" true}]
+
+
+ + +
+
+

2.2. Tier with add-ons

+
+ +
[{"name":"tier",
+  "value":"essentials",
+  "quantity":{"value":1000, "unit":"users"},
+  "enforce-quantity":true},
+ {"name":"extra_ingest",
+  "value":"",
+  "quantity":{"value":2, "unit":"GB"},
+  "enforce-quantity":true},
+ {"name":"extra_data_retention",
+  "value":"",
+  "quantity":{"value":180, "unit":"days"},
+  "enforce-quantity":true}]
+
+
+ +
+
+

2.3. PIAM Doc

+

+From Paul Chichonski’s doc +

+ +

+https://wwwin-github.cisco.com/cisco-sbgidm/docs/blob/master/provisioning/product-spec.md#multi-valued-attributes +

+ +
+
+

2.3.1. Entitlements

+
    +
  • entitlements – A list of entitlements the tenant is allowed to use. Each item in +the list is an object with the following fields:
    • + +
+ +
+ +
[{"name":"tier",
+  "value":"essentials",
+  "quantity":{"value":1000, "unit":"users"},
+  "enforce-quantity":true},
+ {"name":"extra_ingest",
+  "value":"",
+  "quantity":{"value":2, "unit":"GB"},
+  "enforce-quantity":true}]
+
+
+ +
+
+

2.3.2. name

+
    +
  • name – The name of the entitlement (defined as part of the entitlement +controlled vocabulary between PIAM and the product)
    • + +
+ +
+
+

2.3.3. value

+
    +
  • value – Some entitlements will have a string value that serves to qualify the +entitlement. For example an entitlement with name=tier may have three +different manifestations if there are three different tiers (e.g., {"name": + "tier", "value": "essentials"}, {"name": "tier", "value": "primary"}, + {"name": "tier", "value": "advantage"})
    • + +
+ +
+
+

2.3.4. quantity

+
    +
  • quantity – Some entitlements will have numeric quantity associated with the +entitlement, this represents the amount of this entitlement the tenant is +permitted to consume. Each quantity field will contain an object with the +following values: +
      +
    • value - The number holding the actual quantity.
      • +
    • unit - A string representing what unit to use when interpreting the quantity.
      • + +
    • + +
+ +
+
+

2.3.5. quantityenforced

+
    +
  • quantity_enforced – A boolean field, if true it means that the product +should enforce the allocated quantity of the entitlement for this tenant. It +is up to the product to determine how to do this. Cases where this will be +false are if the customer purchased via a buying program that supports a +“pay as you go” pricing model.
    • + +
+ +
+
+
+
+

3. Entitlement Summary

+

+The Entitlement Summary provides a data-structure easier to consume +than the entitlements list. +

+ +
    +
  • A JSON Object instead of list.
    • +
  • Additional technically useful entries.
    • + +
+ +
+
+

3.1. Structure

+

+The main structure of the EntitlementSummary is: +

+ +
+{<entitlement-name>: <entitlement-details>}
+
+ +

+Where <entitlement-details> looks like: +

+ +
+ +
{"title": "something", // <- optional instead of value:""
+ "quantity": Integer,
+ "unit": "human-readable-unit",
+ "enforce?": Boolean}
+
+
+
+
+

3.2. Tier-only Entitlement

+

+When PIAM send this list of Entitlements: +

+ +
+ +
[{"name" : "tier",
+  "value" : "advantage",
+  "quantity" : {"value" : 32000,
+                "unit" : "users"},
+  "enforce-quantity" : true}]
+
+
+ +
+
+

3.3. The EntitlementSummary will look like this:

+
+ +
{"tier" : {"title" : "advantage",
+           "quantity" : 32000,
+           "unit" : "users",
+           "enforce?" : true}}
+
+
+ +
+
+

3.4. With Add-ons

+

+If PIAM send a list of Entitlements with add-ons: +

+ +
+ +
[ {"name" : "tier",
+   "value" : "premier",
+   "quantity" : {"value" : 1000, "unit" : "users"},
+   "enforce-quantity" : true},
+  {"name" : "extra_ingest",
+   "value" : "",
+   "quantity" : {"value" : 2, "unit" : "GB"},
+   "enforce-quantity" : true},
+  {"name" : "extra_data_retention",
+   "value" : "",
+   "quantity" : {"value" : 180, "unit" : "days"},
+   "enforce-quantity" : true}]
+
+
+ +
+
+

3.5. The EntitlementSummary will be:

+
+ +
{"tier": {"title": "premier",
+          "quantity": 1000,
+          "unit": "users",
+          "enforce?": true},
+ "extra_data_retention": {"quantity": 180,
+                          "unit": "days",
+                          "enforce?": true},
+ "extra_ingest": {"quantity": 2,
+                  "unit": "GB",
+                  "enforce?": true}}
+
+
+ +
+
+

3.6. Entitlements consumption in js

+
+ +
function get_entitlement_tier (entitlements) {
+    for (entitlement in org.entitlements) {
+        if (entitlement.name == "tier") {
+            return entitlement.title;
+        }
+    }
+}
+let tier =  get_entitlement_tier (entitlements);
+
+
+ +
+
+

3.7. EntitlementSummary consumption in js

+
+ +
let tier = whoami.org["entitlement-summary"].tier.title;
+
+
+ +
+
+

3.8. More to come

+
+
+
+
+

3.8.1. IROH Internal

+

+But we plan to add more technical specific values so it helps every Entitlement consumer. +That way it would make possible to share between product specific technical values. +

+ +

+For example, we plan to add: +

+
    +
  • a list of allowed modules.
    • +
  • an optional list of additional scopes
    • +
  • rate limits
    • + +
+ +
+
+

3.8.2. XDR global values

+

+If you want us to add some information, so we could centralize some logic +related to entitlement into IROH just ask us to add it. +Ideally, this should only contain data that could be shared between different modules. +For example: +

+ +
    +
  • allowed workflows, or allowed properties for workflows
    • +
  • specific limitations for a specific module (read-only, etc…)
    • + +
+ +
+
+

3.8.3. Example

+
+ +
{"tier": {"title": "premier",
+          "quantity": 1000,
+          "unit": "users",
+          "enforce?": true},
+ "extra_data_retention": {"quantity": 180,
+                          "unit": "days",
+                          "enforce?": true},
+ "extra_ingest": {"quantity": 2,
+                  "unit": "GB",
+                  "enforce?": true},
+ // ---- SUMMARY OF TECHNICAL LIMITS
+ "summary" {...}}
+
+
+ +
+
+

3.8.4. Summary

+
+ +
{// ---- SUMMARY OF TECHNICAL LIMITS
+ "summary" {
+     // PIAM Logic
+     "data-retention-in-days": 180, // use extra_data_retention + tier
+     "data-maximal-size-in-GB": 4000, // use extra_ingest + tier quantity
+     // IROH Internal
+     "additional-scopes": [ ... ],  // depends on the tier
+     "allowed-modules": [ ... ],    // depends on the tier
+     // XDR Shared Global Rules
+     "restricted-workflows": [...], // depends on the tier (or something else)
+     "rate-limits": // can change depending on the tier
+         {"sca": {"queries-per-minutes": "100"},
+          "sxo": {"queries-per-minutes": "80"},
+          "csc": ...},
+     ...
+ }
+}
+
+
+ +
+
+
+
+

4. Conclusion

+
    +
  • tier? GET /iroh/profile/whoami +then whoami.org["entitlement-summary"].tier.title
    • +
  • Summary only: GET /iroh/profile/entitlement-summary
    • +
  • raw entitlements: GET /iroh/profile/entitlements
    • + +
+
+
+
+
+ + + + + + + + diff --git a/notes/xdr_monetization.org b/notes/xdr_monetization.org new file mode 100644 index 00000000..ba6e645b --- /dev/null +++ b/notes/xdr_monetization.org @@ -0,0 +1,312 @@ +:PROPERTIES: +:ID: 6b389575-42a7-4f0d-a7eb-e9bf6795a718 +:END: +#+Title: XDR Monetization +#+Author: Yann Esposito +#+Date: [2023-07-12] + +* Intro + +** What? + +- *Entitlements*: What the customer is paying for. +- *Access Rules*: What services should allow, restrict. + +** Example + +*** Entitlements: + +- Tier: Essentials for 1000 /users/ (number of [[https://cisco.sharepoint.com/sites/SecurityPersonas/SitePages/prime-employee.aspx?csf=1&web=1&e=LcTwTp][Lees]]). +- Extra Data Retention "add-on": 180 /days/ +- Extra Ingest "add-on": 2 /GB/ + +*** Access Rule example: + +- *Total Ingest*: 4000GB (1000 user × (2GB + 2GB)) +- *Time to Keep Data*: 180 days (yes, *extra* might not mean what we could expect) + +ref: https://wwwin-github.cisco.com/cisco-sbgidm/docs/blob/master/provisioning/xdr/xdr-ga.md#entitlements + +** How? + +Entitlement represent what the customer pays for. +PIAM creates and updates them. + +#+begin_src plantuml :file xdr-monetization-piam-entitlements.png +PIAM -> IROH : enterprise_id,Entitlements +Any -> IROH : /iroh/profile/entitlements +IROH -> Any : Entitlements +PIAM -> IROH : update Entitlements +Any -> IROH : /iroh/profile/entitlements +IROH -> Any : Entitlements +#+end_src + +#+RESULTS: +[[file:xdr-monetization-piam-entitlements.png]] + +** Also Entitlement Summary + +IROH exposes an API to retrieve an ~EntitlementSummary~. +A data structure easier to consume than the list of entitlements. + +#+begin_src plantuml :file xdr-monetization-piam-entitlement-summary.png +PIAM -> IROH : enterprise_id,Entitlements +Any -> IROH : /iroh/profile/whoami +IROH -> Any : enterprise_id,EntitlementSummary +PIAM -> IROH : update Entitlements +Any -> IROH : /iroh/profile/whoami +IROH -> Any : enterprise_id,EntitlementSummary +#+end_src + +#+RESULTS: +[[file:img/piam-entitlement-summary.png]] + +* Entitlements (technically) + +Example of a list of ~Entitlements~ sent by PIAM to IROH: + +** Just the Tier, no add-on: + +#+begin_src js +[{"name" "tier", + "value" "advantage", + "quantity" {"value" 1000, "unit" "users"}, + "enforce-quantity" true}] +#+end_src + + +** Tier with add-ons + +#+begin_src js +[{"name":"tier", + "value":"essentials", + "quantity":{"value":1000, "unit":"users"}, + "enforce-quantity":true}, + {"name":"extra_ingest", + "value":"", + "quantity":{"value":2, "unit":"GB"}, + "enforce-quantity":true}, + {"name":"extra_data_retention", + "value":"", + "quantity":{"value":180, "unit":"days"}, + "enforce-quantity":true}] +#+end_src + +** PIAM Doc + +From [[https://wwwin-github.cisco.com/cisco-sbgidm/docs/blob/master/provisioning/xdr/xdr-ga.md#entitlements][Paul Chichonski's doc]] + +https://wwwin-github.cisco.com/cisco-sbgidm/docs/blob/master/provisioning/product-spec.md#multi-valued-attributes + +*** Entitlements + +- ~entitlements~ -- A list of entitlements the tenant is allowed to use. Each item in + the list is an object with the following fields: + +#+begin_src js +[{"name":"tier", + "value":"essentials", + "quantity":{"value":1000, "unit":"users"}, + "enforce-quantity":true}, + {"name":"extra_ingest", + "value":"", + "quantity":{"value":2, "unit":"GB"}, + "enforce-quantity":true}] +#+end_src + +*** name + +- ~name~ -- The name of the entitlement (defined as part of the entitlement + controlled vocabulary between PIAM and the product) + +*** value + +- ~value~ -- Some entitlements will have a string value that serves to qualify the + entitlement. For example an entitlement with ~name=tier~ may have three + different manifestations if there are three different tiers (e.g., ~{"name": + "tier", "value": "essentials"}~, ~{"name": "tier", "value": "primary"}~, + ~{"name": "tier", "value": "advantage"}~) + +*** quantity + +- ~quantity~ -- Some entitlements will have numeric quantity associated with the + entitlement, this represents the amount of this entitlement the tenant is + permitted to consume. Each quantity field will contain an object with the + following values: + - ~value~ - The number holding the actual quantity. + - ~unit~ - A string representing what unit to use when interpreting the quantity. + +*** quantity_enforced + +- ~quantity_enforced~ -- A boolean field, if ~true~ it means that the product + should enforce the allocated quantity of the entitlement for this tenant. It + is up to the product to determine how to do this. Cases where this will be + ~false~ are if the customer purchased via a buying program that supports a + "pay as you go" pricing model. + +* Entitlement Summary + +The Entitlement Summary provides a data-structure easier to consume +than the entitlements list. + +- A JSON Object instead of list. +- Additional technically useful entries. + +** Structure + +The main structure of the ~EntitlementSummary~ is: + +#+begin_src +{: } +#+end_src + +Where ~~ looks like: + +#+begin_src js +{"title": "something", // <- optional instead of value:"" + "quantity": Integer, + "unit": "human-readable-unit", + "enforce?": Boolean} +#+end_src +** Tier-only Entitlement + +When PIAM send this list of ~Entitlements~: + +#+begin_src js +[{"name" : "tier", + "value" : "advantage", + "quantity" : {"value" : 32000, + "unit" : "users"}, + "enforce-quantity" : true}] +#+end_src + +** The ~EntitlementSummary~ will look like this: + +#+begin_src js +{"tier" : {"title" : "advantage", + "quantity" : 32000, + "unit" : "users", + "enforce?" : true}} +#+end_src + +** With Add-ons + +If PIAM send a list of ~Entitlements~ with add-ons: + +#+begin_src js +[ {"name" : "tier", + "value" : "premier", + "quantity" : {"value" : 1000, "unit" : "users"}, + "enforce-quantity" : true}, + {"name" : "extra_ingest", + "value" : "", + "quantity" : {"value" : 2, "unit" : "GB"}, + "enforce-quantity" : true}, + {"name" : "extra_data_retention", + "value" : "", + "quantity" : {"value" : 180, "unit" : "days"}, + "enforce-quantity" : true}] +#+end_src + +** The ~EntitlementSummary~ will be: + +#+begin_src js +{"tier": {"title": "premier", + "quantity": 1000, + "unit": "users", + "enforce?": true}, + "extra_data_retention": {"quantity": 180, + "unit": "days", + "enforce?": true}, + "extra_ingest": {"quantity": 2, + "unit": "GB", + "enforce?": true}} +#+end_src + +** ~Entitlements~ consumption in js + +#+begin_src js +function get_entitlement_tier (entitlements) { + for (entitlement in org.entitlements) { + if (entitlement.name == "tier") { + return entitlement.title; + } + } +} +let tier = get_entitlement_tier (entitlements); +#+end_src + +** EntitlementSummary consumption in js + +#+begin_src js +let tier = whoami.org["entitlement-summary"].tier.title; +#+end_src + +** More to come + +*** IROH Internal + +But we plan to add more technical specific values so it helps every Entitlement consumer. +That way it would make possible to share between product specific technical values. + +For example, we plan to add: +- a list of allowed modules. +- an optional list of additional scopes +- rate limits + +*** XDR global values + +If you want us to add some information, so we could centralize some logic +related to entitlement into IROH just ask us to add it. +Ideally, this should only contain data that could be shared between different modules. +For example: + +- allowed workflows, or allowed properties for workflows +- specific limitations for a specific module (read-only, etc…) + +*** Example + +#+begin_src js +{"tier": {"title": "premier", + "quantity": 1000, + "unit": "users", + "enforce?": true}, + "extra_data_retention": {"quantity": 180, + "unit": "days", + "enforce?": true}, + "extra_ingest": {"quantity": 2, + "unit": "GB", + "enforce?": true}, + // ---- SUMMARY OF TECHNICAL LIMITS + "summary" {...}} +#+end_src + +*** Summary + + +#+begin_src js +{// ---- SUMMARY OF TECHNICAL LIMITS + "summary" { + // PIAM Logic + "data-retention-in-days": 180, // use extra_data_retention + tier + "data-maximal-size-in-GB": 4000, // use extra_ingest + tier quantity + // IROH Internal + "additional-scopes": [ ... ], // depends on the tier + "allowed-modules": [ ... ], // depends on the tier + // XDR Shared Global Rules + "restricted-workflows": [...], // depends on the tier (or something else) + "rate-limits": // can change depending on the tier + {"sca": {"queries-per-minutes": "100"}, + "sxo": {"queries-per-minutes": "80"}, + "csc": ...}, + ... + } +} +#+end_src + +* Conclusion + +- tier? ~GET /iroh/profile/whoami~ + then ~whoami.org["entitlement-summary"].tier.title~ +- Summary only: ~GET /iroh/profile/entitlement-summary~ +- raw entitlements: ~GET /iroh/profile/entitlements~ diff --git a/notes/xdr_monetization.tex b/notes/xdr_monetization.tex new file mode 100644 index 00000000..519255c9 --- /dev/null +++ b/notes/xdr_monetization.tex @@ -0,0 +1,376 @@ +% Created 2023-07-12 Wed 17:18 +% Intended LaTeX compiler: pdflatex +\documentclass[11pt]{article} +\usepackage[utf8]{inputenc} +\usepackage[T1]{fontenc} +\usepackage{graphicx} +\usepackage{longtable} +\usepackage{wrapfig} +\usepackage{rotating} +\usepackage[normalem]{ulem} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{capt-of} +\usepackage{hyperref} +\author{Yann Esposito} +\date{\textit{[2023-07-12 Wed]}} +\title{XDR Monetization} +\hypersetup{ + pdfauthor={Yann Esposito}, + pdftitle={XDR Monetization}, + pdfkeywords={}, + pdfsubject={}, + pdfcreator={Emacs 29.0.60 (Org mode 9.6.1)}, + pdflang={English}} +\begin{document} + +\maketitle +\tableofcontents + + +\section{Intro} +\label{sec:orgccd9c9c} + +\subsection{What?} +\label{sec:org3c93695} + +\begin{itemize} +\item \textbf{Entitlements}: What the customer is paying for. +\item \textbf{Access Rules}: What services should allow, restrict. +\end{itemize} + +\subsection{Example} +\label{sec:org4004377} + +\subsubsection{Entitlements:} +\label{sec:org4d9cf8d} + +\begin{itemize} +\item Tier: Essentials for 1000 \emph{users} (number of \href{https://cisco.sharepoint.com/sites/SecurityPersonas/SitePages/prime-employee.aspx?csf=1\&web=1\&e=LcTwTp}{Lees}). +\item Extra Data Retention ``add-on'': 180 \emph{days} +\item Extra Ingest ``add-on'': 2 \emph{GB} +\end{itemize} + +\subsubsection{Access Rule example:} +\label{sec:org0a71eba} + +\begin{itemize} +\item \textbf{Total Ingest}: 4000GB (1000 user × (2GB + 2GB)) +\item \textbf{Time to Keep Data}: 180 days (yes, \textbf{extra} might not mean what we could expect) +\end{itemize} + +ref: \url{https://wwwin-github.cisco.com/cisco-sbgidm/docs/blob/master/provisioning/xdr/xdr-ga.md\#entitlements} + +\subsection{How?} +\label{sec:org102ca4d} + +Entitlement represent what the customer pays for. +PIAM creates and updates them. + +\begin{center} +\includegraphics[width=.9\linewidth]{xdr-monetization-piam-entitlements.png} +\end{center} + +\subsection{Also Entitlement Summary} +\label{sec:org9a0848a} + +IROH exposes an API to retrieve an \texttt{EntitlementSummary}. +A data structure easier to consume than the list of entitlements. + +\begin{center} +\includegraphics[width=.9\linewidth]{xdr-monetization-piam-entitlement-summary.png} +\end{center} + +\section{Entitlements (technically)} +\label{sec:org7404848} + +Example of a list of \texttt{Entitlements} sent by PIAM to IROH: + +\subsection{Just the Tier, no add-on:} +\label{sec:orgc760d26} + +\begin{verbatim} +[{"name" "tier", + "value" "advantage", + "quantity" {"value" 1000, "unit" "users"}, + "enforce-quantity" true}] +\end{verbatim} + + +\subsection{Tier with add-ons} +\label{sec:org39f5857} + +\begin{verbatim} +[{"name":"tier", + "value":"essentials", + "quantity":{"value":1000, "unit":"users"}, + "enforce-quantity":true}, + {"name":"extra_ingest", + "value":"", + "quantity":{"value":2, "unit":"GB"}, + "enforce-quantity":true}, + {"name":"extra_data_retention", + "value":"", + "quantity":{"value":180, "unit":"days"}, + "enforce-quantity":true}] +\end{verbatim} + +\subsection{PIAM Doc} +\label{sec:orgeacc44a} + +From \href{https://wwwin-github.cisco.com/cisco-sbgidm/docs/blob/master/provisioning/xdr/xdr-ga.md\#entitlements}{Paul Chichonski's doc} + +\url{https://wwwin-github.cisco.com/cisco-sbgidm/docs/blob/master/provisioning/product-spec.md\#multi-valued-attributes} + +\subsubsection{Entitlements} +\label{sec:org4517481} + +\begin{itemize} +\item \texttt{entitlements} -- A list of entitlements the tenant is allowed to use. Each item in +the list is an object with the following fields: +\end{itemize} + +\begin{verbatim} +[{"name":"tier", + "value":"essentials", + "quantity":{"value":1000, "unit":"users"}, + "enforce-quantity":true}, + {"name":"extra_ingest", + "value":"", + "quantity":{"value":2, "unit":"GB"}, + "enforce-quantity":true}] +\end{verbatim} + +\subsubsection{name} +\label{sec:org4fd025b} + +\begin{itemize} +\item \texttt{name} -- The name of the entitlement (defined as part of the entitlement +controlled vocabulary between PIAM and the product) +\end{itemize} + +\subsubsection{value} +\label{sec:org7d691e0} + +\begin{itemize} +\item \texttt{value} -- Some entitlements will have a string value that serves to qualify the +entitlement. For example an entitlement with \texttt{name=tier} may have three +different manifestations if there are three different tiers (e.g., \texttt{\{"name": + "tier", "value": "essentials"\}}, \texttt{\{"name": "tier", "value": "primary"\}}, + \texttt{\{"name": "tier", "value": "advantage"\}}) +\end{itemize} + +\subsubsection{quantity} +\label{sec:orgd8af516} + +\begin{itemize} +\item \texttt{quantity} -- Some entitlements will have numeric quantity associated with the +entitlement, this represents the amount of this entitlement the tenant is +permitted to consume. Each quantity field will contain an object with the +following values: +\begin{itemize} +\item \texttt{value} - The number holding the actual quantity. +\item \texttt{unit} - A string representing what unit to use when interpreting the quantity. +\end{itemize} +\end{itemize} + +\subsubsection{quantity\textsubscript{enforced}} +\label{sec:org70e8a50} + +\begin{itemize} +\item \texttt{quantity\_enforced} -- A boolean field, if \texttt{true} it means that the product +should enforce the allocated quantity of the entitlement for this tenant. It +is up to the product to determine how to do this. Cases where this will be +\texttt{false} are if the customer purchased via a buying program that supports a +``pay as you go'' pricing model. +\end{itemize} + +\section{Entitlement Summary} +\label{sec:orgd343c8e} + +The Entitlement Summary provides a data-structure easier to consume +than the entitlements list. + +\begin{itemize} +\item A JSON Object instead of list. +\item Additional technically useful entries. +\end{itemize} + +\subsection{Structure} +\label{sec:orge20a61f} + +The main structure of the \texttt{EntitlementSummary} is: + +\begin{verbatim} +{: } +\end{verbatim} + +Where \texttt{} looks like: + +\begin{verbatim} +{"title": "something", // <- optional instead of value:"" + "quantity": Integer, + "unit": "human-readable-unit", + "enforce?": Boolean} +\end{verbatim} +\subsection{Tier-only Entitlement} +\label{sec:orgd758f52} + +When PIAM send this list of \texttt{Entitlements}: + +\begin{verbatim} +[{"name" : "tier", + "value" : "advantage", + "quantity" : {"value" : 32000, + "unit" : "users"}, + "enforce-quantity" : true}] +\end{verbatim} + +\subsection{The \texttt{EntitlementSummary} will look like this:} +\label{sec:orgc8e6e94} + +\begin{verbatim} +{"tier" : {"title" : "advantage", + "quantity" : 32000, + "unit" : "users", + "enforce?" : true}} +\end{verbatim} + +\subsection{With Add-ons} +\label{sec:orgbb2ae87} + +If PIAM send a list of \texttt{Entitlements} with add-ons: + +\begin{verbatim} +[ {"name" : "tier", + "value" : "premier", + "quantity" : {"value" : 1000, "unit" : "users"}, + "enforce-quantity" : true}, + {"name" : "extra_ingest", + "value" : "", + "quantity" : {"value" : 2, "unit" : "GB"}, + "enforce-quantity" : true}, + {"name" : "extra_data_retention", + "value" : "", + "quantity" : {"value" : 180, "unit" : "days"}, + "enforce-quantity" : true}] +\end{verbatim} + +\subsection{The \texttt{EntitlementSummary} will be:} +\label{sec:orga1d4095} + +\begin{verbatim} +{"tier": {"title": "premier", + "quantity": 1000, + "unit": "users", + "enforce?": true}, + "extra_data_retention": {"quantity": 180, + "unit": "days", + "enforce?": true}, + "extra_ingest": {"quantity": 2, + "unit": "GB", + "enforce?": true}} +\end{verbatim} + +\subsection{\texttt{Entitlements} consumption in js} +\label{sec:orgab7d502} + +\begin{verbatim} +function get_entitlement_tier (entitlements) { + for (entitlement in org.entitlements) { + if (entitlement.name == "tier") { + return entitlement.title; + } + } +} +let tier = get_entitlement_tier (entitlements); +\end{verbatim} + +\subsection{EntitlementSummary consumption in js} +\label{sec:orgd3ca5ad} + +\begin{verbatim} +let tier = whoami.org["entitlement-summary"].tier.title; +\end{verbatim} + +\subsection{More to come} +\label{sec:org9a60163} + +\subsubsection{IROH Internal} +\label{sec:org6a8035d} + +But we plan to add more technical specific values so it helps every Entitlement consumer. +That way it would make possible to share between product specific technical values. + +For example, we plan to add: +\begin{itemize} +\item a list of allowed modules. +\item an optional list of additional scopes +\item rate limits +\end{itemize} + +\subsubsection{XDR global values} +\label{sec:org7090a59} + +If you want us to add some information, so we could centralize some logic +related to entitlement into IROH just ask us to add it. +Ideally, this should only contain data that could be shared between different modules. +For example: + +\begin{itemize} +\item allowed workflows, or allowed properties for workflows +\item specific limitations for a specific module (read-only, etc…) +\end{itemize} + +\subsubsection{Example} +\label{sec:org83305cb} + +\begin{verbatim} +{"tier": {"title": "premier", + "quantity": 1000, + "unit": "users", + "enforce?": true}, + "extra_data_retention": {"quantity": 180, + "unit": "days", + "enforce?": true}, + "extra_ingest": {"quantity": 2, + "unit": "GB", + "enforce?": true}, + // ---- SUMMARY OF TECHNICAL LIMITS + "summary" {...}} +\end{verbatim} + +\subsubsection{Summary} +\label{sec:org903d7c1} + + +\begin{verbatim} +{// ---- SUMMARY OF TECHNICAL LIMITS + "summary" { + // PIAM Logic + "data-retention-in-days": 180, // use extra_data_retention + tier + "data-maximal-size-in-GB": 4000, // use extra_ingest + tier quantity + // IROH Internal + "additional-scopes": [ ... ], // depends on the tier + "allowed-modules": [ ... ], // depends on the tier + // XDR Shared Global Rules + "restricted-workflows": [...], // depends on the tier (or something else) + "rate-limits": // can change depending on the tier + {"sca": {"queries-per-minutes": "100"}, + "sxo": {"queries-per-minutes": "80"}, + "csc": ...}, + ... + } +} +\end{verbatim} + +\section{Conclusion} +\label{sec:org9d9f957} + +\begin{itemize} +\item tier? \texttt{GET /iroh/profile/whoami} +then \texttt{whoami.org["entitlement-summary"].tier.title} +\item Summary only: \texttt{GET /iroh/profile/entitlement-summary} +\item raw entitlements: \texttt{GET /iroh/profile/entitlements} +\end{itemize} +\end{document} \ No newline at end of file diff --git a/2021-W03.org b/reports/2021/2021-W03.org similarity index 100% rename from 2021-W03.org rename to reports/2021/2021-W03.org diff --git a/2021-W04.org b/reports/2021/2021-W04.org similarity index 100% rename from 2021-W04.org rename to reports/2021/2021-W04.org diff --git a/2021-W05.org b/reports/2021/2021-W05.org similarity index 100% rename from 2021-W05.org rename to reports/2021/2021-W05.org diff --git a/2021-W06.org b/reports/2021/2021-W06.org similarity index 100% rename from 2021-W06.org rename to reports/2021/2021-W06.org diff --git a/2021-W07.org b/reports/2021/2021-W07.org similarity index 100% rename from 2021-W07.org rename to reports/2021/2021-W07.org diff --git a/2021-W08.org b/reports/2021/2021-W08.org similarity index 100% rename from 2021-W08.org rename to reports/2021/2021-W08.org diff --git a/2021-W09.org b/reports/2021/2021-W09.org similarity index 100% rename from 2021-W09.org rename to reports/2021/2021-W09.org diff --git a/2021-W10.org b/reports/2021/2021-W10.org similarity index 100% rename from 2021-W10.org rename to reports/2021/2021-W10.org diff --git a/2021-W11.org b/reports/2021/2021-W11.org similarity index 100% rename from 2021-W11.org rename to reports/2021/2021-W11.org diff --git a/2021-W12.org b/reports/2021/2021-W12.org similarity index 100% rename from 2021-W12.org rename to reports/2021/2021-W12.org diff --git a/2021-W13.org b/reports/2021/2021-W13.org similarity index 100% rename from 2021-W13.org rename to reports/2021/2021-W13.org diff --git a/2021-W14.org b/reports/2021/2021-W14.org similarity index 100% rename from 2021-W14.org rename to reports/2021/2021-W14.org diff --git a/2021-W15.org b/reports/2021/2021-W15.org similarity index 100% rename from 2021-W15.org rename to reports/2021/2021-W15.org diff --git a/2021-W16.org b/reports/2021/2021-W16.org similarity index 100% rename from 2021-W16.org rename to reports/2021/2021-W16.org diff --git a/2021-W17.org b/reports/2021/2021-W17.org similarity index 100% rename from 2021-W17.org rename to reports/2021/2021-W17.org diff --git a/2021-W18.org b/reports/2021/2021-W18.org similarity index 100% rename from 2021-W18.org rename to reports/2021/2021-W18.org diff --git a/2021-W19.org b/reports/2021/2021-W19.org similarity index 100% rename from 2021-W19.org rename to reports/2021/2021-W19.org diff --git a/2021-W20.org b/reports/2021/2021-W20.org similarity index 100% rename from 2021-W20.org rename to reports/2021/2021-W20.org diff --git a/2021-W21.org b/reports/2021/2021-W21.org similarity index 100% rename from 2021-W21.org rename to reports/2021/2021-W21.org diff --git a/2021-W22.org b/reports/2021/2021-W22.org similarity index 100% rename from 2021-W22.org rename to reports/2021/2021-W22.org diff --git a/2021-W23.org b/reports/2021/2021-W23.org similarity index 100% rename from 2021-W23.org rename to reports/2021/2021-W23.org diff --git a/2021-W24.org b/reports/2021/2021-W24.org similarity index 100% rename from 2021-W24.org rename to reports/2021/2021-W24.org diff --git a/2021-W25.org b/reports/2021/2021-W25.org similarity index 100% rename from 2021-W25.org rename to reports/2021/2021-W25.org diff --git a/2022-03-tracker-archive.org b/reports/2022/2022-03-tracker-archive.org similarity index 100% rename from 2022-03-tracker-archive.org rename to reports/2022/2022-03-tracker-archive.org diff --git a/reports/2023/tracker-W01-W25.org b/reports/2023/tracker-W01-W25.org new file mode 100644 index 00000000..5571e536 --- /dev/null +++ b/reports/2023/tracker-W01-W25.org @@ -0,0 +1,1901 @@ +* 2023 +** 2023-W01 +*** 2023-01-03 Tuesday +**** MEETING 1-1 Wanderson :work:meeting: +[2023-01-03 Tue 14:26] +***** Agenda (to discuss about) +***** Notes +***** Actions +** 2023-W02 +*** 2023-01-09 Monday +**** MEETING RSA :work:meeting: +:LOGBOOK: +CLOCK: [2023-01-09 Mon 16:32]--[2023-01-09 Mon 20:04] => 3:32 +:END: +[2023-01-09 Mon 16:31] + +Option 1, Reduced features in time +- April 2023 +Option 2, more features, but longer +- April (1 scope) +- July 31 (additional scope) + +RBAC (pushed to Q4) + +- Beta on Jan 18th. + no client yet. + +- Full beta for RSA (April 24) + (option 1 scope only) + - high quality + - working software in customer environment + - limited # of customers + + +- Beta: April 24 +- LA (Limited Availability): June 30 +- GA (General Availbility): July 31 + +Detailed planning for Q3 and higher confidence for Q4 scope. +Q4 planning will require iterative refinement in Q3. + +Bi-weekly Demos +- increased visibility into work in progress +- Cross-functional, coordinated effort around feature delivery every 2 weeks +- Limit work in progress so we can demonstrate end to end functionality +- All resources should be focused on MVP items (no side distraction) +*** 2023-01-11 Wednesday +**** MEETING Q3 Incident logs Notes :work:meeting: +:LOGBOOK: +CLOCK: [2023-01-11 Wed 17:11]--[2023-01-11 Wed 17:12] => 0:01 +:END: +[2023-01-11 Wed 17:11] +***** Agenda (to discuss about) +***** Notes +***** Actions +**** MEETING IROH Events Meeting :work:meeting: +:LOGBOOK: +CLOCK: [2023-01-11 Wed 10:31]--[2023-01-11 Wed 16:28] => 5:57 +:END: +[2023-01-11 Wed 10:31] +***** Agenda (to discuss about) +***** Notes +- what about forced shutdown? + - how to ensure transaction, like event was not missed? +- what occurs if we detect a corruption? + +#+begin_src clojure +(do + (send-event :command-action) + ;; <--- shut-down + (action user-provided-data-that-create-a-shutdown-bug) + ;; <--- shut-down + (send-event :action-done x)) +#+end_src +***** Actions +*** 2023-01-12 Thursday +**** MEETING Q3 Planning :work:meeting: +:LOGBOOK: +CLOCK: [2023-01-12 Thu 17:02]--[2023-01-14 Sat 00:36] => 31:34 +:END: +[2023-01-12 Thu 17:01] +***** Response Tab + +List of recommended actions. +- some I can execute +- some that need confirmation +- log of action taken (on the right) +****** UX Standpoint +Steps: phases (identification, containment, eradication, recovery) + +*Playbook?* +A list of things to do, and the user click on a button: confirm, execute, Add note, update, etc… + +Big button to skip a phase to next one. +****** Questions + +How to keep track of the state. +Probably one solution is to have a "Playbook Instance", which will be a specific +instance for an incident of a global Playbook. +So this will contains, run-ids for workflow ids, state of the playbook from user +interactions, actions, notes, etc… +** 2023-W04 +*** 2023-01-24 Tuesday +**** MEETING 1-1 Wanderson :work:meeting: +:LOGBOOK: +CLOCK: [2023-01-24 Tue 14:25]--[2023-01-24 Tue 14:45] => 0:20 +:END: +[2023-01-24 Tue 14:25] +*** 2023-01-26 Thursday +**** MEETING Weekly meeting :work:meeting: +:LOGBOOK: +CLOCK: [2023-01-26 Thu 17:01]--[2023-01-26 Thu 18:08] => 1:07 +:END: +[2023-01-26 Thu 17:01] + +- +**** REVIEW Invitation RBAC :work:review: +:LOGBOOK: +CLOCK: [2023-01-26 Thu 16:10]--[2023-01-26 Thu 16:22] => 0:12 +:END: +[2023-01-26 Thu 16:10] +**** DONE Ask to cherry-pick the fix https://github.com/advthreat/iroh/pull/7480 :work: +DEADLINE: <2023-01-26 Thu 17:00> SCHEDULED: <2023-01-26 Thu> +[2023-01-26 Thu 10:17] +**** DONE Prévenir le salon RBAC et Prerna :work: +DEADLINE: <2023-02-13 Mon 16:00> +[2023-01-26 Thu 10:06] + +Hi all, the work toward supporting new roles in the API-only is going great so +far and I think we will be able to support the new roles in a few weeks from now. +That being said, I don't think we will be able to activate that change before +taking the time to think about the implications. + +I can provide more details about the risk I identified already. +But even before that, I want to point this particular PR that will have a direct +UX/UI implication once the XDR roles will be merged. + +The "Org Access Request" flow. +Mainly, when a user login for the first time (and every time the user reach the +Registration UI page), +the user could request access to the Orgs whose admin email matches their own. +Note for those not familiar with this, as we use cisco email, we don't see this. +So when a user request access to such Org, a sub-set of admins of this Org will +receive an email. Currently the email contains 3 links: + +- Grant access as User +- Grant access as Admin +- Reject + +But when we will activate the XDR Roles, I think we will show 1 link per role +(7) + the reject link. +Which is probably not the best UX we can think of, but at least this will be +functional. +See a screenshot example of an email here: https://github.com/advthreat/iroh/pull/7465 + +This PR will probably be merged soon and will not change anything in any +environment before we activate the XDR-Roles feature flag. +I think this should probably start a discussion about wether this is acceptable +or if we need to improve the content of the email somehow, or potentially, have +a single link that will redirect the admin to the UI on a specific +administration page to grant access to the user with a specific role. +In the last case, this would imply another UI effort to update this. + +Another remark, once we will enable the new XDR roles, some have fewer scopes +than the scopes provided to the current non-admin, user role. +One major consequence is that every integration using an OAuth2 Client asking +for scopes present in the current user role, but not present in the future XDR +role will not be able to work as the user with the new more restrictive role +will not be able to approve the client. +So we will probably need to take the time, integration by integration to check +which one could be affected. +***** Could break + +- The email to accept Org requests will have one link per role (should probably + be discussed, improved, check UX) + + Should we create the UI in the dashboard for administrate Org Access Requests? + Backend job already done to make it work with all basic features. + But if we want a full working system we need to take advantage of + notifications between admins of an Org. Should be covered by the "Audit + Logs" effort, but need a backend integration. +- In the UI, the invitation role drop-down (appear to not be difficult). Minor + backend work close to completion. +- Integration with OAuth2 Auth-Code/Device Grant clients: + + Normal clients without ~allow-partial-user-scopes~ that request a scope that + is currently provided to user, but not for some new role. + Those users will not be allowed to use this client, or existing connection + (refresh token) will be rejected on next usage. + + Advanced clients with ~allow-partial-user-scopes~ example, (Ribbon, DI, FMC I + think, etc…), in this case, the client need to have made the display, disable + status of element depending on the scopes, not just on the "role" as there + will be many more specific element that could be disabled separately. +- Potentially, some SXO discussions to provide, so working toward providing + small JWT for them and switching to it in the future. +** 2023-W06 +*** 2023-02-07 Tuesday +**** MEETING RBAC meeting :work:meeting: +:LOGBOOK: +CLOCK: [2023-02-07 Tue 16:17]--[2023-02-08 Wed 16:01] => 23:44 +:END: +[2023-02-07 Tue 16:17] + +- We will try to work on Security Analyst first. +- Discussed about sync between SXO and SX about scopes and their internal + permissions or roles (they choose their preference) +*** 2023-02-08 Wednesday +**** DONE Create the issues for PIAM work to be done :work: +SCHEDULED: <2023-02-09 Thu> +[2023-02-08 Wed 19:33] +**** MEETING Weekly API Meeting :work:meeting: +:LOGBOOK: +CLOCK: [2023-02-08 Wed 18:33]--[2023-02-08 Wed 22:44] => 4:11 +:END: +[2023-02-08 Wed 18:33] + +Talk about: + +- Minor Admin works: + - fix a security bug + - update the list of or to be part of the XDR beta + - a little bit of TAC help +- Long term background work: + - some work related to the new deployment, some work to improve node configuration + To give an idea, at first it was a duplication of 5 envs. INT, TEST and 3 PRODs. + Now we have 20 I think. This is bad, I think I need to help ops handle this. + - Waiting to talk about PIAM provisioning and Org init (activation + integrations) + - creating a scope ~insight~ for device insight needs. +- RBAC (on track) + - Olivier: right now trying to prepare retro-compatibility and revert the + feature-flag at zero cost. + - Wanderson: work toward short JWT (should be useful for AO), added DB for + access/refresh tokens which will provide the ability to have access/refresh + tokens revocation API which is currently missing. + - Next steps: wait for the return of Christopher and just after discuss with + SXO how to communicate the permissions (most probably using scopes but maybe + not in the JWT). +***** TODO Provide an impersonate route on the provisioning API to make calls +***** TODO Check SCA can init 1-click module setup +**** DONE Add scopes to Beta orgs :work: +:LOGBOOK: +CLOCK: [2023-02-08 Wed 16:51]--[2023-02-08 Wed 17:39] => 0:48 +:END: +[2023-02-08 Wed 16:51] + +Added for: + +- NAM c4538cf2-e6aa-4c13-b27a-e67788b51089 +- 4986f84e-745f-4f32-b840-803b97856e68 +*** 2023-02-10 Friday +**** CANCELED Add the impersonate scope to PIAM clients :work: +CLOSED: [2023-03-03 Fri 08:30] SCHEDULED: <2023-02-13 Mon 15:00> +:LOGBOOK: +- State "CANCELED" from "HOLD" [2023-03-03 Fri 08:30] +- State "HOLD" from "TODO" [2023-02-16 Thu 15:47] \\ + We need to wait to know if we are going to provision internally. +:END: +[2023-02-10 Fri 15:23] +** 2023-W07 +*** 2023-02-13 Monday +**** DONE Créer un meeting avec Murali et Christopher Van Der Made :work: +SCHEDULED: <2023-02-14 Tue 10:00> +[2023-02-13 Mon 17:06] + +We would like to talk with you to find a way to synchronize between IROH and SXO permissions. +**** MEETING RBAC :work:meeting: +:LOGBOOK: +CLOCK: [2023-02-13 Mon 16:32]--[2023-02-13 Mon 17:32] => 1:00 +:END: +[2023-02-13 Mon 16:32] +***** Agenda (to discuss about) +***** Notes +***** Actions +*** 2023-02-14 Tuesday +**** DONE Finish to answer to Paul :work: +DEADLINE: <2023-02-15 Wed 11:00> SCHEDULED: <2023-02-14 Tue> +[2023-02-14 Tue 18:32] +**** DONE Répondre à Paul Cichonski :work: +SCHEDULED: <2023-02-13 Mon 17:00> +[2023-02-14 Tue 15:46] +*** 2023-02-15 Wednesday +**** DONE Create an issue to internalize provisioning :work: +DEADLINE: <2023-02-21 Tue 17:30> SCHEDULED: <2023-02-21 Tue> +:LOGBOOK: +CLOCK: [2023-02-22 Wed 14:00]--[2023-02-22 Wed 15:00] => 1:00 +:END: +[2023-02-15 Wed 19:17] +***** Epic + +Epic https://github.com/advthreat/iroh/issues/7533 +****** Specialized Provisioning Route for PIAM + :PROPERTIES: + :CUSTOM_ID: specialized-provisioning-route-for-piam + :END: +We should provide a route that will in the body a =NewAccount=, being + +#+begin_src clojure +(s/defschema NewAccount + "The schema to create a New Account, + mainly all data needed to create a new Org, + a main admin User for this org and onboard it." + {:org NewOrg + :user NewUser}) + +(s/defschema NewOrg + "Org before being saved to DB" + (st/merge + {:id OrgId} + (st/optional-keys + {:name (describe s/Str "The name of the Organization specified during login.") + :enterprise-id (describe s/Str "The Cisco SBG Platform Enterprise id associated to this Org.") + :scim-status (describe SCIMStatus "Determine if your Org is activated or not (allowed values are activated or waiting-activation)") + :address OrgAddress}))) + +(s/defschema OrgAddress + (st/optional-keys + {:department s/Str + :street1 s/Str + :street2 s/Str + :postal-code s/Str + :city s/Str + :country-iso-code (apply s/enum country-iso-codes)})) + +(s/defschema NewUser + "provisioned User before being saved to DB" + (st/merge + {:user-email s/Str + :role LegacyOrXDRRoleId + :idp-mappings [PlatformUserIdPMapping]} + (st/optional-keys + {:user-name s/Str + :user-nick s/Str}))) + + + +(s/defschema PlatformUserIdPMapping + {:idp s/Str + :user-identity-id s/Str + (s/optional-key :organization-id) s/Str + :enabled? s/Bool}) +#+end_src + +From there, the endpoint will create the Org and User, then call every +onboarding URL with a user session token. + +#+begin_src clojure +(let [org (create-org new-org) + user (create-user (assoc new-user :org-id (:id org))) + user-session-token (gen-session-token user) + onboarding-responses ;; a JSON Object whose keys are URLs and values are HTTP responses objects + (->> iroh-integration-onboarding-urls + (pmap #(http/post % user-session-token)) + (map (fn [url http-response] [url http-response]) iroh-integration-onboarding-urls) + (into {}))] + ;; 201 + (created {:user user + :org org + :onboarding-responses onboarding-responses})) +#+end_src + +Ideally every external service should answer quickly but after having +successfully created an IROH Module. Ideally, the response should +contain the =module-id=. + +In order for this work to be completed every different team should +provide a new endpoint to trigger the onboarding. +****** =/onboard= Endpoint Specification + :PROPERTIES: + :CUSTOM_ID: onboard-endpoint-specification + :END: +Provide a URL that listens to HTTP POST. It must only accept queries +containing an Authorization header that will contain a Bearer token. The +token must be a valid (correctly signed, non-expired) IROH JWT. If not, +it must return a 401. + +That route should not accept any query parameter nor any body. All the +data could be retrieved from the session token passed in the +Authorization header. + +Example: + +#+begin_example +POST https://product.env.security.cisco.com/onboarding +Authorization: Bearer $JWT +Accept: application/json +#+end_example + +#+begin_example +HTTP/2 201 +server: nginx +date: Wed, 21 Feb 2023 13:43:31 GMT +content-type: text/html; charset=utf-8 +content-length: 61 +strict-transport-security: max-age=31536000; includeSubDomains +accept-ranges: bytes + +{"module-instance-id":"1e5bb994-b2b4-11ed-9de6-325096b39f47"} +#+end_example + +The server should ideally answer in less than a few seconds. If for your +product, the internal provisioning takes longer then you should simply +return a response explaining that the provisioning is in progress. The +response must be a JSON Object. Ideally, it should contain a field named +=module-instance-id= for the module-instance-id created. And potentially +other data related to the onboarding. + +#+begin_example +{"module-instance-id": String, ...} +#+end_example +******* Expectations + :PROPERTIES: + :CUSTOM_ID: expectations + :END: +The expected background work to be performed after receiving this HTTP +call is: + +1. Call =/iroh/oauth2/custom/tokens= with the User Session Token in + header (same Authorization header as received) and the body must + contain the =cliend-id= and =client-secret= created for your Product + in IROH. From this call, you should get back both an access and + refresh token. +2. You should save the refresh token. +3. The access token could be used to: + - retrieve needed data to provision a new tenant by calling + =/iroh/profile/whoami= for example + - create the module instance in IROH. + +Here is an example diagram (for Device Insight): + +#+begin_src plantuml :file Onboarding_endpoint.png +skinparam handwritten false +skinparam shadowing false + +skinparam sequence { +ParticipantFontName Chalkboard; +ParticipantBackgroundColor white; +ParticipantBorderColor #37C +GroupBorderColor #888 +ArrowColor #37C +LifeLineBorderColor #37C +} + +participant IROH as iroh +participant "Device Insight" as di + +group Provision all sub-components (should not need the IROH_TOKEN) +group#EEF #EEF Device Insights +iroh->di: POST /onboard SESSION_TOKEN +di->di: internal provisioning +di->iroh: create module +di->iroh: 201 {module-id=..., ...} +end +#+end_src + +#+caption: Onboarding_endpoint +[[https://user-images.githubusercontent.com/93899/220635593-80305d45-0f32-45a5-a94c-780ed8c244da.png]] +****** IROH internal notes + +We need to introduce a new notion of /onboardable module./ +A module is onboardable, if its module-type contain an ~onboard~ field pointing to +a single URL that follow the previous section specification. + +We should probably have an internal data structure that will associate to every +entitlement a list of /onboardable modules/. +Ideally, we should have a convention to identify internal module-type by name, +so we could refer to the device-insight module for example instead of having to +specify manually the module-id. + +Once this is done, the provisioning endpoint will be able to retrieve, from a +specific entitlement, a list of onboarding URL to call. +Instead of writing all details here, we should first write a short specification +about what is the best way to achieve this. +****** Tasks + +- [ ] *dependency* DI check or update the onboarding endpoint +- [ ] *dependency* CSC check or update the onboarding endpoint +- [ ] *dependency* SXO check or update the onboarding endpoint +- [ ] *dependency* SCA check or update the onboarding endpoint +- [ ] Write the design related to the configuration of the onboarding URLs +- [ ] Create the new endpoint +**** MEETING RBAC sync with SXO :work:meeting: +:LOGBOOK: +CLOCK: [2023-02-15 Wed 17:51]--[2023-02-15 Wed 18:51] => 1:00 +:END: +[2023-02-15 Wed 17:51] +***** Agenda (to discuss about) +1. Explain the goal +2. Propose a technical solution +****** Explain the goals + +Currently in (XDR/SecureX/CTR) IROH we only have two roles, user and admin. +We want to introduce new roles with more granular permissions, in particular for +SXO. + +SXO has a matrix of Read/Write/Execute for example. The notion of Execute does +not exists in IROH. +But SXO also has some roles. + +A first step will be to introduce new role to propose up to 7 roles (instead of +the current 2) in XDR. +But an issue is that we also want to provide a way for IROH (XDR/SecureX/CTR) +admin to create their own *custom roles*. +****** Propose a technical solution +******* Problematic solution (SXO uses the claim for the role in the JWT) + +It will work in phase 1, as we could provide a consistent list of roles. +But as soon as IROH will introduce custom role this will stop working as these +new role will probably be random ids (both in the JWT and in /whoami). +******* Proposed Solution 1 + +Use the scopes in the JWT. + +AO should provide IROH a list of scopes for every new role. + +All starting with =ao/= + +- ~ao/sxo-role-1~ +~- ao/sxo-role-2~ +~- ao/sxo-role-3~ + +or + +- ~ao/admin/sub-role-2/sub-role-3~ +******* Proposed Solution 2 + +- ~ao/sxo-permission-1~ +- ~ao/sxo-permission-2~ +- ~ao/sxo-permission-3~ +******* Proposed Solution 3 + +- ~ao~ can read, write and execute +- ~ao:read~ can read, but cannot write nor execute +- ~ao/execute~ can read and execute, but cannot write +***** Notes +***** Actions +*** 2023-02-16 Thursday +**** MEETING TD&R Checking :work:meeting: +:LOGBOOK: +CLOCK: [2023-02-16 Thu 17:04]--[2023-02-17 Fri 10:22] => 17:18 +:END: +[2023-02-16 Thu 17:04] +***** AJ + +Address rumors: + +1. Earnings, yesterday, 133M$ +**** DONE Ecrire doc pour expliquer les changements RBAC à SXO :work: +SCHEDULED: <2023-03-27 Mon 16:00> +[2023-02-16 Thu 10:20] +**** DONE Upgrade Client to ribbon 2 in TEST :work: +DEADLINE: <2023-02-16 Thu 12:00> SCHEDULED: <2023-02-16 Thu> +[2023-02-16 Thu 09:15] + +webexteams://im?space=db149a90-e8b4-11eb-9fdb-3b8d98a2bf4d + +I'm starting to look at the process to update our ribbon to use 2.0. One of the first steps in the upgrade documentation is to reach out to IROH team to get the "investigation" and "registry/user" scopes added to our oauth client. + +To start, I'd like to update the oauth client used in the test environment with client id client-b63b916a-a606-4076-9f9b-15469aec0b93. +*** 2023-02-17 Friday +**** IN-PROGRESS Fix log PR :work: +:LOGBOOK: +CLOCK: [2023-02-17 Fri 10:50]--[2023-02-22 Wed 14:31] => 123:41 +:END: +[2023-02-17 Fri 10:50] +**** DONE Extraire les logs de logins pour Prerna :work: +DEADLINE: <2023-02-17 Fri 09:45> SCHEDULED: <2023-02-17 Fri> +[2023-02-17 Fri 08:53] +** 2023-W08 +*** 2023-02-22 Wednesday +**** MEETING Weekly API Design Meeting :work:meeting: +:LOGBOOK: +CLOCK: [2023-02-22 Wed 18:35]--[2023-02-22 Wed 19:43] => 1:08 +:END: +[2023-02-22 Wed 18:35] +***** Agenda (to discuss about) +***** Notes +***** Actions +**** MEETING RBAC weekly :work:meeting: +:LOGBOOK: +CLOCK: [2023-02-22 Wed 17:03]--[2023-02-22 Wed 17:34] => 0:31 +:END: +[2023-02-22 Wed 17:03] +***** Agenda (to discuss about) +***** Notes +***** Actions +Look deeper into dependencies (3rd party scopes like sse, ao, etc…) +*** 2023-02-23 Thursday +**** DONE Check Secure Endpoint error logs :work: +CLOSED: [2023-05-06 Sat 09:06] DEADLINE: <2023-02-24 Fri 10:30> SCHEDULED: <2023-02-23 Thu> +:LOGBOOK: +- State "DONE" from "HOLD" [2023-05-06 Sat 09:06] +- State "HOLD" from "TODO" [2023-02-24 Fri 14:19] \\ + En attente du retour de Matt pour tester +:END: +[2023-02-23 Thu 19:00] +Discussion in "SecureX Secure Endpoint" +webexteams://im?space=d42b0de0-48b3-11ec-924a-a3c1923cd1c3 +Fix PR https://github.com/advthreat/iroh/pull/7473 +**** MEETING Weekly IROH Services Meeting :work:meeting: +:LOGBOOK: +CLOCK: [2023-02-23 Thu 17:04]--[2023-02-23 Thu 18:34] => 1:30 +:END: +[2023-02-23 Thu 17:04] +***** Agenda (to discuss about) +***** Notes +***** Actions +*** 2023-02-24 Friday +**** DONE Help Yannis to fix the Orbital Client :work: +SCHEDULED: <2023-02-24 Fri> +[2023-02-24 Fri 14:18] +** 2023-W09 +*** 2023-02-27 Monday +**** MEETING Staging Env :work:meeting: +:LOGBOOK: +CLOCK: [2023-02-27 Mon 16:00]--[2023-02-27 Mon 16:39] => 0:39 +:END: +[2023-02-27 Mon 16:00] +***** Agenda (to discuss about) +***** Notes +***** Actions +**** DONE Help UI beta team list the IdP used by beta org :chore: +:LOGBOOK: +CLOCK: [2023-02-27 Mon 16:39]--[2023-02-27 Mon 17:02] => 0:23 +:END: +[2023-02-27 Mon 16:59] + +There is a bug for user login via SMA +https://github.com/advthreat/securex-ui-shell/issues/115 + +In order to check if this must be resolved before going to prod, I had to check +if every org part of the beta uses TG to login. Result none. + +NAM: + +- SX Test org: b5935c68-c16a-4290-a49a-aad9bb2ea733 SXSO +- Cisco SBG Customer Insights: 40f4c64b-7934-4dc6-87d9-5ebf36c13d54 SXSO +- Jazz Air: 1b7024af-bc0a-4de1-8ce6-f093340ed5fb SXSO +- MEMIC: b62f0113-f26e-42f1-89e3-b45254c416a7 CSA and SXSO (did not perform the full IdP migration from CSA) +- Opus Holding: 4b1b4bba-f310-4251-88c3-bdf3b93d6456 CSA (some users used SXSO) +- Room & Board: 794047a5-b023-489e-b5ee-6407fcdf0daa SXSO (Migrated from CSA) +- Talos Energy: c074a67d-1e57-4e4f-9f9d-0b9ed7847bf8 SXSO (Migrated from CSA) + +EU: + +- DPD Group UK LTD: cee614cb-f35b-4147-bd27-9968d173c3ce: SXSO +*** 2023-03-01 Wednesday +**** MEETING API Design Meeting :work:meeting: +:LOGBOOK: +CLOCK: [2023-03-01 Wed 18:35]--[2023-03-01 Wed 19:50] => 1:15 +:END: +[2023-03-01 Wed 18:34] +***** Matt +Jyoti: +Leave it retro-compat for UI. +Just for the engine. + +Matt: +- in AMP, 2 calls: + 1. retrieve computers + 2. then trajectory + +Jyoti: +> Too many timeouts AMP-module. +> Use events API instead (not now). +> We should revisit. + +GB: +We have to do something uniform. +Passing additional query parameters it's ok, but for some specific servers we +could break the contract. +Suggest create a new endpoint. + +Jyoti: +Looking into AMP API to search for time constraint in search APIs. +*** 2023-03-02 Thursday +**** MEETING Workshop Day 1 :work:meeting: +:LOGBOOK: +CLOCK: [2023-03-02 Thu 17:03]--[2023-03-02 Thu 22:03] => 5:00 +:END: +[2023-03-02 Thu 17:03] + +Leave with a common understanding, but not precise technical specification. +***** Agenda +- DI +- Response +***** Device Insight +- Priorities: + - P1: + - DB simplification + - Simplification of Sources + - P2: + - Unified view of users and associated devices +** 2023-W10 +*** 2023-03-06 Monday +**** DONE Add scope to TAC-OPS orgs :work:meeting: +:LOGBOOK: +CLOCK: [2023-03-06 Mon 16:50]--[2023-03-06 Mon 20:50] => 4:00 +:END: +[2023-03-06 Mon 17:01] +**** MEETING RBAC Workshop :work:meeting: +:LOGBOOK: +CLOCK: [2023-03-06 Mon 17:02]--[2023-03-06 Mon 17:15] => 0:13 +:END: +[2023-03-06 Mon 17:01] +***** New tile to measure time of incident resolution +*** 2023-03-07 Tuesday +**** CANCELED Create a new Epic for Registration UI admin/impersonate :work: +SCHEDULED: <2023-03-28 Tue 11:30> +:LOGBOOK: +- State "CANCELED" from "TODO" [2023-04-20 Thu 15:43] +:END: +[2023-03-07 Tue 14:54] + +- https://github.com/advthreat/iroh/pull/6927 + + +In order to debug and use the Swagger UI for the Registration UI we need to add +new features. + +1. Support a selection of the registration_url from a query parameter in the + login routes. We, must check that the registration_url is part of an allowed + list of domains. +2. Centralize JWT generation that can take care of keeping the =act= (actor) claim + of an originating JWT. Tyically, if the registration UI JWT contains an =act= + we should copy it inside every JWT generated from it. By that, I mean, + session and refresh tokens, but also id_tokens, access tokens from authorized + clients, etc... + +Once we have that we will be able to use the Swagger UI for the iroh-auth-ui API. +And once we have the second we could provide an impersonate for the Registration UI. +*** 2023-03-08 Wednesday +**** IN-PROGRESS Entitlements :work: +:LOGBOOK: +CLOCK: [2023-03-08 Wed 10:43]--[2023-03-08 Wed 11:43] => 1:00 +:END: +[2023-03-08 Wed 10:42] +*** 2023-03-09 Thursday +**** DONE Review Mark PRs :work: +SCHEDULED: <2023-03-09 Thu> +[2023-03-09 Thu 18:01] + +https://github.com/advthreat/iroh/pull/7315 +**** MEETING Weekly :work:meeting: +:LOGBOOK: +CLOCK: [2023-03-09 Thu 17:13]--[2023-03-09 Thu 18:26] => 1:13 +:END: +[2023-03-09 Thu 17:13] +***** Status + +*Progress*: PIAM provisioning/entitlement/demo plan seems to be ok with all teams +involved (PIAM, IROH, SCA, Secure Client, DI, SXO) + +Open question: +- where should we put the onboarding configuration (URLs?) +** 2023-W12 +*** 2023-03-20 Monday +**** CANCELED Add org-habit+ for daily work tasks :work: +DEADLINE: <2023-03-21 Tue 10:00> SCHEDULED: <2023-03-20 Mon> +:LOGBOOK: +- State "CANCELED" from "TODO" [2023-03-21 Tue 10:47] +:END: +[2023-03-20 Mon 10:07] +**** CANCELED Améliorer issue Clients TG / Config :work: +SCHEDULED: <2023-04-19 Wed 11:00> +:LOGBOOK: +- State "CANCELED" from "IN-PROGRESS" [2023-04-20 Thu 15:43] +:END: +[2023-03-20 Mon 09:57] + +INT: + +Org-id: 5a439753-42e9-5058-872e-cb69be5455e6 +Austin Haas user-id: 553788bd-25a4-543d-b6c3-cf7dddcfda5a + + +#+begin_src clojure +{:password "13c74602-2" + :availability "everyone" + :org-id "5a439753-42e9-5058-872e-cb69be5455e6" + :owner-id "553788bd-25a4-543d-b6c3-cf7dddcfda5a" + :client-type :confidential + :grants #{:auth-code} + :redirects #{"https://int.threatgrid.com/oauth2/cb/visibility" + "https://int.threatgrid.com/oauth2/cb/securex" + "http://localhost:8080/oauth2/cb/visibility" + "http://localhost:8080/oauth2/cb/securex" + "http://localhost:8080/oauth2/cb/securex_one_click_activation" + "https://int.threatgrid.com/oauth2/cb/securex_one_click_activation"} + :id "34d94c8c-2041-4708-8172-ebe2df295ca7-2" + :name "secure malware analytics" + :allow-partial-user-scopes? true + :scopes #{"admin" + "casebook" + "enrich" + "global-intel:read" + "inspect" + "integration/module-instance" + "integration:read" + "investigation" + "notification" + "orbital" + "private-intel" + "profile" + "registry/user" + "response" + "telemetry:write" + "users"} + :approved? true + :enabled? true + :created-at #inst "2018-02-27t10:00:00" + :updated-at #inst "2018-02-27t10:00:00" + :enabled-at #inst "2018-02-27t10:00:00" + :activated-at #inst "2018-02-27t10:00:00" + :approved-at #inst "2018-02-27t10:00:00" + } +#+end_src +*** 2023-03-25 Saturday +**** DONE Add orgs to beta :work: +DEADLINE: <2023-03-27 Mon 10:00> SCHEDULED: <2023-03-25 Sat> +[2023-03-25 Sat 09:51] + +See webexteams://im?space=d6d28420-c403-11ed-8526-0db030ef0b12 +**** DONE Support body for onboardings :work: +SCHEDULED: <2023-03-27 Mon 11:00> +[2023-03-25 Sat 09:47] +**** DONE recursive search data-structure :work: +SCHEDULED: <2023-03-27 Mon 16:00> +[2023-03-25 Sat 09:44] + +Replace in TK-Store Search by +Search | [:or Search*] | [:and Search*] | [:not Search*] + +by using the trick return {:query ... :args [...]} instead of just query +** 2023-W13 +*** 2023-03-28 Tuesday +**** DONE Create issues for SSE onboarding :work: +SCHEDULED: <2023-03-28 Tue> +[2023-03-28 Tue 18:35] + +1. create client for SSE with Secure Client and DI scopes +2. Configure SCA +2. Support provisioning for free Org + (empty entitlement or entitlement.tier = free) and should only onboard CSC + and DI. +**** MEETING Performance Management :work:meeting: +:LOGBOOK: +CLOCK: [2023-03-28 Tue 18:05]--[2023-03-30 Thu 11:46] => 41:41 +:END: +[2023-03-28 Tue 18:05] + +Focus on performance management. + +Why / what are we doing? + +@Pat_Chatterton: +1. prioty, transforming the business, change what we are doing with our teams. +Conversation with our teams about where we are going. +My teams discuss once a week. + +Something that I am passionate about. Align everybody. + +This is not new. +Everybody is doing in their own way. +Lot of tools already in place. +Refresher of what we're doing. + +Tons of info come out of this. +Not only listen, but also think about it because you will be doing this. +Make sure our team is ready for next step. + +@Amelia_Lombard: +Program. + +An invitation for how to approach "performance management". + +- We as leader can be better by bing more authentically. +- Channeling *our values*. + - build and learn together + - create clarity to drive momentum + - be kinder than necessary + - celebrate together +- with empathy, support and accountability + +Sharing that data to our team members. +Look for opportunities to build on success. +Also celebrate on progress on weaknesses. + +First be clear about our expectations. +And ultimately they'll need to deliver. + +Core Career Beliefs (illuminate.cisco.com) +(share with your team) + +Please do engage. +Slido.com event code: SBGPerfMgmt pass: lift +***** Goals + +1. Understand where each of your team members perf is today +2. if some are underperforming, reach out to perf consultants for support (by + 31th March) +3. Plan for Quarterly Developement discussions +***** Performance at Cisco +@Shelly_Collins + +1. Clearly communicate how they are doing. +2. how to assess performance. + results / principles-behaviors / team-impact +3. data points: + - team space check-in insights report + - OKRs, KPIs, Scorecards + - seek feedback from peers, stakeholders + - connected recognition + - expectations set in your quarterly development +****** Performing + +Thinking about their carreer? +1. Exploring (looking for new opportunity) +2. Establishing (build my skillset) +3. Achieving (find ways to grow) +4. Excelling (broaden opportunity) +5. Reinventing (build new skillset) +****** Underperformance + +@Felicia_Glace + +1. Employee consistently missing critical meetings without reason +2. Employee not meeting business deliverables that has amplified impact +3. Lack of care in quality of work being delivered +4. Challenges with engagement +5. Individual Performance Factor (IPF) lower than 100% + +*Low performance is NOT* + +- Employee dealing with personal loss, life event +- Behavorial concerns +****** Lifting Low Performance + +Open a case with the Performance Management team + +The Low Performance Management Website. + +From a case: + +4 steps: Expectations, Notice, Opportunity, Consequences + +- Clearly communicate expectations +- Provide notice to the team member they are not meeting expectations. + Be specific about where performance is falling short. +- Provide an opportunity for the team member to improve their performance. +****** Coaching conversation + +BEFORE + +- be prepared to address questions +- both verbal coaching and documented coaching should align that employee is not + meeting expectations. +- Prepare for the first conversation by preparing documentation and gathering + supporting facts + +DURING + +AFTER +- Follow up with an email to the employee outlining progress and summarizing + discussion point +- Document feedback regularly +****** Individual Dev Template + +- short-term goals +- long-term carreer +*** 2023-03-30 Thursday +**** MEETING weekly :work:meeting: +:LOGBOOK: +CLOCK: [2023-03-30 Thu 17:01]--[2023-04-05 Wed 18:37] => 145:36 +:END: +[2023-03-30 Thu 17:01] +***** Status update +- PIAM work +- TK-Store work for composable query with and/org/not +- Work on configs +- Entitlement brainstorm +- Lot of XDR beta-flag requests +** 2023-W14 +*** 2023-04-07 Friday +**** MEETING Weekly meeting :work:meeting: +:LOGBOOK: +CLOCK: [2023-04-07 Fri 16:28]--[2023-04-07 Fri 16:30] => 0:02 +:END: +[2023-04-07 Fri 16:28] +***** Agenda (to discuss about) +***** Notes +***** Actions +** 2023-W16 +*** 2023-04-18 Tuesday +**** DONE Créer issue pour la route de description des roles :work: +SCHEDULED: <2023-04-18 Tue> +[2023-04-18 Tue 16:41] +**** MEETING RBAC Weekly Feature Sync :work:meeting: +:LOGBOOK: +CLOCK: [2023-04-18 Tue 16:01]--[2023-04-18 Tue 16:40] => 0:39 +:END: +[2023-04-18 Tue 16:01] + +- Name from "admin" to "Administrator" +- Name from "user" to "Incident Responder" +- new role "sat" named "Security Analyst" +*** 2023-04-19 Wednesday +**** DONE Create the SSE (0 Trust) scripts :work: +SCHEDULED: <2023-04-21 Fri 10:00> +:LOGBOOK: +CLOCK: [2023-04-21 Fri 09:42]--[2023-04-21 Fri 19:46] => 10:04 +:END: +[2023-04-19 Wed 20:01] +**** MEETING API Design Meeting :work:meeting: +:LOGBOOK: +CLOCK: [2023-04-19 Wed 18:30]--[2023-04-20 Thu 16:26] => 21:56 +:END: +[2023-04-19 Wed 18:30] +***** Confs +Create project board about configurations. +***** Entitlements + +PIAM Entitlements: + +#+begin_src clojure +[{:entitlement-name "tier" + :value "essential" + :quantity 4000 + :created-at ,,,} + {:entitlement-name "extra-data-retention" + :quantity 90 + :created-at ,,,}] +#+end_src + +Entitlement ids, + +In the config + +#+begin_src clojure +{:free {,,,} + :essential {:allowed-modules [?] + :apps [:sxo :di :csc :sca :ssx] + :additional-scopes [,,,] + :data-retention-in-GB 200 + :rate-limits-per-hour 8000 + ,,,} + :advantage {:allowed-modules [?] + :apps [:sxo :di :csc :sca :ssx] + :additional-scopes [,,,] + :data-retention-in-GB 1000 + :rate-limits-per-hour 8000 + ,,,} + :premier {:allowed-modules [?] + :apps [:sxo :di :csc :sca :ssx] + :additional-scopes [,,,] + :data-retention-in-GB 2000 + :rate-limits-per-hour 8000 + ,,,}} +#+end_src + +An Entitlements data-store. + +#+begin_src clojure +{:id 0001 + :org-id 0001 + :created-at ,,, + :entitlement {:tier :premier + :seat-count 4000} + :entitlement-capabilities-snapshot {:allowed-modules [?] + :apps [:sxo :di :csc :sca :ssx] + :additional-scopes [,,,] + :data-retention-in-GB 2000 + :rate-limits-per-hour 8000 + ,,,}} + +{:id 0002 + :org-id 0001 + :created-at ,,, + :entitlement {:extra-data-retention-in-GB 90} } +#+end_src + +FOR org 0001 +#+begin_src clojure +{:summary {:tier :premier + :allowed-modules [?] + :apps [:sxo :di :csc :sca :ssx] + :data-retention-in-GB 2090 ;; <---- 2000 + 90 + :rate-limits-per-hour 8000 + ,,,} + :history [{:id 0001 :org-id 0001 + :created-at ,,, + :entitlement-view {:allowed-modules [?] + :apps [:sxo :di :csc :sca :ssx] + :data-retention-in-GB 2000 + :rate-limits-per-hour 8000 + ,,,}} + {:id 0002 :org-id 0001 + :created-at ,,, + :entitlement-view {:data-retention-in-GB 200}}]}} +#+end_src +***** SSE (0-Trust) + +Free Entitlement + +apps: Secure Client and Device Insight. + +Write the doc with an example. + +1.a Prior change the scopes required for =POST /iroh/provisioning/platform/org= +1.b Prior change the scopes required for =POST /iroh/provisioning/platform/user= + +2. Create a client with that scope + => get a client-id/client-secret + +3. Write a script (python/bash/maybe HTML+JS): + input: user-email/user-name/org-name/org-address etc… + 1. get the JWT from client-id/client-secret + 2. create the ORG + 3. create the User +****** Think about onboarding + +Onboard only DI and Secure Client +*** 2023-04-20 Thursday +**** DONE Create todo list for work :work: +SCHEDULED: <2023-04-28 Fri> +[2023-04-20 Thu 16:30] +1. prepare 1-1 tasks +2. select to make a iroh-auth call to prevent repeat myself (better group feeling) +**** MEETING RBAC UI meeting :work:meeting: +:LOGBOOK: +CLOCK: [2023-04-20 Thu 16:26]--[2023-04-20 Thu 17:40] => 1:14 +:END: +[2023-04-20 Thu 16:26] +***** Agenda +***** Notes +***** Actions +** 2023-W18 +*** 2023-05-02 Tuesday +**** DONE Prepare Quaterly Meeting! [[https://www.cisco.com/c/dam/r/team-development/performance/assets/Guide_to_Quarterly_Development_Discussions-for_Team_Leaders.pdf][quarterly pdf]] :work: +SCHEDULED: <2023-05-03 Wed 15:00> +[2023-05-02 Tue 17:37] +**** DONE [#7835] Create and Estimate all tasks related to [[https://github.com/advthreat/iroh/issues/7835]] :work: +SCHEDULED: <2023-05-03 Wed 11:30> +[2023-05-02 Tue 17:36] +**** MEETING Epic PIAM :work:meeting: +[2023-05-02 Tue 15:30] +**** MEETING Weekly lead :work:meeting: +:LOGBOOK: +CLOCK: [2023-05-02 Tue 15:04]--[2023-05-02 Tue 16:51] => 1:47 +:END: +[2023-05-02 Tue 15:04] +***** Agenda (to discuss about) +***** Notes +@GB: travaille sur la nouvelle API de l'incident manager. +***** Actions +**** DONE Prepare Quarterly development :work: +SCHEDULED: <2023-05-02 Tue 17:00> DEADLINE: <2023-05-05 Fri 12:00> +[2023-05-02 Tue 14:44] +**** DONE Add an XDR beta flag to an Org :work: +:LOGBOOK: +CLOCK: [2023-05-02 Tue 14:34]--[2023-05-02 Tue 14:37] => 0:03 +:END: +[2023-05-02 Tue 14:34] +**** DONE Epic Provisioning :work: +DEADLINE: <2023-05-02 Tue 15:30> SCHEDULED: <2023-05-02 Tue> +[2023-05-02 Tue 12:40] +**** DONE Weekly Leads :work: +SCHEDULED: <2023-05-02 Tue 15:00> +[2023-05-02 Tue 12:40] +**** DONE Review O's PR about services :work: +DEADLINE: <2023-05-03 Wed 15:00> SCHEDULED: <2023-05-02 Tue> +:LOGBOOK: +CLOCK: [2023-05-03 Wed 17:33]--[2023-05-04 Thu 09:28] => 15:55 +:END: +[2023-05-02 Tue 10:41] +**** DONE Discuss with Wanderson about short-token strategy :work: +DEADLINE: <2023-05-02 Tue 14:40> SCHEDULED: <2023-05-02 Tue> +[2023-05-02 Tue 10:41] +*** 2023-05-03 Wednesday +**** DONE Election CSE :work: +SCHEDULED: <2023-05-03 Wed 14:00> +[2023-05-03 Wed 10:45] +**** DONE API Design Meeting :work: +SCHEDULED: <2023-05-03 Wed 18:30> +[2023-05-03 Wed 10:29] +**** DONE Ajouter les beta flags [[webexteams://im?space=d6d28420-c403-11ed-8526-0db030ef0b12][beta-room]] :work: +SCHEDULED: <2023-05-03 Wed 11:10> +[2023-05-03 Wed 10:19] +**** DONE Répondre à Paul [[webexteams://im?space=7e5c4ac0-b232-11ed-8863-ef048e50358a][room]] :work: +SCHEDULED: <2023-05-03 Wed 11:00> [2023-05-03 Wed 10:17] +*** 2023-05-04 Thursday +**** MEETING Weekly IROH :work:meeting: +:LOGBOOK: +CLOCK: [2023-05-04 Thu 17:01]--[2023-05-04 Thu 17:59] => 0:58 +:END: +[2023-05-04 Thu 17:21] +***** Agenda (to discuss about) +***** Notes +***** Actions +**** DONE IROH Weekly :work: +SCHEDULED: <2023-05-04 Thu 17:00> [2023-05-04 Thu 11:36] +- Next week Response API in IROH with UI +- Problem with backfill for Jon +**** DONE QDD Olivier :work: +SCHEDULED: <2023-05-04 Thu 15:35> +[2023-05-04 Thu 11:35] +**** DONE QDD Wanderson :work: +SCHEDULED: <2023-05-04 Thu 14:35> +[2023-05-04 Thu 11:35] +**** IN-PROGRESS Personal QDD FY23Q3 :work: +:LOGBOOK: +CLOCK: [2023-05-04 Thu 09:28]--[2023-05-04 Thu 09:59] => 0:31 +:END: +[2023-05-04 Thu 09:28] +***** Results +****** Accomplishments +Accomplishments: +- Added support for AND/OR queries in tk-store. Should help +- PIAM (Provisioning / Entitlement start) +- Free Tier Provisioning +- XDR Flags via scopes +****** Improvements/opportunities for development: +- Work closer to PIAM +- Entitlement will be a nice beast +***** Principles & Behaviors +****** Accomplishments +- Advocate (only positive XDR feedback to the team) +- Customer value (AND/OR queries) +- Learn (clojure in scripts) +- Team for results: engaged team for iroh config issue +****** Improvements/opportunities for development: +***** Team Impact +****** Accomplishments +- admin-clj scripts should be helpful +- IROH default config should help ops +- PIAM +****** Improvements/opportunities for development: +*** 2023-05-05 Friday +**** DONE Change the scope for feature-flag API to use cisco/tac :work: +SCHEDULED: <2023-05-09 Tue 10:00> +[2023-05-05 Fri 22:41] +**** DONE IMPORTANT QDD Returns Actions :work: +SCHEDULED: <2023-05-11 Thu 10:00> +[2023-05-05 Fri 16:24] + +Both of you are tagged with not enough implication. + +- Lack of visibility! + - Webex support ! + - Webex implication in external discussions with UI, PO, PMs, etc… + - Everyday messages + +** 2023-W19 +*** 2023-05-10 Wednesday +**** IN-PROGRESS Ecrire un kudos pour la team. :work: +:LOGBOOK: +CLOCK: [2023-05-10 Wed 16:13]--[2023-05-10 Wed 16:38] => 0:25 +:END: +[2023-05-10 Wed 16:13] + +Thanks Wanderson and Olivier for your dedication. +You prepared the RBAC work for the next quarter so most backend work is already done. + +Olivier you managed to update and refactor all the IROH-Auth code to introduce +new roles everywhere in the code. +You also improved the work so now it is possible to launch specialized IROH nodes. +**** DONE Merge [[https://github.com/advthreat/iroh/pull/7857][7857]] :work: +SCHEDULED: <2023-05-10 Wed> +[2023-05-10 Wed 12:04] +**** DONE Prepare some kudos messages for your teams. :work: +SCHEDULED: <2023-05-10 Wed 17:00> +:LOGBOOK: +CLOCK: [2023-05-10 Wed 16:38]--[2023-05-10 Wed 17:38] => 1:00 +:END: +[2023-05-10 Wed 10:41] +**** DONE Fill Talent Assessments in workday :work: +DEADLINE: <2023-06-01 Thu> SCHEDULED: <2023-05-24 Wed 15:40> +[2023-05-10 Wed 10:33] +**** DONE API Design Meeting :work: +SCHEDULED: <2023-05-10 Wed 19:00> +[2023-05-10 Wed 09:51] +**** DONE RSA Celebration :work: +SCHEDULED: <2023-05-10 Wed 18:00> +[2023-05-10 Wed 09:50] +**** DONE Check with Hissan who to contact for Provisioning bug :work: +SCHEDULED: <2023-05-10 Wed 16:20> +[2023-05-10 Wed 09:48] +**** DONE Propose options for FF in [[webexteams://im?space=93aefba0-e28c-11ec-bfd4-93d97d332464][XDR RBAC]] :work: +SCHEDULED: <2023-05-10 Wed 16:00> +[2023-05-10 Wed 09:47] +**** DONE Add Jeffrey Zankowits to the XDR beta :work: +SCHEDULED: <2023-05-10 Wed 16:00> +[2023-05-10 Wed 09:46] +*** 2023-05-11 Thursday +**** MEETING 1-1 Olivier :work:meeting: +:LOGBOOK: +CLOCK: [2023-05-11 Thu 15:03]--[2023-05-12 Fri 08:49] => 17:46 +:END: +[2023-05-11 Thu 15:03] +***** Agenda (to discuss about) +***** Notes +***** Actions +**** DONE Performance Training :work: +SCHEDULED: <2023-05-11 Thu 17:00> +[2023-05-11 Thu 10:10] +**** DONE Weekly Team :work: +SCHEDULED: <2023-05-11 Thu 17:00> +[2023-05-11 Thu 10:10] +**** DONE 1-1 Olivier :work: +SCHEDULED: <2023-05-11 Thu 15:05> +[2023-05-11 Thu 10:09] +**** DONE 1-1 Wanderson :work: +SCHEDULED: <2023-05-11 Thu 14:35> +[2023-05-11 Thu 10:09] +*** 2023-05-12 Friday +**** MEETING Orbital :work:meeting: +:LOGBOOK: +CLOCK: [2023-05-12 Fri 17:01]--[2023-05-12 Fri 17:39] => 0:38 +:END: +[2023-05-12 Fri 17:01] +***** Agenda (to discuss about) +***** Notes +Purpose EOL of SecureX. +Starting after GA. +Only supporting existing subscribers. + +User management and onboarding. + +Ask Eduardo for use cases: + +@Eduardo: + +After GA, advantage and premier. +Access Orbital without. + +Flexibility on how to use Orbital. + +***** Actions + +Consider all use cases and review them with Engineering. +**** MEETING PenTest with Chris Duane :work:meeting: +:LOGBOOK: +CLOCK: [2023-05-12 Fri 15:45]--[2023-05-12 Fri 16:19] => 0:34 +:END: +[2023-05-12 Fri 15:45] +***** Agenda (to discuss about) +***** Notes +***** Actions +** 2023-W20 +*** 2023-05-15 Monday +**** MEETING Q1 priority :work:meeting: +:LOGBOOK: +CLOCK: [2023-05-15 Mon 16:52]--[2023-05-15 Mon 17:52] => 1:00 +:END: +[2023-05-15 Mon 16:52] +***** Notes + +Access Control to allow for feature restriction per monetization option. + +****** Q1FY24 + +- ACL additional roles and more granular. +- Additional Integrations + - Data Loss Prevention + - IDM solutions + - ISE + - CNAPP solutions + - App Discovery / Insights / AppSec solutions + - Kenna +- Localization: Language Support and internationalization +- Assess existing integrations for relevancy and functionality + - convert existing into data warehouse +- Assess existing Orchestration content for relevancy and functionality; prune + and enhance +- Usage Reporting to support Common Platform display requirements and monetization + +****** Q2FY24 + +- Continue convert integrations +- Continue SCA and XDR convergence +- Ensure continuous analysis of generated incidents against existing data +- Ability for other TD&R solution to poll the XDR data warehouse for conviction +- Incorporate vuln, etc…... into event analysis +- Email security detection enhancement, insight identity potential + +****** Q3FY24 + +- Continue SCA and XDR convergence +- Multi-tenancy for Managed Detection and Response +- OS event logs (windows/linux) +- continue +- telemetry +- AI for playbook + +****** Q4FY24 + +- CSC Management +- Proxying communication traffic and on - premises solutions telemetry +- Mult- tenancy for Managed Detection and Response +- Role - Based Access Control +- Notification Options Improvements +- Common Integrations management +- Data Enhancement for enhanced correlation across Cisco data source +****** Potentially related items + +- ACL, Monetization restriction, and multi-tenancy for MDR +****** FY24 Dependencies for other components' roadmap + +- Secure Client Management +- Proxying comm +- Multi tenancy +- Role +- Notification +- Common Integrations management +- Data Enhancements for enhanced correlation across Cisco data sources + +**** DONE Q1 Priorities :work: +SCHEDULED: <2023-05-15 Mon 16:00> +[2023-05-15 Mon 10:36] + +*** 2023-05-16 Tuesday +**** DONE Cisco Performance Training for Leaders :work: +SCHEDULED: <2023-05-16 Tue 17:00> +[2023-05-16 Tue 15:34] +*** 2023-05-17 Wednesday +**** MEETING RBAC Weekly :work:meeting: +:LOGBOOK: +CLOCK: [2023-05-17 Wed 16:31]--[2023-05-17 Wed 17:15] => 0:44 +:END: +[2023-05-17 Wed 16:31] +- invitation workflow tickets +- revocation endpoint on role change +**** MEETING SCA Provisioning :work:meeting: +:LOGBOOK: +CLOCK: [2023-05-17 Wed 15:58]--[2023-05-17 Wed 16:31] => 0:33 +:END: +[2023-05-17 Wed 15:58] +People: Yann Esposito, Brandon Thacker, Jeff Markey, Michael Schultz, Paul Cichonski +***** Agenda (to discuss about) +- questions for IROH +***** Notes +@Jeff: number of tickets, understanding high level +@Paul: no push entitlements +@Michael: we'll do pull first +@Paul: no requirement to enforce requirements for GA +***** Actions +- [optional] Webhooks for update entitlements? + +**** MEETING API Design Meeting :work: +SCHEDULED: <2023-05-17 Wed 18:30> +[2023-05-17 Wed 11:27] +**** MEETING RBAC Weekly :work: +SCHEDULED: <2023-05-17 Wed 16:30> +[2023-05-17 Wed 11:24] +**** MEETING SCA/IROH design discussions :work: +SCHEDULED: <2023-05-17 Wed 16:00> +[2023-05-17 Wed 11:22] +** 2023-W21 +*** 2023-05-23 Tuesday +**** MEETING RBAC :work:meeting: +:LOGBOOK: +CLOCK: [2023-05-23 Tue 16:01]--[2023-05-24 Wed 15:00] => 22:59 +:END: +[2023-05-23 Tue 16:01] + + +@Guy: everything ok +@Yann: +*** 2023-05-24 Wednesday +**** MEETING Q1 Planning Session :work:meeting: +:LOGBOOK: +CLOCK: [2023-05-24 Wed 15:00]--[2023-05-25 Thu 14:26] => 23:26 +:END: +[2023-05-24 Wed 15:00] +***** Agenda (to discuss about) +- Detect people and team that should be involved. +***** Notes +****** Access Control + +@Brianna: + +Control over the capabilities to meee the monetization options. +Thinks like integrations. + +Request to define integration more specifically. +Anything that is Cisco generated for a 3rd party. + +Tiering: +- essentials: limit integration to Cisco based products only built by Cisco +- advantage: allow integration based on 3rd +- premier: + + +UX Feature Limitation + +@IROH <-> @Brianna: + +Include addons in the Access Control Work + +@christopher: Rate-limits + +Question: + +- can a customer purchase different tiers? + Is the purchase expires? + +***** Actions + +*** 2023-05-25 Thursday +**** MEETING Wanderson 1-1 :work:meeting: +:LOGBOOK: +CLOCK: [2023-05-25 Thu 14:26]--[2023-05-26 Fri 15:03] => 24:37 +:END: +[2023-05-25 Thu 14:26] +***** Agenda (to discuss about) +***** Notes +***** Actions +*** 2023-05-26 Friday +**** MEETING Q1 Planning Session 2 :work:meeting: +:LOGBOOK: +CLOCK: [2023-05-26 Fri 15:03]--[2023-05-26 Fri 19:18] => 4:15 +:END: +[2023-05-26 Fri 15:03] +***** Agenda (to discuss about) +***** Notes +***** Actions +- New roles for Q1 +- Prepare custom role that will be needed for Q2 +**** DONE Gift Card on Cisco Store :work: +SCHEDULED: <2023-05-26 Fri 14:00> +[2023-05-26 Fri 10:53] +**** DONE Monthly Engineering :work: +SCHEDULED: <2023-05-26 Fri 18:00> +[2023-05-26 Fri 10:51] +**** DONE XDR Engineering Planning Session 2 :work: +SCHEDULED: <2023-05-26 Fri 15:00> +[2023-05-26 Fri 10:50] +** 2023-W22 +*** 2023-05-30 Tuesday +**** DONE Check new script PR reviews :work: +SCHEDULED: <2023-05-30 Tue 14:00> +[2023-05-30 Tue 11:25] +**** DONE Weekly lead :work: +SCHEDULED: <2023-05-30 Tue 15:00> +[2023-05-30 Tue 10:43] +*** 2023-05-31 Wednesday +**** DONE Check Portal Logout issue [[webexteams://im?space=46f7e070-74c6-11ed-aea3-fde9a818cf2f][webex]] [[https://confluence-eng-rtp2.cisco.com/conf/pages/viewpage.action?pageId=505492344][doc]] :work: +SCHEDULED: <2023-06-01 Thu 11:00> +[2023-05-31 Wed 18:37] + + + +**** MEETING Planning FY24Q1 session 3 :work:meeting: +:LOGBOOK: +CLOCK: [2023-05-31 Wed 15:02]--[2023-05-31 Wed 18:02] => 3:00 +:END: +[2023-05-31 Wed 15:02] +***** Agenda (to discuss about) +***** Notes +***** Actions +**** DONE Planning Session Q1 (3rd) :work: +SCHEDULED: <2023-05-31 Wed 15:00> +[2023-05-31 Wed 09:56] +*** 2023-06-02 Friday +**** DONE Préparer [[https://cisco-my.sharepoint.com/:p:/r/personal/namrata_cisco_com/Documents/Engineering%20Offsite%20-%20FY23Q4/TeamUpdates/TeamUpdateTemplate.pptx?d=w297015fa42ab428bb6c937f4deeba504&csf=1&web=1&e=ZxTkKS][Team Template]] :work: +SCHEDULED: <2023-06-05 Mon 11:00> +[2023-06-02 Fri 19:53] +**** DONE Préparer presentation [[https://cisco-my.sharepoint.com/:p:/r/personal/namrata_cisco_com/Documents/Engineering%20Offsite%20-%20FY23Q4/SpeedRound-About%20Me/ABOUT%20ME%20SLIDE%20-%20TEMPLATE.pptx?d=w863abde38a0c4f31a571be87aff69daa&csf=1&web=1&e=e2PPQU][About me template]] :work: +SCHEDULED: <2023-06-05 Mon 11:00> +[2023-06-02 Fri 19:52] +** 2023-W23 +*** 2023-06-05 Monday +**** DONE Message to Paul :work: +SCHEDULED: <2023-06-05 Mon> +[2023-06-05 Mon 16:25] + +- start and end dates +- SX upgrade to XDR +- updates and multi-tenancy +- periodic sync and check? +- push limit reached to PIAM +- Discussion about fixing potential tenant errors: + + wrong org-id for some entreprise_id + + create new tenant instead of updating one existing +***** Text + +Hi Paul, how are you? + +I finished a meeting with Brianna, and I have many questions for you regarding +the provisioning API and Entitlements. +To give you a quick overview, I have questions about: + - start and end dates + - SX upgrade to XDR + - updates and multi-tenancy + - periodic sync and check? + - push limit reached to PIAM + - Discussion about fixing potential tenant errors: + + wrong org-id for some entreprise_id + + create new tenant instead of updating one existing + +Apparently the entitlements will have a start and end date that is not standard. +For example, the customer buy tier advanced for 4 months (apparently this is not +a fixed time from Brianna). Then two weeks before the end, the customer can +renew to buy 6 new months. But then, the start date should start and the end of +the first entitlement date. +So I think to support this you will need to add a start and end date to the +entitlement data structure. +My question is do you plan to add a start and end date? If not, how could we +achieve control of start or expiration for entitlements? + +My next question is about how to upgrade an existing SecureX account to XDR. +For now, the provisioning API provide the ability to do so, but this will be +only via adding entitlements related to some existing Org. So my guess is that +you will need to retrieve the Org ID of the user. Of course you can ask the +org-id to the customer and it can manually enters it, but this is error prone. +Do you think you would prefer to use a basic OAuth2 client to retrieve the Org +id from IROH? +Another related question the account endpoint create a new tenant, but while +possible using multiple call to the provisioning API do you want me to create a +specialized end point for upgrade? From Brianna point of view, she expect to be +a lot more upgrade than new tenants, at least during the first few months of XDR +launch. + +Still regarding upgrades, in the API (the SCIM one) you would like IROH to +support, the update endpoint use a PUT but only provides an enterprise_id +but not the org_id. But, from my understanding with Brianna, in order to support +multi-tenancy (we can imagine some existing SX customer have already multiple +orgs inside SecureX) you will need to push the new entitlements for this +specific org_id only. So it doesn't appear that the SCIM API is suitable for +this case as it does not appear to mention the org_id but only the entreprise_id. + +Brianna mentioned that we should probably have a bi-directional sync. +So you could via the provisioning API read an write entitlements. +But I think as a safeguard, IROH should be able to query PIAM to retrieve the +current active entitlements so we could sync it periodically (typically once a +day per org). +Do you already have or plan to give us a read access to the entitlements? +And in particular, how would that work for multiple tenancy? +Brianna expect that if a customer has multiple existing SX orgs, then that +customer should pay a full Entitlement per SX tenant. + +Another feature we might want to build is that when a tenant reach a limit, we +should probably push that event to PIAM so you could send a notification to the +customer to tell them they should upgrade their entitlements. +I think this should probably be on PIAM side. + +And last but not least, Brianna asked us to discuss about plans to fix errors. +Typically, if a customer provide the wrong org-id to set the Entitlement to. +We should be able on both side to change it, if we are going to have recurring +syncs this might not be straightforward. +Same question about the issue of a customer creating a new XDR tenant, but that +customer did in fact want to upgrade from XDR. + +I am sorry for this big wall of text, but it should convey most of the open +questions I have. +Let me know if you prefer a better way to talk about them. + +**** MEETING XDR Monetization deep dive :work:meeting: +:LOGBOOK: +CLOCK: [2023-06-05 Mon 14:57]--[2023-06-05 Mon 23:23] => 8:26 +:END: +[2023-06-05 Mon 14:57] +***** Agenda (to discuss about) +issue iroh #7912 + +- telemetry, cisco or 3rd party + + +Checking both ways to sync between PIAM and IROH. +Consistency checks everyday. + +Send to PIAM upper limit reached. + +Talk to Paul and see if that's more work for them. + +Thinks about mistakes of XDR upgrade back to PIAM (switch org entitlements, etc…) + +- Ask about upgrade tenant from SX to XDR +- Ask about dates start/end +- Ask about update with just the entreprise_id (multi tenancy) + + +***** Notes +Pass via Brianna to add to the requirements +***** Actions + +Provide TAC level to change XDR ad Entitlements. +*** 2023-06-07 Wednesday +**** DONE Talent Assessment Wanderson :work: +SCHEDULED: <2023-06-07 Wed> +:LOGBOOK: +CLOCK: [2023-06-07 Wed 17:22]--[2023-06-07 Wed 18:42] => 1:20 +:END: +[2023-06-07 Wed 17:22] + +Performance: +- Results +- Behavior +- Team Impact +*** 2023-06-08 Thursday +**** MEETING TAC Training kickoff :work:meeting: +[2023-06-08 Thu 16:32] +***** Agenda (to discuss about) +***** Notes +***** Actions +**** MEETING 1-1 Olivier :work:meeting: +:LOGBOOK: +CLOCK: [2023-06-08 Thu 15:05]--[2023-06-08 Thu 17:08] => 2:03 +:END: +[2023-06-08 Thu 15:05] +***** Agenda (to discuss about) +***** Notes +***** Actions +**** DONE TAC Training :work: +SCHEDULED: <2023-06-08 Thu 16:30> +[2023-06-08 Thu 12:07] + +@Namrata: +Derek Huckaby +Training to limited LA (Limited Availability Release) + +5 different training sessions. +Providing product overviews, XDR, product components. + +What the TMEs will be presenting? + +@Derek: +technical value, what the customer values are for the features +Dive into XDR, the value pitch that TSA is giving our customers. +Whose the users of this will be. + +@Namrata, provide information to TAC to put together tutorials (see Sukhanti +Template Docs) + + +**** DONE 1-1 Olivier :work: +SCHEDULED: <2023-06-08 Thu 15:05> +[2023-06-08 Thu 12:07] + +*** 2023-06-09 Friday +**** DONE Preparer XDR TAC/CS Training :work: +SCHEDULED: <2023-06-15 Thu 15:00> DEADLINE: <2023-06-22 Thu 16:30> +[2023-06-09 Fri 23:59] + +15min long, +Administration with Dar. + +Architecture Overview/ Changes, Troubleshooting, Info Including Logging and +Tools, Links to Tech Doc +** 2023-W24 +*** 2023-06-12 Monday +**** MEETING XDR Provisioning Onboarding (SCA) :work:meeting: +[2023-06-12 Mon 21:05] +***** Agenda (to discuss about) +***** Notes +***** Actions + +XDR-SCA/PIAM Onboarding Scenario + +@Paul + +The main place for GA new tenant creation. + +@Brianna + +We would end up creating duplication. +Agreed about the monetization a part of XDR. + +Manual process. +Attach their tenant-id is much a better world. +Our ability who had an entitlement? +Sales person enter the order or... + +Manual process for GA + +@Jyoti UX for upgrade + +@Prerna avoid duplication of SCA and XDR tenants. + +@Prerna user enter their =org-id=. + +**** MEETING 1-1 Jyoti :work:meeting: +[2023-06-12 Mon 19:15] +***** Agenda (to discuss about) +***** Notes +Data lake need an OAuth2 client +Carol, is the PEM on the data-lake side. + +***** Actions +****** TODO Q1 explain Entitlement Summary API + +**** MEETING RBAC Weekly :work:meeting: +:LOGBOOK: +CLOCK: [2023-06-12 Mon 16:30]--[2023-06-13 Tue 06:18] => 13:48 +:END: +[2023-06-12 Mon 16:30] + +***** IN-PROGRESS Enable xdr-roles in PROD this week +***** TODO Check the PROD clients that could break for SAT + +**** DONE XDR-SCA/PIAM :work: +SCHEDULED: <2023-06-12 Mon 21:00> +[2023-06-12 Mon 14:14] +**** DONE 1-1 Jyoti :work: +SCHEDULED: <2023-06-12 Mon 18:30> +[2023-06-12 Mon 14:14] +**** DONE RBAC Weekly :work: +SCHEDULED: <2023-06-12 Mon 16:30> +[2023-06-12 Mon 14:13] +*** 2023-06-13 Tuesday +**** IN-PROGRESS Finishing Wanderson PR :work: +:LOGBOOK: +CLOCK: [2023-06-13 Tue 06:18]--[2023-06-14 Wed 18:36] => 36:18 +:END: +[2023-06-13 Tue 06:18] +*** 2023-06-14 Wednesday +**** MEETING API Design Meeting :work:meeting: +:LOGBOOK: +CLOCK: [2023-06-14 Wed 18:36]--[2023-06-16 Fri 17:01] => 46:25 +:END: +[2023-06-14 Wed 18:36] +***** Agenda (to discuss about) +***** Notes + +@GB talk about AMP meeting +@Jyoti: Enrichement. Events API instead of something else. + +@Jyoti: Ian about detection side. + - @GB was looking to standardize a way + - Brianna complaining we did not follow requirements +*** 2023-06-16 Friday +**** MEETING Secure Client support after XDR GA :work:meeting: +:LOGBOOK: +CLOCK: [2023-06-16 Fri 17:01]--[2023-06-16 Fri 17:35] => 0:34 +:END: +[2023-06-16 Fri 17:01] + +Secure Client-only customer. + +Use the UI to manage this solution. +** 2023-W25 +*** 2023-06-20 Tuesday +**** MEETING Weekly Meeting :work:meeting: +[2023-06-20 Tue 17:01] + +Demos: +- Kirill +- Jerome & Patrick + + +***** Kirill + +IROH Events (more events) + +***** Ops deployement demo + +**** MEETING 1-1 Olivier :work:meeting: +:LOGBOOK: +CLOCK: [2023-06-20 Tue 15:35]--[2023-06-21 Wed 14:57] => 23:22 +:END: +[2023-06-20 Tue 15:35] +***** Agenda (to discuss about) +***** Notes +***** Actions +**** DONE Fix some dependabot messages :work: +SCHEDULED: <2023-06-20 Tue 11:00> +[2023-06-20 Tue 10:18] +**** DONE Weekly IROH Sync :work: +SCHEDULED: <2023-06-20 Tue 17:00> +[2023-06-20 Tue 10:16] +**** DONE 1-1 Olivier :work: +SCHEDULED: <2023-06-20 Tue 15:30> +[2023-06-20 Tue 10:16] +**** DONE Weekly Leads :work: +SCHEDULED: <2023-06-20 Tue 15:00> +[2023-06-20 Tue 10:15] +*** 2023-06-21 Wednesday +**** MEETING API Design Meeting :work:meeting: +:LOGBOOK: +CLOCK: [2023-06-21 Wed 18:32]--[2023-06-21 Wed 19:42] => 1:10 +:END: +[2023-06-21 Wed 18:32] +***** Incidents + +All incident sources will come from the Datalake +In the short term, sources like Secure Endpoint should be used. +We will have a merge API that will use the incident summary. + +***** Provisioning 1 + +specific values passed [done] + +***** Provisioning 2 + +SCA integration [done] + +***** Umbrella + +@Mark ... + +*** 2023-06-23 Friday +**** TODO Imprimer les documents de voyage :work: +SCHEDULED: <2023-06-22 Thu 14:15> +[2023-06-23 Fri 12:03] diff --git a/reports/FY23Q3-Olivier-QDD-report.html b/reports/FY23Q3-Olivier-QDD-report.html new file mode 100644 index 00000000..300073c1 --- /dev/null +++ b/reports/FY23Q3-Olivier-QDD-report.html @@ -0,0 +1,373 @@ + + + + + + + + Olivier FY23Q3 Report + + + + + +
+

Olivier FY23Q3 Report

+

back to one month older

+

2023-05-03

+
+ +

Quarterly Development +Discussion

+

Performance reflections +and feedback

+

Team member result +perceptions

+

What have you done?

+
    +
  • RBAC
    • +
  • code coverage
    • +
  • local test run script (simulate CI in local dev)
    • +
  • service discovery, minimal bootstrap
    • +
+

How do you feel about it?

+
    +
  • Not useful to many people
    • +
  • Work/Features that lack a bit of popularity +
      +
    • Email templating.
      • +
    • Doc improvement
      • +
    • code coverage (not lisible enough yet)
      • +
    • Github action that could have counter effect like Changelog
      • +
    • +
  • Would like to do quickly useful PRs
    • +
  • Big PR prevent me to do something else
    • +
+

Is there room for +improvement?

+
    +
  • better split tasks to prevent huge PR.
    • +
  • make tasks that have more visible value to the project
    • +
  • do quick-win tasks
    • +
  • big background task + many smaller ones
    • +
  • More formations (do something different from just code)
    • +
+

Lead perception on +Performance & Feedback

+
    +
  1. Show the quarter report
    2. +
  2. Add non code accomplishments
    3. +
  3. How I (the lead) feel about it
    4. +
  4. Room for improvement? +
      +
    • for the team member
      • +
    • for the lead
      • +
    • for the rest of the team
      • +
    • for Cisco
      • +
    5. +
+

Short-term +goal setting and development priorities

+

Next quarter:

+
    +
  1. P1. Help RBAC testing/debugging
    2. +
  2. P2. Contribute on provisioning PIAM
    3. +
  3. P3. Continue to work on IROH configurations
    4. +
  4. P4. optionally contribute for provisioning Free Tier/0-Trust
    5. +
  5. P4. Entitlements follow up (beyond PIAM work)
    6. +
+

Long-term career +and development priorities

+

How do you see yourself next year? In three years? Would you like to +change anything, or are you happy as you are right now?

+

Do you want to be promoted to G11, take more responsibilities? Or are +you happy just working as we do now, and have a discussion about +progression later?

+
    +
  • No not really. No team. No more meetings.
    • +
  • Not knowing enough knowledge.
    • +
  • Knowledge about business.
    • +
+

Agreed upon outcomes

+
    +
  • Short term (next quarter): @yann: +
      +
    • attribuer low-hanging-fruits
      • +
    +@olivier: +
      +
    • Fun Friday
      • +
    • More External Reviews
      • +
    • Split work in smaller tasks
      • +
    • +
  • Longer term (> 6 months): +
      +
    • organize a high level discussion +
        +
      • change weekly structure maybe?
        • +
      • have an high-level introduction?
        • +
      • maybe monthly design explanation? Higher-level topics.
        • +
      • +
    • +
  • Save these reflections in the long-term priorities field in Team +Space.
    • +
+

Olivier Code [23]

+

iroh [22 (12 / 10)]

+
    +
  • fix http status code #7838
    • +
  • Rework of the script check-changelog-update-time #7658
    • +
  • RBAC: additional XDR tests #7634
    • +
  • GitHub Actions: do test coverage only once #7607
    • +
  • Increase Java Heap size for code coverage - Github Actions workflow +#7585
    • +
  • add workdir for the check #7573
    • +
  • disable test #7566
    • +
  • Fail build if html not updated #7559
    • +
  • RBAC: enable the new XDR role 'Security Analyst Tier 2' #7545
    • +
  • Issue 7538 refactor of role retrieval #7540
    • +
  • automated 'revert role' operation with test #7537
    • +
  • RBAC: Retrocompatibility of the Provisioning API #7507
    • +
+

between 3 and 4 months ago

+
    +
  • Refactor around ifn-pred #7491
    • +
  • set job timeouts to 90 minutes #7506
    • +
  • set job timeouts to 60 minutes #7504
    • +
  • Test coverage v2 #7498
    • +
  • wait for hook to be finished before testing #7497
    • +
  • Add test coverage report to the Iroh GitHub Actions workflow #7453
    • +
  • RBAC for Org Access Request #7465
    • +
  • Issue 7333 rbac invitation service #7454
    • +
  • RBAC: new XDR tests for login and oauth-clients #7418
    • +
  • Issue 7413 move steps out of setup job #7414
    • +
+

tenzin-config [1 (1 / 0)]

+
    +
  • sets the :xdr-roles feature flag in INT and TEST #840
    • +
+ + diff --git a/reports/FY23Q3-Olivier-QDD-report.org b/reports/FY23Q3-Olivier-QDD-report.org new file mode 100644 index 00000000..f9f2faf7 --- /dev/null +++ b/reports/FY23Q3-Olivier-QDD-report.org @@ -0,0 +1,118 @@ +#+title: Olivier FY23Q3 Report +#+subtitle: back to one month older +#+date: 2023-05-03 +#+options: H:6 ^:nil + +* Quarterly Development Discussion +** Performance reflections and feedback +*** Team member result perceptions +**** What have you done? + +- RBAC +- code coverage +- local test run script (simulate CI in local dev) +- service discovery, minimal bootstrap + +**** How do you feel about it? + +- Not useful to many people +- Work/Features that lack a bit of popularity + - Email templating. + - Doc improvement + - code coverage (not lisible enough yet) + - Github action that could have counter effect like Changelog +- Would like to do quickly useful PRs +- Big PR prevent me to do something else + +**** Is there room for improvement? + +- better split tasks to prevent huge PR. +- make tasks that have more visible value to the project +- do quick-win tasks +- big background task + many smaller ones +- More formations (do something different from just code) + +*** Lead perception on Performance & Feedback + +1. Show the quarter report +2. Add non code accomplishments +3. How I (the lead) feel about it +4. Room for improvement? + - for the team member + - for the lead + - for the rest of the team + - for Cisco + +** Short-term goal setting and development priorities + +Next quarter: + +1. P1. Help RBAC testing/debugging +2. P2. Contribute on provisioning PIAM +3. P3. Continue to work on IROH configurations +4. P4. optionally contribute for provisioning Free Tier/0-Trust +5. P4. Entitlements follow up (beyond PIAM work) + +** Long-term career and development priorities + +How do you see yourself next year? +In three years? +Would you like to change anything, or are you happy as you are right now? + +Do you want to be promoted to G11, take more responsibilities? +Or are you happy just working as we do now, and have a discussion about +progression later? + +- No not really. No team. No more meetings. +- Not knowing enough knowledge. +- Knowledge about business. + +** Agreed upon outcomes + +- Short term (next quarter): + @yann: + - attribuer low-hanging-fruits + @olivier: + - Fun Friday + - More External Reviews + - Split work in smaller tasks +- Longer term (> 6 months): + - organize a high level discussion + - change weekly structure maybe? + - have an high-level introduction? + - maybe monthly design explanation? Higher-level topics. +- Save these reflections in the long-term priorities field in Team Space. + +* Olivier Code [23] + +** iroh [22 (12 / 10)] + +- fix http status code [[https://github.com/advthreat/iroh/pull/7838][#7838]] +- Rework of the script ~check-changelog-update-time~ [[https://github.com/advthreat/iroh/pull/7658][#7658]] +- RBAC: additional XDR tests [[https://github.com/advthreat/iroh/pull/7634][#7634]] +- GitHub Actions: do test coverage only once [[https://github.com/advthreat/iroh/pull/7607][#7607]] +- Increase Java Heap size for code coverage - Github Actions workflow [[https://github.com/advthreat/iroh/pull/7585][#7585]] +- add workdir for the check [[https://github.com/advthreat/iroh/pull/7573][#7573]] +- disable test [[https://github.com/advthreat/iroh/pull/7566][#7566]] +- Fail build if html not updated [[https://github.com/advthreat/iroh/pull/7559][#7559]] +- RBAC: enable the new XDR role 'Security Analyst Tier 2' [[https://github.com/advthreat/iroh/pull/7545][#7545]] +- Issue 7538 refactor of role retrieval [[https://github.com/advthreat/iroh/pull/7540][#7540]] +- automated 'revert role' operation with test [[https://github.com/advthreat/iroh/pull/7537][#7537]] +- RBAC: Retrocompatibility of the Provisioning API [[https://github.com/advthreat/iroh/pull/7507][#7507]] + +_between 3 and 4 months ago_ + +- Refactor around ~ifn-pred~ [[https://github.com/advthreat/iroh/pull/7491][#7491]] +- set job timeouts to 90 minutes [[https://github.com/advthreat/iroh/pull/7506][#7506]] +- set job timeouts to 60 minutes [[https://github.com/advthreat/iroh/pull/7504][#7504]] +- Test coverage v2 [[https://github.com/advthreat/iroh/pull/7498][#7498]] +- wait for hook to be finished before testing [[https://github.com/advthreat/iroh/pull/7497][#7497]] +- Add test coverage report to the Iroh GitHub Actions workflow [[https://github.com/advthreat/iroh/pull/7453][#7453]] +- RBAC for Org Access Request [[https://github.com/advthreat/iroh/pull/7465][#7465]] +- Issue 7333 rbac invitation service [[https://github.com/advthreat/iroh/pull/7454][#7454]] +- RBAC: new XDR tests for login and oauth-clients [[https://github.com/advthreat/iroh/pull/7418][#7418]] +- Issue 7413 move steps out of setup job [[https://github.com/advthreat/iroh/pull/7414][#7414]] + +** tenzin-config [1 (1 / 0)] + +- sets the ~:xdr-roles~ feature flag in INT and TEST [[https://github.com/advthreat/tenzin-config/pull/840][#840]] diff --git a/reports/FY23Q3-Olivier-QDD-report.pdf b/reports/FY23Q3-Olivier-QDD-report.pdf new file mode 100644 index 00000000..6e205afd Binary files /dev/null and b/reports/FY23Q3-Olivier-QDD-report.pdf differ diff --git a/reports/FY23Q3-Olivier-report.html b/reports/FY23Q3-Olivier-report.html new file mode 100644 index 00000000..eafa4cfe --- /dev/null +++ b/reports/FY23Q3-Olivier-report.html @@ -0,0 +1,253 @@ + + + + + + + + Olivier FY23Q3 Report + + + + + +
+

Olivier FY23Q3 Report

+

back to one month older

+

2023-05-03

+
+ +

Olivier [23]

+

iroh [22 (12 / 10)]

+
    +
  • fix http status code #7838
    • +
  • Rework of the script check-changelog-update-time #7658
    • +
  • RBAC: additional XDR tests #7634
    • +
  • GitHub Actions: do test coverage only once #7607
    • +
  • Increase Java Heap size for code coverage - Github Actions workflow +#7585
    • +
  • add workdir for the check #7573
    • +
  • disable test #7566
    • +
  • Fail build if html not updated #7559
    • +
  • RBAC: enable the new XDR role 'Security Analyst Tier 2' #7545
    • +
  • Issue 7538 refactor of role retrieval #7540
    • +
  • automated 'revert role' operation with test #7537
    • +
  • RBAC: Retrocompatibility of the Provisioning API #7507
    • +
+

between 3 and 4 months ago

+
    +
  • Refactor around ifn-pred #7491
    • +
  • set job timeouts to 90 minutes #7506
    • +
  • set job timeouts to 60 minutes #7504
    • +
  • Test coverage v2 #7498
    • +
  • wait for hook to be finished before testing #7497
    • +
  • Add test coverage report to the Iroh GitHub Actions workflow #7453
    • +
  • RBAC for Org Access Request #7465
    • +
  • Issue 7333 rbac invitation service #7454
    • +
  • RBAC: new XDR tests for login and oauth-clients #7418
    • +
  • Issue 7413 move steps out of setup job #7414
    • +
+

tenzin-config [1 (1 / 0)]

+
    +
  • sets the :xdr-roles feature flag in INT and TEST #840
    • +
+ + diff --git a/reports/FY23Q3-Olivier-report.org b/reports/FY23Q3-Olivier-report.org new file mode 100644 index 00000000..edbb363d --- /dev/null +++ b/reports/FY23Q3-Olivier-report.org @@ -0,0 +1,37 @@ +#+title: Olivier FY23Q3 Report +#+subtitle: back to one month older +#+date: 2023-05-03 +#+options: H:6 ^:nil + +*** Olivier [23] + +**** iroh [22 (12 / 10)] + +- fix http status code [[https://github.com/advthreat/iroh/pull/7838][#7838]] +- Rework of the script ~check-changelog-update-time~ [[https://github.com/advthreat/iroh/pull/7658][#7658]] +- RBAC: additional XDR tests [[https://github.com/advthreat/iroh/pull/7634][#7634]] +- GitHub Actions: do test coverage only once [[https://github.com/advthreat/iroh/pull/7607][#7607]] +- Increase Java Heap size for code coverage - Github Actions workflow [[https://github.com/advthreat/iroh/pull/7585][#7585]] +- add workdir for the check [[https://github.com/advthreat/iroh/pull/7573][#7573]] +- disable test [[https://github.com/advthreat/iroh/pull/7566][#7566]] +- Fail build if html not updated [[https://github.com/advthreat/iroh/pull/7559][#7559]] +- RBAC: enable the new XDR role 'Security Analyst Tier 2' [[https://github.com/advthreat/iroh/pull/7545][#7545]] +- Issue 7538 refactor of role retrieval [[https://github.com/advthreat/iroh/pull/7540][#7540]] +- automated 'revert role' operation with test [[https://github.com/advthreat/iroh/pull/7537][#7537]] +- RBAC: Retrocompatibility of the Provisioning API [[https://github.com/advthreat/iroh/pull/7507][#7507]] + +_between 3 and 4 months ago_ + +- Refactor around ~ifn-pred~ [[https://github.com/advthreat/iroh/pull/7491][#7491]] +- set job timeouts to 90 minutes [[https://github.com/advthreat/iroh/pull/7506][#7506]] +- set job timeouts to 60 minutes [[https://github.com/advthreat/iroh/pull/7504][#7504]] +- Test coverage v2 [[https://github.com/advthreat/iroh/pull/7498][#7498]] +- wait for hook to be finished before testing [[https://github.com/advthreat/iroh/pull/7497][#7497]] +- Add test coverage report to the Iroh GitHub Actions workflow [[https://github.com/advthreat/iroh/pull/7453][#7453]] +- RBAC for Org Access Request [[https://github.com/advthreat/iroh/pull/7465][#7465]] +- Issue 7333 rbac invitation service [[https://github.com/advthreat/iroh/pull/7454][#7454]] +- RBAC: new XDR tests for login and oauth-clients [[https://github.com/advthreat/iroh/pull/7418][#7418]] +- Issue 7413 move steps out of setup job [[https://github.com/advthreat/iroh/pull/7414][#7414]] +**** tenzin-config [1 (1 / 0)] + +- sets the ~:xdr-roles~ feature flag in INT and TEST [[https://github.com/advthreat/tenzin-config/pull/840][#840]] diff --git a/reports/FY23Q3-Olivier-report.pdf b/reports/FY23Q3-Olivier-report.pdf new file mode 100644 index 00000000..3f28ce05 Binary files /dev/null and b/reports/FY23Q3-Olivier-report.pdf differ diff --git a/reports/FY23Q3-Wanderson-QDD-report.html b/reports/FY23Q3-Wanderson-QDD-report.html new file mode 100644 index 00000000..0e5503c5 --- /dev/null +++ b/reports/FY23Q3-Wanderson-QDD-report.html @@ -0,0 +1,394 @@ + + + + + + + + Wanderson FY23Q3 QDD Report + + + + + +
+

Wanderson FY23Q3 QDD Report

+

back to one month older

+

2023-05-03

+
+ +

Quarterly Development +Discussion Template

+

Performance reflections +and feedback

+

Team member result +perceptions

+

What have you done?

+
    +
  • short JWT
    • +
  • lot of reviews of RBAC
    • +
  • doesn't know if registration page work is included
    • +
+

How do you feel about it?

+

I think it was ok. I don't know.

+

I am comparing myself before being a father having 100% time reading +code. Now 20% time to read what I want and need to do. True for almost +everything that I've been doing. Put all of energy in everything.

+

Is there room for +improvement?

+
From you?
+
From me?
+
From the rest of the team?
+

Good structure, the work, the visibility. no unexecpted work to be +done urgently. Great. We just keep doing what we are doing.

+
From Cisco
+

Lead perception on +Performance & Feedback

+
    +
  1. Show the quarter report
    2. +
  2. Add non code accomplishments
    3. +
  3. How I (the lead) feel about it
    4. +
  4. Room for improvement? +
      +
    • for the team member
      • +
    • for the lead
      • +
    • for the rest of the team
      • +
    • for Cisco
      • +
    5. +
+

Wanderson

+

Difficult not to introduce new bugs. Difficult to find focus +time.

+

Meetings / process

+

Monthly team meeting, weekly team meeting. Now you are involved with +many people. Small meeting before the weekly. Re-add weekly meeting. 1h +talking about other projects.

+

Short-term +goal setting and development priorities

+

Next quarter:

+
    +
  1. P1. Help RBAC testing/debugging
    2. +
  2. P2. Contribute on provisioning PIAM
    3. +
  3. P3. Finish work on short tokens
    4. +
  4. P4. optionally contribute for provisioning Free Tier/0-Trust
    5. +
  5. P4. Entitlements follow up (beyond PIAM work)
    6. +
+

Expectations

+
    +
  • Finish revocation for RBAC
    • +
  • Finish short tokens and give a help on the rest.-
    • +
+

Long-term career +and development priorities

+

How do you see yourself next year? In three years? Would you like to +change anything, or are you happy as you are right now?

+

Do you want to be promoted to G11, take more responsibilities? Or are +you happy just working as we do now, and have a discussion about +progression later?

+

Wanderson

+
    +
  • overlay emacs on top of webex!
    • +
+

I would like long term to understand the relationship for our team +and others. Understand the environment. Interacting with other Cisco +teams. Looking at a broader picture.

+

Meeting talk about high level technical. How much progress, etc… A +little bit more clear about what we are chasing for everybody. They +wanted to introduce kafka, but this was already enough info to help +people start learning kafka. Nice technical structure to create new +products. Difficult to see this other part, especially for hidden webex +rooms.

+

Actions?

+
    +
  • Force people to use centralized public channel for architectural +discussions, etc…
    • +
  • Try to make architectural meetings
    • +
  • Understanding outside IROH what is happening, like what is DI, how +are they working, etc…
    • +
+

Agreed upon outcomes

+
    +

  • Short term (next quarter): Create weekly IROH-AUth.

    • +

  • Longer term (> 6 months):

    +

    @Yann:

    +
      +
    • Ask Leads to force people to use centralized public channel for +architectural discussions, etc…
      • +
    • Try to make architectural meetings, high level changes discussion +
        +
      • Understanding outside IROH what is happening, like what is DI, how +are they working, etc…
        • +
      • +
    • Save these reflections in the long-term priorities field in Team +Space.
      • +
    • +
+

Wanderson Code [15]

+

iroh [13 (9 / 4)]

+
    +
  • [IROH Auth] introducing TimeService in +AuthService #7806
    • +
  • [IROH Auth] allow only iroh-core.time in oauth2.core ns +#7793
    • +
  • [IROH Auth] - Update IROH Web middleware to build short JWTs with +profile data #7671
    • +
  • [IROH Auth] - update check-refresh-token function #7669
    • +
  • [IROH Auth] - Update Design docs for Short JWT Epic #7670
    • +
  • [IROH Auth] /profile/permissions endpoint #7562
    • +
  • Patch compojure-api to allow endpoints with string-keys +(without keywordize the request :body) #7574
    • +
  • [IROH Auth] Include route /profile/scopes #7553
    • +
  • [IROH Auth] - Store Short JWTs #7476
    • +
+

between 3 and 4 months ago

+
    +
  • [IROH Auth] refactor gen-short-tokens to avoid code +duplication #7485
    • +
  • Allow wildcard login origin in TEST env #7474
    • +
  • [IROH Auth] Generate Short JWT tokens #7450
    • +
  • [IROH Auth] Short JWT design #7436
    • +
+

tenzin [1 (0 / 1)]

+

between 3 and 4 months ago

+
    +
  • Update GPG Wanderson Ferreira #2648
    • +
+

tenzin-config [1 (1 / 0)]

+
    +
  • add postgres and redis-cache store for IROH Auth JWTs #839
    • +
+ + diff --git a/reports/FY23Q3-Wanderson-QDD-report.org b/reports/FY23Q3-Wanderson-QDD-report.org new file mode 100644 index 00000000..9beb7907 --- /dev/null +++ b/reports/FY23Q3-Wanderson-QDD-report.org @@ -0,0 +1,147 @@ +#+title: Wanderson FY23Q3 QDD Report +#+subtitle: back to one month older +#+date: 2023-05-03 +#+options: H:6 ^:nil + +* Quarterly Development Discussion Template +** Performance reflections and feedback +*** Team member result perceptions +**** What have you done? + +- short JWT +- lot of reviews of RBAC +- doesn't know if registration page work is included + +**** How do you feel about it? + +I think it was ok. I don't know. + +I am comparing myself before being a father having 100% time reading code. +Now 20% time to read what I want and need to do. +True for almost everything that I've been doing. +Put all of energy in everything. + +**** Is there room for improvement? +***** From you? +***** From me? +***** From the rest of the team? + +Good structure, the work, the visibility. no unexecpted work to be done +urgently. Great. +We just keep doing what we are doing. + +***** From Cisco + +*** Lead perception on Performance & Feedback + +1. Show the quarter report +2. Add non code accomplishments +3. How I (the lead) feel about it +4. Room for improvement? + - for the team member + - for the lead + - for the rest of the team + - for Cisco + +*** Wanderson + +Difficult not to introduce new bugs. +Difficult to find focus time. +**** Meetings / process + +Monthly team meeting, weekly team meeting. +Now you are involved with many people. +Small meeting before the weekly. +Re-add weekly meeting. +1h talking about other projects. + +** Short-term goal setting and development priorities + +Next quarter: + +1. P1. Help RBAC testing/debugging +2. P2. Contribute on provisioning PIAM +3. P3. Finish work on short tokens +4. P4. optionally contribute for provisioning Free Tier/0-Trust +5. P4. Entitlements follow up (beyond PIAM work) + +*** Expectations + +- Finish revocation for RBAC +- Finish short tokens and give a help on the rest.- + +** Long-term career and development priorities + +How do you see yourself next year? +In three years? +Would you like to change anything, or are you happy as you are right now? + +Do you want to be promoted to G11, take more responsibilities? +Or are you happy just working as we do now, and have a discussion about +progression later? + +*** Wanderson + +- overlay emacs on top of webex! + +I would like long term to understand the relationship for our team and others. +Understand the environment. +Interacting with other Cisco teams. +Looking at a broader picture. + +Meeting talk about high level technical. How much progress, etc… +A little bit more clear about what we are chasing for everybody. +They wanted to introduce kafka, but this was already enough info to help people +start learning kafka. +Nice technical structure to create new products. +Difficult to see this other part, especially for hidden webex rooms. + +Actions? + +- Force people to use centralized public channel for architectural discussions, etc… +- Try to make architectural meetings +- Understanding outside IROH what is happening, like what is DI, how are they + working, etc… + +** Agreed upon outcomes + +- Short term (next quarter): + Create weekly IROH-AUth. +- Longer term (> 6 months): + + @Yann: + - Ask Leads to force people to use centralized public channel for architectural discussions, etc… + - Try to make architectural meetings, high level changes discussion + - Understanding outside IROH what is happening, like what is DI, how are they + working, etc… + + - Save these reflections in the long-term priorities field in Team Space. + +* Wanderson Code [15] +** iroh [13 (9 / 4)] + +- [IROH Auth] introducing ~TimeService~ in ~AuthService~ [[https://github.com/advthreat/iroh/pull/7806][#7806]] +- [IROH Auth] allow only ~iroh-core.time~ in oauth2.core ns [[https://github.com/advthreat/iroh/pull/7793][#7793]] +- [IROH Auth] - Update IROH Web middleware to build short JWTs with profile data [[https://github.com/advthreat/iroh/pull/7671][#7671]] +- [IROH Auth] - update ~check-refresh-token~ function [[https://github.com/advthreat/iroh/pull/7669][#7669]] +- [IROH Auth] - Update Design docs for Short JWT Epic [[https://github.com/advthreat/iroh/pull/7670][#7670]] +- [IROH Auth] ~/profile/permissions~ endpoint [[https://github.com/advthreat/iroh/pull/7562][#7562]] +- Patch ~compojure-api~ to allow endpoints with string-keys (without keywordize the request ~:body~) [[https://github.com/advthreat/iroh/pull/7574][#7574]] +- [IROH Auth] Include route ~/profile/scopes~ [[https://github.com/advthreat/iroh/pull/7553][#7553]] +- [IROH Auth] - Store Short JWTs [[https://github.com/advthreat/iroh/pull/7476][#7476]] + +_between 3 and 4 months ago_ + +- [IROH Auth] refactor ~gen-short-tokens~ to avoid code duplication [[https://github.com/advthreat/iroh/pull/7485][#7485]] +- Allow wildcard login origin in TEST env [[https://github.com/advthreat/iroh/pull/7474][#7474]] +- [IROH Auth] Generate Short JWT tokens [[https://github.com/advthreat/iroh/pull/7450][#7450]] +- [IROH Auth] Short JWT design [[https://github.com/advthreat/iroh/pull/7436][#7436]] +** tenzin [1 (0 / 1)] + + +_between 3 and 4 months ago_ + +- Update GPG Wanderson Ferreira [[https://github.com/advthreat/tenzin/pull/2648][#2648]] +** tenzin-config [1 (1 / 0)] + +- add postgres and redis-cache store for IROH Auth JWTs [[https://github.com/advthreat/tenzin-config/pull/839][#839]] diff --git a/reports/FY23Q3-Wanderson-QDD-report.pdf b/reports/FY23Q3-Wanderson-QDD-report.pdf new file mode 100644 index 00000000..8fd5f962 Binary files /dev/null and b/reports/FY23Q3-Wanderson-QDD-report.pdf differ diff --git a/reports/FY23Q3-Wanderson-report.html b/reports/FY23Q3-Wanderson-report.html new file mode 100644 index 00000000..fda3dd75 --- /dev/null +++ b/reports/FY23Q3-Wanderson-report.html @@ -0,0 +1,246 @@ + + + + + + + + Wanderson FY23Q3 Report + + + + + +
+

Wanderson FY23Q3 Report

+

back to one month older

+

2023-05-03

+
+ +

Wanderson [15]

+

iroh [13 (9 / 4)]

+
    +
  • [IROH Auth] introducing TimeService in +AuthService #7806
    • +
  • [IROH Auth] allow only iroh-core.time in oauth2.core ns +#7793
    • +
  • [IROH Auth] - Update IROH Web middleware to build short JWTs with +profile data #7671
    • +
  • [IROH Auth] - update check-refresh-token function #7669
    • +
  • [IROH Auth] - Update Design docs for Short JWT Epic #7670
    • +
  • [IROH Auth] /profile/permissions endpoint #7562
    • +
  • Patch compojure-api to allow endpoints with string-keys +(without keywordize the request :body) #7574
    • +
  • [IROH Auth] Include route /profile/scopes #7553
    • +
  • [IROH Auth] - Store Short JWTs #7476
    • +
+

between 3 and 4 months ago

+
    +
  • [IROH Auth] refactor gen-short-tokens to avoid code +duplication #7485
    • +
  • Allow wildcard login origin in TEST env #7474
    • +
  • [IROH Auth] Generate Short JWT tokens #7450
    • +
  • [IROH Auth] Short JWT design #7436
    • +
+

tenzin [1 (0 / 1)]

+

between 3 and 4 months ago

+
    +
  • Update GPG Wanderson Ferreira #2648
    • +
+

tenzin-config [1 (1 / 0)]

+
    +
  • add postgres and redis-cache store for IROH Auth JWTs #839
    • +
+ + diff --git a/reports/FY23Q3-Wanderson-report.org b/reports/FY23Q3-Wanderson-report.org new file mode 100644 index 00000000..9d817734 --- /dev/null +++ b/reports/FY23Q3-Wanderson-report.org @@ -0,0 +1,34 @@ +#+title: Wanderson FY23Q3 Report +#+subtitle: back to one month older +#+date: 2023-05-03 +#+options: H:6 ^:nil + +*** Wanderson [15] + +**** iroh [13 (9 / 4)] + +- [IROH Auth] introducing ~TimeService~ in ~AuthService~ [[https://github.com/advthreat/iroh/pull/7806][#7806]] +- [IROH Auth] allow only ~iroh-core.time~ in oauth2.core ns [[https://github.com/advthreat/iroh/pull/7793][#7793]] +- [IROH Auth] - Update IROH Web middleware to build short JWTs with profile data [[https://github.com/advthreat/iroh/pull/7671][#7671]] +- [IROH Auth] - update ~check-refresh-token~ function [[https://github.com/advthreat/iroh/pull/7669][#7669]] +- [IROH Auth] - Update Design docs for Short JWT Epic [[https://github.com/advthreat/iroh/pull/7670][#7670]] +- [IROH Auth] ~/profile/permissions~ endpoint [[https://github.com/advthreat/iroh/pull/7562][#7562]] +- Patch ~compojure-api~ to allow endpoints with string-keys (without keywordize the request ~:body~) [[https://github.com/advthreat/iroh/pull/7574][#7574]] +- [IROH Auth] Include route ~/profile/scopes~ [[https://github.com/advthreat/iroh/pull/7553][#7553]] +- [IROH Auth] - Store Short JWTs [[https://github.com/advthreat/iroh/pull/7476][#7476]] + +_between 3 and 4 months ago_ + +- [IROH Auth] refactor ~gen-short-tokens~ to avoid code duplication [[https://github.com/advthreat/iroh/pull/7485][#7485]] +- Allow wildcard login origin in TEST env [[https://github.com/advthreat/iroh/pull/7474][#7474]] +- [IROH Auth] Generate Short JWT tokens [[https://github.com/advthreat/iroh/pull/7450][#7450]] +- [IROH Auth] Short JWT design [[https://github.com/advthreat/iroh/pull/7436][#7436]] +**** tenzin [1 (0 / 1)] + + +_between 3 and 4 months ago_ + +- Update GPG Wanderson Ferreira [[https://github.com/advthreat/tenzin/pull/2648][#2648]] +**** tenzin-config [1 (1 / 0)] + +- add postgres and redis-cache store for IROH Auth JWTs [[https://github.com/advthreat/tenzin-config/pull/839][#839]] diff --git a/reports/FY23Q3-Wanderson-report.pdf b/reports/FY23Q3-Wanderson-report.pdf new file mode 100644 index 00000000..28703eb6 Binary files /dev/null and b/reports/FY23Q3-Wanderson-report.pdf differ diff --git a/reports/FY23Q3-Yann-Individual-Development-Plan.html b/reports/FY23Q3-Yann-Individual-Development-Plan.html new file mode 100644 index 00000000..dc68f3b7 --- /dev/null +++ b/reports/FY23Q3-Yann-Individual-Development-Plan.html @@ -0,0 +1,402 @@ + + + + + + + + Yann FY23Q3 Report + + + + + +
+

Yann FY23Q3 Report

+

back to one month older

+

2023-05-03

+
+ +

Individual Development Plan

+

Results

+

Accomplishments

+
    +
  • Added support for AND/OR queries in tk-store. Should help
    • +
  • PIAM (Provisioning)
    • +
  • Start of the work related to Entitlements (see: https://github.com/advthreat/iroh/issues/7835)
    • +
  • Free Tier Provisioning (the xdr-provisioning repository ++ Platform Provisioning API)
    • +
  • IROH config work to help ops and prevent release problems
    • +
  • Recurring admin tasks: +
      +
    • added bunch of XDR Flags (see #response/1742)
      • +
    • moved the TG OAuth2 client from config to DB on INT
      • +
    • +
  • Managed to get Wanderson back to better efficiency after being +difficult during its move and his daughter
    • +
  • Managed Olivier to his best. Very discrete but pretty strong.
    • +
+

For full details look at the code last quarter report section.

+

Improvements/opportunities +for development:

+
    +
  • I should work even more closely with PIAM as this is fruitful and +could have a lot of impact on IROH team as well as the rest of the IROH +ecosystem (IROH + modules + integrations).
    • +
  • Entitlement will be an interesting topic
    • +
  • Wanderson and Olivier are not yet fully autonomous while working +with some IROH-Auth parts. So there are still room for teaching and +improvements.
    • +
+

Principles & Behaviors

+

Accomplishments

+
    +
  • Advocate: even while it was questionable I did my best to provide +only positive XDR feedback to the team.
    • +
  • Customer value: see the Results Accomplishments section (most of +them add customer value)
    • +
  • Learn: +
      +
    • bash scripts containing Clojure
      • +
    • matrix testing (this was not very visible PR but this is a testing +framework improvements)
      • +
    • matrix representation inside Clojure code, this is helpful to +visualize and easily change scopes associated to roles for example.
      • +
    • +
  • Team for results: engaged team ops + Matt + IROH-Auth for iroh +config issue
    • +
+

Improvements/opportunities +for development:

+

Team Impact

+

Accomplishments

+
    +
  • admin-clj scripts should be helpful, for now use only +for
    • +
  • IROH default config should help ops
    • +
  • PIAM contacts will be useful in the future
    • +
  • Mario PR feedback was a really nice exchange while we are not having +much cross-sub-team discussions.
    • +
  • Helped Explain RBAC technical consequences with other teams, in +particular SXO, but also the UI.
    • +
+

Improvements/opportunities +for development:

+
    +
  • RBAC: Next quarter will probably start discussions with DI and +perhaps CSC.
    • +
+

Code last quarter [44]

+

ctia [1 (1 / 0)]

+
    +
  • bump snakeyaml to address CVE-2022-38751 #1346
    • +
+

iroh [30 (27 / 3)]

+
    +
  • Add a missing option to disable default configs #7805
    • +
  • Add a script to init tokens without login in #7794
    • +
  • Fix schema for Response #7804
    • +
  • Add support to onboard a single app #7796
    • +
  • Add a role instrospection route to help the UI and other clients #7785
    • +
  • Fix scopes declaration for execute-workflow route #7799
    • +
  • Fix a Swagger bug due to schema name conflict #7790
    • +
  • Web api search improvements #7728
    • +
  • add profile and notification to ao-jwt #7726
    • +
  • Tk store combinator search queries (AND, OR, NOT) #7691
    • +
  • Fix a case where the body is nil #7685
    • +
  • Add xdr-instance-id field to the orgs #7707
    • +
  • PIAM: Provisioning onboard endpoint #7659
    • +
  • Add ff scope script #7680
    • +
  • added a script to add feature-flag scopes from command line #7676
    • +
  • prefer to use client from DB than client from config #7672
    • +
  • Align scopes to SXO behaviour #7673
    • +
  • fix lein start #7663
    • +
  • PIAM provisioning no idp-mapping for create user #7655
    • +
  • Default bootstrap & config #6868
    • +
  • Add Entitlements to Orgs #7631
    • +
  • Remove yaml to supported format for profile API #7632
    • +
  • Fix a flaky test in either_test.clj #7610
    • +
  • Role Matrix representation in the code. #7583
    • +
  • fix some wording only for admin users view #7579
    • +
  • Improve User login logs situation #7555
    • +
  • Added a composable redis.nix #7535
    • +
+

between 3 and 4 months ago

+
    +
  • Fix template rendering during invite confirmation #7480
    • +
  • Display virtual users in the batch get users #7473
    • +
  • Add the UI session logout into IROH-Auth #7431
    • +
+

tenzin [2 (2 / 0)]

+
    +
  • use iroh.main for all nodes types #2862
    • +
  • Update iroh.job.jinja #2861
    • +
+

tenzin-config [6 (6 / 0)]

+
    +
  • fix missing iroh-async web-services #884
    • +
  • align iroh and iroh-async confs #883
    • +
  • Add CSC onboarding URLs #875
    • +
  • fix provisioning service #863
    • +
  • PIAM config change (+ boostrap cleanup) #677
    • +
  • add perf.orbital.threatgrid.com to allowed login origin #854
    • +
+

xdr-provisioning [5 (5 / 0)]

+
    +
  • Improve help regarding setting env vars
    • +
  • Improve the command line parsing
    • +
  • rename script to .sh
    • +
  • Add onboarding of DI and CSC
    • +
  • Initial provisioning Script
    • +
+ + diff --git a/reports/FY23Q3-Yann-Individual-Development-Plan.org b/reports/FY23Q3-Yann-Individual-Development-Plan.org new file mode 100644 index 00000000..7ee359ae --- /dev/null +++ b/reports/FY23Q3-Yann-Individual-Development-Plan.org @@ -0,0 +1,116 @@ +#+title: Yann FY23Q3 Report +#+subtitle: back to one month older +#+date: 2023-05-03 +#+options: H:6 ^:nil + +* Individual Development Plan + +** Results +*** Accomplishments +- Added support for AND/OR queries in tk-store. Should help +- PIAM (Provisioning) +- Start of the work related to Entitlements (see: https://github.com/advthreat/iroh/issues/7835) +- Free Tier Provisioning (the ~xdr-provisioning~ repository + Platform + Provisioning API) +- IROH config work to help ops and prevent release problems +- Recurring admin tasks: + - added bunch of XDR Flags (see [[https://github.com/advthreat/response/issues/1742][#response/1742]]) + - moved the TG OAuth2 client from config to DB on INT +- Managed to get Wanderson back to better efficiency after being difficult + during its move and his daughter +- Managed Olivier to his best. Very discrete but pretty strong. + +For full details look at the code last quarter report section. + +*** Improvements/opportunities for development: +- I should work even more closely with PIAM as this is fruitful and could have a + lot of impact on IROH team as well as the rest of the IROH ecosystem (IROH + + modules + integrations). +- Entitlement will be an interesting topic +- Wanderson and Olivier are not yet fully autonomous while working with some + IROH-Auth parts. So there are still room for teaching and improvements. +** Principles & Behaviors +*** Accomplishments +- Advocate: even while it was questionable I did my best to provide only positive XDR feedback to the team. +- Customer value: see the Results Accomplishments section (most of them add customer + value) +- Learn: + - bash scripts containing Clojure + - matrix testing (this was not very visible PR but this is a testing framework + improvements) + - matrix representation inside Clojure code, this is helpful to visualize and + easily change scopes associated to roles for example. +- Team for results: engaged team ops + Matt + IROH-Auth for iroh config issue +*** Improvements/opportunities for development: +** Team Impact +*** Accomplishments +- ~admin-clj~ scripts should be helpful, for now use only for +- IROH default config should help ops +- PIAM contacts will be useful in the future +- Mario PR feedback was a really nice exchange while we are not having much + cross-sub-team discussions. +- Helped Explain RBAC technical consequences with other teams, in particular + SXO, but also the UI. +*** Improvements/opportunities for development: +- RBAC: Next quarter will probably start discussions with DI and + perhaps CSC. + +* Code last quarter [44] + +** ctia [1 (1 / 0)] + +- bump snakeyaml to address CVE-2022-38751 [[https://github.com/advthreat/ctia/pull/1346][#1346]] +** iroh [30 (27 / 3)] + +- Add a missing option to disable default configs [[https://github.com/advthreat/iroh/pull/7805][#7805]] +- Add a script to init tokens without login in [[https://github.com/advthreat/iroh/pull/7794][#7794]] +- Fix schema for Response [[https://github.com/advthreat/iroh/pull/7804][#7804]] +- Add support to onboard a single app [[https://github.com/advthreat/iroh/pull/7796][#7796]] +- Add a role instrospection route to help the UI and other clients [[https://github.com/advthreat/iroh/pull/7785][#7785]] +- Fix scopes declaration for execute-workflow route [[https://github.com/advthreat/iroh/pull/7799][#7799]] +- Fix a Swagger bug due to schema name conflict [[https://github.com/advthreat/iroh/pull/7790][#7790]] +- Web api search improvements [[https://github.com/advthreat/iroh/pull/7728][#7728]] +- add profile and notification to ao-jwt [[https://github.com/advthreat/iroh/pull/7726][#7726]] +- Tk store combinator search queries (AND, OR, NOT) [[https://github.com/advthreat/iroh/pull/7691][#7691]] +- Fix a case where the body is =nil= [[https://github.com/advthreat/iroh/pull/7685][#7685]] +- Add xdr-instance-id field to the orgs [[https://github.com/advthreat/iroh/pull/7707][#7707]] +- PIAM: Provisioning onboard endpoint [[https://github.com/advthreat/iroh/pull/7659][#7659]] +- Add ff scope script [[https://github.com/advthreat/iroh/pull/7680][#7680]] +- added a script to add feature-flag scopes from command line [[https://github.com/advthreat/iroh/pull/7676][#7676]] +- prefer to use client from DB than client from config [[https://github.com/advthreat/iroh/pull/7672][#7672]] +- Align scopes to SXO behaviour [[https://github.com/advthreat/iroh/pull/7673][#7673]] +- fix lein start [[https://github.com/advthreat/iroh/pull/7663][#7663]] +- PIAM provisioning no idp-mapping for create user [[https://github.com/advthreat/iroh/pull/7655][#7655]] +- Default bootstrap & config [[https://github.com/advthreat/iroh/pull/6868][#6868]] +- Add Entitlements to Orgs [[https://github.com/advthreat/iroh/pull/7631][#7631]] +- Remove yaml to supported format for profile API [[https://github.com/advthreat/iroh/pull/7632][#7632]] +- Fix a flaky test in either_test.clj [[https://github.com/advthreat/iroh/pull/7610][#7610]] +- Role Matrix representation in the code. [[https://github.com/advthreat/iroh/pull/7583][#7583]] +- fix some wording only for admin users view [[https://github.com/advthreat/iroh/pull/7579][#7579]] +- Improve User login logs situation [[https://github.com/advthreat/iroh/pull/7555][#7555]] +- Added a composable redis.nix [[https://github.com/advthreat/iroh/pull/7535][#7535]] + +_between 3 and 4 months ago_ + +- Fix template rendering during invite confirmation [[https://github.com/advthreat/iroh/pull/7480][#7480]] +- Display virtual users in the batch get users [[https://github.com/advthreat/iroh/pull/7473][#7473]] +- Add the UI session logout into IROH-Auth [[https://github.com/advthreat/iroh/pull/7431][#7431]] +** tenzin [2 (2 / 0)] + +- use iroh.main for all nodes types [[https://github.com/advthreat/tenzin/pull/2862][#2862]] +- Update iroh.job.jinja [[https://github.com/advthreat/tenzin/pull/2861][#2861]] +** tenzin-config [6 (6 / 0)] + +- fix missing iroh-async web-services [[https://github.com/advthreat/tenzin-config/pull/884][#884]] +- align iroh and iroh-async confs [[https://github.com/advthreat/tenzin-config/pull/883][#883]] +- Add CSC onboarding URLs [[https://github.com/advthreat/tenzin-config/pull/875][#875]] +- fix provisioning service [[https://github.com/advthreat/tenzin-config/pull/863][#863]] +- PIAM config change (+ boostrap cleanup) [[https://github.com/advthreat/tenzin-config/pull/677][#677]] +- add perf.orbital.threatgrid.com to allowed login origin [[https://github.com/advthreat/tenzin-config/pull/854][#854]] +** xdr-provisioning [5 (5 / 0)] + +- Improve help regarding setting env vars +- Improve the command line parsing +- rename script to .sh +- Add onboarding of DI and CSC +- Initial provisioning Script diff --git a/reports/FY23Q3-Yann-Individual-Development-Plan.pdf b/reports/FY23Q3-Yann-Individual-Development-Plan.pdf new file mode 100644 index 00000000..a059b7eb Binary files /dev/null and b/reports/FY23Q3-Yann-Individual-Development-Plan.pdf differ diff --git a/reports/FY23Q3-Yann-report.html b/reports/FY23Q3-Yann-report.html new file mode 100644 index 00000000..dc68f3b7 --- /dev/null +++ b/reports/FY23Q3-Yann-report.html @@ -0,0 +1,402 @@ + + + + + + + + Yann FY23Q3 Report + + + + + +
+

Yann FY23Q3 Report

+

back to one month older

+

2023-05-03

+
+ +

Individual Development Plan

+

Results

+

Accomplishments

+
    +
  • Added support for AND/OR queries in tk-store. Should help
    • +
  • PIAM (Provisioning)
    • +
  • Start of the work related to Entitlements (see: https://github.com/advthreat/iroh/issues/7835)
    • +
  • Free Tier Provisioning (the xdr-provisioning repository ++ Platform Provisioning API)
    • +
  • IROH config work to help ops and prevent release problems
    • +
  • Recurring admin tasks: +
      +
    • added bunch of XDR Flags (see #response/1742)
      • +
    • moved the TG OAuth2 client from config to DB on INT
      • +
    • +
  • Managed to get Wanderson back to better efficiency after being +difficult during its move and his daughter
    • +
  • Managed Olivier to his best. Very discrete but pretty strong.
    • +
+

For full details look at the code last quarter report section.

+

Improvements/opportunities +for development:

+
    +
  • I should work even more closely with PIAM as this is fruitful and +could have a lot of impact on IROH team as well as the rest of the IROH +ecosystem (IROH + modules + integrations).
    • +
  • Entitlement will be an interesting topic
    • +
  • Wanderson and Olivier are not yet fully autonomous while working +with some IROH-Auth parts. So there are still room for teaching and +improvements.
    • +
+

Principles & Behaviors

+

Accomplishments

+
    +
  • Advocate: even while it was questionable I did my best to provide +only positive XDR feedback to the team.
    • +
  • Customer value: see the Results Accomplishments section (most of +them add customer value)
    • +
  • Learn: +
      +
    • bash scripts containing Clojure
      • +
    • matrix testing (this was not very visible PR but this is a testing +framework improvements)
      • +
    • matrix representation inside Clojure code, this is helpful to +visualize and easily change scopes associated to roles for example.
      • +
    • +
  • Team for results: engaged team ops + Matt + IROH-Auth for iroh +config issue
    • +
+

Improvements/opportunities +for development:

+

Team Impact

+

Accomplishments

+
    +
  • admin-clj scripts should be helpful, for now use only +for
    • +
  • IROH default config should help ops
    • +
  • PIAM contacts will be useful in the future
    • +
  • Mario PR feedback was a really nice exchange while we are not having +much cross-sub-team discussions.
    • +
  • Helped Explain RBAC technical consequences with other teams, in +particular SXO, but also the UI.
    • +
+

Improvements/opportunities +for development:

+
    +
  • RBAC: Next quarter will probably start discussions with DI and +perhaps CSC.
    • +
+

Code last quarter [44]

+

ctia [1 (1 / 0)]

+
    +
  • bump snakeyaml to address CVE-2022-38751 #1346
    • +
+

iroh [30 (27 / 3)]

+
    +
  • Add a missing option to disable default configs #7805
    • +
  • Add a script to init tokens without login in #7794
    • +
  • Fix schema for Response #7804
    • +
  • Add support to onboard a single app #7796
    • +
  • Add a role instrospection route to help the UI and other clients #7785
    • +
  • Fix scopes declaration for execute-workflow route #7799
    • +
  • Fix a Swagger bug due to schema name conflict #7790
    • +
  • Web api search improvements #7728
    • +
  • add profile and notification to ao-jwt #7726
    • +
  • Tk store combinator search queries (AND, OR, NOT) #7691
    • +
  • Fix a case where the body is nil #7685
    • +
  • Add xdr-instance-id field to the orgs #7707
    • +
  • PIAM: Provisioning onboard endpoint #7659
    • +
  • Add ff scope script #7680
    • +
  • added a script to add feature-flag scopes from command line #7676
    • +
  • prefer to use client from DB than client from config #7672
    • +
  • Align scopes to SXO behaviour #7673
    • +
  • fix lein start #7663
    • +
  • PIAM provisioning no idp-mapping for create user #7655
    • +
  • Default bootstrap & config #6868
    • +
  • Add Entitlements to Orgs #7631
    • +
  • Remove yaml to supported format for profile API #7632
    • +
  • Fix a flaky test in either_test.clj #7610
    • +
  • Role Matrix representation in the code. #7583
    • +
  • fix some wording only for admin users view #7579
    • +
  • Improve User login logs situation #7555
    • +
  • Added a composable redis.nix #7535
    • +
+

between 3 and 4 months ago

+
    +
  • Fix template rendering during invite confirmation #7480
    • +
  • Display virtual users in the batch get users #7473
    • +
  • Add the UI session logout into IROH-Auth #7431
    • +
+

tenzin [2 (2 / 0)]

+
    +
  • use iroh.main for all nodes types #2862
    • +
  • Update iroh.job.jinja #2861
    • +
+

tenzin-config [6 (6 / 0)]

+
    +
  • fix missing iroh-async web-services #884
    • +
  • align iroh and iroh-async confs #883
    • +
  • Add CSC onboarding URLs #875
    • +
  • fix provisioning service #863
    • +
  • PIAM config change (+ boostrap cleanup) #677
    • +
  • add perf.orbital.threatgrid.com to allowed login origin #854
    • +
+

xdr-provisioning [5 (5 / 0)]

+
    +
  • Improve help regarding setting env vars
    • +
  • Improve the command line parsing
    • +
  • rename script to .sh
    • +
  • Add onboarding of DI and CSC
    • +
  • Initial provisioning Script
    • +
+ + diff --git a/reports/FY23Q3-Yann-report.org b/reports/FY23Q3-Yann-report.org new file mode 100644 index 00000000..7ee359ae --- /dev/null +++ b/reports/FY23Q3-Yann-report.org @@ -0,0 +1,116 @@ +#+title: Yann FY23Q3 Report +#+subtitle: back to one month older +#+date: 2023-05-03 +#+options: H:6 ^:nil + +* Individual Development Plan + +** Results +*** Accomplishments +- Added support for AND/OR queries in tk-store. Should help +- PIAM (Provisioning) +- Start of the work related to Entitlements (see: https://github.com/advthreat/iroh/issues/7835) +- Free Tier Provisioning (the ~xdr-provisioning~ repository + Platform + Provisioning API) +- IROH config work to help ops and prevent release problems +- Recurring admin tasks: + - added bunch of XDR Flags (see [[https://github.com/advthreat/response/issues/1742][#response/1742]]) + - moved the TG OAuth2 client from config to DB on INT +- Managed to get Wanderson back to better efficiency after being difficult + during its move and his daughter +- Managed Olivier to his best. Very discrete but pretty strong. + +For full details look at the code last quarter report section. + +*** Improvements/opportunities for development: +- I should work even more closely with PIAM as this is fruitful and could have a + lot of impact on IROH team as well as the rest of the IROH ecosystem (IROH + + modules + integrations). +- Entitlement will be an interesting topic +- Wanderson and Olivier are not yet fully autonomous while working with some + IROH-Auth parts. So there are still room for teaching and improvements. +** Principles & Behaviors +*** Accomplishments +- Advocate: even while it was questionable I did my best to provide only positive XDR feedback to the team. +- Customer value: see the Results Accomplishments section (most of them add customer + value) +- Learn: + - bash scripts containing Clojure + - matrix testing (this was not very visible PR but this is a testing framework + improvements) + - matrix representation inside Clojure code, this is helpful to visualize and + easily change scopes associated to roles for example. +- Team for results: engaged team ops + Matt + IROH-Auth for iroh config issue +*** Improvements/opportunities for development: +** Team Impact +*** Accomplishments +- ~admin-clj~ scripts should be helpful, for now use only for +- IROH default config should help ops +- PIAM contacts will be useful in the future +- Mario PR feedback was a really nice exchange while we are not having much + cross-sub-team discussions. +- Helped Explain RBAC technical consequences with other teams, in particular + SXO, but also the UI. +*** Improvements/opportunities for development: +- RBAC: Next quarter will probably start discussions with DI and + perhaps CSC. + +* Code last quarter [44] + +** ctia [1 (1 / 0)] + +- bump snakeyaml to address CVE-2022-38751 [[https://github.com/advthreat/ctia/pull/1346][#1346]] +** iroh [30 (27 / 3)] + +- Add a missing option to disable default configs [[https://github.com/advthreat/iroh/pull/7805][#7805]] +- Add a script to init tokens without login in [[https://github.com/advthreat/iroh/pull/7794][#7794]] +- Fix schema for Response [[https://github.com/advthreat/iroh/pull/7804][#7804]] +- Add support to onboard a single app [[https://github.com/advthreat/iroh/pull/7796][#7796]] +- Add a role instrospection route to help the UI and other clients [[https://github.com/advthreat/iroh/pull/7785][#7785]] +- Fix scopes declaration for execute-workflow route [[https://github.com/advthreat/iroh/pull/7799][#7799]] +- Fix a Swagger bug due to schema name conflict [[https://github.com/advthreat/iroh/pull/7790][#7790]] +- Web api search improvements [[https://github.com/advthreat/iroh/pull/7728][#7728]] +- add profile and notification to ao-jwt [[https://github.com/advthreat/iroh/pull/7726][#7726]] +- Tk store combinator search queries (AND, OR, NOT) [[https://github.com/advthreat/iroh/pull/7691][#7691]] +- Fix a case where the body is =nil= [[https://github.com/advthreat/iroh/pull/7685][#7685]] +- Add xdr-instance-id field to the orgs [[https://github.com/advthreat/iroh/pull/7707][#7707]] +- PIAM: Provisioning onboard endpoint [[https://github.com/advthreat/iroh/pull/7659][#7659]] +- Add ff scope script [[https://github.com/advthreat/iroh/pull/7680][#7680]] +- added a script to add feature-flag scopes from command line [[https://github.com/advthreat/iroh/pull/7676][#7676]] +- prefer to use client from DB than client from config [[https://github.com/advthreat/iroh/pull/7672][#7672]] +- Align scopes to SXO behaviour [[https://github.com/advthreat/iroh/pull/7673][#7673]] +- fix lein start [[https://github.com/advthreat/iroh/pull/7663][#7663]] +- PIAM provisioning no idp-mapping for create user [[https://github.com/advthreat/iroh/pull/7655][#7655]] +- Default bootstrap & config [[https://github.com/advthreat/iroh/pull/6868][#6868]] +- Add Entitlements to Orgs [[https://github.com/advthreat/iroh/pull/7631][#7631]] +- Remove yaml to supported format for profile API [[https://github.com/advthreat/iroh/pull/7632][#7632]] +- Fix a flaky test in either_test.clj [[https://github.com/advthreat/iroh/pull/7610][#7610]] +- Role Matrix representation in the code. [[https://github.com/advthreat/iroh/pull/7583][#7583]] +- fix some wording only for admin users view [[https://github.com/advthreat/iroh/pull/7579][#7579]] +- Improve User login logs situation [[https://github.com/advthreat/iroh/pull/7555][#7555]] +- Added a composable redis.nix [[https://github.com/advthreat/iroh/pull/7535][#7535]] + +_between 3 and 4 months ago_ + +- Fix template rendering during invite confirmation [[https://github.com/advthreat/iroh/pull/7480][#7480]] +- Display virtual users in the batch get users [[https://github.com/advthreat/iroh/pull/7473][#7473]] +- Add the UI session logout into IROH-Auth [[https://github.com/advthreat/iroh/pull/7431][#7431]] +** tenzin [2 (2 / 0)] + +- use iroh.main for all nodes types [[https://github.com/advthreat/tenzin/pull/2862][#2862]] +- Update iroh.job.jinja [[https://github.com/advthreat/tenzin/pull/2861][#2861]] +** tenzin-config [6 (6 / 0)] + +- fix missing iroh-async web-services [[https://github.com/advthreat/tenzin-config/pull/884][#884]] +- align iroh and iroh-async confs [[https://github.com/advthreat/tenzin-config/pull/883][#883]] +- Add CSC onboarding URLs [[https://github.com/advthreat/tenzin-config/pull/875][#875]] +- fix provisioning service [[https://github.com/advthreat/tenzin-config/pull/863][#863]] +- PIAM config change (+ boostrap cleanup) [[https://github.com/advthreat/tenzin-config/pull/677][#677]] +- add perf.orbital.threatgrid.com to allowed login origin [[https://github.com/advthreat/tenzin-config/pull/854][#854]] +** xdr-provisioning [5 (5 / 0)] + +- Improve help regarding setting env vars +- Improve the command line parsing +- rename script to .sh +- Add onboarding of DI and CSC +- Initial provisioning Script diff --git a/reports/FY23Q3-Yann-report.pdf b/reports/FY23Q3-Yann-report.pdf new file mode 100644 index 00000000..548a9cdb Binary files /dev/null and b/reports/FY23Q3-Yann-report.pdf differ diff --git a/reports/FY23Q3-report.html b/reports/FY23Q3-report.html new file mode 100644 index 00000000..1ddd42df --- /dev/null +++ b/reports/FY23Q3-report.html @@ -0,0 +1,2292 @@ + + + + + + + + FY23Q3 Report + + + + + +
+

FY23Q3 Report

+

logs goes 4 months back

+

2023-05-03

+
+ +

IROH

+

lead

+

Guillaume Buisson [25]

+

ctia [5]

+
    +
  • Fixed Riemann ES configuration #1360
    • +
  • Allow setting allow_partial_search_results in ES +queries #1359
    • +
  • Bump CTIM to 1.3.6 #1355
    • +
  • Note Entity API changes #1342
    • +
+

between 3 and 4 months old

+
    +
  • CTIM Note entity Support #1330
    • +
+

iroh [16]

+
    +
  • Initial Incident Response Design Draft #7398
    • +
  • Fix Target enrichment feature flag check #7740
    • +
  • Bump clj-momo to 0.4.0 #7723
    • +
  • Update Orchestration Workflow Event fixtures #7677
    • +
  • Observe-Targets route Enhancements #7668
    • +
  • Temporary implementation of observe-targets in the Relay module #7656
    • +
  • Revert "Enrich WebService route"
    • +
  • Revert "Initial WebService for testing"
    • +
  • Initial WebService for testing
    • +
  • Enrich WebService route
    • +
  • Additional Note/Event sample data #7654
    • +
  • Support the Note Entity in Private Intel #7605
    • +
  • Mitre and Risk Score based Incidents Review #6990
    • +
  • Properly define the OpenAPI metadata for the Enrich API #7532
    • +
  • Unhide Swagger UI Responses #7529
    • +
  • Updated Note designs #7508
    • +
+

tenzin-config [4]

+
    +
  • Add the SXO clients to the High Impact allowed sources #876
    • +
+

between 3 and 4 months old

+
    +
  • CTIA Note Entity setup #836
    • +
  • Disable the Kafka Event Hook for Private Intel #835
    • +
  • Double the rate limit of the dcloud organization #824
    • +
+

data

+

Mario Aquino [30]

+

iroh [17]

+
    +
  • Add audiences to client #7812
    • +
  • OrgTokenProviderService #7731
    • +
  • Handle additional variation on mitre-attack source_name #7755
    • +
  • Match on mitre-attack as source_name to find variations #7754
    • +
  • Remove high impact severity checking #7580
    • +
  • Iterate over all orgs for threat hunt execution #7601
    • +
  • Check authorization header #7597
    • +
  • Fix test broken by missing auth header #7588
    • +
  • Use mk-int-request-context for calls that may go to modules #7587
    • +
  • Improve logging for risk score asset resolution #7581
    • +
  • Update CTIM to align w version used by CTIA #7576
    • +
  • Reduce threat hunt ctia investigate module timeouts #7527
    • +
  • Error handling around risk score calculation attempt #7512
    • +
+

between 3 and 4 months old

+
    +
  • Replace unsupported trojan source detector #7481
    • +
  • Service interface tech-debt #7475
    • +
  • One iroh-async session queue for all tasks #7472
    • +
  • CTIM v1.2.0 #7459
    • +
+

tenzin-config [13]

+
    +
  • Enable config for incident enrichment #880
    • +
  • Removes AWS Auth credentials no longer needed by queue-monitor #867
    • +
  • Update async worker count for new server specs #861
    • +
  • AWS Credentials for CloudWatch interaction #842
    • +
  • Remove configs to allow threat hunting for all orgs #853
    • +
  • Make all incidents imported via Swagger UI high impact #847
    • +
  • Remove iroh-investigate and iroh-incident configs #837
    • +
+

between 3 and 4 months old

+
    +
  • Use correct urls for PROD iroh #832
    • +
  • Updates sessions-config for iroh-investigate and iroh-incident #826
    • +
  • iroh-queue-monitor config update #820
    • +
  • Increases number of threat hunt orgs #812
    • +
  • Redis for iroh-async #815
    • +
  • Adds config for iroh-async deployment group
    • +
+

Guillaume Erétéo [16]

+

ctia [6]

+
    +
  • add total-hits headers to metric responses #1363
    • +
  • add tactics/techniques to incident search filters #1356
    • +
  • Incident score schema check #1353
    • +
  • Relationships: add target_ref and source_ref as enumerable field #1354
    • +
+

between 3 and 4 months old

+
    +
  • verdict fix #1333
    • +
  • add techniques to enumerable fields #1331
    • +
+

iroh [5]

+
    +
  • introduce aggregation in crud store #7734
    • +
  • Add Scott to CODEOWNERS #7782
    • +
  • first stats #7765
    • +
  • Incident summary design #7704
    • +
  • threat hunt status incident status Open #7709
    • +
+

tenzin-config [5]

+
    +
  • Activate scoring in TEST and PROD for 1.116 #851
    • +
  • Add PCTIA as high impact by default #849
    • +
+

between 3 and 4 months old

+
    +
  • update incident mappings #822
    • +
  • IROH Swagger UI to high impact sources #830
    • +
  • prepare actor migration #814
    • +
+

Ambrose Bonnaire-Sergeant +[11]

+

ctia [7]

+
    +
  • Push sighting store's coercion pattern into def-es-store #1361
    • +
  • Remove log4j #1347
    • +
  • Fix bulk relationships between transient asset mappings/fields #1343
    • +
  • Filter by scores test #1341
    • +
  • Scores dynamic mapping #1340
    • +
  • Don't mix user params with internal extensions #1339
    • +
+

between 3 and 4 months old

+
    +
  • Sort on incident score #1327
    • +
+

iroh [4]

+
    +
  • new incident scores format #7578
    • +
  • Strip ctia keys #7521
    • +
+

between 3 and 4 months old

+
    +
  • Improve stubservice error messages #7478
    • +
  • Prep Mia for incident scoring impl #7397
    • +
+

integrations

+

Matthieu Sprunck [32]

+

iroh [17]

+
    +
  • E7469: Event API extension design #7462
    • +
  • Implements OR, AND, NOT boolean combinators for ElasticSearch #7752
    • +
  • Add a dedicated IROH Auth configuration to Swagger #7738
    • +
  • Remote: Return an error when tiles/data is not supported #7732
    • +
  • Remove support for access token in Swagger UI #7729
    • +
  • Remote: IROH Proxy handler should not be called in case of errors #7717
    • +
  • Add missing dependency to int-web-service #7712
    • +
  • Configures ModuleRecords with a map #7690
    • +
  • Bump to CTIM 1.3.7 #7696
    • +
  • Create High Impact incident event #7679
    • +
  • Bump to CTIM 1.3.5 #7642
    • +
  • Add new High Impact Incident event types #7606
    • +
  • Bump to CTIM 1.3.4 #7626
    • +
  • Bump to CTIM 1.3.3 #7616
    • +
  • Allow settings prefixed by custom_ to be derived in proxy config #7509
    • +
+

between 3 and 4 months old

+
    +
  • Fix client credentials auth for CrowdStrike integration #7502
    • +
  • Add API Key auth type to the Relay module #7488
    • +
+

tenzin-config [15]

+
    +
  • Revert "Revert "Remove support for access token in Swagger UI +(#868)" (#871)" #874
    • +
  • Allow SXO internal hosts for webhook calls #872
    • +
  • Revert "Remove support for access token in Swagger UI (#868)" #871
    • +
  • Remove invalid module configuration keys #870
    • +
  • Remove support for access token in Swagger UI #868
    • +
  • Remove one-click-module services from iroh application #865
    • +
  • Change the IROH modules configuration format #864
    • +
  • Change Orbital URL in TEST #848
    • +
  • Remove the tiles APIs from the Orbital module record #845
    • +
  • Add CrowdStrike proxy configuration #841
    • +
+

between 3 and 4 months old

+
    +
  • Fix SentinelOne module record conf #834
    • +
  • Support of IROH Proxy for SentinelOne #828
    • +
  • Revert connection manager changes in PROD (2nd attempt) #827
    • +
  • Revert changes in PROD and reduce nb of threads in INT and TEST #825
    • +
  • Increase the number of threads used by the connection manager of the +Relay module #823
    • +
+

Kirill Chernyshov [11]

+

ctia [2]

+
    +
  • Exception handling for bundle export #1351
    • +
+

between 3 and 4 months old

+
    +
  • Default "no-pagination" for feed #1336
    • +
+

iroh [9]

+
    +
  • Fix configuration option for event signer #7777
    • +
  • Add signer options for EventService #7776
    • +
  • Simplify kafka-producer integration test #7769
    • +
  • Send event from EventService to kafka topic #7552
    • +
  • Return promise after sending event to kafka #7556
    • +
  • IROH-crypto lib #7544
    • +
  • KafkaProducerService #7524
    • +
  • Introduce iroh-kafka library #7505
    • +
+

between 3 and 4 months old

+
    +
  • Remove Onyx and Aeron services #7489
    • +
+

Shafiq [5]

+

iroh [4]

+
    +
  • Add create-event HTTP API #7557
    • +
  • Add search endpoint for iroh-events #7528
    • +
  • Add integration test-case for iroh-events search #7513
    • +
+

between 3 and 4 months old

+
    +
  • Separate event-handlers from EventNotifierService #7437
    • +
+

tenzin-config [1]

+
    +
  • Configure internal-event-web-service #844
    • +
+

auth

+

Olivier Barbeau [23]

+

iroh [22]

+
    +
  • fix http status code #7838
    • +
  • Rework of the script check-changelog-update-time #7658
    • +
  • RBAC: additional XDR tests #7634
    • +
  • GitHub Actions: do test coverage only once #7607
    • +
  • Increase Java Heap size for code coverage - Github Actions workflow +#7585
    • +
  • add workdir for the check #7573
    • +
  • disable test #7566
    • +
  • Fail build if html not updated #7559
    • +
  • RBAC: enable the new XDR role 'Security Analyst Tier 2' #7545
    • +
  • Issue 7538 refactor of role retrieval #7540
    • +
  • automated 'revert role' operation with test #7537
    • +
  • RBAC: Retrocompatibility of the Provisioning API #7507
    • +
+

between 3 and 4 months old

+
    +
  • Refactor around ifn-pred #7491
    • +
  • set job timeouts to 90 minutes #7506
    • +
  • set job timeouts to 60 minutes #7504
    • +
  • Test coverage v2 #7498
    • +
  • wait for hook to be finished before testing #7497
    • +
  • Add test coverage report to the Iroh GitHub Actions workflow #7453
    • +
  • RBAC for Org Access Request #7465
    • +
  • Issue 7333 rbac invitation service #7454
    • +
  • RBAC: new XDR tests for login and oauth-clients #7418
    • +
  • Issue 7413 move steps out of setup job #7414
    • +
+

tenzin-config [1]

+
    +
  • sets the :xdr-roles feature flag in INT and TEST #840
    • +
+

(Yogsototh) [5]

+

xdr-provisioning [5]

+
    +
  • Improve help regarding setting env vars
    • +
  • Improve the command line parsing
    • +
  • rename script to .sh
    • +
  • Add onboarding of DI and CSC
    • +
  • Initial provisioning Script
    • +
+

bartuka [15]

+

iroh [13]

+
    +
  • [IROH Auth] introducing TimeService in +AuthService #7806
    • +
  • [IROH Auth] allow only iroh-core.time in oauth2.core ns +#7793
    • +
  • [IROH Auth] - Update IROH Web middleware to build short JWTs with +profile data #7671
    • +
  • [IROH Auth] - update check-refresh-token function #7669
    • +
  • [IROH Auth] - Update Design docs for Short JWT Epic #7670
    • +
  • [IROH Auth] /profile/permissions endpoint #7562
    • +
  • Patch compojure-api to allow endpoints with string-keys +(without keywordize the request :body) #7574
    • +
  • [IROH Auth] Include route /profile/scopes #7553
    • +
  • [IROH Auth] - Store Short JWTs #7476
    • +
+

between 3 and 4 months old

+
    +
  • [IROH Auth] refactor gen-short-tokens to avoid code +duplication #7485
    • +
  • Allow wildcard login origin in TEST env #7474
    • +
  • [IROH Auth] Generate Short JWT tokens #7450
    • +
  • [IROH Auth] Short JWT design #7436
    • +
+

tenzin [1]

+

between 3 and 4 months old

+
    +
  • Update GPG Wanderson Ferreira #2648
    • +
+

tenzin-config [1]

+
    +
  • add postgres and redis-cache store for IROH Auth JWTs #839
    • +
+

Yann Esposito [44]

+

ctia [1]

+
    +
  • bump snakeyaml to address CVE-2022-38751 #1346
    • +
+

iroh [30]

+
    +
  • Add a missing option to disable default configs #7805
    • +
  • Add a script to init tokens without login in #7794
    • +
  • Fix schema for Response #7804
    • +
  • Add support to onboard a single app #7796
    • +
  • Add a role instrospection route to help the UI and other clients #7785
    • +
  • Fix scopes declaration for execute-workflow route #7799
    • +
  • Fix a Swagger bug due to schema name conflict #7790
    • +
  • Web api search improvements #7728
    • +
  • add profile and notification to ao-jwt #7726
    • +
  • Tk store combinator search queries (AND, OR, NOT) #7691
    • +
  • Fix a case where the body is nil #7685
    • +
  • Add xdr-instance-id field to the orgs #7707
    • +
  • PIAM: Provisioning onboard endpoint #7659
    • +
  • Add ff scope script #7680
    • +
  • added a script to add feature-flag scopes from command line #7676
    • +
  • prefer to use client from DB than client from config #7672
    • +
  • Align scopes to SXO behaviour #7673
    • +
  • fix lein start #7663
    • +
  • PIAM provisioning no idp-mapping for create user #7655
    • +
  • Default bootstrap & config #6868
    • +
  • Add Entitlements to Orgs #7631
    • +
  • Remove yaml to supported format for profile API #7632
    • +
  • Fix a flaky test in either_test.clj #7610
    • +
  • Role Matrix representation in the code. #7583
    • +
  • fix some wording only for admin users view #7579
    • +
  • Improve User login logs situation #7555
    • +
  • Added a composable redis.nix #7535
    • +
+

between 3 and 4 months old

+
    +
  • Fix template rendering during invite confirmation #7480
    • +
  • Display virtual users in the batch get users #7473
    • +
  • Add the UI session logout into IROH-Auth #7431
    • +
+

tenzin [2]

+
    +
  • use iroh.main for all nodes types #2862
    • +
  • Update iroh.job.jinja #2861
    • +
+

tenzin-config [6]

+
    +
  • fix missing iroh-async web-services #884
    • +
  • align iroh and iroh-async confs #883
    • +
  • Add CSC onboarding URLs #875
    • +
  • fix provisioning service #863
    • +
  • PIAM config change (+ boostrap cleanup) #677
    • +
  • add perf.orbital.threatgrid.com to allowed login origin #854
    • +
+

xdr-provisioning [5]

+
    +
  • Improve help regarding setting env vars
    • +
  • Improve the command line parsing
    • +
  • rename script to .sh
    • +
  • Add onboarding of DI and CSC
    • +
  • Initial provisioning Script
    • +
+

iroh-ops

+

Patrick Patat [19]

+

iroh-ops [18]

+
    +
  • Merge pull request #69 from advthreat/riemann-asg
    • +
  • Merge pull request #66 from advthreat/pg-cname
    • +
  • Merge pull request #65 from advthreat/minor-fix
    • +
  • Merge pull request #64 from advthreat/vector-docker
    • +
  • Merge pull request #63 from advthreat/asg-refresh
    • +
  • Merge pull request #61 from advthreat/auto-deploy
    • +
  • Merge pull request #60 from advthreat/webex-notif
    • +
  • Merge pull request #57 from advthreat/qualys
    • +
  • Merge pull request #56 from advthreat/dynamodb_backup
    • +
  • Merge pull request #55 from advthreat/iroh-queue
    • +
  • Merge pull request #52 from advthreat/nomad-job
    • +
  • Merge pull request #54 from advthreat/vault-stats
    • +
  • Merge pull request #48 from advthreat/vault-pki
    • +
  • Merge pull request #47 from advthreat/nomad-docker-config
    • +
+

between 3 and 4 months old

+
    +
  • Merge pull request #41 from advthreat/codebuild-fix
    • +
  • Merge pull request #40 from advthreat/ansible-codebuild
    • +
  • Merge pull request #37 from advthreat/fix-host
    • +
  • Merge pull request #35 from advthreat/instances_route53
    • +
+

tenzin [1]

+
    +
  • allows iroh-ops dev platform to access redis #2755
    • +
+

Jerome Schneider [81]

+

iroh-ops [24]

+
    +
  • render s3 artefacts generic and create a releases bucket
    • +
  • datadog: improve logging
    • +
  • add vector support for os logging
    • +
  • tf peering: don't peering public subnets
    • +
  • Add Datadog agent on all instances and specific setup for Nomad and +Consul
    • +
+

between 3 and 4 months old

+
    +
  • vpnator: remove cloudtrail support for the moment
    • +
  • ansible: migrate jerschne on master
    • +
  • iam_lambda_ec2_route53: re-add rights on EC2
    • +
  • improve iam management and adapt Ansible for it
    • +
  • tfw: manage correctly workspaces
    • +
  • switch jerschne on ansible master
    • +
  • Create a new env and manage terraform workspaces
    • +
  • dev: cleaning configuration
    • +
  • only one s3 bucket and dynamodb table per account for tfstates
    • +
  • Ansible: add Mitogen to improve performances (issue #26)
    • +
  • requirements.txt: add missing dependencies
    • +
  • vim: add a vimrc example
    • +
  • scripts/tfw: fixed json debugging message and exit message when it +failed
    • +
  • README is a markdown file
    • +
  • README.md: fix path
    • +
  • Migrate iroh-ops TF to Terraform Wrapper (tfw)
    • +
  • Add a Terraform Wrapper (tfw) that improve Terraform var files
    • +
  • ansible add a quick readme and a requirements.txt
    • +
  • TF: add kafka support
    • +
+

tenzin [57]

+
    +
  • Upgrade TF AWS provider
    • +
  • iroh-async: resize ASG and add downscaling support
    • +
  • iroh: add iroh signer certificates
    • +
  • ASG: Drain Nomad nodes before terminating instances
    • +
  • PROD AP: allows iroh-queue-monitor to put metric in Cloudwatch
    • +
  • PROD EU: allows iroh-queue-monitor to put metric in Cloudwatch
    • +
  • PROD US: allows iroh-queue-monitor to put metric in Cloudwatch
    • +
  • STAGE: allows iroh-queue-monitor to put metric in Cloudwatch
    • +
  • TEST: allows iroh-queue-monitor to put metric in Cloudwatch
    • +
  • INT: allows iroh-queue-monitor to put metric in Cloudwatch
    • +
  • Terraform: configure vault provider
    • +
  • iroh-async: resize instances and memory usage
    • +
  • PROD EU: Conure add IAM policy
    • +
  • PROD APJC: Conure add IAM policy
    • +
  • PROD NAM: Conure add IAM policy
    • +
  • STAGE: add Conure support
    • +
  • TEST: add new Conure IAM role
    • +
  • INT: add new Conure IAM role
    • +
  • iroh allows iroh-internal.*.iroh.site domains
    • +
  • add private-ctia-update-index-state on TEST,STAGE and PROD
    • +
  • STAGE: add iroh-internal support
    • +
  • PROD US: add iroh-internal support
    • +
  • PROD EU: add iroh-internal support
    • +
  • PROD APJC: add iroh-internal support
    • +
  • TEST: add iroh-internal support
    • +
  • INT: add iroh-internal support
    • +
  • RDS PostgreSQL: force SSL connections by default
    • +
  • add private-ctia-update-index-state job to update ES index +mapping
    • +
  • Iroh Async use custom metrics to scale
    • +
  • remove iroh-tooling
    • +
  • iroh-admin INT: revert breaking instance change
    • +
  • Caddy private: allow es-metrics for iroh-ops
    • +
  • allows iroh-ops dev platform to access to private caddy
    • +
  • PostgreSQL Conure change instances for PROD and TEST
    • +
  • add Conure RDS PostgreSQL on PROD and TEST
    • +
  • PROD EU: destroy iroh-investigate and iroh-incident
    • +
  • PROD APJC: destroy iroh-incident and iroh-investigate
    • +
  • PROD NAM: remove iroh-incident and iroh-investigate
    • +
  • TEST: destroy iroh-incident and iroh-investigate
    • +
  • improve
    • +
  • iroh-async: add downscaling!
    • +
  • INT/TEST: fixed iroh-admin conf to allow iroh-queue-monitor
    • +
  • INT: new RDS PostgreSQL for Conure
    • +
  • INT: remove iroh-incident and iroh-investigate
    • +
+

between 3 and 4 months old

+
    +
  • Nomad jobs: fix MaxParallel when auto scaling is enabled!
    • +
  • iroh job: change the grace period from 120s to 180s
    • +
  • iroh-queue-monitor: migrate it on full https and allow access from +private rp
    • +
  • elasticache: change creation timeout
    • +
  • add dedicated Elasticache Redis for iroh-async
    • +
  • PROD APJC: add iroh-async support
    • +
  • PROD EU: add iroh-async support
    • +
  • PROD US: add iroh-async support
    • +
  • TEST: add iroh-async support
    • +
  • add a new iroh-async to replace iroh-investigate and +iroh-incident
    • +
  • iroh-admin nomad job: extend grace delay and add one more status +check
    • +
  • prod US: this PR allows tier3 engineers to manage SES suppression +list
    • +
  • allow iroh-tooling to access to RDS PostgreSQL
    • +
+

Other

+

Other

+

krishna Ganugapenta [32]

+

tenzin [31]

+
    +
  • Mia Lehrer(milhrer) gpg key updated #2725
    • +
  • Securex-news decommission from tenzin #2876
    • +
  • ASG size bumped to negate excessive CPU useage #2869
    • +
  • updated SG rules count for iroh-front-end #2866
    • +
  • IAM policy to access cloudtrail logs s3 bucket #2840
    • +
  • Fixing asea modules not in sync with AWS infra #2828
    • +
  • logstash-cloudtrail versions updated in jobs.sls #2812
    • +
  • IROH_ASYNC asg capacity increase #2813
    • +
  • Logstash-cloudtrail filter settings have modified #2808
    • +
  • Asea services tf modules removed from TEST to sync with AWS infra #2800
    • +
  • tenzin-config files updated to intelligence app #2779
    • +
  • Fixing logstash config file permission issue #2765
    • +
  • Added read and write permission to logstash.yml #2763
    • +
  • prestart task added to prevent permissions error #2762
    • +
  • Added a new set variable for logstash-cloudtrail #2760
    • +
  • Fixing logstash-cloudtrail nomad job config temp #2759
    • +
  • Added a missing template for logstash-cloudtrail #2757
    • +
  • Logstash-cloudtrail job to collect logs #2756
    • +
  • XDR decommission from nomad cluster #2684
    • +
  • SQS queue url fixed for logstash-cloudtrail nomad job #2710
    • +
  • SQS queue url has got updated to logstash-cloudtrail job #2709
    • +
  • filebeat and beats configuration updated #2707
    • +
+

between 3 and 4 months old

+
    +
  • Removal of accesskey/secret key from logstash-cloudtrail job #2702
    • +
  • Added vault policy to oss nodes to fix logstash-cloudtrail nomad job +issue #2700
    • +
  • Caddy port lable fix for logstash-cloudtrail job #2698
    • +
  • Logstash job to retrieve cloudtrail logs from S3 #2696
    • +
  • Enabled securex-ui-incidents for PROD #2650
    • +
  • XDR shell app PROD config added #2624
    • +
  • Conure DB access policy updated #2627
    • +
  • xdr-apps configuration removed form caddy public #2649
    • +
  • Caddy Path based routing changes reverted #2623
    • +
+

tenzin-config [1]

+
    +
  • Securex-news removal from tenzin and tenzin-config #869
    • +
+

Tancredi Orlando [1]

+

easy-purescript-nix [1]

+
    +
  • purs-tidy: 0.9.0 -> 0.9.2
    • +
+

milehrer [15]

+

iroh-engine [15]

+
    +
  • move forward if no new targets or asset
    • +
  • prepare for 0.15.4
    • +
  • decouple first asset check from asset enrichment
    • +
  • change ->instant to parse
    • +
  • write asset-enrich pipeline v1
    • +
  • Prepare for v0.14.6
    • +
  • update iroh service-wrapper to expect resolve-latest
    • +
  • add resolve-latest-assets iroh protocol and endpoint
    • +
+

between 3 and 4 months old

+
    +
  • prepare for v0.14.5
    • +
  • the less we talk about this, the better
    • +
  • prepare for version 0.14.4
    • +
  • make data in enrichment bundles align with real life
    • +
  • prepare for 0.14.3
    • +
  • remove deprecated trojansource step from github workflow
    • +
  • remove transient id generation from assets as DI now does it +instead
    • +
+

Joel Holdbrooks [2]

+

iroh-engine [2]

+
    +
  • Merge pull request #1373 from advthreat/noprompt-patch-1
    • +
  • Update unit_test.yml
    • +
+

Michael Whitley [3]

+

response [3]

+
    +
  • Update access-request.md
    • +
  • Update access-request.md
    • +
  • Update access-request.md
    • +
+

Sofiia Mykytiuk [43]

+

tenzin [43]

+
    +
  • Update VPNator in TEST, STAGE and PROD #2932
    • +
  • Update STAGE docs S3 bucket #2938
    • +
  • Update VPNator lambda functions in INT #2929
    • +
  • Update min capacity for ASG in backup regions #2917
    • +
  • Update readme in terraform folders for backup regions #2896
    • +
  • Saltstack changes for backup regions #2822
    • +
  • ROAdmin role for STAGE and PROD #2909
    • +
  • Update saml in terraform to sync with AWS STAGE and PROD accounts #2910
    • +
  • ROAdmin role for INT #2903
    • +
  • Add nodes to ES-metrics cluster in EU #2905
    • +
  • Remove Data VPNator from PROD #2868
    • +
  • Terraform changes for backup regions #2882
    • +
  • Remove modules needed for S3 batch operations #2884
    • +
  • Disable replication for es-metrics #2850
    • +
  • Update infrastructure diagram with second VPN #2871
    • +
  • Remove data-vpnator from INT #2855
    • +
  • PKI update for backup regions #2842
    • +
  • Update vpnator script for new OPS setup #2817
    • +
  • Fix module deletition #2825
    • +
  • Remove cleaner lambda setup from INT, TEST #2823
    • +
  • Module to setup new vpnator for OPS VPN in INT #2816
    • +
  • Modules to setup VPNator for OPS VPN in PROD #2814
    • +
  • BCP: Update readme with bastion info #2456
    • +
  • Terraform modules update for TEST backup region #2796
    • +
  • New PROD VPNator setup for non-ops VPN setup #2748
    • +
  • Remove not needed permissions for kms-ssm in STAGE #2733
    • +
  • Changing KMS key in Vault unseal config in STAGE #2732
    • +
  • Adding permissions to kms-vault key #2712
    • +
  • Remove permissions for kms-ssm from hashistack policy INT and TEST +#2719
    • +
  • Terraform modules update for TEST backup region #2724
    • +
  • Changing unseal configuration for Vault in INT #2718
    • +
  • Permissions for kms-vault key in INT and STAGE #2706
    • +
  • KMS vault key material for INT and STAGE #2705
    • +
  • New kms-vault key material #2711
    • +
+

between 3 and 4 months old

+
    +
  • Permissions for new kms-vault key in TEST backup region #2695
    • +
  • Fix permissions for kms-vault key #2692
    • +
  • Changing kms key in autounseal Vault config for TEST #2680
    • +
  • Update README.md #2686
    • +
  • Update salt to read datadog api key from SSM #2679
    • +
  • Adding permissions for new kms-vault key for hashistack nodes in +TEST env #2670
    • +
  • Adding permissions for datadog ssm parameter #2663
    • +
  • Comment not needed references #2656
    • +
  • KMS Vault key #2668
    • +
+

Will Lorand [1]

+

iroh [1]

+
    +
  • Update summary.org #7603
    • +
+

Dmytro Budko [5]

+

tenzin [5]

+
    +
  • SXOPS-630 Invalidate a CloudFront cache for INT/TEST after push +changes #2897
    • +
  • SXOPS-191 Terraform: Bring INT and Test into sync with AWS (DOCS +INT/TEST) #2889
    • +
  • SXOPS-616 DataDog agent not able to collect metrics (SLM) from ES #2878
    • +
  • SXOPS-539 EC2 Keypair rotation for INT and TEST #2787
    • +
  • SXOPS-539 Offboard Vadym Kiz #2784
    • +
+

Cisco Boz [1]

+

tenzin [1]

+
    +
  • Replace Threat Response -> XDR for 502 pages on caddy-* public +& private #2934
    • +
+

Patrick Patat [72]

+

iroh-ops [71]

+
    +
  • install and config riemann on asg
    • +
  • add riemann & reimann_telemetry servers
    • +
  • add vault token for ansible
    • +
  • add rds pg cname and bump tf min version to 1.4
    • +
  • install vector after all (due to app log deps)
    • +
  • add vector config for docker with nomad
    • +
  • add auto instance refresh
    • +
  • disable notready service add the end of ansible run
    • +
  • remove unattended-upgrades pkg and ignore qualys server
    • +
  • setup a lambda that run ansible nomad-jobs when a new app version is +pushed to s3
    • +
  • override nomad jobs version with versions.json from s3 bucket +artefacts (needed for auto deployement)
    • +
  • add codebuild fail notification via webex
    • +
  • simplify sg rule and rename a boolean var
    • +
  • add doc for qualys setup
    • +
  • add qualys instances and extends customasation of instances, asg +& sgs
    • +
  • create an aws backup vault and plan for dynamodb backup
    • +
  • create redis-async.iroh.dev.sh cname to tenzin's redis
    • +
  • add add iroh-queue-monitor, add http check for nomad jobs
    • +
  • config vault telemetry to send data to datadog
    • +
  • add role nomad-jobs with exemple job iroh & hello, add related +caddy config for private rp
    • +
  • add python-nomad to manage job, add dogstatsd as volume & add +metadata from docker
    • +
  • add iroh-ro vault policy
    • +
  • add vault ca to ssm, put vault ca on caddy vm & update nomad +config for vault and docker
    • +
  • create custom modules for vault and aws private acm & configure +vault internal pki
    • +
  • allow vault servers to query aws private acm
    • +
  • add docker registry and app_server role for docker registry use
    • +
  • move docker repo conf to linux base & update nomad config
    • +
  • add .yml to group_vars files
    • +
+

between 3 and 4 months old

+
    +
  • create one codebuild job per env
    • +
  • change codebuild default env var to '' and fix missing env var in +user_data
    • +
  • create codebuild ansible-run and replace user_data local ansible +with codebuild trigger
    • +
  • push new admin key in user admin authorized keys
    • +
  • fix hostname config
    • +
  • add lambda to create/delete ec2 dns record on start and +terminate
    • +
  • centralize apt config & set hostname and prompt
    • +
  • configure vault server & add caddy vault config
    • +
  • refactor route53 lb cnames creation
    • +
  • upgrade vault instances config
    • +
  • split iam in mutliple file and add iam for vault instances
    • +
  • add dynamodb for vault
    • +
  • add CODEOWNERS file
    • +
  • remove openvpn push dns (useless with iroh.sh)
    • +
  • upgrade tf and ansible for caddy https with letsencrypt
    • +
  • upgrade dns config with iroh.sh & iroh.services
    • +
  • secure all comunications between consul nomad and rps
    • +
  • do not redeploy instances on ami upgrade
    • +
  • refactor pki
    • +
  • fix: encode in base64 ssm parameters
    • +
  • Revert "temporaly disable encrypt communication for nomad and +consul"
    • +
  • pki for internal certs
    • +
  • use ansible-pull in user_data to config vm at first boot
    • +
  • use t4.small instead of t4.nano
    • +
  • add linux users config
    • +
  • fix: add hashicorp apt in vaul role
    • +
  • upgrade for private rp
    • +
  • add role and playbook for caddy private rp
    • +
  • move hashicorp's apt config to role nomad & consul (do need it +on all vms)
    • +
  • add bastion and openvpn role, playbook and group_vars
    • +
  • temporaly disable encrypt communication for nomad and consul
    • +
  • replace _ with - in node name (need to be dns compatible)
    • +
  • add python3-boto3 to linux_base_pkgs
    • +
  • temporary allow everything from vpn
    • +
  • disable source_dest_check for vpn and add bastion dns name
    • +
  • upgrade for vpn server
    • +
  • ansible typos and code style
    • +
  • refactoring asgs & security groups
    • +
  • refactor terraform asgs
    • +
  • use boolean value instead of strings, add tags in tasks and other +minor fixes
    • +
  • improve ansible.cfg, remove debug, fix unbound config
    • +
  • add load_balancer, app_server private_rp, remove caps from ressource +names
    • +
  • ansible bootstrap
    • +
+

tenzin [1]

+
    +
  • allows iroh-ops dev platform to access rds
    • +
+

Yurii Ivanisenko [12]

+

tenzin [11]

+
    +
  • Add muhammad imran (muhammim) gpg key #2899
    • +
  • Give Muhammad Imran (muhammim) SSH access #2898
    • +
  • removed walkme-ci tf module files and vpn users #2841
    • +
  • removed all saltstack entries with user vilakkak #2818
    • +
  • removed TF module CloudWatch-lambda-sca-whitelist-testing #2804
    • +
  • added diagrams for CTR_AWS and TAC-portal #2717
    • +
  • align with INT lambda settings for Thousendeyes WL and TEST R53 +recor… #2715
    • +
+

between 3 and 4 months old

+
    +
  • fix CSP directives for visibility.amp in APJC and EU regions #2689
    • +
  • fixed tab instead of spaces in caddy.yaml NAM #2681
    • +
  • Caddy public job - added templates for TAC certificates #2674
    • +
  • Added configs for TAC portal prod #2666
    • +
+

tenzin-config [1]

+

between 3 and 4 months old

+
    +
  • Added config.json for Tactical-portal in PROD regions #817
    • +
+

Robert Levy [5]

+

iroh [5]

+
    +
  • fix dev-resources config to use the correct key signer-ops instead +of signer #7778
    • +
  • Add registered trademark to MITRE tile title #7775
    • +
  • Incidents' Detection Sources Tile #7725
    • +
  • top-targeted assets tile for control center (ctia investigate +module) #7689
    • +
  • MITRE Attack incidents tile #7523
    • +
+

Mia [36]

+

iroh [22]

+
    +
  • Update risk score docs to include overview of enrich-targets process +#7773
    • +
  • log asset retrieval failure #7743
    • +
  • Separate risk score engine calls #7742
    • +
  • log bundle #7737
    • +
  • Flag observe targets #7697
    • +
  • remove verbose logs from risk score calculation #7618
    • +
  • FIXME temp log bundle-import-payload #7609
    • +
  • handle explicit nil cases for asset value #7604
    • +
  • Correct describe assets #7600
    • +
  • adjust logging #7596
    • +
  • Resolve latest asset log params #7594
    • +
  • add asset:read scope to token used for engine-service #7571
    • +
  • Iroh engine latest assets #7554
    • +
  • Update bundle import #7542
    • +
  • Fix risk score bundle import #7534
    • +
  • fix a typo in engine config introduce default consistent with engine +#7525
    • +
  • Fix risk score auth #7517
    • +
  • Fix risk score auth #7516
    • +
  • Fix risk score auth with tests this time #7515
    • +
  • add auth token to bundle export header in risk score #7514
    • +
+

between 3 and 4 months old

+
    +
  • implement final risk score #7486
    • +
  • 7342 preliminary risk score #7460
    • +
+

iroh-engine [13]

+
    +
  • Merge pull request #1385 from advthreat/v0.15.4-rc
    • +
  • Merge pull request #1384 from +advthreat/separate-add-assets-and-enrich-targets
    • +
  • Merge pull request #1371 from advthreat/testy-tests
    • +
  • Merge pull request #1367 from advthreat/v0.14.6-rc
    • +
  • Merge pull request #1366 from +advthreat/add-resolve-latest-assets
    • +
+

between 3 and 4 months old

+
    +
  • Merge pull request #1365 from advthreat/v0.14.5-rc
    • +
  • Merge pull request #1364 from advthreat/change-test-again
    • +
  • Merge branch 'main' into change-test-again
    • +
  • Merge pull request #1363 from advthreat/v0.14.4-rc
    • +
  • Merge pull request #1362 from +advthreat/calculate-preliminary-risk-score
    • +
  • Merge pull request #1360 from advthreat/v0.14.3-rc
    • +
  • Merge pull request #1359 from advthreat/remove-trojansource
    • +
  • Merge pull request #1358 from advthreat/remove-transient-ids
    • +
+

tenzin-config [1]

+

between 3 and 4 months old

+
    +
  • flip feature flag in INT for score-based incident enrichment #833
    • +
+

Devin Walters [5]

+

iroh-engine [5]

+
    +
  • Prepare 0.15.2
    • +
  • Coerce to instant after reading as ZDT
    • +
  • Assert sightings
    • +
  • Let up
    • +
  • Use investigable-observables, promises delivered, add verdict
    • +
+

Vadym Kiz [3]

+

tenzin [3]

+
    +
  • SXOPS-361 GitHub self-hosted runners for SecureX UI monorepo #2635
    • +
  • Datadog: enable slm_stats #2778
    • +
  • SSH access - jbusboom #2738
    • +
+

Ag Ibragimov [8]

+

iroh [4]

+
    +
  • Unassigned Incidents Tile should show relative time #7824
    • +
  • Control center: Navigate to Incidents page from tile #7760
    • +
  • Control Center – Detection Sources Tile: Fixes query parenthesizing +#7759
    • +
  • API work for unassigned incidents #7682
    • +
+

tenzin-config [4]

+
    +
  • adds :xdr-site-url #885
    • +
  • adds detection sources config for PROD #881
    • +
  • additional client_id for incident sources #877
    • +
  • adds incident sources: test, int #873
    • +
+

Justin Woo [2]

+

easy-purescript-nix [2]

+
    +
  • Merge pull request #219 from turlando/purs-tidy-0.9.2
    • +
  • Merge pull request #218 from paluh/master
    • +
+

dependabot[bot] [0]

+

Sam Waggoner [4]

+

ctia [1]

+

between 3 and 4 months old

+
    +
  • threatgrid/ctim/#381 Migrate actor 1.2.0 #1323
    • +
+

tenzin-config [3]

+
    +
  • Add hydrant es-metrics configs for events.
    • +
  • Fix hydrant-talos-ta-blog misnamed http-options.
    • +
  • advthreat/hydrant#721 update talos blog http-options.
    • +
+

II [9]

+

iroh [7]

+
    +
  • Issue 7455 - Minor cleanup from XDR tiles merge #7695
    • +
  • 6963 implements one-click module wrapper endpoint #7315
    • +
  • Issue 7647 AMP observe targets #7661
    • +
  • Issue 7647 - IObserveTargetModule protocol #7651
    • +
  • Ao shortcut use unique names #7627
    • +
  • Ao docs formatting fixes #7625
    • +
  • Issue 7550 ao workflow exec shortcut #7617
    • +
+

tenzin-config [2]

+
    +
  • Adds one-click service to bootstrap.cfg files #862
    • +
+

between 3 and 4 months old

+
    +
  • Tac portal PROD login origins #821
    • +
+

Eric Gierach [10]

+

iroh [3]

+
    +
  • Fix attack graph simplification #7747
    • +
  • latest simplification logic (edges not considered) #7662
    • +
  • update notable events to match what the Engine client is producing +for CTR #7614
    • +
+

iroh-engine [7]

+
    +
  • Merge pull request #1387 from advthreat/v0.15.5-rc
    • +
  • Prepare for 0.15.5 release.
    • +
  • Merge pull request #1386 from advthreat/enrich-all-targets
    • +
  • Fix typo in log
    • +
  • Merge pull request #1370 from +advthreat/dependabot/npm_and_yarn/webpack-5.76.0
    • +
  • Merge branch 'main' into dependabot/npm_and_yarn/webpack-5.76.0
    • +
  • Merge pull request #1368 from +advthreat/dependabot/npm_and_yarn/xmldom/xmldom-and-mountebank-0.8.4
    • +
+

Adam Sayer [26]

+

tenzin [25]

+
    +
  • webexbox fix on saltmaster #2937
    • +
  • increase ES storage iops/throughput #2927
    • +
  • Vercel CICD accept 409 and watch http state
    • +
  • Add Vercel CI/CD to Saltmaster #2920
    • +
  • Update hydrant container version #2891
    • +
  • snort filename fix #2890
    • +
  • Update hydrant container to 1.36 in INT #2888
    • +
  • remove jq verify usage #2885
    • +
  • Fix - Extract Talos Snort Rule files for Importer #2880
    • +
  • github runner salt and terraform #2875
    • +
  • update securex-ui in INT for latest NVM profiles #2873
    • +
  • Route53 Module refactor #2851
    • +
  • Revert "SXOPS-361 GitHub self-hosted runners for SecureX UI monorepo +(#2635)" #2859
    • +
  • github-runner ASG #2852
    • +
  • Update r53 module to allow geolocation #2844
    • +
  • Cloud9 ami APJC EU #2803
    • +
  • Cloud9 AMI to NAM #2792
    • +
  • Bash to replace ES instances #2777
    • +
  • Upgrade 6th gen ec2 and cloud9 AMI for TEST #2775
    • +
  • Int cloud9 ami refresh #2768
    • +
  • Allow instance refresh on ASG module #2766
    • +
  • VPC peer TEST-STAGE for qa-macos instance #2734
    • +
  • Stage salt #2716
    • +
+

between 3 and 4 months old

+
    +
  • Allow ingress from IROH to ES private storage #2652
    • +
  • Allow ingress from IROH to es private storage INT #2630
    • +
+

tenzin-config [1]

+
    +
  • Stage env configs #785
    • +
+

Tomasz Rybarczyk [1]

+

easy-purescript-nix [1]

+
    +
  • purs: 0.15.7 -> 0.15.8
    • +
+

Chris Duane [2]

+

response [2]

+
    +
  • Update access-request.md
    • +
  • Create security-event.md
    • +
+

[9]

+

iroh [7]

+
    +
  • Issue 7455 - Minor cleanup from XDR tiles merge #7695
    • +
  • 6963 implements one-click module wrapper endpoint #7315
    • +
  • Issue 7647 AMP observe targets #7661
    • +
  • Issue 7647 - IObserveTargetModule protocol #7651
    • +
  • Ao shortcut use unique names #7627
    • +
  • Ao docs formatting fixes #7625
    • +
  • Issue 7550 ao workflow exec shortcut #7617
    • +
+

tenzin-config [2]

+
    +
  • Adds one-click service to bootstrap.cfg files #862
    • +
+

between 3 and 4 months old

+
    +
  • Tac portal PROD login origins #821
    • +
+

John Jardine [30]

+

tenzin [30]

+
    +
  • Update SW versions, sort changes to the top #2864
    • +
  • Add instances to handle new 3rd party integrations #2870
    • +
  • Add capacity in OSS to support logstash-cloudtrail #2865
    • +
  • Terraform edits to deconflict some values and make more generic #2853
    • +
  • Create S3 Bucket, user, group, policy #2839
    • +
  • Update integrations-crowdstrike to 1.0.2 in all regions #2833
    • +
  • Move all Hydrant jobs to v1.35 (adds coas support) #2826
    • +
  • Bash defaults: Remove TMOUT, assign set -o vi & dir #2829
    • +
  • Check single certificate #2830
    • +
  • Align hydrant jobs on 4 minute multiples. #2821
    • +
  • Updated ssh keypairs for EU NAM and APJC #2791
    • +
  • SXOPS-529: SSH Default configuration changes #2774
    • +
  • Check if integrations-healthcheck is working. #2772
    • +
  • Update sumram.gpg
    • +
  • Make script outputs comparable by using same sort order #2761
    • +
  • SXOPS-435: Add hydrant-talos-coas fixes for other regions #2751
    • +
  • Quote cron entry to prevent YAML interpolation #2750
    • +
  • Default Jason Busboom to absent to prevent global access #2743
    • +
  • Updated rev-proxy for securex-ui-automate.test.iroh.site #2744
    • +
  • Added gpg key for Atul Anand
    • +
  • SXOPS-491 Add securex ui automate support for TEST #2729
    • +
  • Need to add securex-ui-automate.int.iroh.site to ACME #2723
    • +
  • SXOPS-491 Add securex ui automate support #2722
    • +
+

between 3 and 4 months old

+
    +
  • Fix comment, fix error file content check #2683
    • +
  • Backport v1.112 fixes to master #2682
    • +
  • Initial commit #2671
    • +
  • Add error handling to cert check #2651
    • +
  • Initial Vercel Postman API #2633
    • +
  • INT: Merge Consul overrides into jobs.sls #2646
    • +
  • SXOPS-412: Trend Micro XDR Integration Relay INT and TEST #2617
    • +
+

Michael Pendergrass [4]

+

iroh [4]

+
    +
  • Engine 0.15.5 #7768
    • +
  • add more attribute relation types #7660
    • +
  • More graph changes #7643
    • +
  • add graph output to incident summary #7549
    • +
+

Scott McLeod [4]

+

iroh [4]

+
    +
  • Improve performance of IncidentReportService #7745
    • +
  • Add filters to Incident Report #7727
    • +
  • Add test to verify paging #7564
    • +
  • Use search_after paging for incident report (#7461) #7539
    • +
+

Matthieu Sprunck [3]

+

ctia [3]

+
    +
  • Bump CTIM to 1.3.7 #1357
    • +
  • Bump to CTIM 1.3.5 #1349
    • +
  • Bump to CTIM 1.3.4 #1345
    • +
+

Jerome Schneider [10]

+

iroh-ops [9]

+
    +
  • Merge pull request #68 from advthreat/split-releases-artefacts
    • +
  • Merge pull request #51 from advthreat/logging-vector
    • +
  • Merge pull request #46 from advthreat/datadog
    • +
+

between 3 and 4 months old

+
    +
  • Merge pull request #42 from advthreat/vpnator-rm-cloudtrail
    • +
  • Merge pull request #36 from advthreat/stricter-iam
    • +
  • Merge pull request #34 from advthreat/fix-tfw
    • +
  • Merge pull request #16 from advthreat/tfw-fixes
    • +
  • Merge pull request #13 from advthreat/tf-wrapper
    • +
  • Merge pull request #12 from advthreat/ansible
    • +
+

tenzin [1]

+

between 3 and 4 months old

+
    +
  • iroh(-async): improve memory management to avoid memory cgroup oom +#2693
    • +
+

t2sw [1]

+

iroh [1]

+
    +
  • modify get-tiles and get-tiles-data endpoints for xdr query +parameter #7757
    • +
+

bswanson [81]

+

iroh [10]

+
    +
  • Engine version bump. #7730
    • +
  • Asset correlation #7708
    • +
  • READY FOR REVIEW: observe-targets to iroh engine. #7683
    • +
  • Fix empty source breaking schema. #7687
    • +
  • BUG FIX: events were pulled from wrong key. #7678
    • +
  • Add Assets to Summary and Events incident endpoints #7666
    • +
+

between 3 and 4 months old

+
    +
  • Add Eric and Mia to codeowners. #7501
    • +
  • Add extra fields to summary events #7482
    • +
  • Add optional keys owner and groups to :incident-id/events schema. #7449
    • +
  • Allow port key in the private-intel service context #7435
    • +
+

iroh-engine [68]

+
    +
  • Merge pull request #1383 from advthreat/v0.15.3-rc
    • +
  • Update changelog.
    • +
  • Prepare for 0.15.3 release
    • +
  • Merge pull request #1381 from advthreat/proper-no-op
    • +
  • Merge branch 'main' into proper-no-op
    • +
  • Merge pull request #1382 from advthreat/codeowners
    • +
  • Add folks to codeowners, remove our previous humans.
    • +
  • Update release to remove unused project.clj
    • +
  • Cleanup tests.
    • +
  • Update tests to reflect passthrough behavior.
    • +
  • failing tests, but no-op.
    • +
  • Merge pull request #1380 from advthreat/v0.15.2-rc
    • +
  • Merge pull request #1379 from advthreat/superstitious-p
    • +
  • Merge pull request #1378 from advthreat/v0.15.1-rc
    • +
  • Release v0.15.1.
    • +
  • Merge pull request #1377 from +advthreat/remove-original-sightings
    • +
  • Don't print 100s of sightings :D
    • +
  • Add logging.
    • +
  • Remove CTIM dependency.
    • +
  • Data for you and data for me
    • +
  • Cabinet of curiosities be gone.
    • +
  • Datums test.
    • +
  • new asset responses.
    • +
  • Check no-op case for assets-for-new-targets.
    • +
  • Add assets and asset mappings.
    • +
  • Remove fake test that described itself as real.
    • +
  • Use add-latest-asset-info from enrich ns.
    • +
  • Add failing observe-target-observables-test.
    • +
  • Do not pass back the relationships or sightings from the original +bundle.
    • +
  • Merge pull request #1374 from advthreat/v0.15.0-rc
    • +
  • Release candidate 0.15.0
    • +
  • Merge pull request #1372 from advthreat/asset-enrich
    • +
  • Merge branch 'main' into asset-enrich
    • +
  • Only need to wrap around exception.
    • +
  • Magic sauce for cljs vs clj.
    • +
  • Add test for ->instant.
    • +
  • Fix let<.
    • +
  • promesify everything.
    • +
  • PR feedback, add p/let.
    • +
  • PR feedback.
    • +
  • map observable keys (this shouldn't matter, but for consistency and +safety sake.)
    • +
  • Refactor exists? because it's a function.
    • +
  • Update src/iroh/engine/asset/enrich.cljc
    • +
  • Fix IrohServiceWrapper call.
    • +
  • move time fns into time ns.
    • +
  • A bit more function now.
    • +
  • IT LIVESSSS.
    • +
  • Add emit_observe_targets_enrich.js
    • +
  • Wiring through observable call.
    • +
  • mountebank.
    • +
  • Getting farther through the pipeline.
    • +
  • Resolve linter errors.
    • +
  • more promises for us.
    • +
  • cleanup nested whens.
    • +
  • Try to call targets.
    • +
  • it puts the promise on the code.
    • +
  • Smaller functions.
    • +
  • Clean up more test ns.
    • +
  • Cleanup tests.
    • +
  • Merge branch 'main' into asset-enrich
    • +
  • Move logic into previous function.
    • +
  • Add resolve latest mountebank test.
    • +
  • Some unit tests.
    • +
  • prepare for the sightening.
    • +
  • extract targets from enriched response.
    • +
  • Break out a couple more small functions.
    • +
  • Implement some small helper functions.
    • +
  • Pull in used sighting ns and reference observable var.
    • +
+

tenzin-config [3]

+
    +
  • Add config for prod and fix test typo. #846
    • +
+

between 3 and 4 months old

+
    +
  • Add iroh base url to conure config. #829
    • +
  • Add necessary conure config. #811
    • +
+

Pawan Bahuguna [31]

+

tenzin [31]

+
    +
  • Sxops 191 - custom_response_body #2933
    • +
  • Added health check header #2921
    • +
  • Added Health check header to crowdstrike for testing #2916
    • +
  • Increased the Max size to 6 #2908
    • +
  • Updated the version to 7.0.7 to sync with AWS #2907
    • +
  • SXOPS-621 - Enable IAM Access Advisor in all envs #2894
    • +
  • Removed Event Processor Role #2881
    • +
  • SXOPS 191 Update TEST VPC Peering #2879
    • +
  • Changed version to 7.0.5, already present in aws #2877
    • +
  • Updated desired capacity, min and max size #2874
    • +
  • SXOPS-490 Docker version health check #2837
    • +
  • Added CU, IR, KP, SY #2854
    • +
  • Added artifacts and XDR to ordered_cache_behavior - Already in AWS +#2848
    • +
  • SXOPS-191-Updated VPC peering connection #2835
    • +
  • Added docker container version check #2815
    • +
  • SAML sync with AWS #2824
    • +
  • enabled intelligence in prod #2807
    • +
  • SXOPS-535 Micro Frontend Ribbon #2806
    • +
  • int-iroh-registration-ui User is already present in AWS #2801
    • +
  • Removed CloudWatch-CSIRT.tf #2788
    • +
  • updated the asg_max_size to 6 #2781
    • +
  • Added instance refresh #2780
    • +
  • Enabling watchdog check on Crowdstrike #2773
    • +
  • SXOPS-490 Add/Update 3rd Party Integrations health checks #2767
    • +
  • Added TLS - automate MFE #2753
    • +
  • PROD automate MFE #2752
    • +
  • [SXOPS-497] Create 3rd Party Integrations for Cybereason & +Crowdstrike (INT/TEST) #2747
    • +
  • Added dbudko pabahugu to VPN list #2728
    • +
  • Sxops 484 onboard dmytro dbudko #2727
    • +
  • SXOPS-476 Decom Nomad task securex-ui-incidents from Tenzin #2699
    • +
+

between 3 and 4 months old

+ +

Trent Boyd [2]

+

tenzin-config [2]

+
    +
  • chore: add https dev urls to xdr projects #886
    • +
  • feat: add configs for securex-ui-intelligence job #852
    • +
+

Devin Walters [12]

+

tenzin [7]

+
    +
  • Set tmpdir to /local for conure task #2930
    • +
  • Mount datadog socket in conure task #2922
    • +
  • Remove Conure access to IROH RDS instance #2742
    • +
+

between 3 and 4 months old

+
    +
  • Capture the rest of a log message as 'message_text' for clj stack +logs #2660
    • +
  • Grok pattern which captures message for the clj stack #2658
    • +
  • Add RMI server hostname #2640
    • +
  • Include configuration for hikari monitoring via JMX #2639
    • +
+

tenzin-config [5]

+
    +
  • Specify JWK per environment #866
    • +
  • Update conure username in prod environments #860
    • +
  • Update conure db username in TEST #856
    • +
  • Update conure configuration #843
    • +
  • Test out dedicated conure postgres instance #838
    • +
+

Martin Bruchanov [20]

+

tenzin [20]

+
    +
  • Adding data nodes to lower file system utilization #2940
    • +
  • Adding vercel deploy to sudo for consul #2936
    • +
  • Increasing number of data nodes to the current state #2935
    • +
  • Security groups for OPS VPN in INT #2924
    • +
  • Added CLI parameters for ES administration tools #2915
    • +
  • Removing salt references for terminated OPs instance #2900
    • +
  • Updated contacts of EDF team #2895
    • +
  • Fixed JSON validation for IROH query #2887
    • +
  • Fixed correct hostname and SSM keys #2893
    • +
  • OPS OpenVPN salt deployment #2883
    • +
  • Renaming data-openvpn to ops-openvpn #2845
    • +
  • Increasing edf-reporting and iops-reporting memory allocation #2838
    • +
  • Added list of Consul UI hostnames #2789
    • +
  • Tool for quick SSH to Consul leader #2785
    • +
  • Cleaning up intel2x hostname #2654
    • +
  • Second VPN server for Non-OPS access #2735
    • +
  • Fixed duplicated uid in user profile #2740
    • +
+

between 3 and 4 months old

+
    +
  • NAM ElasticSearch clean up: DNS, S3 bucket for snapshots #2697
    • +
  • Updating hostnames, fixed error with missing authentication #2637
    • +
  • Tranfer of existing roles from one ES cluter to another #2634
    • +
+

Michael Simonson [3]

+

tenzin [2]

+
    +
  • Adds input buckets for non-int envs #2863
    • +
  • SXOPs-hydrant-talos-coa-importer #2741
    • +
+

tenzin-config [1]

+
    +
  • Issue SXOPs-562: Hydrant Manual Removal Importer #859
    • +
+

John Jardine [5]

+

tenzin [4]

+
    +
  • Revert "Move all Hydrant jobs to v1.35 (adds coas support)"
    • +
  • Revert "Include STAGE in hydrant container version update"
    • +
  • Include STAGE in hydrant container version update
    • +
  • Move all Hydrant jobs to v1.35 (adds coas support)
    • +
+

tenzin-config [1]

+
    +
  • Importer was missing the config files #850
    • +
+

Gayan Jayasundara [7]

+

tenzin [7]

+
    +
  • Bump crowdstrike and SentinalOne - Ian requested #2904
    • +
  • Bump crowdstrike into 1.0.2a - Bug fix from Ian #2846
    • +
  • SXOPS-512 Bump crowdstrike and sentinelone versions #2802
    • +
+

between 3 and 4 months old

+
    +
  • Migrate securex-ui-incidents from Nomad to Vercel - non-prod - DNS +#2691
    • +
  • securex-ui-control-center - non-prod vercel #2690
    • +
  • Update cyberprotect integration to latest (2.0.6) #2673
    • +
  • Redirect XDR int to Vercel #2667
    • +
+ + diff --git a/reports/FY23Q3-report.org b/reports/FY23Q3-report.org new file mode 100644 index 00000000..1c3dc4cd --- /dev/null +++ b/reports/FY23Q3-report.org @@ -0,0 +1,1309 @@ +#+title: FY23Q3 Report +#+subtitle: logs goes 4 months back +#+date: 2023-05-03 +#+options: H:6 ^:nil +* IROH +** lead + + +*** Guillaume Buisson [25] + +**** ctia [5] + +- Fixed Riemann ES configuration [[https://github.com/advthreat/ctia/pull/1360][#1360]] +- Allow setting ~allow_partial_search_results~ in ES queries [[https://github.com/advthreat/ctia/pull/1359][#1359]] +- Bump CTIM to 1.3.6 [[https://github.com/advthreat/ctia/pull/1355][#1355]] +- Note Entity API changes [[https://github.com/advthreat/ctia/pull/1342][#1342]] + +_between 3 and 4 months old_ + +- CTIM Note entity Support [[https://github.com/advthreat/ctia/pull/1330][#1330]] +**** iroh [16] + +- Initial Incident Response Design Draft [[https://github.com/advthreat/iroh/pull/7398][#7398]] +- Fix Target enrichment feature flag check [[https://github.com/advthreat/iroh/pull/7740][#7740]] +- Bump clj-momo to 0.4.0 [[https://github.com/advthreat/iroh/pull/7723][#7723]] +- Update Orchestration Workflow Event fixtures [[https://github.com/advthreat/iroh/pull/7677][#7677]] +- Observe-Targets route Enhancements [[https://github.com/advthreat/iroh/pull/7668][#7668]] +- Temporary implementation of observe-targets in the Relay module [[https://github.com/advthreat/iroh/pull/7656][#7656]] +- Revert "Enrich WebService route" +- Revert "Initial WebService for testing" +- Initial WebService for testing +- Enrich WebService route +- Additional Note/Event sample data [[https://github.com/advthreat/iroh/pull/7654][#7654]] +- Support the Note Entity in Private Intel [[https://github.com/advthreat/iroh/pull/7605][#7605]] +- Mitre and Risk Score based Incidents Review [[https://github.com/advthreat/iroh/pull/6990][#6990]] +- Properly define the OpenAPI metadata for the Enrich API [[https://github.com/advthreat/iroh/pull/7532][#7532]] +- Unhide Swagger UI Responses [[https://github.com/advthreat/iroh/pull/7529][#7529]] +- Updated Note designs [[https://github.com/advthreat/iroh/pull/7508][#7508]] +**** tenzin-config [4] + +- Add the SXO clients to the High Impact allowed sources [[https://github.com/advthreat/tenzin-config/pull/876][#876]] + +_between 3 and 4 months old_ + +- CTIA Note Entity setup [[https://github.com/advthreat/tenzin-config/pull/836][#836]] +- Disable the Kafka Event Hook for Private Intel [[https://github.com/advthreat/tenzin-config/pull/835][#835]] +- Double the rate limit of the dcloud organization [[https://github.com/advthreat/tenzin-config/pull/824][#824]] +** data + + +*** Mario Aquino [30] + +**** iroh [17] + +- Add audiences to client [[https://github.com/advthreat/iroh/pull/7812][#7812]] +- OrgTokenProviderService [[https://github.com/advthreat/iroh/pull/7731][#7731]] +- Handle additional variation on mitre-attack source_name [[https://github.com/advthreat/iroh/pull/7755][#7755]] +- Match on mitre-attack as source_name to find variations [[https://github.com/advthreat/iroh/pull/7754][#7754]] +- Remove high impact severity checking [[https://github.com/advthreat/iroh/pull/7580][#7580]] +- Iterate over all orgs for threat hunt execution [[https://github.com/advthreat/iroh/pull/7601][#7601]] +- Check authorization header [[https://github.com/advthreat/iroh/pull/7597][#7597]] +- Fix test broken by missing auth header [[https://github.com/advthreat/iroh/pull/7588][#7588]] +- Use mk-int-request-context for calls that may go to modules [[https://github.com/advthreat/iroh/pull/7587][#7587]] +- Improve logging for risk score asset resolution [[https://github.com/advthreat/iroh/pull/7581][#7581]] +- Update CTIM to align w version used by CTIA [[https://github.com/advthreat/iroh/pull/7576][#7576]] +- Reduce threat hunt ctia investigate module timeouts [[https://github.com/advthreat/iroh/pull/7527][#7527]] +- Error handling around risk score calculation attempt [[https://github.com/advthreat/iroh/pull/7512][#7512]] + +_between 3 and 4 months old_ + +- Replace unsupported trojan source detector [[https://github.com/advthreat/iroh/pull/7481][#7481]] +- Service interface tech-debt [[https://github.com/advthreat/iroh/pull/7475][#7475]] +- One iroh-async session queue for all tasks [[https://github.com/advthreat/iroh/pull/7472][#7472]] +- CTIM v1.2.0 [[https://github.com/advthreat/iroh/pull/7459][#7459]] +**** tenzin-config [13] + +- Enable config for incident enrichment [[https://github.com/advthreat/tenzin-config/pull/880][#880]] +- Removes AWS Auth credentials no longer needed by queue-monitor [[https://github.com/advthreat/tenzin-config/pull/867][#867]] +- Update async worker count for new server specs [[https://github.com/advthreat/tenzin-config/pull/861][#861]] +- AWS Credentials for CloudWatch interaction [[https://github.com/advthreat/tenzin-config/pull/842][#842]] +- Remove configs to allow threat hunting for all orgs [[https://github.com/advthreat/tenzin-config/pull/853][#853]] +- Make all incidents imported via Swagger UI high impact [[https://github.com/advthreat/tenzin-config/pull/847][#847]] +- Remove iroh-investigate and iroh-incident configs [[https://github.com/advthreat/tenzin-config/pull/837][#837]] + +_between 3 and 4 months old_ + +- Use correct urls for PROD iroh [[https://github.com/advthreat/tenzin-config/pull/832][#832]] +- Updates sessions-config for iroh-investigate and iroh-incident [[https://github.com/advthreat/tenzin-config/pull/826][#826]] +- iroh-queue-monitor config update [[https://github.com/advthreat/tenzin-config/pull/820][#820]] +- Increases number of threat hunt orgs [[https://github.com/advthreat/tenzin-config/pull/812][#812]] +- Redis for iroh-async [[https://github.com/advthreat/tenzin-config/pull/815][#815]] +- Adds config for iroh-async deployment group + +*** Guillaume Erétéo [16] + +**** ctia [6] + +- add total-hits headers to metric responses [[https://github.com/advthreat/ctia/pull/1363][#1363]] +- add tactics/techniques to incident search filters [[https://github.com/advthreat/ctia/pull/1356][#1356]] +- Incident score schema check [[https://github.com/advthreat/ctia/pull/1353][#1353]] +- Relationships: add target_ref and source_ref as enumerable field [[https://github.com/advthreat/ctia/pull/1354][#1354]] + +_between 3 and 4 months old_ + +- verdict fix [[https://github.com/advthreat/ctia/pull/1333][#1333]] +- add techniques to enumerable fields [[https://github.com/advthreat/ctia/pull/1331][#1331]] +**** iroh [5] + +- introduce aggregation in crud store [[https://github.com/advthreat/iroh/pull/7734][#7734]] +- Add Scott to CODEOWNERS [[https://github.com/advthreat/iroh/pull/7782][#7782]] +- first stats [[https://github.com/advthreat/iroh/pull/7765][#7765]] +- Incident summary design [[https://github.com/advthreat/iroh/pull/7704][#7704]] +- threat hunt status incident status Open [[https://github.com/advthreat/iroh/pull/7709][#7709]] +**** tenzin-config [5] + +- Activate scoring in TEST and PROD for 1.116 [[https://github.com/advthreat/tenzin-config/pull/851][#851]] +- Add PCTIA as high impact by default [[https://github.com/advthreat/tenzin-config/pull/849][#849]] + +_between 3 and 4 months old_ + +- update incident mappings [[https://github.com/advthreat/tenzin-config/pull/822][#822]] +- IROH Swagger UI to high impact sources [[https://github.com/advthreat/tenzin-config/pull/830][#830]] +- prepare actor migration [[https://github.com/advthreat/tenzin-config/pull/814][#814]] + +*** Ambrose Bonnaire-Sergeant [11] + +**** ctia [7] + +- Push sighting store's coercion pattern into def-es-store [[https://github.com/advthreat/ctia/pull/1361][#1361]] +- Remove log4j [[https://github.com/advthreat/ctia/pull/1347][#1347]] +- Fix bulk relationships between transient asset mappings/fields [[https://github.com/advthreat/ctia/pull/1343][#1343]] +- Filter by scores test [[https://github.com/advthreat/ctia/pull/1341][#1341]] +- Scores dynamic mapping [[https://github.com/advthreat/ctia/pull/1340][#1340]] +- Don't mix user params with internal extensions [[https://github.com/advthreat/ctia/pull/1339][#1339]] + +_between 3 and 4 months old_ + +- Sort on incident score [[https://github.com/advthreat/ctia/pull/1327][#1327]] +**** iroh [4] + +- new incident scores format [[https://github.com/advthreat/iroh/pull/7578][#7578]] +- Strip ctia keys [[https://github.com/advthreat/iroh/pull/7521][#7521]] + +_between 3 and 4 months old_ + +- Improve stubservice error messages [[https://github.com/advthreat/iroh/pull/7478][#7478]] +- Prep Mia for incident scoring impl [[https://github.com/advthreat/iroh/pull/7397][#7397]] +** integrations + + +*** Matthieu Sprunck [32] + +**** iroh [17] + +- E7469: Event API extension design [[https://github.com/advthreat/iroh/pull/7462][#7462]] +- Implements OR, AND, NOT boolean combinators for ElasticSearch [[https://github.com/advthreat/iroh/pull/7752][#7752]] +- Add a dedicated IROH Auth configuration to Swagger [[https://github.com/advthreat/iroh/pull/7738][#7738]] +- Remote: Return an error when tiles/data is not supported [[https://github.com/advthreat/iroh/pull/7732][#7732]] +- Remove support for access token in Swagger UI [[https://github.com/advthreat/iroh/pull/7729][#7729]] +- Remote: IROH Proxy handler should not be called in case of errors [[https://github.com/advthreat/iroh/pull/7717][#7717]] +- Add missing dependency to int-web-service [[https://github.com/advthreat/iroh/pull/7712][#7712]] +- Configures ModuleRecords with a map [[https://github.com/advthreat/iroh/pull/7690][#7690]] +- Bump to CTIM 1.3.7 [[https://github.com/advthreat/iroh/pull/7696][#7696]] +- Create High Impact incident event [[https://github.com/advthreat/iroh/pull/7679][#7679]] +- Bump to CTIM 1.3.5 [[https://github.com/advthreat/iroh/pull/7642][#7642]] +- Add new High Impact Incident event types [[https://github.com/advthreat/iroh/pull/7606][#7606]] +- Bump to CTIM 1.3.4 [[https://github.com/advthreat/iroh/pull/7626][#7626]] +- Bump to CTIM 1.3.3 [[https://github.com/advthreat/iroh/pull/7616][#7616]] +- Allow settings prefixed by custom_ to be derived in proxy config [[https://github.com/advthreat/iroh/pull/7509][#7509]] + +_between 3 and 4 months old_ + +- Fix client credentials auth for CrowdStrike integration [[https://github.com/advthreat/iroh/pull/7502][#7502]] +- Add API Key auth type to the Relay module [[https://github.com/advthreat/iroh/pull/7488][#7488]] +**** tenzin-config [15] + +- Revert "Revert "Remove support for access token in Swagger UI (#868)" (#871)" [[https://github.com/advthreat/tenzin-config/pull/874][#874]] +- Allow SXO internal hosts for webhook calls [[https://github.com/advthreat/tenzin-config/pull/872][#872]] +- Revert "Remove support for access token in Swagger UI (#868)" [[https://github.com/advthreat/tenzin-config/pull/871][#871]] +- Remove invalid module configuration keys [[https://github.com/advthreat/tenzin-config/pull/870][#870]] +- Remove support for access token in Swagger UI [[https://github.com/advthreat/tenzin-config/pull/868][#868]] +- Remove one-click-module services from iroh application [[https://github.com/advthreat/tenzin-config/pull/865][#865]] +- Change the IROH modules configuration format [[https://github.com/advthreat/tenzin-config/pull/864][#864]] +- Change Orbital URL in TEST [[https://github.com/advthreat/tenzin-config/pull/848][#848]] +- Remove the tiles APIs from the Orbital module record [[https://github.com/advthreat/tenzin-config/pull/845][#845]] +- Add CrowdStrike proxy configuration [[https://github.com/advthreat/tenzin-config/pull/841][#841]] + +_between 3 and 4 months old_ + +- Fix SentinelOne module record conf [[https://github.com/advthreat/tenzin-config/pull/834][#834]] +- Support of IROH Proxy for SentinelOne [[https://github.com/advthreat/tenzin-config/pull/828][#828]] +- Revert connection manager changes in PROD (2nd attempt) [[https://github.com/advthreat/tenzin-config/pull/827][#827]] +- Revert changes in PROD and reduce nb of threads in INT and TEST [[https://github.com/advthreat/tenzin-config/pull/825][#825]] +- Increase the number of threads used by the connection manager of the Relay module [[https://github.com/advthreat/tenzin-config/pull/823][#823]] + +*** Kirill Chernyshov [11] + +**** ctia [2] + +- Exception handling for bundle export [[https://github.com/advthreat/ctia/pull/1351][#1351]] + +_between 3 and 4 months old_ + +- Default "no-pagination" for feed [[https://github.com/advthreat/ctia/pull/1336][#1336]] +**** iroh [9] + +- Fix configuration option for event signer [[https://github.com/advthreat/iroh/pull/7777][#7777]] +- Add signer options for EventService [[https://github.com/advthreat/iroh/pull/7776][#7776]] +- Simplify kafka-producer integration test [[https://github.com/advthreat/iroh/pull/7769][#7769]] +- Send event from EventService to kafka topic [[https://github.com/advthreat/iroh/pull/7552][#7552]] +- Return promise after sending event to kafka [[https://github.com/advthreat/iroh/pull/7556][#7556]] +- IROH-crypto lib [[https://github.com/advthreat/iroh/pull/7544][#7544]] +- KafkaProducerService [[https://github.com/advthreat/iroh/pull/7524][#7524]] +- Introduce iroh-kafka library [[https://github.com/advthreat/iroh/pull/7505][#7505]] + +_between 3 and 4 months old_ + +- Remove Onyx and Aeron services [[https://github.com/advthreat/iroh/pull/7489][#7489]] + +*** Shafiq [5] + +**** iroh [4] + +- Add create-event HTTP API [[https://github.com/advthreat/iroh/pull/7557][#7557]] +- Add search endpoint for iroh-events [[https://github.com/advthreat/iroh/pull/7528][#7528]] +- Add integration test-case for iroh-events search [[https://github.com/advthreat/iroh/pull/7513][#7513]] + +_between 3 and 4 months old_ + +- Separate event-handlers from EventNotifierService [[https://github.com/advthreat/iroh/pull/7437][#7437]] +**** tenzin-config [1] + +- Configure internal-event-web-service [[https://github.com/advthreat/tenzin-config/pull/844][#844]] +** auth + + +*** Olivier Barbeau [23] + +**** iroh [22] + +- fix http status code [[https://github.com/advthreat/iroh/pull/7838][#7838]] +- Rework of the script ~check-changelog-update-time~ [[https://github.com/advthreat/iroh/pull/7658][#7658]] +- RBAC: additional XDR tests [[https://github.com/advthreat/iroh/pull/7634][#7634]] +- GitHub Actions: do test coverage only once [[https://github.com/advthreat/iroh/pull/7607][#7607]] +- Increase Java Heap size for code coverage - Github Actions workflow [[https://github.com/advthreat/iroh/pull/7585][#7585]] +- add workdir for the check [[https://github.com/advthreat/iroh/pull/7573][#7573]] +- disable test [[https://github.com/advthreat/iroh/pull/7566][#7566]] +- Fail build if html not updated [[https://github.com/advthreat/iroh/pull/7559][#7559]] +- RBAC: enable the new XDR role 'Security Analyst Tier 2' [[https://github.com/advthreat/iroh/pull/7545][#7545]] +- Issue 7538 refactor of role retrieval [[https://github.com/advthreat/iroh/pull/7540][#7540]] +- automated 'revert role' operation with test [[https://github.com/advthreat/iroh/pull/7537][#7537]] +- RBAC: Retrocompatibility of the Provisioning API [[https://github.com/advthreat/iroh/pull/7507][#7507]] + +_between 3 and 4 months old_ + +- Refactor around ~ifn-pred~ [[https://github.com/advthreat/iroh/pull/7491][#7491]] +- set job timeouts to 90 minutes [[https://github.com/advthreat/iroh/pull/7506][#7506]] +- set job timeouts to 60 minutes [[https://github.com/advthreat/iroh/pull/7504][#7504]] +- Test coverage v2 [[https://github.com/advthreat/iroh/pull/7498][#7498]] +- wait for hook to be finished before testing [[https://github.com/advthreat/iroh/pull/7497][#7497]] +- Add test coverage report to the Iroh GitHub Actions workflow [[https://github.com/advthreat/iroh/pull/7453][#7453]] +- RBAC for Org Access Request [[https://github.com/advthreat/iroh/pull/7465][#7465]] +- Issue 7333 rbac invitation service [[https://github.com/advthreat/iroh/pull/7454][#7454]] +- RBAC: new XDR tests for login and oauth-clients [[https://github.com/advthreat/iroh/pull/7418][#7418]] +- Issue 7413 move steps out of setup job [[https://github.com/advthreat/iroh/pull/7414][#7414]] +**** tenzin-config [1] + +- sets the ~:xdr-roles~ feature flag in INT and TEST [[https://github.com/advthreat/tenzin-config/pull/840][#840]] + +*** (Yogsototh) [5] + +**** xdr-provisioning [5] + +- Improve help regarding setting env vars +- Improve the command line parsing +- rename script to .sh +- Add onboarding of DI and CSC +- Initial provisioning Script + +*** bartuka [15] + +**** iroh [13] + +- [IROH Auth] introducing ~TimeService~ in ~AuthService~ [[https://github.com/advthreat/iroh/pull/7806][#7806]] +- [IROH Auth] allow only ~iroh-core.time~ in oauth2.core ns [[https://github.com/advthreat/iroh/pull/7793][#7793]] +- [IROH Auth] - Update IROH Web middleware to build short JWTs with profile data [[https://github.com/advthreat/iroh/pull/7671][#7671]] +- [IROH Auth] - update ~check-refresh-token~ function [[https://github.com/advthreat/iroh/pull/7669][#7669]] +- [IROH Auth] - Update Design docs for Short JWT Epic [[https://github.com/advthreat/iroh/pull/7670][#7670]] +- [IROH Auth] ~/profile/permissions~ endpoint [[https://github.com/advthreat/iroh/pull/7562][#7562]] +- Patch ~compojure-api~ to allow endpoints with string-keys (without keywordize the request ~:body~) [[https://github.com/advthreat/iroh/pull/7574][#7574]] +- [IROH Auth] Include route ~/profile/scopes~ [[https://github.com/advthreat/iroh/pull/7553][#7553]] +- [IROH Auth] - Store Short JWTs [[https://github.com/advthreat/iroh/pull/7476][#7476]] + +_between 3 and 4 months old_ + +- [IROH Auth] refactor ~gen-short-tokens~ to avoid code duplication [[https://github.com/advthreat/iroh/pull/7485][#7485]] +- Allow wildcard login origin in TEST env [[https://github.com/advthreat/iroh/pull/7474][#7474]] +- [IROH Auth] Generate Short JWT tokens [[https://github.com/advthreat/iroh/pull/7450][#7450]] +- [IROH Auth] Short JWT design [[https://github.com/advthreat/iroh/pull/7436][#7436]] +**** tenzin [1] + + +_between 3 and 4 months old_ + +- Update GPG Wanderson Ferreira [[https://github.com/advthreat/tenzin/pull/2648][#2648]] +**** tenzin-config [1] + +- add postgres and redis-cache store for IROH Auth JWTs [[https://github.com/advthreat/tenzin-config/pull/839][#839]] + +*** Yann Esposito [44] + +**** ctia [1] + +- bump snakeyaml to address CVE-2022-38751 [[https://github.com/advthreat/ctia/pull/1346][#1346]] +**** iroh [30] + +- Add a missing option to disable default configs [[https://github.com/advthreat/iroh/pull/7805][#7805]] +- Add a script to init tokens without login in [[https://github.com/advthreat/iroh/pull/7794][#7794]] +- Fix schema for Response [[https://github.com/advthreat/iroh/pull/7804][#7804]] +- Add support to onboard a single app [[https://github.com/advthreat/iroh/pull/7796][#7796]] +- Add a role instrospection route to help the UI and other clients [[https://github.com/advthreat/iroh/pull/7785][#7785]] +- Fix scopes declaration for execute-workflow route [[https://github.com/advthreat/iroh/pull/7799][#7799]] +- Fix a Swagger bug due to schema name conflict [[https://github.com/advthreat/iroh/pull/7790][#7790]] +- Web api search improvements [[https://github.com/advthreat/iroh/pull/7728][#7728]] +- add profile and notification to ao-jwt [[https://github.com/advthreat/iroh/pull/7726][#7726]] +- Tk store combinator search queries (AND, OR, NOT) [[https://github.com/advthreat/iroh/pull/7691][#7691]] +- Fix a case where the body is =nil= [[https://github.com/advthreat/iroh/pull/7685][#7685]] +- Add xdr-instance-id field to the orgs [[https://github.com/advthreat/iroh/pull/7707][#7707]] +- PIAM: Provisioning onboard endpoint [[https://github.com/advthreat/iroh/pull/7659][#7659]] +- Add ff scope script [[https://github.com/advthreat/iroh/pull/7680][#7680]] +- added a script to add feature-flag scopes from command line [[https://github.com/advthreat/iroh/pull/7676][#7676]] +- prefer to use client from DB than client from config [[https://github.com/advthreat/iroh/pull/7672][#7672]] +- Align scopes to SXO behaviour [[https://github.com/advthreat/iroh/pull/7673][#7673]] +- fix lein start [[https://github.com/advthreat/iroh/pull/7663][#7663]] +- PIAM provisioning no idp-mapping for create user [[https://github.com/advthreat/iroh/pull/7655][#7655]] +- Default bootstrap & config [[https://github.com/advthreat/iroh/pull/6868][#6868]] +- Add Entitlements to Orgs [[https://github.com/advthreat/iroh/pull/7631][#7631]] +- Remove yaml to supported format for profile API [[https://github.com/advthreat/iroh/pull/7632][#7632]] +- Fix a flaky test in either_test.clj [[https://github.com/advthreat/iroh/pull/7610][#7610]] +- Role Matrix representation in the code. [[https://github.com/advthreat/iroh/pull/7583][#7583]] +- fix some wording only for admin users view [[https://github.com/advthreat/iroh/pull/7579][#7579]] +- Improve User login logs situation [[https://github.com/advthreat/iroh/pull/7555][#7555]] +- Added a composable redis.nix [[https://github.com/advthreat/iroh/pull/7535][#7535]] + +_between 3 and 4 months old_ + +- Fix template rendering during invite confirmation [[https://github.com/advthreat/iroh/pull/7480][#7480]] +- Display virtual users in the batch get users [[https://github.com/advthreat/iroh/pull/7473][#7473]] +- Add the UI session logout into IROH-Auth [[https://github.com/advthreat/iroh/pull/7431][#7431]] +**** tenzin [2] + +- use iroh.main for all nodes types [[https://github.com/advthreat/tenzin/pull/2862][#2862]] +- Update iroh.job.jinja [[https://github.com/advthreat/tenzin/pull/2861][#2861]] +**** tenzin-config [6] + +- fix missing iroh-async web-services [[https://github.com/advthreat/tenzin-config/pull/884][#884]] +- align iroh and iroh-async confs [[https://github.com/advthreat/tenzin-config/pull/883][#883]] +- Add CSC onboarding URLs [[https://github.com/advthreat/tenzin-config/pull/875][#875]] +- fix provisioning service [[https://github.com/advthreat/tenzin-config/pull/863][#863]] +- PIAM config change (+ boostrap cleanup) [[https://github.com/advthreat/tenzin-config/pull/677][#677]] +- add perf.orbital.threatgrid.com to allowed login origin [[https://github.com/advthreat/tenzin-config/pull/854][#854]] +**** xdr-provisioning [5] + +- Improve help regarding setting env vars +- Improve the command line parsing +- rename script to .sh +- Add onboarding of DI and CSC +- Initial provisioning Script +** iroh-ops + + +*** Patrick Patat [19] + +**** iroh-ops [18] + +- Merge pull request #69 from advthreat/riemann-asg +- Merge pull request #66 from advthreat/pg-cname +- Merge pull request #65 from advthreat/minor-fix +- Merge pull request #64 from advthreat/vector-docker +- Merge pull request #63 from advthreat/asg-refresh +- Merge pull request #61 from advthreat/auto-deploy +- Merge pull request #60 from advthreat/webex-notif +- Merge pull request #57 from advthreat/qualys +- Merge pull request #56 from advthreat/dynamodb_backup +- Merge pull request #55 from advthreat/iroh-queue +- Merge pull request #52 from advthreat/nomad-job +- Merge pull request #54 from advthreat/vault-stats +- Merge pull request #48 from advthreat/vault-pki +- Merge pull request #47 from advthreat/nomad-docker-config + +_between 3 and 4 months old_ + +- Merge pull request #41 from advthreat/codebuild-fix +- Merge pull request #40 from advthreat/ansible-codebuild +- Merge pull request #37 from advthreat/fix-host +- Merge pull request #35 from advthreat/instances_route53 +**** tenzin [1] + +- allows iroh-ops dev platform to access redis [[https://github.com/advthreat/tenzin/pull/2755][#2755]] + +*** Jerome Schneider [81] + +**** iroh-ops [24] + +- render s3 artefacts generic and create a releases bucket +- datadog: improve logging +- add vector support for os logging +- tf peering: don't peering public subnets +- Add Datadog agent on all instances and specific setup for Nomad and Consul + +_between 3 and 4 months old_ + +- vpnator: remove cloudtrail support for the moment +- ansible: migrate jerschne on master +- iam_lambda_ec2_route53: re-add rights on EC2 +- improve iam management and adapt Ansible for it +- tfw: manage correctly workspaces +- switch jerschne on ansible master +- Create a new env and manage terraform workspaces +- dev: cleaning configuration +- only one s3 bucket and dynamodb table per account for tfstates +- Ansible: add Mitogen to improve performances (issue #26) +- requirements.txt: add missing dependencies +- vim: add a vimrc example +- scripts/tfw: fixed json debugging message and exit message when it failed +- README is a markdown file +- README.md: fix path +- Migrate iroh-ops TF to Terraform Wrapper (tfw) +- Add a Terraform Wrapper (tfw) that improve Terraform var files +- ansible add a quick readme and a requirements.txt +- TF: add kafka support +**** tenzin [57] + +- Upgrade TF AWS provider +- iroh-async: resize ASG and add downscaling support +- iroh: add iroh signer certificates +- ASG: Drain Nomad nodes before terminating instances +- PROD AP: allows iroh-queue-monitor to put metric in Cloudwatch +- PROD EU: allows iroh-queue-monitor to put metric in Cloudwatch +- PROD US: allows iroh-queue-monitor to put metric in Cloudwatch +- STAGE: allows iroh-queue-monitor to put metric in Cloudwatch +- TEST: allows iroh-queue-monitor to put metric in Cloudwatch +- INT: allows iroh-queue-monitor to put metric in Cloudwatch +- Terraform: configure vault provider +- iroh-async: resize instances and memory usage +- PROD EU: Conure add IAM policy +- PROD APJC: Conure add IAM policy +- PROD NAM: Conure add IAM policy +- STAGE: add Conure support +- TEST: add new Conure IAM role +- INT: add new Conure IAM role +- iroh allows iroh-internal.*.iroh.site domains +- add private-ctia-update-index-state on TEST,STAGE and PROD +- STAGE: add iroh-internal support +- PROD US: add iroh-internal support +- PROD EU: add iroh-internal support +- PROD APJC: add iroh-internal support +- TEST: add iroh-internal support +- INT: add iroh-internal support +- RDS PostgreSQL: force SSL connections by default +- add private-ctia-update-index-state job to update ES index mapping +- Iroh Async use custom metrics to scale +- remove iroh-tooling +- iroh-admin INT: revert breaking instance change +- Caddy private: allow es-metrics for iroh-ops +- allows iroh-ops dev platform to access to private caddy +- PostgreSQL Conure change instances for PROD and TEST +- add Conure RDS PostgreSQL on PROD and TEST +- PROD EU: destroy iroh-investigate and iroh-incident +- PROD APJC: destroy iroh-incident and iroh-investigate +- PROD NAM: remove iroh-incident and iroh-investigate +- TEST: destroy iroh-incident and iroh-investigate +- improve +- iroh-async: add downscaling! +- INT/TEST: fixed iroh-admin conf to allow iroh-queue-monitor +- INT: new RDS PostgreSQL for Conure +- INT: remove iroh-incident and iroh-investigate + +_between 3 and 4 months old_ + +- Nomad jobs: fix MaxParallel when auto scaling is enabled! +- iroh job: change the grace period from 120s to 180s +- iroh-queue-monitor: migrate it on full https and allow access from private rp +- elasticache: change creation timeout +- add dedicated Elasticache Redis for iroh-async +- PROD APJC: add iroh-async support +- PROD EU: add iroh-async support +- PROD US: add iroh-async support +- TEST: add iroh-async support +- add a new iroh-async to replace iroh-investigate and iroh-incident +- iroh-admin nomad job: extend grace delay and add one more status check +- prod US: this PR allows tier3 engineers to manage SES suppression list +- allow iroh-tooling to access to RDS PostgreSQL +* Other +** Other + + +*** krishna Ganugapenta [32] + +**** tenzin [31] + +- Mia Lehrer(milhrer) gpg key updated [[https://github.com/advthreat/tenzin/pull/2725][#2725]] +- Securex-news decommission from tenzin [[https://github.com/advthreat/tenzin/pull/2876][#2876]] +- ASG size bumped to negate excessive CPU useage [[https://github.com/advthreat/tenzin/pull/2869][#2869]] +- updated SG rules count for iroh-front-end [[https://github.com/advthreat/tenzin/pull/2866][#2866]] +- IAM policy to access cloudtrail logs s3 bucket [[https://github.com/advthreat/tenzin/pull/2840][#2840]] +- Fixing asea modules not in sync with AWS infra [[https://github.com/advthreat/tenzin/pull/2828][#2828]] +- logstash-cloudtrail versions updated in jobs.sls [[https://github.com/advthreat/tenzin/pull/2812][#2812]] +- IROH_ASYNC asg capacity increase [[https://github.com/advthreat/tenzin/pull/2813][#2813]] +- Logstash-cloudtrail filter settings have modified [[https://github.com/advthreat/tenzin/pull/2808][#2808]] +- Asea services tf modules removed from TEST to sync with AWS infra [[https://github.com/advthreat/tenzin/pull/2800][#2800]] +- tenzin-config files updated to intelligence app [[https://github.com/advthreat/tenzin/pull/2779][#2779]] +- Fixing logstash config file permission issue [[https://github.com/advthreat/tenzin/pull/2765][#2765]] +- Added read and write permission to logstash.yml [[https://github.com/advthreat/tenzin/pull/2763][#2763]] +- prestart task added to prevent permissions error [[https://github.com/advthreat/tenzin/pull/2762][#2762]] +- Added a new set variable for logstash-cloudtrail [[https://github.com/advthreat/tenzin/pull/2760][#2760]] +- Fixing logstash-cloudtrail nomad job config temp [[https://github.com/advthreat/tenzin/pull/2759][#2759]] +- Added a missing template for logstash-cloudtrail [[https://github.com/advthreat/tenzin/pull/2757][#2757]] +- Logstash-cloudtrail job to collect logs [[https://github.com/advthreat/tenzin/pull/2756][#2756]] +- XDR decommission from nomad cluster [[https://github.com/advthreat/tenzin/pull/2684][#2684]] +- SQS queue url fixed for logstash-cloudtrail nomad job [[https://github.com/advthreat/tenzin/pull/2710][#2710]] +- SQS queue url has got updated to logstash-cloudtrail job [[https://github.com/advthreat/tenzin/pull/2709][#2709]] +- filebeat and beats configuration updated [[https://github.com/advthreat/tenzin/pull/2707][#2707]] + +_between 3 and 4 months old_ + +- Removal of accesskey/secret key from logstash-cloudtrail job [[https://github.com/advthreat/tenzin/pull/2702][#2702]] +- Added vault policy to oss nodes to fix logstash-cloudtrail nomad job issue [[https://github.com/advthreat/tenzin/pull/2700][#2700]] +- Caddy port lable fix for logstash-cloudtrail job [[https://github.com/advthreat/tenzin/pull/2698][#2698]] +- Logstash job to retrieve cloudtrail logs from S3 [[https://github.com/advthreat/tenzin/pull/2696][#2696]] +- Enabled securex-ui-incidents for PROD [[https://github.com/advthreat/tenzin/pull/2650][#2650]] +- XDR shell app PROD config added [[https://github.com/advthreat/tenzin/pull/2624][#2624]] +- Conure DB access policy updated [[https://github.com/advthreat/tenzin/pull/2627][#2627]] +- xdr-apps configuration removed form caddy public [[https://github.com/advthreat/tenzin/pull/2649][#2649]] +- Caddy Path based routing changes reverted [[https://github.com/advthreat/tenzin/pull/2623][#2623]] +**** tenzin-config [1] + +- Securex-news removal from tenzin and tenzin-config [[https://github.com/advthreat/tenzin-config/pull/869][#869]] + +*** Tancredi Orlando [1] + +**** easy-purescript-nix [1] + +- purs-tidy: 0.9.0 -> 0.9.2 + +*** milehrer [15] + +**** iroh-engine [15] + +- move forward if no new targets or asset +- prepare for 0.15.4 +- decouple first asset check from asset enrichment +- change ->instant to parse +- write asset-enrich pipeline v1 +- Prepare for v0.14.6 +- update iroh service-wrapper to expect resolve-latest +- add resolve-latest-assets iroh protocol and endpoint + +_between 3 and 4 months old_ + +- prepare for v0.14.5 +- the less we talk about this, the better +- prepare for version 0.14.4 +- make data in enrichment bundles align with real life +- prepare for 0.14.3 +- remove deprecated trojansource step from github workflow +- remove transient id generation from assets as DI now does it instead + +*** Joel Holdbrooks [2] + +**** iroh-engine [2] + +- Merge pull request #1373 from advthreat/noprompt-patch-1 +- Update unit_test.yml + +*** Michael Whitley [3] + +**** response [3] + +- Update access-request.md +- Update access-request.md +- Update access-request.md + +*** Sofiia Mykytiuk [43] + +**** tenzin [43] + +- Update VPNator in TEST, STAGE and PROD [[https://github.com/advthreat/tenzin/pull/2932][#2932]] +- Update STAGE docs S3 bucket [[https://github.com/advthreat/tenzin/pull/2938][#2938]] +- Update VPNator lambda functions in INT [[https://github.com/advthreat/tenzin/pull/2929][#2929]] +- Update min capacity for ASG in backup regions [[https://github.com/advthreat/tenzin/pull/2917][#2917]] +- Update readme in terraform folders for backup regions [[https://github.com/advthreat/tenzin/pull/2896][#2896]] +- Saltstack changes for backup regions [[https://github.com/advthreat/tenzin/pull/2822][#2822]] +- ROAdmin role for STAGE and PROD [[https://github.com/advthreat/tenzin/pull/2909][#2909]] +- Update saml in terraform to sync with AWS STAGE and PROD accounts [[https://github.com/advthreat/tenzin/pull/2910][#2910]] +- ROAdmin role for INT [[https://github.com/advthreat/tenzin/pull/2903][#2903]] +- Add nodes to ES-metrics cluster in EU [[https://github.com/advthreat/tenzin/pull/2905][#2905]] +- Remove Data VPNator from PROD [[https://github.com/advthreat/tenzin/pull/2868][#2868]] +- Terraform changes for backup regions [[https://github.com/advthreat/tenzin/pull/2882][#2882]] +- Remove modules needed for S3 batch operations [[https://github.com/advthreat/tenzin/pull/2884][#2884]] +- Disable replication for es-metrics [[https://github.com/advthreat/tenzin/pull/2850][#2850]] +- Update infrastructure diagram with second VPN [[https://github.com/advthreat/tenzin/pull/2871][#2871]] +- Remove data-vpnator from INT [[https://github.com/advthreat/tenzin/pull/2855][#2855]] +- PKI update for backup regions [[https://github.com/advthreat/tenzin/pull/2842][#2842]] +- Update vpnator script for new OPS setup [[https://github.com/advthreat/tenzin/pull/2817][#2817]] +- Fix module deletition [[https://github.com/advthreat/tenzin/pull/2825][#2825]] +- Remove cleaner lambda setup from INT, TEST [[https://github.com/advthreat/tenzin/pull/2823][#2823]] +- Module to setup new vpnator for OPS VPN in INT [[https://github.com/advthreat/tenzin/pull/2816][#2816]] +- Modules to setup VPNator for OPS VPN in PROD [[https://github.com/advthreat/tenzin/pull/2814][#2814]] +- BCP: Update readme with bastion info [[https://github.com/advthreat/tenzin/pull/2456][#2456]] +- Terraform modules update for TEST backup region [[https://github.com/advthreat/tenzin/pull/2796][#2796]] +- New PROD VPNator setup for non-ops VPN setup [[https://github.com/advthreat/tenzin/pull/2748][#2748]] +- Remove not needed permissions for kms-ssm in STAGE [[https://github.com/advthreat/tenzin/pull/2733][#2733]] +- Changing KMS key in Vault unseal config in STAGE [[https://github.com/advthreat/tenzin/pull/2732][#2732]] +- Adding permissions to kms-vault key [[https://github.com/advthreat/tenzin/pull/2712][#2712]] +- Remove permissions for kms-ssm from hashistack policy INT and TEST [[https://github.com/advthreat/tenzin/pull/2719][#2719]] +- Terraform modules update for TEST backup region [[https://github.com/advthreat/tenzin/pull/2724][#2724]] +- Changing unseal configuration for Vault in INT [[https://github.com/advthreat/tenzin/pull/2718][#2718]] +- Permissions for kms-vault key in INT and STAGE [[https://github.com/advthreat/tenzin/pull/2706][#2706]] +- KMS vault key material for INT and STAGE [[https://github.com/advthreat/tenzin/pull/2705][#2705]] +- New kms-vault key material [[https://github.com/advthreat/tenzin/pull/2711][#2711]] + +_between 3 and 4 months old_ + +- Permissions for new kms-vault key in TEST backup region [[https://github.com/advthreat/tenzin/pull/2695][#2695]] +- Fix permissions for kms-vault key [[https://github.com/advthreat/tenzin/pull/2692][#2692]] +- Changing kms key in autounseal Vault config for TEST [[https://github.com/advthreat/tenzin/pull/2680][#2680]] +- Update README.md [[https://github.com/advthreat/tenzin/pull/2686][#2686]] +- Update salt to read datadog api key from SSM [[https://github.com/advthreat/tenzin/pull/2679][#2679]] +- Adding permissions for new kms-vault key for hashistack nodes in TEST env [[https://github.com/advthreat/tenzin/pull/2670][#2670]] +- Adding permissions for datadog ssm parameter [[https://github.com/advthreat/tenzin/pull/2663][#2663]] +- Comment not needed references [[https://github.com/advthreat/tenzin/pull/2656][#2656]] +- KMS Vault key [[https://github.com/advthreat/tenzin/pull/2668][#2668]] + +*** Will Lorand [1] + +**** iroh [1] + +- Update summary.org [[https://github.com/advthreat/iroh/pull/7603][#7603]] + +*** Dmytro Budko [5] + +**** tenzin [5] + +- SXOPS-630 Invalidate a CloudFront cache for INT/TEST after push changes [[https://github.com/advthreat/tenzin/pull/2897][#2897]] +- SXOPS-191 Terraform: Bring INT and Test into sync with AWS (DOCS INT/TEST) [[https://github.com/advthreat/tenzin/pull/2889][#2889]] +- SXOPS-616 DataDog agent not able to collect metrics (SLM) from ES [[https://github.com/advthreat/tenzin/pull/2878][#2878]] +- SXOPS-539 EC2 Keypair rotation for INT and TEST [[https://github.com/advthreat/tenzin/pull/2787][#2787]] +- SXOPS-539 Offboard Vadym Kiz [[https://github.com/advthreat/tenzin/pull/2784][#2784]] + +*** Cisco Boz [1] + +**** tenzin [1] + +- Replace Threat Response -> XDR for 502 pages on caddy-* public & private [[https://github.com/advthreat/tenzin/pull/2934][#2934]] + +*** Patrick Patat [72] + +**** iroh-ops [71] + +- install and config riemann on asg +- add riemann & reimann_telemetry servers +- add vault token for ansible +- add rds pg cname and bump tf min version to 1.4 +- install vector after all (due to app log deps) +- add vector config for docker with nomad +- add auto instance refresh +- disable notready service add the end of ansible run +- remove unattended-upgrades pkg and ignore qualys server +- setup a lambda that run ansible nomad-jobs when a new app version is pushed to s3 +- override nomad jobs version with versions.json from s3 bucket artefacts (needed for auto deployement) +- add codebuild fail notification via webex +- simplify sg rule and rename a boolean var +- add doc for qualys setup +- add qualys instances and extends customasation of instances, asg & sgs +- create an aws backup vault and plan for dynamodb backup +- create redis-async.iroh.dev.sh cname to tenzin's redis +- add add iroh-queue-monitor, add http check for nomad jobs +- config vault telemetry to send data to datadog +- add role nomad-jobs with exemple job iroh & hello, add related caddy config for private rp +- add python-nomad to manage job, add dogstatsd as volume & add metadata from docker +- add iroh-ro vault policy +- add vault ca to ssm, put vault ca on caddy vm & update nomad config for vault and docker +- create custom modules for vault and aws private acm & configure vault internal pki +- allow vault servers to query aws private acm +- add docker registry and app_server role for docker registry use +- move docker repo conf to linux base & update nomad config +- add .yml to group_vars files + +_between 3 and 4 months old_ + +- create one codebuild job per env +- change codebuild default env var to '' and fix missing env var in user_data +- create codebuild ansible-run and replace user_data local ansible with codebuild trigger +- push new admin key in user admin authorized keys +- fix hostname config +- add lambda to create/delete ec2 dns record on start and terminate +- centralize apt config & set hostname and prompt +- configure vault server & add caddy vault config +- refactor route53 lb cnames creation +- upgrade vault instances config +- split iam in mutliple file and add iam for vault instances +- add dynamodb for vault +- add CODEOWNERS file +- remove openvpn push dns (useless with iroh.sh) +- upgrade tf and ansible for caddy https with letsencrypt +- upgrade dns config with iroh.sh & iroh.services +- secure all comunications between consul nomad and rps +- do not redeploy instances on ami upgrade +- refactor pki +- fix: encode in base64 ssm parameters +- Revert "temporaly disable encrypt communication for nomad and consul" +- pki for internal certs +- use ansible-pull in user_data to config vm at first boot +- use t4.small instead of t4.nano +- add linux users config +- fix: add hashicorp apt in vaul role +- upgrade for private rp +- add role and playbook for caddy private rp +- move hashicorp's apt config to role nomad & consul (do need it on all vms) +- add bastion and openvpn role, playbook and group_vars +- temporaly disable encrypt communication for nomad and consul +- replace _ with - in node name (need to be dns compatible) +- add python3-boto3 to linux_base_pkgs +- temporary allow everything from vpn +- disable source_dest_check for vpn and add bastion dns name +- upgrade for vpn server +- ansible typos and code style +- refactoring asgs & security groups +- refactor terraform asgs +- use boolean value instead of strings, add tags in tasks and other minor fixes +- improve ansible.cfg, remove debug, fix unbound config +- add load_balancer, app_server private_rp, remove caps from ressource names +- ansible bootstrap +**** tenzin [1] + +- allows iroh-ops dev platform to access rds + +*** Yurii Ivanisenko [12] + +**** tenzin [11] + +- Add muhammad imran (muhammim) gpg key [[https://github.com/advthreat/tenzin/pull/2899][#2899]] +- Give Muhammad Imran (muhammim) SSH access [[https://github.com/advthreat/tenzin/pull/2898][#2898]] +- removed walkme-ci tf module files and vpn users [[https://github.com/advthreat/tenzin/pull/2841][#2841]] +- removed all saltstack entries with user vilakkak [[https://github.com/advthreat/tenzin/pull/2818][#2818]] +- removed TF module CloudWatch-lambda-sca-whitelist-testing [[https://github.com/advthreat/tenzin/pull/2804][#2804]] +- added diagrams for CTR_AWS and TAC-portal [[https://github.com/advthreat/tenzin/pull/2717][#2717]] +- align with INT lambda settings for Thousendeyes WL and TEST R53 recor… [[https://github.com/advthreat/tenzin/pull/2715][#2715]] + +_between 3 and 4 months old_ + +- fix CSP directives for visibility.amp in APJC and EU regions [[https://github.com/advthreat/tenzin/pull/2689][#2689]] +- fixed tab instead of spaces in caddy.yaml NAM [[https://github.com/advthreat/tenzin/pull/2681][#2681]] +- Caddy public job - added templates for TAC certificates [[https://github.com/advthreat/tenzin/pull/2674][#2674]] +- Added configs for TAC portal prod [[https://github.com/advthreat/tenzin/pull/2666][#2666]] +**** tenzin-config [1] + + +_between 3 and 4 months old_ + +- Added config.json for Tactical-portal in PROD regions [[https://github.com/advthreat/tenzin-config/pull/817][#817]] + +*** Robert Levy [5] + +**** iroh [5] + +- fix dev-resources config to use the correct key signer-ops instead of signer [[https://github.com/advthreat/iroh/pull/7778][#7778]] +- Add registered trademark to MITRE tile title [[https://github.com/advthreat/iroh/pull/7775][#7775]] +- Incidents' Detection Sources Tile [[https://github.com/advthreat/iroh/pull/7725][#7725]] +- top-targeted assets tile for control center (ctia investigate module) [[https://github.com/advthreat/iroh/pull/7689][#7689]] +- MITRE Attack incidents tile [[https://github.com/advthreat/iroh/pull/7523][#7523]] + +*** Mia [36] + +**** iroh [22] + +- Update risk score docs to include overview of enrich-targets process [[https://github.com/advthreat/iroh/pull/7773][#7773]] +- log asset retrieval failure [[https://github.com/advthreat/iroh/pull/7743][#7743]] +- Separate risk score engine calls [[https://github.com/advthreat/iroh/pull/7742][#7742]] +- log bundle [[https://github.com/advthreat/iroh/pull/7737][#7737]] +- Flag observe targets [[https://github.com/advthreat/iroh/pull/7697][#7697]] +- remove verbose logs from risk score calculation [[https://github.com/advthreat/iroh/pull/7618][#7618]] +- FIXME temp log bundle-import-payload [[https://github.com/advthreat/iroh/pull/7609][#7609]] +- handle explicit nil cases for asset value [[https://github.com/advthreat/iroh/pull/7604][#7604]] +- Correct describe assets [[https://github.com/advthreat/iroh/pull/7600][#7600]] +- adjust logging [[https://github.com/advthreat/iroh/pull/7596][#7596]] +- Resolve latest asset log params [[https://github.com/advthreat/iroh/pull/7594][#7594]] +- add asset:read scope to token used for engine-service [[https://github.com/advthreat/iroh/pull/7571][#7571]] +- Iroh engine latest assets [[https://github.com/advthreat/iroh/pull/7554][#7554]] +- Update bundle import [[https://github.com/advthreat/iroh/pull/7542][#7542]] +- Fix risk score bundle import [[https://github.com/advthreat/iroh/pull/7534][#7534]] +- fix a typo in engine config introduce default consistent with engine [[https://github.com/advthreat/iroh/pull/7525][#7525]] +- Fix risk score auth [[https://github.com/advthreat/iroh/pull/7517][#7517]] +- Fix risk score auth [[https://github.com/advthreat/iroh/pull/7516][#7516]] +- Fix risk score auth with tests this time [[https://github.com/advthreat/iroh/pull/7515][#7515]] +- add auth token to bundle export header in risk score [[https://github.com/advthreat/iroh/pull/7514][#7514]] + +_between 3 and 4 months old_ + +- implement final risk score [[https://github.com/advthreat/iroh/pull/7486][#7486]] +- 7342 preliminary risk score [[https://github.com/advthreat/iroh/pull/7460][#7460]] +**** iroh-engine [13] + +- Merge pull request #1385 from advthreat/v0.15.4-rc +- Merge pull request #1384 from advthreat/separate-add-assets-and-enrich-targets +- Merge pull request #1371 from advthreat/testy-tests +- Merge pull request #1367 from advthreat/v0.14.6-rc +- Merge pull request #1366 from advthreat/add-resolve-latest-assets + +_between 3 and 4 months old_ + +- Merge pull request #1365 from advthreat/v0.14.5-rc +- Merge pull request #1364 from advthreat/change-test-again +- Merge branch 'main' into change-test-again +- Merge pull request #1363 from advthreat/v0.14.4-rc +- Merge pull request #1362 from advthreat/calculate-preliminary-risk-score +- Merge pull request #1360 from advthreat/v0.14.3-rc +- Merge pull request #1359 from advthreat/remove-trojansource +- Merge pull request #1358 from advthreat/remove-transient-ids +**** tenzin-config [1] + + +_between 3 and 4 months old_ + +- flip feature flag in INT for score-based incident enrichment [[https://github.com/advthreat/tenzin-config/pull/833][#833]] + +*** Devin Walters [5] + +**** iroh-engine [5] + +- Prepare 0.15.2 +- Coerce to instant after reading as ZDT +- Assert sightings +- Let up +- Use investigable-observables, promises delivered, add verdict + +*** Vadym Kiz [3] + +**** tenzin [3] + +- SXOPS-361 GitHub self-hosted runners for SecureX UI monorepo [[https://github.com/advthreat/tenzin/pull/2635][#2635]] +- Datadog: enable slm_stats [[https://github.com/advthreat/tenzin/pull/2778][#2778]] +- SSH access - jbusboom [[https://github.com/advthreat/tenzin/pull/2738][#2738]] + +*** Ag Ibragimov [8] + +**** iroh [4] + +- Unassigned Incidents Tile should show relative time [[https://github.com/advthreat/iroh/pull/7824][#7824]] +- Control center: Navigate to Incidents page from tile [[https://github.com/advthreat/iroh/pull/7760][#7760]] +- Control Center -- Detection Sources Tile: Fixes query parenthesizing [[https://github.com/advthreat/iroh/pull/7759][#7759]] +- API work for unassigned incidents [[https://github.com/advthreat/iroh/pull/7682][#7682]] +**** tenzin-config [4] + +- adds :xdr-site-url [[https://github.com/advthreat/tenzin-config/pull/885][#885]] +- adds detection sources config for PROD [[https://github.com/advthreat/tenzin-config/pull/881][#881]] +- additional client_id for incident sources [[https://github.com/advthreat/tenzin-config/pull/877][#877]] +- adds incident sources: test, int [[https://github.com/advthreat/tenzin-config/pull/873][#873]] + +*** Justin Woo [2] + +**** easy-purescript-nix [2] + +- Merge pull request #219 from turlando/purs-tidy-0.9.2 +- Merge pull request #218 from paluh/master + +*** dependabot[bot] [0] + + +*** Sam Waggoner [4] + +**** ctia [1] + + +_between 3 and 4 months old_ + +- threatgrid/ctim/#381 Migrate actor 1.2.0 [[https://github.com/advthreat/ctia/pull/1323][#1323]] +**** tenzin-config [3] + +- Add hydrant es-metrics configs for events. +- Fix hydrant-talos-ta-blog misnamed http-options. +- advthreat/hydrant#721 update talos blog http-options. + +*** II [9] + +**** iroh [7] + +- Issue 7455 - Minor cleanup from XDR tiles merge [[https://github.com/advthreat/iroh/pull/7695][#7695]] +- 6963 implements one-click module wrapper endpoint [[https://github.com/advthreat/iroh/pull/7315][#7315]] +- Issue 7647 AMP observe targets [[https://github.com/advthreat/iroh/pull/7661][#7661]] +- Issue 7647 - IObserveTargetModule protocol [[https://github.com/advthreat/iroh/pull/7651][#7651]] +- Ao shortcut use unique names [[https://github.com/advthreat/iroh/pull/7627][#7627]] +- Ao docs formatting fixes [[https://github.com/advthreat/iroh/pull/7625][#7625]] +- Issue 7550 ao workflow exec shortcut [[https://github.com/advthreat/iroh/pull/7617][#7617]] +**** tenzin-config [2] + +- Adds one-click service to bootstrap.cfg files [[https://github.com/advthreat/tenzin-config/pull/862][#862]] + +_between 3 and 4 months old_ + +- Tac portal PROD login origins [[https://github.com/advthreat/tenzin-config/pull/821][#821]] + +*** Eric Gierach [10] + +**** iroh [3] + +- Fix attack graph simplification [[https://github.com/advthreat/iroh/pull/7747][#7747]] +- latest simplification logic (edges not considered) [[https://github.com/advthreat/iroh/pull/7662][#7662]] +- update notable events to match what the Engine client is producing for CTR [[https://github.com/advthreat/iroh/pull/7614][#7614]] +**** iroh-engine [7] + +- Merge pull request #1387 from advthreat/v0.15.5-rc +- Prepare for 0.15.5 release. +- Merge pull request #1386 from advthreat/enrich-all-targets +- Fix typo in log +- Merge pull request #1370 from advthreat/dependabot/npm_and_yarn/webpack-5.76.0 +- Merge branch 'main' into dependabot/npm_and_yarn/webpack-5.76.0 +- Merge pull request #1368 from advthreat/dependabot/npm_and_yarn/xmldom/xmldom-and-mountebank-0.8.4 + +*** Adam Sayer [26] + +**** tenzin [25] + +- webexbox fix on saltmaster [[https://github.com/advthreat/tenzin/pull/2937][#2937]] +- increase ES storage iops/throughput [[https://github.com/advthreat/tenzin/pull/2927][#2927]] +- Vercel CICD accept 409 and watch http state +- Add Vercel CI/CD to Saltmaster [[https://github.com/advthreat/tenzin/pull/2920][#2920]] +- Update hydrant container version [[https://github.com/advthreat/tenzin/pull/2891][#2891]] +- snort filename fix [[https://github.com/advthreat/tenzin/pull/2890][#2890]] +- Update hydrant container to 1.36 in INT [[https://github.com/advthreat/tenzin/pull/2888][#2888]] +- remove jq verify usage [[https://github.com/advthreat/tenzin/pull/2885][#2885]] +- Fix - Extract Talos Snort Rule files for Importer [[https://github.com/advthreat/tenzin/pull/2880][#2880]] +- github runner salt and terraform [[https://github.com/advthreat/tenzin/pull/2875][#2875]] +- update securex-ui in INT for latest NVM profiles [[https://github.com/advthreat/tenzin/pull/2873][#2873]] +- Route53 Module refactor [[https://github.com/advthreat/tenzin/pull/2851][#2851]] +- Revert "SXOPS-361 GitHub self-hosted runners for SecureX UI monorepo (#2635)" [[https://github.com/advthreat/tenzin/pull/2859][#2859]] +- github-runner ASG [[https://github.com/advthreat/tenzin/pull/2852][#2852]] +- Update r53 module to allow geolocation [[https://github.com/advthreat/tenzin/pull/2844][#2844]] +- Cloud9 ami APJC EU [[https://github.com/advthreat/tenzin/pull/2803][#2803]] +- Cloud9 AMI to NAM [[https://github.com/advthreat/tenzin/pull/2792][#2792]] +- Bash to replace ES instances [[https://github.com/advthreat/tenzin/pull/2777][#2777]] +- Upgrade 6th gen ec2 and cloud9 AMI for TEST [[https://github.com/advthreat/tenzin/pull/2775][#2775]] +- Int cloud9 ami refresh [[https://github.com/advthreat/tenzin/pull/2768][#2768]] +- Allow instance refresh on ASG module [[https://github.com/advthreat/tenzin/pull/2766][#2766]] +- VPC peer TEST-STAGE for qa-macos instance [[https://github.com/advthreat/tenzin/pull/2734][#2734]] +- Stage salt [[https://github.com/advthreat/tenzin/pull/2716][#2716]] + +_between 3 and 4 months old_ + +- Allow ingress from IROH to ES private storage [[https://github.com/advthreat/tenzin/pull/2652][#2652]] +- Allow ingress from IROH to es private storage INT [[https://github.com/advthreat/tenzin/pull/2630][#2630]] +**** tenzin-config [1] + +- Stage env configs [[https://github.com/advthreat/tenzin-config/pull/785][#785]] + +*** Tomasz Rybarczyk [1] + +**** easy-purescript-nix [1] + +- purs: 0.15.7 -> 0.15.8 + +*** Chris Duane [2] + +**** response [2] + +- Update access-request.md +- Create security-event.md + +*** [9] + +**** iroh [7] + +- Issue 7455 - Minor cleanup from XDR tiles merge [[https://github.com/advthreat/iroh/pull/7695][#7695]] +- 6963 implements one-click module wrapper endpoint [[https://github.com/advthreat/iroh/pull/7315][#7315]] +- Issue 7647 AMP observe targets [[https://github.com/advthreat/iroh/pull/7661][#7661]] +- Issue 7647 - IObserveTargetModule protocol [[https://github.com/advthreat/iroh/pull/7651][#7651]] +- Ao shortcut use unique names [[https://github.com/advthreat/iroh/pull/7627][#7627]] +- Ao docs formatting fixes [[https://github.com/advthreat/iroh/pull/7625][#7625]] +- Issue 7550 ao workflow exec shortcut [[https://github.com/advthreat/iroh/pull/7617][#7617]] +**** tenzin-config [2] + +- Adds one-click service to bootstrap.cfg files [[https://github.com/advthreat/tenzin-config/pull/862][#862]] + +_between 3 and 4 months old_ + +- Tac portal PROD login origins [[https://github.com/advthreat/tenzin-config/pull/821][#821]] + +*** John Jardine [30] + +**** tenzin [30] + +- Update SW versions, sort changes to the top [[https://github.com/advthreat/tenzin/pull/2864][#2864]] +- Add instances to handle new 3rd party integrations [[https://github.com/advthreat/tenzin/pull/2870][#2870]] +- Add capacity in OSS to support logstash-cloudtrail [[https://github.com/advthreat/tenzin/pull/2865][#2865]] +- Terraform edits to deconflict some values and make more generic [[https://github.com/advthreat/tenzin/pull/2853][#2853]] +- Create S3 Bucket, user, group, policy [[https://github.com/advthreat/tenzin/pull/2839][#2839]] +- Update integrations-crowdstrike to 1.0.2 in all regions [[https://github.com/advthreat/tenzin/pull/2833][#2833]] +- Move all Hydrant jobs to v1.35 (adds coas support) [[https://github.com/advthreat/tenzin/pull/2826][#2826]] +- Bash defaults: Remove TMOUT, assign set -o vi & dir [[https://github.com/advthreat/tenzin/pull/2829][#2829]] +- Check single certificate [[https://github.com/advthreat/tenzin/pull/2830][#2830]] +- Align hydrant jobs on 4 minute multiples. [[https://github.com/advthreat/tenzin/pull/2821][#2821]] +- Updated ssh keypairs for EU NAM and APJC [[https://github.com/advthreat/tenzin/pull/2791][#2791]] +- SXOPS-529: SSH Default configuration changes [[https://github.com/advthreat/tenzin/pull/2774][#2774]] +- Check if integrations-healthcheck is working. [[https://github.com/advthreat/tenzin/pull/2772][#2772]] +- Update sumram.gpg +- Make script outputs comparable by using same sort order [[https://github.com/advthreat/tenzin/pull/2761][#2761]] +- SXOPS-435: Add hydrant-talos-coas fixes for other regions [[https://github.com/advthreat/tenzin/pull/2751][#2751]] +- Quote cron entry to prevent YAML interpolation [[https://github.com/advthreat/tenzin/pull/2750][#2750]] +- Default Jason Busboom to absent to prevent global access [[https://github.com/advthreat/tenzin/pull/2743][#2743]] +- Updated rev-proxy for securex-ui-automate.test.iroh.site [[https://github.com/advthreat/tenzin/pull/2744][#2744]] +- Added gpg key for Atul Anand +- SXOPS-491 Add securex ui automate support for TEST [[https://github.com/advthreat/tenzin/pull/2729][#2729]] +- Need to add securex-ui-automate.int.iroh.site to ACME [[https://github.com/advthreat/tenzin/pull/2723][#2723]] +- SXOPS-491 Add securex ui automate support [[https://github.com/advthreat/tenzin/pull/2722][#2722]] + +_between 3 and 4 months old_ + +- Fix comment, fix error file content check [[https://github.com/advthreat/tenzin/pull/2683][#2683]] +- Backport v1.112 fixes to master [[https://github.com/advthreat/tenzin/pull/2682][#2682]] +- Initial commit [[https://github.com/advthreat/tenzin/pull/2671][#2671]] +- Add error handling to cert check [[https://github.com/advthreat/tenzin/pull/2651][#2651]] +- Initial Vercel Postman API [[https://github.com/advthreat/tenzin/pull/2633][#2633]] +- INT: Merge Consul overrides into jobs.sls [[https://github.com/advthreat/tenzin/pull/2646][#2646]] +- SXOPS-412: Trend Micro XDR Integration Relay INT and TEST [[https://github.com/advthreat/tenzin/pull/2617][#2617]] + +*** Michael Pendergrass [4] + +**** iroh [4] + +- Engine 0.15.5 [[https://github.com/advthreat/iroh/pull/7768][#7768]] +- add more attribute relation types [[https://github.com/advthreat/iroh/pull/7660][#7660]] +- More graph changes [[https://github.com/advthreat/iroh/pull/7643][#7643]] +- add graph output to incident summary [[https://github.com/advthreat/iroh/pull/7549][#7549]] + +*** Scott McLeod [4] + +**** iroh [4] + +- Improve performance of IncidentReportService [[https://github.com/advthreat/iroh/pull/7745][#7745]] +- Add filters to Incident Report [[https://github.com/advthreat/iroh/pull/7727][#7727]] +- Add test to verify paging [[https://github.com/advthreat/iroh/pull/7564][#7564]] +- Use search_after paging for incident report (#7461) [[https://github.com/advthreat/iroh/pull/7539][#7539]] + +*** Matthieu Sprunck [3] + +**** ctia [3] + +- Bump CTIM to 1.3.7 [[https://github.com/advthreat/ctia/pull/1357][#1357]] +- Bump to CTIM 1.3.5 [[https://github.com/advthreat/ctia/pull/1349][#1349]] +- Bump to CTIM 1.3.4 [[https://github.com/advthreat/ctia/pull/1345][#1345]] + +*** Jerome Schneider [10] + +**** iroh-ops [9] + +- Merge pull request #68 from advthreat/split-releases-artefacts +- Merge pull request #51 from advthreat/logging-vector +- Merge pull request #46 from advthreat/datadog + +_between 3 and 4 months old_ + +- Merge pull request #42 from advthreat/vpnator-rm-cloudtrail +- Merge pull request #36 from advthreat/stricter-iam +- Merge pull request #34 from advthreat/fix-tfw +- Merge pull request #16 from advthreat/tfw-fixes +- Merge pull request #13 from advthreat/tf-wrapper +- Merge pull request #12 from advthreat/ansible +**** tenzin [1] + + +_between 3 and 4 months old_ + +- iroh(-async): improve memory management to avoid memory cgroup oom [[https://github.com/advthreat/tenzin/pull/2693][#2693]] + +*** t2sw [1] + +**** iroh [1] + +- modify get-tiles and get-tiles-data endpoints for xdr query parameter [[https://github.com/advthreat/iroh/pull/7757][#7757]] + +*** bswanson [81] + +**** iroh [10] + +- Engine version bump. [[https://github.com/advthreat/iroh/pull/7730][#7730]] +- Asset correlation [[https://github.com/advthreat/iroh/pull/7708][#7708]] +- READY FOR REVIEW: observe-targets to iroh engine. [[https://github.com/advthreat/iroh/pull/7683][#7683]] +- Fix empty source breaking schema. [[https://github.com/advthreat/iroh/pull/7687][#7687]] +- BUG FIX: events were pulled from wrong key. [[https://github.com/advthreat/iroh/pull/7678][#7678]] +- Add Assets to Summary and Events incident endpoints [[https://github.com/advthreat/iroh/pull/7666][#7666]] + +_between 3 and 4 months old_ + +- Add Eric and Mia to codeowners. [[https://github.com/advthreat/iroh/pull/7501][#7501]] +- Add extra fields to summary events [[https://github.com/advthreat/iroh/pull/7482][#7482]] +- Add optional keys owner and groups to :incident-id/events schema. [[https://github.com/advthreat/iroh/pull/7449][#7449]] +- Allow port key in the private-intel service context [[https://github.com/advthreat/iroh/pull/7435][#7435]] +**** iroh-engine [68] + +- Merge pull request #1383 from advthreat/v0.15.3-rc +- Update changelog. +- Prepare for 0.15.3 release +- Merge pull request #1381 from advthreat/proper-no-op +- Merge branch 'main' into proper-no-op +- Merge pull request #1382 from advthreat/codeowners +- Add folks to codeowners, remove our previous humans. +- Update release to remove unused project.clj +- Cleanup tests. +- Update tests to reflect passthrough behavior. +- failing tests, but no-op. +- Merge pull request #1380 from advthreat/v0.15.2-rc +- Merge pull request #1379 from advthreat/superstitious-p +- Merge pull request #1378 from advthreat/v0.15.1-rc +- Release v0.15.1. +- Merge pull request #1377 from advthreat/remove-original-sightings +- Don't print 100s of sightings :D +- Add logging. +- Remove CTIM dependency. +- Data for you and data for me +- Cabinet of curiosities be gone. +- Datums test. +- new asset responses. +- Check no-op case for assets-for-new-targets. +- Add assets and asset mappings. +- Remove fake test that described itself as real. +- Use add-latest-asset-info from enrich ns. +- Add failing observe-target-observables-test. +- Do not pass back the relationships or sightings from the original bundle. +- Merge pull request #1374 from advthreat/v0.15.0-rc +- Release candidate 0.15.0 +- Merge pull request #1372 from advthreat/asset-enrich +- Merge branch 'main' into asset-enrich +- Only need to wrap around exception. +- Magic sauce for cljs vs clj. +- Add test for ->instant. +- Fix let<. +- promesify everything. +- PR feedback, add p/let. +- PR feedback. +- map observable keys (this shouldn't matter, but for consistency and safety sake.) +- Refactor exists? because it's a function. +- Update src/iroh/engine/asset/enrich.cljc +- Fix IrohServiceWrapper call. +- move time fns into time ns. +- A bit more function now. +- IT LIVESSSS. +- Add emit_observe_targets_enrich.js +- Wiring through observable call. +- mountebank. +- Getting farther through the pipeline. +- Resolve linter errors. +- more promises for us. +- cleanup nested whens. +- Try to call targets. +- it puts the promise on the code. +- Smaller functions. +- Clean up more test ns. +- Cleanup tests. +- Merge branch 'main' into asset-enrich +- Move logic into previous function. +- Add resolve latest mountebank test. +- Some unit tests. +- prepare for the sightening. +- extract targets from enriched response. +- Break out a couple more small functions. +- Implement some small helper functions. +- Pull in used sighting ns and reference observable var. +**** tenzin-config [3] + +- Add config for prod and fix test typo. [[https://github.com/advthreat/tenzin-config/pull/846][#846]] + +_between 3 and 4 months old_ + +- Add iroh base url to conure config. [[https://github.com/advthreat/tenzin-config/pull/829][#829]] +- Add necessary conure config. [[https://github.com/advthreat/tenzin-config/pull/811][#811]] + +*** Pawan Bahuguna [31] + +**** tenzin [31] + +- Sxops 191 - custom_response_body [[https://github.com/advthreat/tenzin/pull/2933][#2933]] +- Added health check header [[https://github.com/advthreat/tenzin/pull/2921][#2921]] +- Added Health check header to crowdstrike for testing [[https://github.com/advthreat/tenzin/pull/2916][#2916]] +- Increased the Max size to 6 [[https://github.com/advthreat/tenzin/pull/2908][#2908]] +- Updated the version to 7.0.7 to sync with AWS [[https://github.com/advthreat/tenzin/pull/2907][#2907]] +- SXOPS-621 - Enable IAM Access Advisor in all envs [[https://github.com/advthreat/tenzin/pull/2894][#2894]] +- Removed Event Processor Role [[https://github.com/advthreat/tenzin/pull/2881][#2881]] +- SXOPS 191 Update TEST VPC Peering [[https://github.com/advthreat/tenzin/pull/2879][#2879]] +- Changed version to 7.0.5, already present in aws [[https://github.com/advthreat/tenzin/pull/2877][#2877]] +- Updated desired capacity, min and max size [[https://github.com/advthreat/tenzin/pull/2874][#2874]] +- SXOPS-490 Docker version health check [[https://github.com/advthreat/tenzin/pull/2837][#2837]] +- Added CU, IR, KP, SY [[https://github.com/advthreat/tenzin/pull/2854][#2854]] +- Added artifacts and XDR to ordered_cache_behavior - Already in AWS [[https://github.com/advthreat/tenzin/pull/2848][#2848]] +- SXOPS-191-Updated VPC peering connection [[https://github.com/advthreat/tenzin/pull/2835][#2835]] +- Added docker container version check [[https://github.com/advthreat/tenzin/pull/2815][#2815]] +- SAML sync with AWS [[https://github.com/advthreat/tenzin/pull/2824][#2824]] +- enabled intelligence in prod [[https://github.com/advthreat/tenzin/pull/2807][#2807]] +- SXOPS-535 Micro Frontend Ribbon [[https://github.com/advthreat/tenzin/pull/2806][#2806]] +- int-iroh-registration-ui User is already present in AWS [[https://github.com/advthreat/tenzin/pull/2801][#2801]] +- Removed CloudWatch-CSIRT.tf [[https://github.com/advthreat/tenzin/pull/2788][#2788]] +- updated the asg_max_size to 6 [[https://github.com/advthreat/tenzin/pull/2781][#2781]] +- Added instance refresh [[https://github.com/advthreat/tenzin/pull/2780][#2780]] +- Enabling watchdog check on Crowdstrike [[https://github.com/advthreat/tenzin/pull/2773][#2773]] +- SXOPS-490 Add/Update 3rd Party Integrations health checks [[https://github.com/advthreat/tenzin/pull/2767][#2767]] +- Added TLS - automate MFE [[https://github.com/advthreat/tenzin/pull/2753][#2753]] +- PROD automate MFE [[https://github.com/advthreat/tenzin/pull/2752][#2752]] +- [SXOPS-497] Create 3rd Party Integrations for Cybereason & Crowdstrike (INT/TEST) [[https://github.com/advthreat/tenzin/pull/2747][#2747]] +- Added dbudko pabahugu to VPN list [[https://github.com/advthreat/tenzin/pull/2728][#2728]] +- Sxops 484 onboard dmytro dbudko [[https://github.com/advthreat/tenzin/pull/2727][#2727]] +- SXOPS-476 Decom Nomad task securex-ui-incidents from Tenzin [[https://github.com/advthreat/tenzin/pull/2699][#2699]] + +_between 3 and 4 months old_ + +- enable prod [[https://github.com/advthreat/tenzin/pull/2662][#2662]] + +*** Trent Boyd [2] + +**** tenzin-config [2] + +- chore: add https dev urls to xdr projects [[https://github.com/advthreat/tenzin-config/pull/886][#886]] +- feat: add configs for securex-ui-intelligence job [[https://github.com/advthreat/tenzin-config/pull/852][#852]] + +*** Devin Walters [12] + +**** tenzin [7] + +- Set tmpdir to /local for conure task [[https://github.com/advthreat/tenzin/pull/2930][#2930]] +- Mount datadog socket in conure task [[https://github.com/advthreat/tenzin/pull/2922][#2922]] +- Remove Conure access to IROH RDS instance [[https://github.com/advthreat/tenzin/pull/2742][#2742]] + +_between 3 and 4 months old_ + +- Capture the rest of a log message as 'message_text' for clj stack logs [[https://github.com/advthreat/tenzin/pull/2660][#2660]] +- Grok pattern which captures message for the clj stack [[https://github.com/advthreat/tenzin/pull/2658][#2658]] +- Add RMI server hostname [[https://github.com/advthreat/tenzin/pull/2640][#2640]] +- Include configuration for hikari monitoring via JMX [[https://github.com/advthreat/tenzin/pull/2639][#2639]] +**** tenzin-config [5] + +- Specify JWK per environment [[https://github.com/advthreat/tenzin-config/pull/866][#866]] +- Update conure username in prod environments [[https://github.com/advthreat/tenzin-config/pull/860][#860]] +- Update conure db username in TEST [[https://github.com/advthreat/tenzin-config/pull/856][#856]] +- Update conure configuration [[https://github.com/advthreat/tenzin-config/pull/843][#843]] +- Test out dedicated conure postgres instance [[https://github.com/advthreat/tenzin-config/pull/838][#838]] + +*** Martin Bruchanov [20] + +**** tenzin [20] + +- Adding data nodes to lower file system utilization [[https://github.com/advthreat/tenzin/pull/2940][#2940]] +- Adding vercel deploy to sudo for consul [[https://github.com/advthreat/tenzin/pull/2936][#2936]] +- Increasing number of data nodes to the current state [[https://github.com/advthreat/tenzin/pull/2935][#2935]] +- Security groups for OPS VPN in INT [[https://github.com/advthreat/tenzin/pull/2924][#2924]] +- Added CLI parameters for ES administration tools [[https://github.com/advthreat/tenzin/pull/2915][#2915]] +- Removing salt references for terminated OPs instance [[https://github.com/advthreat/tenzin/pull/2900][#2900]] +- Updated contacts of EDF team [[https://github.com/advthreat/tenzin/pull/2895][#2895]] +- Fixed JSON validation for IROH query [[https://github.com/advthreat/tenzin/pull/2887][#2887]] +- Fixed correct hostname and SSM keys [[https://github.com/advthreat/tenzin/pull/2893][#2893]] +- OPS OpenVPN salt deployment [[https://github.com/advthreat/tenzin/pull/2883][#2883]] +- Renaming data-openvpn to ops-openvpn [[https://github.com/advthreat/tenzin/pull/2845][#2845]] +- Increasing edf-reporting and iops-reporting memory allocation [[https://github.com/advthreat/tenzin/pull/2838][#2838]] +- Added list of Consul UI hostnames [[https://github.com/advthreat/tenzin/pull/2789][#2789]] +- Tool for quick SSH to Consul leader [[https://github.com/advthreat/tenzin/pull/2785][#2785]] +- Cleaning up intel2x hostname [[https://github.com/advthreat/tenzin/pull/2654][#2654]] +- Second VPN server for Non-OPS access [[https://github.com/advthreat/tenzin/pull/2735][#2735]] +- Fixed duplicated uid in user profile [[https://github.com/advthreat/tenzin/pull/2740][#2740]] + +_between 3 and 4 months old_ + +- NAM ElasticSearch clean up: DNS, S3 bucket for snapshots [[https://github.com/advthreat/tenzin/pull/2697][#2697]] +- Updating hostnames, fixed error with missing authentication [[https://github.com/advthreat/tenzin/pull/2637][#2637]] +- Tranfer of existing roles from one ES cluter to another [[https://github.com/advthreat/tenzin/pull/2634][#2634]] + +*** Michael Simonson [3] + +**** tenzin [2] + +- Adds input buckets for non-int envs [[https://github.com/advthreat/tenzin/pull/2863][#2863]] +- SXOPs-hydrant-talos-coa-importer [[https://github.com/advthreat/tenzin/pull/2741][#2741]] +**** tenzin-config [1] + +- Issue SXOPs-562: Hydrant Manual Removal Importer [[https://github.com/advthreat/tenzin-config/pull/859][#859]] + +*** John Jardine [5] + +**** tenzin [4] + +- Revert "Move all Hydrant jobs to v1.35 (adds coas support)" +- Revert "Include STAGE in hydrant container version update" +- Include STAGE in hydrant container version update +- Move all Hydrant jobs to v1.35 (adds coas support) +**** tenzin-config [1] + +- Importer was missing the config files [[https://github.com/advthreat/tenzin-config/pull/850][#850]] + +*** Gayan Jayasundara [7] + +**** tenzin [7] + +- Bump crowdstrike and SentinalOne - Ian requested [[https://github.com/advthreat/tenzin/pull/2904][#2904]] +- Bump crowdstrike into 1.0.2a - Bug fix from Ian [[https://github.com/advthreat/tenzin/pull/2846][#2846]] +- SXOPS-512 Bump crowdstrike and sentinelone versions [[https://github.com/advthreat/tenzin/pull/2802][#2802]] + +_between 3 and 4 months old_ + +- Migrate securex-ui-incidents from Nomad to Vercel - non-prod - DNS [[https://github.com/advthreat/tenzin/pull/2691][#2691]] +- securex-ui-control-center - non-prod vercel [[https://github.com/advthreat/tenzin/pull/2690][#2690]] +- Update cyberprotect integration to latest (2.0.6) [[https://github.com/advthreat/tenzin/pull/2673][#2673]] +- Redirect XDR int to Vercel [[https://github.com/advthreat/tenzin/pull/2667][#2667]] diff --git a/reports/FY23Q3-report.pdf b/reports/FY23Q3-report.pdf new file mode 100644 index 00000000..678965c3 Binary files /dev/null and b/reports/FY23Q3-report.pdf differ diff --git a/reports/latest-quarter.html b/reports/latest-quarter.html new file mode 100644 index 00000000..e0043f7b --- /dev/null +++ b/reports/latest-quarter.html @@ -0,0 +1,2290 @@ + + + + + + + + FY23Q3 Report + + + + + +
+

FY23Q3 Report

+

logs goes 4 months back

+

2023-05-03

+
+ +

IROH

+

lead

+

Guillaume Buisson [25]

+

ctia [5]

+
    +
  • Fixed Riemann ES configuration #1360
    • +
  • Allow setting allow_partial_search_results in ES +queries #1359
    • +
  • Bump CTIM to 1.3.6 #1355
    • +
  • Note Entity API changes #1342
    • +
+

between 3 and 4 months old

+
    +
  • CTIM Note entity Support #1330
    • +
+

iroh [16]

+
    +
  • Initial Incident Response Design Draft #7398
    • +
  • Fix Target enrichment feature flag check #7740
    • +
  • Bump clj-momo to 0.4.0 #7723
    • +
  • Update Orchestration Workflow Event fixtures #7677
    • +
  • Observe-Targets route Enhancements #7668
    • +
  • Temporary implementation of observe-targets in the Relay module #7656
    • +
  • Revert "Enrich WebService route"
    • +
  • Revert "Initial WebService for testing"
    • +
  • Initial WebService for testing
    • +
  • Enrich WebService route
    • +
  • Additional Note/Event sample data #7654
    • +
  • Support the Note Entity in Private Intel #7605
    • +
  • Mitre and Risk Score based Incidents Review #6990
    • +
  • Properly define the OpenAPI metadata for the Enrich API #7532
    • +
  • Unhide Swagger UI Responses #7529
    • +
  • Updated Note designs #7508
    • +
+

tenzin-config [4]

+
    +
  • Add the SXO clients to the High Impact allowed sources #876
    • +
+

between 3 and 4 months old

+
    +
  • CTIA Note Entity setup #836
    • +
  • Disable the Kafka Event Hook for Private Intel #835
    • +
  • Double the rate limit of the dcloud organization #824
    • +
+

data

+

Mario Aquino [30]

+

iroh [17]

+
    +
  • Add audiences to client #7812
    • +
  • OrgTokenProviderService #7731
    • +
  • Handle additional variation on mitre-attack source_name #7755
    • +
  • Match on mitre-attack as source_name to find variations #7754
    • +
  • Remove high impact severity checking #7580
    • +
  • Iterate over all orgs for threat hunt execution #7601
    • +
  • Check authorization header #7597
    • +
  • Fix test broken by missing auth header #7588
    • +
  • Use mk-int-request-context for calls that may go to modules #7587
    • +
  • Improve logging for risk score asset resolution #7581
    • +
  • Update CTIM to align w version used by CTIA #7576
    • +
  • Reduce threat hunt ctia investigate module timeouts #7527
    • +
  • Error handling around risk score calculation attempt #7512
    • +
+

between 3 and 4 months old

+
    +
  • Replace unsupported trojan source detector #7481
    • +
  • Service interface tech-debt #7475
    • +
  • One iroh-async session queue for all tasks #7472
    • +
  • CTIM v1.2.0 #7459
    • +
+

tenzin-config [13]

+
    +
  • Enable config for incident enrichment #880
    • +
  • Removes AWS Auth credentials no longer needed by queue-monitor #867
    • +
  • Update async worker count for new server specs #861
    • +
  • AWS Credentials for CloudWatch interaction #842
    • +
  • Remove configs to allow threat hunting for all orgs #853
    • +
  • Make all incidents imported via Swagger UI high impact #847
    • +
  • Remove iroh-investigate and iroh-incident configs #837
    • +
+

between 3 and 4 months old

+
    +
  • Use correct urls for PROD iroh #832
    • +
  • Updates sessions-config for iroh-investigate and iroh-incident #826
    • +
  • iroh-queue-monitor config update #820
    • +
  • Increases number of threat hunt orgs #812
    • +
  • Redis for iroh-async #815
    • +
  • Adds config for iroh-async deployment group
    • +
+

Guillaume Erétéo [16]

+

ctia [6]

+
    +
  • add total-hits headers to metric responses #1363
    • +
  • add tactics/techniques to incident search filters #1356
    • +
  • Incident score schema check #1353
    • +
  • Relationships: add target_ref and source_ref as enumerable field #1354
    • +
+

between 3 and 4 months old

+
    +
  • verdict fix #1333
    • +
  • add techniques to enumerable fields #1331
    • +
+

iroh [5]

+
    +
  • introduce aggregation in crud store #7734
    • +
  • Add Scott to CODEOWNERS #7782
    • +
  • first stats #7765
    • +
  • Incident summary design #7704
    • +
  • threat hunt status incident status Open #7709
    • +
+

tenzin-config [5]

+
    +
  • Activate scoring in TEST and PROD for 1.116 #851
    • +
  • Add PCTIA as high impact by default #849
    • +
+

between 3 and 4 months old

+
    +
  • update incident mappings #822
    • +
  • IROH Swagger UI to high impact sources #830
    • +
  • prepare actor migration #814
    • +
+

Ambrose Bonnaire-Sergeant +[11]

+

ctia [7]

+
    +
  • Push sighting store's coercion pattern into def-es-store #1361
    • +
  • Remove log4j #1347
    • +
  • Fix bulk relationships between transient asset mappings/fields #1343
    • +
  • Filter by scores test #1341
    • +
  • Scores dynamic mapping #1340
    • +
  • Don't mix user params with internal extensions #1339
    • +
+

between 3 and 4 months old

+
    +
  • Sort on incident score #1327
    • +
+

iroh [4]

+
    +
  • new incident scores format #7578
    • +
  • Strip ctia keys #7521
    • +
+

between 3 and 4 months old

+
    +
  • Improve stubservice error messages #7478
    • +
  • Prep Mia for incident scoring impl #7397
    • +
+

integrations

+

Matthieu Sprunck [32]

+

iroh [17]

+
    +
  • E7469: Event API extension design #7462
    • +
  • Implements OR, AND, NOT boolean combinators for ElasticSearch #7752
    • +
  • Add a dedicated IROH Auth configuration to Swagger #7738
    • +
  • Remote: Return an error when tiles/data is not supported #7732
    • +
  • Remove support for access token in Swagger UI #7729
    • +
  • Remote: IROH Proxy handler should not be called in case of errors #7717
    • +
  • Add missing dependency to int-web-service #7712
    • +
  • Configures ModuleRecords with a map #7690
    • +
  • Bump to CTIM 1.3.7 #7696
    • +
  • Create High Impact incident event #7679
    • +
  • Bump to CTIM 1.3.5 #7642
    • +
  • Add new High Impact Incident event types #7606
    • +
  • Bump to CTIM 1.3.4 #7626
    • +
  • Bump to CTIM 1.3.3 #7616
    • +
  • Allow settings prefixed by custom_ to be derived in proxy config #7509
    • +
+

between 3 and 4 months old

+
    +
  • Fix client credentials auth for CrowdStrike integration #7502
    • +
  • Add API Key auth type to the Relay module #7488
    • +
+

tenzin-config [15]

+
    +
  • Revert "Revert "Remove support for access token in Swagger UI +(#868)" (#871)" #874
    • +
  • Allow SXO internal hosts for webhook calls #872
    • +
  • Revert "Remove support for access token in Swagger UI (#868)" #871
    • +
  • Remove invalid module configuration keys #870
    • +
  • Remove support for access token in Swagger UI #868
    • +
  • Remove one-click-module services from iroh application #865
    • +
  • Change the IROH modules configuration format #864
    • +
  • Change Orbital URL in TEST #848
    • +
  • Remove the tiles APIs from the Orbital module record #845
    • +
  • Add CrowdStrike proxy configuration #841
    • +
+

between 3 and 4 months old

+
    +
  • Fix SentinelOne module record conf #834
    • +
  • Support of IROH Proxy for SentinelOne #828
    • +
  • Revert connection manager changes in PROD (2nd attempt) #827
    • +
  • Revert changes in PROD and reduce nb of threads in INT and TEST #825
    • +
  • Increase the number of threads used by the connection manager of the +Relay module #823
    • +
+

Kirill Chernyshov [11]

+

ctia [2]

+
    +
  • Exception handling for bundle export #1351
    • +
+

between 3 and 4 months old

+
    +
  • Default "no-pagination" for feed #1336
    • +
+

iroh [9]

+
    +
  • Fix configuration option for event signer #7777
    • +
  • Add signer options for EventService #7776
    • +
  • Simplify kafka-producer integration test #7769
    • +
  • Send event from EventService to kafka topic #7552
    • +
  • Return promise after sending event to kafka #7556
    • +
  • IROH-crypto lib #7544
    • +
  • KafkaProducerService #7524
    • +
  • Introduce iroh-kafka library #7505
    • +
+

between 3 and 4 months old

+
    +
  • Remove Onyx and Aeron services #7489
    • +
+

Shafiq [5]

+

iroh [4]

+
    +
  • Add create-event HTTP API #7557
    • +
  • Add search endpoint for iroh-events #7528
    • +
  • Add integration test-case for iroh-events search #7513
    • +
+

between 3 and 4 months old

+
    +
  • Separate event-handlers from EventNotifierService #7437
    • +
+

tenzin-config [1]

+
    +
  • Configure internal-event-web-service #844
    • +
+

auth

+

Olivier Barbeau [23]

+

iroh [22]

+
    +
  • fix http status code #7838
    • +
  • Rework of the script check-changelog-update-time #7658
    • +
  • RBAC: additional XDR tests #7634
    • +
  • GitHub Actions: do test coverage only once #7607
    • +
  • Increase Java Heap size for code coverage - Github Actions workflow +#7585
    • +
  • add workdir for the check #7573
    • +
  • disable test #7566
    • +
  • Fail build if html not updated #7559
    • +
  • RBAC: enable the new XDR role 'Security Analyst Tier 2' #7545
    • +
  • Issue 7538 refactor of role retrieval #7540
    • +
  • automated 'revert role' operation with test #7537
    • +
  • RBAC: Retrocompatibility of the Provisioning API #7507
    • +
+

between 3 and 4 months old

+
    +
  • Refactor around ifn-pred #7491
    • +
  • set job timeouts to 90 minutes #7506
    • +
  • set job timeouts to 60 minutes #7504
    • +
  • Test coverage v2 #7498
    • +
  • wait for hook to be finished before testing #7497
    • +
  • Add test coverage report to the Iroh GitHub Actions workflow #7453
    • +
  • RBAC for Org Access Request #7465
    • +
  • Issue 7333 rbac invitation service #7454
    • +
  • RBAC: new XDR tests for login and oauth-clients #7418
    • +
  • Issue 7413 move steps out of setup job #7414
    • +
+

tenzin-config [1]

+
    +
  • sets the :xdr-roles feature flag in INT and TEST #840
    • +
+

(Yogsototh) [5]

+

xdr-provisioning [5]

+
    +
  • Improve help regarding setting env vars
    • +
  • Improve the command line parsing
    • +
  • rename script to .sh
    • +
  • Add onboarding of DI and CSC
    • +
  • Initial provisioning Script
    • +
+

bartuka [15]

+

iroh [13]

+
    +
  • [IROH Auth] introducing TimeService in +AuthService #7806
    • +
  • [IROH Auth] allow only iroh-core.time in oauth2.core ns +#7793
    • +
  • [IROH Auth] - Update IROH Web middleware to build short JWTs with +profile data #7671
    • +
  • [IROH Auth] - update check-refresh-token function #7669
    • +
  • [IROH Auth] - Update Design docs for Short JWT Epic #7670
    • +
  • [IROH Auth] /profile/permissions endpoint #7562
    • +
  • Patch compojure-api to allow endpoints with string-keys +(without keywordize the request :body) #7574
    • +
  • [IROH Auth] Include route /profile/scopes #7553
    • +
  • [IROH Auth] - Store Short JWTs #7476
    • +
+

between 3 and 4 months old

+
    +
  • [IROH Auth] refactor gen-short-tokens to avoid code +duplication #7485
    • +
  • Allow wildcard login origin in TEST env #7474
    • +
  • [IROH Auth] Generate Short JWT tokens #7450
    • +
  • [IROH Auth] Short JWT design #7436
    • +
+

tenzin [1]

+

between 3 and 4 months old

+
    +
  • Update GPG Wanderson Ferreira #2648
    • +
+

tenzin-config [1]

+
    +
  • add postgres and redis-cache store for IROH Auth JWTs #839
    • +
+

Yann Esposito [44]

+

ctia [1]

+
    +
  • bump snakeyaml to address CVE-2022-38751 #1346
    • +
+

iroh [30]

+
    +
  • Add a missing option to disable default configs #7805
    • +
  • Add a script to init tokens without login in #7794
    • +
  • Fix schema for Response #7804
    • +
  • Add support to onboard a single app #7796
    • +
  • Add a role instrospection route to help the UI and other clients #7785
    • +
  • Fix scopes declaration for execute-workflow route #7799
    • +
  • Fix a Swagger bug due to schema name conflict #7790
    • +
  • Web api search improvements #7728
    • +
  • add profile and notification to ao-jwt #7726
    • +
  • Tk store combinator search queries (AND, OR, NOT) #7691
    • +
  • Fix a case where the body is nil #7685
    • +
  • Add xdr-instance-id field to the orgs #7707
    • +
  • PIAM: Provisioning onboard endpoint #7659
    • +
  • Add ff scope script #7680
    • +
  • added a script to add feature-flag scopes from command line #7676
    • +
  • prefer to use client from DB than client from config #7672
    • +
  • Align scopes to SXO behaviour #7673
    • +
  • fix lein start #7663
    • +
  • PIAM provisioning no idp-mapping for create user #7655
    • +
  • Default bootstrap & config #6868
    • +
  • Add Entitlements to Orgs #7631
    • +
  • Remove yaml to supported format for profile API #7632
    • +
  • Fix a flaky test in either_test.clj #7610
    • +
  • Role Matrix representation in the code. #7583
    • +
  • fix some wording only for admin users view #7579
    • +
  • Improve User login logs situation #7555
    • +
  • Added a composable redis.nix #7535
    • +
+

between 3 and 4 months old

+
    +
  • Fix template rendering during invite confirmation #7480
    • +
  • Display virtual users in the batch get users #7473
    • +
  • Add the UI session logout into IROH-Auth #7431
    • +
+

tenzin [2]

+
    +
  • use iroh.main for all nodes types #2862
    • +
  • Update iroh.job.jinja #2861
    • +
+

tenzin-config [6]

+
    +
  • fix missing iroh-async web-services #884
    • +
  • align iroh and iroh-async confs #883
    • +
  • Add CSC onboarding URLs #875
    • +
  • fix provisioning service #863
    • +
  • PIAM config change (+ boostrap cleanup) #677
    • +
  • add perf.orbital.threatgrid.com to allowed login origin #854
    • +
+

xdr-provisioning [5]

+
    +
  • Improve help regarding setting env vars
    • +
  • Improve the command line parsing
    • +
  • rename script to .sh
    • +
  • Add onboarding of DI and CSC
    • +
  • Initial provisioning Script
    • +
+

iroh-ops

+

Patrick Patat [19]

+

iroh-ops [18]

+
    +
  • Merge pull request #69 from advthreat/riemann-asg
    • +
  • Merge pull request #66 from advthreat/pg-cname
    • +
  • Merge pull request #65 from advthreat/minor-fix
    • +
  • Merge pull request #64 from advthreat/vector-docker
    • +
  • Merge pull request #63 from advthreat/asg-refresh
    • +
  • Merge pull request #61 from advthreat/auto-deploy
    • +
  • Merge pull request #60 from advthreat/webex-notif
    • +
  • Merge pull request #57 from advthreat/qualys
    • +
  • Merge pull request #56 from advthreat/dynamodb_backup
    • +
  • Merge pull request #55 from advthreat/iroh-queue
    • +
  • Merge pull request #52 from advthreat/nomad-job
    • +
  • Merge pull request #54 from advthreat/vault-stats
    • +
  • Merge pull request #48 from advthreat/vault-pki
    • +
  • Merge pull request #47 from advthreat/nomad-docker-config
    • +
+

between 3 and 4 months old

+
    +
  • Merge pull request #41 from advthreat/codebuild-fix
    • +
  • Merge pull request #40 from advthreat/ansible-codebuild
    • +
  • Merge pull request #37 from advthreat/fix-host
    • +
  • Merge pull request #35 from advthreat/instances_route53
    • +
+

tenzin [1]

+
    +
  • allows iroh-ops dev platform to access redis #2755
    • +
+

Jerome Schneider [81]

+

iroh-ops [24]

+
    +
  • render s3 artefacts generic and create a releases bucket
    • +
  • datadog: improve logging
    • +
  • add vector support for os logging
    • +
  • tf peering: don't peering public subnets
    • +
  • Add Datadog agent on all instances and specific setup for Nomad and +Consul
    • +
+

between 3 and 4 months old

+
    +
  • vpnator: remove cloudtrail support for the moment
    • +
  • ansible: migrate jerschne on master
    • +
  • iam_lambda_ec2_route53: re-add rights on EC2
    • +
  • improve iam management and adapt Ansible for it
    • +
  • tfw: manage correctly workspaces
    • +
  • switch jerschne on ansible master
    • +
  • Create a new env and manage terraform workspaces
    • +
  • dev: cleaning configuration
    • +
  • only one s3 bucket and dynamodb table per account for tfstates
    • +
  • Ansible: add Mitogen to improve performances (issue #26)
    • +
  • requirements.txt: add missing dependencies
    • +
  • vim: add a vimrc example
    • +
  • scripts/tfw: fixed json debugging message and exit message when it +failed
    • +
  • README is a markdown file
    • +
  • README.md: fix path
    • +
  • Migrate iroh-ops TF to Terraform Wrapper (tfw)
    • +
  • Add a Terraform Wrapper (tfw) that improve Terraform var files
    • +
  • ansible add a quick readme and a requirements.txt
    • +
  • TF: add kafka support
    • +
+

tenzin [57]

+
    +
  • Upgrade TF AWS provider
    • +
  • iroh-async: resize ASG and add downscaling support
    • +
  • iroh: add iroh signer certificates
    • +
  • ASG: Drain Nomad nodes before terminating instances
    • +
  • PROD AP: allows iroh-queue-monitor to put metric in Cloudwatch
    • +
  • PROD EU: allows iroh-queue-monitor to put metric in Cloudwatch
    • +
  • PROD US: allows iroh-queue-monitor to put metric in Cloudwatch
    • +
  • STAGE: allows iroh-queue-monitor to put metric in Cloudwatch
    • +
  • TEST: allows iroh-queue-monitor to put metric in Cloudwatch
    • +
  • INT: allows iroh-queue-monitor to put metric in Cloudwatch
    • +
  • Terraform: configure vault provider
    • +
  • iroh-async: resize instances and memory usage
    • +
  • PROD EU: Conure add IAM policy
    • +
  • PROD APJC: Conure add IAM policy
    • +
  • PROD NAM: Conure add IAM policy
    • +
  • STAGE: add Conure support
    • +
  • TEST: add new Conure IAM role
    • +
  • INT: add new Conure IAM role
    • +
  • iroh allows iroh-internal.*.iroh.site domains
    • +
  • add private-ctia-update-index-state on TEST,STAGE and PROD
    • +
  • STAGE: add iroh-internal support
    • +
  • PROD US: add iroh-internal support
    • +
  • PROD EU: add iroh-internal support
    • +
  • PROD APJC: add iroh-internal support
    • +
  • TEST: add iroh-internal support
    • +
  • INT: add iroh-internal support
    • +
  • RDS PostgreSQL: force SSL connections by default
    • +
  • add private-ctia-update-index-state job to update ES index +mapping
    • +
  • Iroh Async use custom metrics to scale
    • +
  • remove iroh-tooling
    • +
  • iroh-admin INT: revert breaking instance change
    • +
  • Caddy private: allow es-metrics for iroh-ops
    • +
  • allows iroh-ops dev platform to access to private caddy
    • +
  • PostgreSQL Conure change instances for PROD and TEST
    • +
  • add Conure RDS PostgreSQL on PROD and TEST
    • +
  • PROD EU: destroy iroh-investigate and iroh-incident
    • +
  • PROD APJC: destroy iroh-incident and iroh-investigate
    • +
  • PROD NAM: remove iroh-incident and iroh-investigate
    • +
  • TEST: destroy iroh-incident and iroh-investigate
    • +
  • improve
    • +
  • iroh-async: add downscaling!
    • +
  • INT/TEST: fixed iroh-admin conf to allow iroh-queue-monitor
    • +
  • INT: new RDS PostgreSQL for Conure
    • +
  • INT: remove iroh-incident and iroh-investigate
    • +
+

between 3 and 4 months old

+
    +
  • Nomad jobs: fix MaxParallel when auto scaling is enabled!
    • +
  • iroh job: change the grace period from 120s to 180s
    • +
  • iroh-queue-monitor: migrate it on full https and allow access from +private rp
    • +
  • elasticache: change creation timeout
    • +
  • add dedicated Elasticache Redis for iroh-async
    • +
  • PROD APJC: add iroh-async support
    • +
  • PROD EU: add iroh-async support
    • +
  • PROD US: add iroh-async support
    • +
  • TEST: add iroh-async support
    • +
  • add a new iroh-async to replace iroh-investigate and +iroh-incident
    • +
  • iroh-admin nomad job: extend grace delay and add one more status +check
    • +
  • prod US: this PR allows tier3 engineers to manage SES suppression +list
    • +
  • allow iroh-tooling to access to RDS PostgreSQL
    • +
+

Other

+

Other

+

krishna Ganugapenta [32]

+

tenzin [31]

+
    +
  • Mia Lehrer(milhrer) gpg key updated #2725
    • +
  • Securex-news decommission from tenzin #2876
    • +
  • ASG size bumped to negate excessive CPU useage #2869
    • +
  • updated SG rules count for iroh-front-end #2866
    • +
  • IAM policy to access cloudtrail logs s3 bucket #2840
    • +
  • Fixing asea modules not in sync with AWS infra #2828
    • +
  • logstash-cloudtrail versions updated in jobs.sls #2812
    • +
  • IROH_ASYNC asg capacity increase #2813
    • +
  • Logstash-cloudtrail filter settings have modified #2808
    • +
  • Asea services tf modules removed from TEST to sync with AWS infra #2800
    • +
  • tenzin-config files updated to intelligence app #2779
    • +
  • Fixing logstash config file permission issue #2765
    • +
  • Added read and write permission to logstash.yml #2763
    • +
  • prestart task added to prevent permissions error #2762
    • +
  • Added a new set variable for logstash-cloudtrail #2760
    • +
  • Fixing logstash-cloudtrail nomad job config temp #2759
    • +
  • Added a missing template for logstash-cloudtrail #2757
    • +
  • Logstash-cloudtrail job to collect logs #2756
    • +
  • XDR decommission from nomad cluster #2684
    • +
  • SQS queue url fixed for logstash-cloudtrail nomad job #2710
    • +
  • SQS queue url has got updated to logstash-cloudtrail job #2709
    • +
  • filebeat and beats configuration updated #2707
    • +
+

between 3 and 4 months old

+
    +
  • Removal of accesskey/secret key from logstash-cloudtrail job #2702
    • +
  • Added vault policy to oss nodes to fix logstash-cloudtrail nomad job +issue #2700
    • +
  • Caddy port lable fix for logstash-cloudtrail job #2698
    • +
  • Logstash job to retrieve cloudtrail logs from S3 #2696
    • +
  • Enabled securex-ui-incidents for PROD #2650
    • +
  • XDR shell app PROD config added #2624
    • +
  • Conure DB access policy updated #2627
    • +
  • xdr-apps configuration removed form caddy public #2649
    • +
  • Caddy Path based routing changes reverted #2623
    • +
+

tenzin-config [1]

+
    +
  • Securex-news removal from tenzin and tenzin-config #869
    • +
+

Tancredi Orlando [1]

+

easy-purescript-nix [1]

+
    +
  • purs-tidy: 0.9.0 -> 0.9.2
    • +
+

milehrer [15]

+

iroh-engine [15]

+
    +
  • move forward if no new targets or asset
    • +
  • prepare for 0.15.4
    • +
  • decouple first asset check from asset enrichment
    • +
  • change ->instant to parse
    • +
  • write asset-enrich pipeline v1
    • +
  • Prepare for v0.14.6
    • +
  • update iroh service-wrapper to expect resolve-latest
    • +
  • add resolve-latest-assets iroh protocol and endpoint
    • +
+

between 3 and 4 months old

+
    +
  • prepare for v0.14.5
    • +
  • the less we talk about this, the better
    • +
  • prepare for version 0.14.4
    • +
  • make data in enrichment bundles align with real life
    • +
  • prepare for 0.14.3
    • +
  • remove deprecated trojansource step from github workflow
    • +
  • remove transient id generation from assets as DI now does it +instead
    • +
+

Joel Holdbrooks [2]

+

iroh-engine [2]

+
    +
  • Merge pull request #1373 from advthreat/noprompt-patch-1
    • +
  • Update unit_test.yml
    • +
+

Michael Whitley [3]

+

response [3]

+
    +
  • Update access-request.md
    • +
  • Update access-request.md
    • +
  • Update access-request.md
    • +
+

Sofiia Mykytiuk [43]

+

tenzin [43]

+
    +
  • Update VPNator in TEST, STAGE and PROD #2932
    • +
  • Update STAGE docs S3 bucket #2938
    • +
  • Update VPNator lambda functions in INT #2929
    • +
  • Update min capacity for ASG in backup regions #2917
    • +
  • Update readme in terraform folders for backup regions #2896
    • +
  • Saltstack changes for backup regions #2822
    • +
  • ROAdmin role for STAGE and PROD #2909
    • +
  • Update saml in terraform to sync with AWS STAGE and PROD accounts #2910
    • +
  • ROAdmin role for INT #2903
    • +
  • Add nodes to ES-metrics cluster in EU #2905
    • +
  • Remove Data VPNator from PROD #2868
    • +
  • Terraform changes for backup regions #2882
    • +
  • Remove modules needed for S3 batch operations #2884
    • +
  • Disable replication for es-metrics #2850
    • +
  • Update infrastructure diagram with second VPN #2871
    • +
  • Remove data-vpnator from INT #2855
    • +
  • PKI update for backup regions #2842
    • +
  • Update vpnator script for new OPS setup #2817
    • +
  • Fix module deletition #2825
    • +
  • Remove cleaner lambda setup from INT, TEST #2823
    • +
  • Module to setup new vpnator for OPS VPN in INT #2816
    • +
  • Modules to setup VPNator for OPS VPN in PROD #2814
    • +
  • BCP: Update readme with bastion info #2456
    • +
  • Terraform modules update for TEST backup region #2796
    • +
  • New PROD VPNator setup for non-ops VPN setup #2748
    • +
  • Remove not needed permissions for kms-ssm in STAGE #2733
    • +
  • Changing KMS key in Vault unseal config in STAGE #2732
    • +
  • Adding permissions to kms-vault key #2712
    • +
  • Remove permissions for kms-ssm from hashistack policy INT and TEST +#2719
    • +
  • Terraform modules update for TEST backup region #2724
    • +
  • Changing unseal configuration for Vault in INT #2718
    • +
  • Permissions for kms-vault key in INT and STAGE #2706
    • +
  • KMS vault key material for INT and STAGE #2705
    • +
  • New kms-vault key material #2711
    • +
+

between 3 and 4 months old

+
    +
  • Permissions for new kms-vault key in TEST backup region #2695
    • +
  • Fix permissions for kms-vault key #2692
    • +
  • Changing kms key in autounseal Vault config for TEST #2680
    • +
  • Update README.md #2686
    • +
  • Update salt to read datadog api key from SSM #2679
    • +
  • Adding permissions for new kms-vault key for hashistack nodes in +TEST env #2670
    • +
  • Adding permissions for datadog ssm parameter #2663
    • +
  • Comment not needed references #2656
    • +
  • KMS Vault key #2668
    • +
+

Will Lorand [1]

+

iroh [1]

+
    +
  • Update summary.org #7603
    • +
+

Dmytro Budko [5]

+

tenzin [5]

+
    +
  • SXOPS-630 Invalidate a CloudFront cache for INT/TEST after push +changes #2897
    • +
  • SXOPS-191 Terraform: Bring INT and Test into sync with AWS (DOCS +INT/TEST) #2889
    • +
  • SXOPS-616 DataDog agent not able to collect metrics (SLM) from ES #2878
    • +
  • SXOPS-539 EC2 Keypair rotation for INT and TEST #2787
    • +
  • SXOPS-539 Offboard Vadym Kiz #2784
    • +
+

Cisco Boz [1]

+

tenzin [1]

+
    +
  • Replace Threat Response -> XDR for 502 pages on caddy-* public +& private #2934
    • +
+

Patrick Patat [72]

+

iroh-ops [71]

+
    +
  • install and config riemann on asg
    • +
  • add riemann & reimann_telemetry servers
    • +
  • add vault token for ansible
    • +
  • add rds pg cname and bump tf min version to 1.4
    • +
  • install vector after all (due to app log deps)
    • +
  • add vector config for docker with nomad
    • +
  • add auto instance refresh
    • +
  • disable notready service add the end of ansible run
    • +
  • remove unattended-upgrades pkg and ignore qualys server
    • +
  • setup a lambda that run ansible nomad-jobs when a new app version is +pushed to s3
    • +
  • override nomad jobs version with versions.json from s3 bucket +artefacts (needed for auto deployement)
    • +
  • add codebuild fail notification via webex
    • +
  • simplify sg rule and rename a boolean var
    • +
  • add doc for qualys setup
    • +
  • add qualys instances and extends customasation of instances, asg +& sgs
    • +
  • create an aws backup vault and plan for dynamodb backup
    • +
  • create redis-async.iroh.dev.sh cname to tenzin's redis
    • +
  • add add iroh-queue-monitor, add http check for nomad jobs
    • +
  • config vault telemetry to send data to datadog
    • +
  • add role nomad-jobs with exemple job iroh & hello, add related +caddy config for private rp
    • +
  • add python-nomad to manage job, add dogstatsd as volume & add +metadata from docker
    • +
  • add iroh-ro vault policy
    • +
  • add vault ca to ssm, put vault ca on caddy vm & update nomad +config for vault and docker
    • +
  • create custom modules for vault and aws private acm & configure +vault internal pki
    • +
  • allow vault servers to query aws private acm
    • +
  • add docker registry and app_server role for docker registry use
    • +
  • move docker repo conf to linux base & update nomad config
    • +
  • add .yml to group_vars files
    • +
+

between 3 and 4 months old

+
    +
  • create one codebuild job per env
    • +
  • change codebuild default env var to '' and fix missing env var in +user_data
    • +
  • create codebuild ansible-run and replace user_data local ansible +with codebuild trigger
    • +
  • push new admin key in user admin authorized keys
    • +
  • fix hostname config
    • +
  • add lambda to create/delete ec2 dns record on start and +terminate
    • +
  • centralize apt config & set hostname and prompt
    • +
  • configure vault server & add caddy vault config
    • +
  • refactor route53 lb cnames creation
    • +
  • upgrade vault instances config
    • +
  • split iam in mutliple file and add iam for vault instances
    • +
  • add dynamodb for vault
    • +
  • add CODEOWNERS file
    • +
  • remove openvpn push dns (useless with iroh.sh)
    • +
  • upgrade tf and ansible for caddy https with letsencrypt
    • +
  • upgrade dns config with iroh.sh & iroh.services
    • +
  • secure all comunications between consul nomad and rps
    • +
  • do not redeploy instances on ami upgrade
    • +
  • refactor pki
    • +
  • fix: encode in base64 ssm parameters
    • +
  • Revert "temporaly disable encrypt communication for nomad and +consul"
    • +
  • pki for internal certs
    • +
  • use ansible-pull in user_data to config vm at first boot
    • +
  • use t4.small instead of t4.nano
    • +
  • add linux users config
    • +
  • fix: add hashicorp apt in vaul role
    • +
  • upgrade for private rp
    • +
  • add role and playbook for caddy private rp
    • +
  • move hashicorp's apt config to role nomad & consul (do need it +on all vms)
    • +
  • add bastion and openvpn role, playbook and group_vars
    • +
  • temporaly disable encrypt communication for nomad and consul
    • +
  • replace _ with - in node name (need to be dns compatible)
    • +
  • add python3-boto3 to linux_base_pkgs
    • +
  • temporary allow everything from vpn
    • +
  • disable source_dest_check for vpn and add bastion dns name
    • +
  • upgrade for vpn server
    • +
  • ansible typos and code style
    • +
  • refactoring asgs & security groups
    • +
  • refactor terraform asgs
    • +
  • use boolean value instead of strings, add tags in tasks and other +minor fixes
    • +
  • improve ansible.cfg, remove debug, fix unbound config
    • +
  • add load_balancer, app_server private_rp, remove caps from ressource +names
    • +
  • ansible bootstrap
    • +
+

tenzin [1]

+
    +
  • allows iroh-ops dev platform to access rds
    • +
+

Yurii Ivanisenko [12]

+

tenzin [11]

+
    +
  • Add muhammad imran (muhammim) gpg key #2899
    • +
  • Give Muhammad Imran (muhammim) SSH access #2898
    • +
  • removed walkme-ci tf module files and vpn users #2841
    • +
  • removed all saltstack entries with user vilakkak #2818
    • +
  • removed TF module CloudWatch-lambda-sca-whitelist-testing #2804
    • +
  • added diagrams for CTR_AWS and TAC-portal #2717
    • +
  • align with INT lambda settings for Thousendeyes WL and TEST R53 +recor… #2715
    • +
+

between 3 and 4 months old

+
    +
  • fix CSP directives for visibility.amp in APJC and EU regions #2689
    • +
  • fixed tab instead of spaces in caddy.yaml NAM #2681
    • +
  • Caddy public job - added templates for TAC certificates #2674
    • +
  • Added configs for TAC portal prod #2666
    • +
+

tenzin-config [1]

+

between 3 and 4 months old

+
    +
  • Added config.json for Tactical-portal in PROD regions #817
    • +
+

Robert Levy [5]

+

iroh [5]

+
    +
  • fix dev-resources config to use the correct key signer-ops instead +of signer #7778
    • +
  • Add registered trademark to MITRE tile title #7775
    • +
  • Incidents' Detection Sources Tile #7725
    • +
  • top-targeted assets tile for control center (ctia investigate +module) #7689
    • +
  • MITRE Attack incidents tile #7523
    • +
+

Mia [36]

+

iroh [22]

+
    +
  • Update risk score docs to include overview of enrich-targets process +#7773
    • +
  • log asset retrieval failure #7743
    • +
  • Separate risk score engine calls #7742
    • +
  • log bundle #7737
    • +
  • Flag observe targets #7697
    • +
  • remove verbose logs from risk score calculation #7618
    • +
  • FIXME temp log bundle-import-payload #7609
    • +
  • handle explicit nil cases for asset value #7604
    • +
  • Correct describe assets #7600
    • +
  • adjust logging #7596
    • +
  • Resolve latest asset log params #7594
    • +
  • add asset:read scope to token used for engine-service #7571
    • +
  • Iroh engine latest assets #7554
    • +
  • Update bundle import #7542
    • +
  • Fix risk score bundle import #7534
    • +
  • fix a typo in engine config introduce default consistent with engine +#7525
    • +
  • Fix risk score auth #7517
    • +
  • Fix risk score auth #7516
    • +
  • Fix risk score auth with tests this time #7515
    • +
  • add auth token to bundle export header in risk score #7514
    • +
+

between 3 and 4 months old

+
    +
  • implement final risk score #7486
    • +
  • 7342 preliminary risk score #7460
    • +
+

iroh-engine [13]

+
    +
  • Merge pull request #1385 from advthreat/v0.15.4-rc
    • +
  • Merge pull request #1384 from +advthreat/separate-add-assets-and-enrich-targets
    • +
  • Merge pull request #1371 from advthreat/testy-tests
    • +
  • Merge pull request #1367 from advthreat/v0.14.6-rc
    • +
  • Merge pull request #1366 from +advthreat/add-resolve-latest-assets
    • +
+

between 3 and 4 months old

+
    +
  • Merge pull request #1365 from advthreat/v0.14.5-rc
    • +
  • Merge pull request #1364 from advthreat/change-test-again
    • +
  • Merge branch 'main' into change-test-again
    • +
  • Merge pull request #1363 from advthreat/v0.14.4-rc
    • +
  • Merge pull request #1362 from +advthreat/calculate-preliminary-risk-score
    • +
  • Merge pull request #1360 from advthreat/v0.14.3-rc
    • +
  • Merge pull request #1359 from advthreat/remove-trojansource
    • +
  • Merge pull request #1358 from advthreat/remove-transient-ids
    • +
+

tenzin-config [1]

+

between 3 and 4 months old

+
    +
  • flip feature flag in INT for score-based incident enrichment #833
    • +
+

Devin Walters [5]

+

iroh-engine [5]

+
    +
  • Prepare 0.15.2
    • +
  • Coerce to instant after reading as ZDT
    • +
  • Assert sightings
    • +
  • Let up
    • +
  • Use investigable-observables, promises delivered, add verdict
    • +
+

Vadym Kiz [3]

+

tenzin [3]

+
    +
  • SXOPS-361 GitHub self-hosted runners for SecureX UI monorepo #2635
    • +
  • Datadog: enable slm_stats #2778
    • +
  • SSH access - jbusboom #2738
    • +
+

Ag Ibragimov [8]

+

iroh [4]

+
    +
  • Unassigned Incidents Tile should show relative time #7824
    • +
  • Control center: Navigate to Incidents page from tile #7760
    • +
  • Control Center – Detection Sources Tile: Fixes query parenthesizing +#7759
    • +
  • API work for unassigned incidents #7682
    • +
+

tenzin-config [4]

+
    +
  • adds :xdr-site-url #885
    • +
  • adds detection sources config for PROD #881
    • +
  • additional client_id for incident sources #877
    • +
  • adds incident sources: test, int #873
    • +
+

Justin Woo [2]

+

easy-purescript-nix [2]

+
    +
  • Merge pull request #219 from turlando/purs-tidy-0.9.2
    • +
  • Merge pull request #218 from paluh/master
    • +
+

dependabot[bot] [0]

+

Sam Waggoner [4]

+

ctia [1]

+

between 3 and 4 months old

+
    +
  • threatgrid/ctim/#381 Migrate actor 1.2.0 #1323
    • +
+

tenzin-config [3]

+
    +
  • Add hydrant es-metrics configs for events.
    • +
  • Fix hydrant-talos-ta-blog misnamed http-options.
    • +
  • advthreat/hydrant#721 update talos blog http-options.
    • +
+

II [9]

+

iroh [7]

+
    +
  • Issue 7455 - Minor cleanup from XDR tiles merge #7695
    • +
  • 6963 implements one-click module wrapper endpoint #7315
    • +
  • Issue 7647 AMP observe targets #7661
    • +
  • Issue 7647 - IObserveTargetModule protocol #7651
    • +
  • Ao shortcut use unique names #7627
    • +
  • Ao docs formatting fixes #7625
    • +
  • Issue 7550 ao workflow exec shortcut #7617
    • +
+

tenzin-config [2]

+
    +
  • Adds one-click service to bootstrap.cfg files #862
    • +
+

between 3 and 4 months old

+
    +
  • Tac portal PROD login origins #821
    • +
+

Eric Gierach [10]

+

iroh [3]

+
    +
  • Fix attack graph simplification #7747
    • +
  • latest simplification logic (edges not considered) #7662
    • +
  • update notable events to match what the Engine client is producing +for CTR #7614
    • +
+

iroh-engine [7]

+
    +
  • Merge pull request #1387 from advthreat/v0.15.5-rc
    • +
  • Prepare for 0.15.5 release.
    • +
  • Merge pull request #1386 from advthreat/enrich-all-targets
    • +
  • Fix typo in log
    • +
  • Merge pull request #1370 from +advthreat/dependabot/npm_and_yarn/webpack-5.76.0
    • +
  • Merge branch 'main' into dependabot/npm_and_yarn/webpack-5.76.0
    • +
  • Merge pull request #1368 from +advthreat/dependabot/npm_and_yarn/xmldom/xmldom-and-mountebank-0.8.4
    • +
+

Adam Sayer [26]

+

tenzin [25]

+
    +
  • webexbox fix on saltmaster #2937
    • +
  • increase ES storage iops/throughput #2927
    • +
  • Vercel CICD accept 409 and watch http state
    • +
  • Add Vercel CI/CD to Saltmaster #2920
    • +
  • Update hydrant container version #2891
    • +
  • snort filename fix #2890
    • +
  • Update hydrant container to 1.36 in INT #2888
    • +
  • remove jq verify usage #2885
    • +
  • Fix - Extract Talos Snort Rule files for Importer #2880
    • +
  • github runner salt and terraform #2875
    • +
  • update securex-ui in INT for latest NVM profiles #2873
    • +
  • Route53 Module refactor #2851
    • +
  • Revert "SXOPS-361 GitHub self-hosted runners for SecureX UI monorepo +(#2635)" #2859
    • +
  • github-runner ASG #2852
    • +
  • Update r53 module to allow geolocation #2844
    • +
  • Cloud9 ami APJC EU #2803
    • +
  • Cloud9 AMI to NAM #2792
    • +
  • Bash to replace ES instances #2777
    • +
  • Upgrade 6th gen ec2 and cloud9 AMI for TEST #2775
    • +
  • Int cloud9 ami refresh #2768
    • +
  • Allow instance refresh on ASG module #2766
    • +
  • VPC peer TEST-STAGE for qa-macos instance #2734
    • +
  • Stage salt #2716
    • +
+

between 3 and 4 months old

+
    +
  • Allow ingress from IROH to ES private storage #2652
    • +
  • Allow ingress from IROH to es private storage INT #2630
    • +
+

tenzin-config [1]

+
    +
  • Stage env configs #785
    • +
+

Tomasz Rybarczyk [1]

+

easy-purescript-nix [1]

+
    +
  • purs: 0.15.7 -> 0.15.8
    • +
+

Chris Duane [2]

+

response [2]

+
    +
  • Update access-request.md
    • +
  • Create security-event.md
    • +
+

[9]

+

iroh [7]

+
    +
  • Issue 7455 - Minor cleanup from XDR tiles merge #7695
    • +
  • 6963 implements one-click module wrapper endpoint #7315
    • +
  • Issue 7647 AMP observe targets #7661
    • +
  • Issue 7647 - IObserveTargetModule protocol #7651
    • +
  • Ao shortcut use unique names #7627
    • +
  • Ao docs formatting fixes #7625
    • +
  • Issue 7550 ao workflow exec shortcut #7617
    • +
+

tenzin-config [2]

+
    +
  • Adds one-click service to bootstrap.cfg files #862
    • +
+

between 3 and 4 months old

+
    +
  • Tac portal PROD login origins #821
    • +
+

John Jardine [30]

+

tenzin [30]

+
    +
  • Update SW versions, sort changes to the top #2864
    • +
  • Add instances to handle new 3rd party integrations #2870
    • +
  • Add capacity in OSS to support logstash-cloudtrail #2865
    • +
  • Terraform edits to deconflict some values and make more generic #2853
    • +
  • Create S3 Bucket, user, group, policy #2839
    • +
  • Update integrations-crowdstrike to 1.0.2 in all regions #2833
    • +
  • Move all Hydrant jobs to v1.35 (adds coas support) #2826
    • +
  • Bash defaults: Remove TMOUT, assign set -o vi & dir #2829
    • +
  • Check single certificate #2830
    • +
  • Align hydrant jobs on 4 minute multiples. #2821
    • +
  • Updated ssh keypairs for EU NAM and APJC #2791
    • +
  • SXOPS-529: SSH Default configuration changes #2774
    • +
  • Check if integrations-healthcheck is working. #2772
    • +
  • Update sumram.gpg
    • +
  • Make script outputs comparable by using same sort order #2761
    • +
  • SXOPS-435: Add hydrant-talos-coas fixes for other regions #2751
    • +
  • Quote cron entry to prevent YAML interpolation #2750
    • +
  • Default Jason Busboom to absent to prevent global access #2743
    • +
  • Updated rev-proxy for securex-ui-automate.test.iroh.site #2744
    • +
  • Added gpg key for Atul Anand
    • +
  • SXOPS-491 Add securex ui automate support for TEST #2729
    • +
  • Need to add securex-ui-automate.int.iroh.site to ACME #2723
    • +
  • SXOPS-491 Add securex ui automate support #2722
    • +
+

between 3 and 4 months old

+
    +
  • Fix comment, fix error file content check #2683
    • +
  • Backport v1.112 fixes to master #2682
    • +
  • Initial commit #2671
    • +
  • Add error handling to cert check #2651
    • +
  • Initial Vercel Postman API #2633
    • +
  • INT: Merge Consul overrides into jobs.sls #2646
    • +
  • SXOPS-412: Trend Micro XDR Integration Relay INT and TEST #2617
    • +
+

Michael Pendergrass [4]

+

iroh [4]

+
    +
  • Engine 0.15.5 #7768
    • +
  • add more attribute relation types #7660
    • +
  • More graph changes #7643
    • +
  • add graph output to incident summary #7549
    • +
+

Scott McLeod [4]

+

iroh [4]

+
    +
  • Improve performance of IncidentReportService #7745
    • +
  • Add filters to Incident Report #7727
    • +
  • Add test to verify paging #7564
    • +
  • Use search_after paging for incident report (#7461) #7539
    • +
+

Matthieu Sprunck [3]

+

ctia [3]

+
    +
  • Bump CTIM to 1.3.7 #1357
    • +
  • Bump to CTIM 1.3.5 #1349
    • +
  • Bump to CTIM 1.3.4 #1345
    • +
+

Jerome Schneider [10]

+

iroh-ops [9]

+
    +
  • Merge pull request #68 from advthreat/split-releases-artefacts
    • +
  • Merge pull request #51 from advthreat/logging-vector
    • +
  • Merge pull request #46 from advthreat/datadog
    • +
+

between 3 and 4 months old

+
    +
  • Merge pull request #42 from advthreat/vpnator-rm-cloudtrail
    • +
  • Merge pull request #36 from advthreat/stricter-iam
    • +
  • Merge pull request #34 from advthreat/fix-tfw
    • +
  • Merge pull request #16 from advthreat/tfw-fixes
    • +
  • Merge pull request #13 from advthreat/tf-wrapper
    • +
  • Merge pull request #12 from advthreat/ansible
    • +
+

tenzin [1]

+

between 3 and 4 months old

+
    +
  • iroh(-async): improve memory management to avoid memory cgroup oom +#2693
    • +
+

t2sw [1]

+

iroh [1]

+
    +
  • modify get-tiles and get-tiles-data endpoints for xdr query +parameter #7757
    • +
+

bswanson [81]

+

iroh [10]

+
    +
  • Engine version bump. #7730
    • +
  • Asset correlation #7708
    • +
  • READY FOR REVIEW: observe-targets to iroh engine. #7683
    • +
  • Fix empty source breaking schema. #7687
    • +
  • BUG FIX: events were pulled from wrong key. #7678
    • +
  • Add Assets to Summary and Events incident endpoints #7666
    • +
+

between 3 and 4 months old

+
    +
  • Add Eric and Mia to codeowners. #7501
    • +
  • Add extra fields to summary events #7482
    • +
  • Add optional keys owner and groups to :incident-id/events schema. #7449
    • +
  • Allow port key in the private-intel service context #7435
    • +
+

iroh-engine [68]

+
    +
  • Merge pull request #1383 from advthreat/v0.15.3-rc
    • +
  • Update changelog.
    • +
  • Prepare for 0.15.3 release
    • +
  • Merge pull request #1381 from advthreat/proper-no-op
    • +
  • Merge branch 'main' into proper-no-op
    • +
  • Merge pull request #1382 from advthreat/codeowners
    • +
  • Add folks to codeowners, remove our previous humans.
    • +
  • Update release to remove unused project.clj
    • +
  • Cleanup tests.
    • +
  • Update tests to reflect passthrough behavior.
    • +
  • failing tests, but no-op.
    • +
  • Merge pull request #1380 from advthreat/v0.15.2-rc
    • +
  • Merge pull request #1379 from advthreat/superstitious-p
    • +
  • Merge pull request #1378 from advthreat/v0.15.1-rc
    • +
  • Release v0.15.1.
    • +
  • Merge pull request #1377 from +advthreat/remove-original-sightings
    • +
  • Don't print 100s of sightings :D
    • +
  • Add logging.
    • +
  • Remove CTIM dependency.
    • +
  • Data for you and data for me
    • +
  • Cabinet of curiosities be gone.
    • +
  • Datums test.
    • +
  • new asset responses.
    • +
  • Check no-op case for assets-for-new-targets.
    • +
  • Add assets and asset mappings.
    • +
  • Remove fake test that described itself as real.
    • +
  • Use add-latest-asset-info from enrich ns.
    • +
  • Add failing observe-target-observables-test.
    • +
  • Do not pass back the relationships or sightings from the original +bundle.
    • +
  • Merge pull request #1374 from advthreat/v0.15.0-rc
    • +
  • Release candidate 0.15.0
    • +
  • Merge pull request #1372 from advthreat/asset-enrich
    • +
  • Merge branch 'main' into asset-enrich
    • +
  • Only need to wrap around exception.
    • +
  • Magic sauce for cljs vs clj.
    • +
  • Add test for ->instant.
    • +
  • Fix let<.
    • +
  • promesify everything.
    • +
  • PR feedback, add p/let.
    • +
  • PR feedback.
    • +
  • map observable keys (this shouldn't matter, but for consistency and +safety sake.)
    • +
  • Refactor exists? because it's a function.
    • +
  • Update src/iroh/engine/asset/enrich.cljc
    • +
  • Fix IrohServiceWrapper call.
    • +
  • move time fns into time ns.
    • +
  • A bit more function now.
    • +
  • IT LIVESSSS.
    • +
  • Add emit_observe_targets_enrich.js
    • +
  • Wiring through observable call.
    • +
  • mountebank.
    • +
  • Getting farther through the pipeline.
    • +
  • Resolve linter errors.
    • +
  • more promises for us.
    • +
  • cleanup nested whens.
    • +
  • Try to call targets.
    • +
  • it puts the promise on the code.
    • +
  • Smaller functions.
    • +
  • Clean up more test ns.
    • +
  • Cleanup tests.
    • +
  • Merge branch 'main' into asset-enrich
    • +
  • Move logic into previous function.
    • +
  • Add resolve latest mountebank test.
    • +
  • Some unit tests.
    • +
  • prepare for the sightening.
    • +
  • extract targets from enriched response.
    • +
  • Break out a couple more small functions.
    • +
  • Implement some small helper functions.
    • +
  • Pull in used sighting ns and reference observable var.
    • +
+

tenzin-config [3]

+
    +
  • Add config for prod and fix test typo. #846
    • +
+

between 3 and 4 months old

+
    +
  • Add iroh base url to conure config. #829
    • +
  • Add necessary conure config. #811
    • +
+

Pawan Bahuguna [31]

+

tenzin [31]

+
    +
  • Sxops 191 - custom_response_body #2933
    • +
  • Added health check header #2921
    • +
  • Added Health check header to crowdstrike for testing #2916
    • +
  • Increased the Max size to 6 #2908
    • +
  • Updated the version to 7.0.7 to sync with AWS #2907
    • +
  • SXOPS-621 - Enable IAM Access Advisor in all envs #2894
    • +
  • Removed Event Processor Role #2881
    • +
  • SXOPS 191 Update TEST VPC Peering #2879
    • +
  • Changed version to 7.0.5, already present in aws #2877
    • +
  • Updated desired capacity, min and max size #2874
    • +
  • SXOPS-490 Docker version health check #2837
    • +
  • Added CU, IR, KP, SY #2854
    • +
  • Added artifacts and XDR to ordered_cache_behavior - Already in AWS +#2848
    • +
  • SXOPS-191-Updated VPC peering connection #2835
    • +
  • Added docker container version check #2815
    • +
  • SAML sync with AWS #2824
    • +
  • enabled intelligence in prod #2807
    • +
  • SXOPS-535 Micro Frontend Ribbon #2806
    • +
  • int-iroh-registration-ui User is already present in AWS #2801
    • +
  • Removed CloudWatch-CSIRT.tf #2788
    • +
  • updated the asg_max_size to 6 #2781
    • +
  • Added instance refresh #2780
    • +
  • Enabling watchdog check on Crowdstrike #2773
    • +
  • SXOPS-490 Add/Update 3rd Party Integrations health checks #2767
    • +
  • Added TLS - automate MFE #2753
    • +
  • PROD automate MFE #2752
    • +
  • [SXOPS-497] Create 3rd Party Integrations for Cybereason & +Crowdstrike (INT/TEST) #2747
    • +
  • Added dbudko pabahugu to VPN list #2728
    • +
  • Sxops 484 onboard dmytro dbudko #2727
    • +
  • SXOPS-476 Decom Nomad task securex-ui-incidents from Tenzin #2699
    • +
+

between 3 and 4 months old

+ +

Trent Boyd [2]

+

tenzin-config [2]

+
    +
  • chore: add https dev urls to xdr projects #886
    • +
  • feat: add configs for securex-ui-intelligence job #852
    • +
+

Devin Walters [12]

+

tenzin [7]

+
    +
  • Set tmpdir to /local for conure task #2930
    • +
  • Mount datadog socket in conure task #2922
    • +
  • Remove Conure access to IROH RDS instance #2742
    • +
+

between 3 and 4 months old

+
    +
  • Capture the rest of a log message as 'message_text' for clj stack +logs #2660
    • +
  • Grok pattern which captures message for the clj stack #2658
    • +
  • Add RMI server hostname #2640
    • +
  • Include configuration for hikari monitoring via JMX #2639
    • +
+

tenzin-config [5]

+
    +
  • Specify JWK per environment #866
    • +
  • Update conure username in prod environments #860
    • +
  • Update conure db username in TEST #856
    • +
  • Update conure configuration #843
    • +
  • Test out dedicated conure postgres instance #838
    • +
+

Martin Bruchanov [20]

+

tenzin [20]

+
    +
  • Adding data nodes to lower file system utilization #2940
    • +
  • Adding vercel deploy to sudo for consul #2936
    • +
  • Increasing number of data nodes to the current state #2935
    • +
  • Security groups for OPS VPN in INT #2924
    • +
  • Added CLI parameters for ES administration tools #2915
    • +
  • Removing salt references for terminated OPs instance #2900
    • +
  • Updated contacts of EDF team #2895
    • +
  • Fixed JSON validation for IROH query #2887
    • +
  • Fixed correct hostname and SSM keys #2893
    • +
  • OPS OpenVPN salt deployment #2883
    • +
  • Renaming data-openvpn to ops-openvpn #2845
    • +
  • Increasing edf-reporting and iops-reporting memory allocation #2838
    • +
  • Added list of Consul UI hostnames #2789
    • +
  • Tool for quick SSH to Consul leader #2785
    • +
  • Cleaning up intel2x hostname #2654
    • +
  • Second VPN server for Non-OPS access #2735
    • +
  • Fixed duplicated uid in user profile #2740
    • +
+

between 3 and 4 months old

+
    +
  • NAM ElasticSearch clean up: DNS, S3 bucket for snapshots #2697
    • +
  • Updating hostnames, fixed error with missing authentication #2637
    • +
  • Tranfer of existing roles from one ES cluter to another #2634
    • +
+

Michael Simonson [3]

+

tenzin [2]

+
    +
  • Adds input buckets for non-int envs #2863
    • +
  • SXOPs-hydrant-talos-coa-importer #2741
    • +
+

tenzin-config [1]

+
    +
  • Issue SXOPs-562: Hydrant Manual Removal Importer #859
    • +
+

John Jardine [5]

+

tenzin [4]

+
    +
  • Revert "Move all Hydrant jobs to v1.35 (adds coas support)"
    • +
  • Revert "Include STAGE in hydrant container version update"
    • +
  • Include STAGE in hydrant container version update
    • +
  • Move all Hydrant jobs to v1.35 (adds coas support)
    • +
+

tenzin-config [1]

+
    +
  • Importer was missing the config files #850
    • +
+

Gayan Jayasundara [7]

+

tenzin [7]

+
    +
  • Bump crowdstrike and SentinalOne - Ian requested #2904
    • +
  • Bump crowdstrike into 1.0.2a - Bug fix from Ian #2846
    • +
  • SXOPS-512 Bump crowdstrike and sentinelone versions #2802
    • +
+

between 3 and 4 months old

+
    +
  • Migrate securex-ui-incidents from Nomad to Vercel - non-prod - DNS +#2691
    • +
  • securex-ui-control-center - non-prod vercel #2690
    • +
  • Update cyberprotect integration to latest (2.0.6) #2673
    • +
  • Redirect XDR int to Vercel #2667
    • +
+ + diff --git a/reports/latest-weekly.html b/reports/latest-weekly.html new file mode 100644 index 00000000..f2d53663 --- /dev/null +++ b/reports/latest-weekly.html @@ -0,0 +1,774 @@ + + + + + + + + Code Weekly Report 24 + + + + + +
+

Code Weekly Report 24

+

logs goes 2 weeks back

+

2023-06-16

+
+ +

IROH

+

lead

+

Guillaume Buisson [1]

+

iroh [1]

+
    +
  • Initial XDR Incident Manager Response 1.1 Draft Spec #7847
    • +
+

data

+

Mario Aquino [4]

+

iroh [4]

+
    +
  • Fix flaky test #7971
    • +
  • Partition and batch threat hunt observables #7958
    • +
+
+

>1w

+
    +
  • Establish a task timeout option for async work #7948
    • +
  • Issue 7823/incident summary mapping #7907
    • +
+
+

Guillaume Erétéo [2]

+

iroh [2]

+
    +
  • Update risk-score.md #7974
    • +
+
+

>1w

+
    +
  • adding org mode for calculating data volume #7941
    • +
+
+

Ambrose Bonnaire-Sergeant [1]

+

ctia [1]

+
+

>1w

+
    +
  • Disable /metric/average route for irrelevant entities #1372
    • +
+
+

integrations

+

Matthieu Sprunck [2]

+

tenzin-config [2]

+
+

>1w

+
    +
  • Share the same module configurations in iroh and iroh-async in PROD +#905
    • +
  • Disable HTTP Proxy in IROH proxy (PROD)#903
    • +
+
+

Kirill Chernyshov [8]

+

iroh [3]

+
    +
  • Remove try/catch for better error handling #7980
    • +
  • Fix NullPointerException #7961
    • +
+
+

>1w

+
    +
  • Use event id for the key of kafka record #7923
    • +
+
+

tenzin-config [5]

+
    +
  • Enable KafkaServices on INT #921
    • +
  • Disable KafkaServices once again #918
    • +
  • Enable Kafka related services on INT #916
    • +
+
+

>1w

+
    +
  • Temporary disable services #914
    • +
  • Set SSL kafka security protocol on INT #912
    • +
+
+

Shafiq [1]

+

iroh [1]

+
    +
  • Creating iroh-events datastream should succeed even if it exists +already #7959
    • +
+

auth

+

bartuka [1]

+

iroh [1]

+
    +
  • [IROH Auth] RBAC JWT Revocation on role change #7875
    • +
+

Yann Esposito [16]

+

iroh [4]

+
    +
  • Upgrade SX to XDR org via provisioning #7981
    • +
  • feature-flag scopes are considered as special #7985
    • +
  • fix local dev environment to be able to start locally without docker +#7944
    • +
+
+

>1w

+
    +
  • Use org to display the roles as expected #7952
    • +
+
+

ring-jwt-middleware [3]

+
    +
  • Version 1.1.4-SNAPSHOT
    • +
  • Version 1.1.3
    • +
  • Support external error via is-revoked-fn
    • +
+

tenzin-config [9]

+
    +
  • Enable XDR roles in PROD #919
    • +
  • factorize PROD #917
    • +
  • Add role-web-service config everywhere #911
    • +
+
+

>1w

+
    +
  • Canonicalize the configs (#913) #915
    • +
  • Canonicalize the configs #913
    • +
  • Add missing role-web-service everywhere #910
    • +
  • Gen configs git pre-commit hook #908
    • +
  • Factorisation iroh/iroh-async confs #904
    • +
  • Tree config structures to prevent config duplication. #901
    • +
+
+

Olivier Barbeau [7]

+

iroh [7]

+
    +
  • Upgrade Babashka #7967
    • +
  • add missing exclusions for uberjar #7963
    • +
  • fix bug when Org has no entitlement #7956
    • +
  • [IROH configuration]: Generate service diagram #7872
    • +
  • GH pages updates #7960
    • +
+
+

>1w

+
    +
  • fix alias arguments #7954
    • +
  • Issue 7930 GitHub pages styling #7932
    • +
+
+

(Yogsototh) [3]

+

ring-jwt-middleware [3]

+
    +
  • Version 1.1.4-SNAPSHOT
    • +
  • Version 1.1.3
    • +
  • Support external error via is-revoked-fn
    • +
+

iroh-ops

+

Jerome Schneider [1]

+

tenzin [1]

+
    +
  • Kafka Connect: fixed cluster conf and use our own cacerts file
    • +
+

Patrick Patat [1]

+

iroh-ops [1]

+
    +
  • Merge pull request #75 from advthreat/squid
    • +
+

Patrick Patat [1]

+

iroh-ops [1]

+
    +
  • add squid server for vector in public subnet
    • +
+

Other

+

Other

+

Robert Levy [2]

+

iroh [1]

+
+

>1w

+
    +
  • user and team mean time tiles #7873
    • +
+
+

tenzin-config [1]

+
+

>1w

+
    +
  • add migration for iroh issue #7819 to TEST and PROD environments #902
    • +
+
+

Devin Walters [2]

+

tenzin-config [2]

+
    +
  • Add config.edn for other conure-distributor environments #920
    • +
+
+

>1w

+
    +
  • Reduce conure-distributor worker count #906
    • +
+
+

Mia [3]

+

iroh [1]

+
    +
  • Snapshot for risk score #7964
    • +
+

iroh-engine [2]

+
+

>1w

+
    +
  • Merge pull request #1394 from advthreat/v0.15.6-rc
    • +
  • Merge pull request #1393 from advthreat/save-asset-snapshot
    • +
+
+

Scott McLeod [1]

+

tenzin-config [1]

+
+

>1w

+
    +
  • Config changes supporting IROH PR #7934 #899
    • +
+
+

krishna Ganugapenta [4]

+

tenzin [4]

+
    +
  • COnure-distributor PROD ASG modules fix #3062
    • +
  • opsvpncidr removal from TEST and other backup regions as +ops vpn not present there #3061
    • +
  • Conure-distributor setup config for TEST/PROD #3049
    • +
+
+

>1w

+
    +
  • Conuredistributor terraform modules config updates #3027
    • +
+
+

milehrer [2]

+

iroh-engine [2]

+
+

>1w

+
    +
  • prepare for v0.15.6
    • +
  • Remove sightings from asset enrichment response, save snapshot +instead
    • +
+
+

Martin Bruchanov [2]

+

tenzin [2]

+
    +
  • Clean-up of the old ES5 deployment code #3053
    • +
+
+

>1w

+
    +
  • Fix for consul registration of ops-openvpn service #2968
    • +
+
+

Kirill Chernyshov [1]

+

tenzin-config [1]

+
+

>1w

+
    +
  • IROH Events migration to Elasticsearch #909
    • +
+
+

John Jardine [2]

+

tenzin [2]

+
    +
  • Add endpoint generation procedure and update endpoints. #3058
    • +
  • SXOPS-792: QA complaining of long queue times for incidents +enrichment #3054
    • +
+

Sofiia Mykytiuk [9]

+

tenzin [9]

+
    +
  • Update ASG for ES metrics in NAM and EU #3063
    • +
  • Update vpnator list #3050
    • +
+
+

>1w

+
    +
  • Remove CSIRTInvestigator role #3045
    • +
  • Policy to allow access to DynamoDB items for ROAdmin #3043
    • +
  • Remove jbusboom ssh configs #3042
    • +
  • Dmarc record for STAGE #3040
    • +
  • Remove ssh access for Michael Simonson #3035
    • +
  • Update OPS vpnator list #3034
    • +
  • Consul fix for ops vpn #3032
    • +
+
+

muhammad-xdr-ops [4]

+

tenzin [4]

+
    +
  • SXOPS-805 - adding CNAMEs for secure-client-forms MFE #3065
    • +
  • enabled trendmicro and defender in all prod regions #3055
    • +
  • SXOPS-763 - updating integrations version #3052
    • +
+
+

>1w

+
    +
  • SXOPS-702 removing INT access to PROD S3 bucket #3024
    • +
+
+

Dmytro Budko [5]

+

tenzin [5]

+
    +
  • SXOPS-191 Terraform: Bring INT and Test into sync with AWS #3056
    • +
+
+

>1w

+
    +
  • SXOPS-766 [PROD] Fix 'docs' related Terraform Delta #3046
    • +
  • SXOPS-636 Docs XDR Deployment, Publish and Host #3048
    • +
  • SXOPS-636 Docs XDR Deployment, Publish and Host #3041
    • +
  • SXOPS-636 Docs XDR Deployment, Publish and Host #3016
    • +
+
+

Scott McLeod [1]

+

iroh [1]

+
+

>1w

+
    +
  • Use filter-map-search directly from CRUDStoreService #7934
    • +
+
+

Rekha Gupta [2]

+

tenzin-config [2]

+
    +
  • fix: to port 4008 because ribbon uses 4007 #925
    • +
  • feat: port for new client management MFE #924
    • +
+

Jerome Schneider [1]

+

tenzin [1]

+
    +
  • SXOPS 801: Kafka connect open port 8083 and use static port in Nomad +#3059
    • +
+

Yurii Ivanisenko [2]

+

tenzin [2]

+
+

>1w

+
    +
  • connected self-hosted runner #3038
    • +
  • added wokeignore file #3036
    • +
+
+

Gayan Jayasundara [2]

+

tenzin [2]

+
    +
  • Add Adam as codeowner to Tenzin repo #3060
    • +
+
+

>1w

+
    +
  • SXOPS-472 & SXOPS-498 - Enable sentinelone and crowdstrike in +Production for v1.122 Release #3031
    • +
+
+ + diff --git a/reports/report.css b/reports/report.css new file mode 100644 index 00000000..8588e8c1 --- /dev/null +++ b/reports/report.css @@ -0,0 +1,19 @@ + diff --git a/reports/weekly-17.html b/reports/weekly-17.html new file mode 100644 index 00000000..909c3722 --- /dev/null +++ b/reports/weekly-17.html @@ -0,0 +1,645 @@ + + + + + + + + Code Weekly Report 17 + + + + + +
+

Code Weekly Report 17

+

logs goes 2 weeks back

+

2023-04-28

+
+ +

IROH

+

lead

+

Guillaume Buisson [1]

+

iroh [1]

+
    +
  • Initial Incident Response Design Draft #7398
    • +
+

data

+

Mario Aquino [2]

+

iroh [2]

+
    +
  • Add audiences to client #7812
    • +
  • OrgTokenProviderService #7731
    • +
+

Guillaume Erétéo [4]

+

ctia [1]

+
    +
  • add total-hits headers to metric responses #1363
    • +
+

iroh [3]

+

>1w

+
    +
  • introduce aggregation in crud store #7734
    • +
  • Add Scott to CODEOWNERS #7782
    • +
  • first stats #7765
    • +
+

Ambrose Bonnaire-Sergeant [1]

+

ctia [1]

+
    +
  • Push sighting store's coercion pattern into def-es-store #1361
    • +
+

integrations

+

Matthieu Sprunck [1]

+

iroh [1]

+
    +
  • E7469: Event API extension design #7462
    • +
+

Kirill Chernyshov [3]

+

iroh [3]

+

>1w

+
    +
  • Fix configuration option for event signer #7777
    • +
  • Add signer options for EventService #7776
    • +
  • Simplify kafka-producer integration test #7769
    • +
+

[0]

+

auth

+

bartuka [3]

+

iroh [3]

+
    +
  • [IROH Auth] introducing TimeService in +AuthService #7806
    • +
  • [IROH Auth] allow only iroh-core.time in oauth2.core ns +#7793
    • +
+

>1w

+
    +
  • [IROH Auth] - Update IROH Web middleware to build short JWTs with +profile data #7671
    • +
+

Yann Esposito [14]

+

iroh [7]

+
    +
  • Add a missing option to disable default configs #7805
    • +
  • Add a script to init tokens without login in #7794
    • +
  • Fix schema for Response #7804
    • +
  • Add support to onboard a single app #7796
    • +
  • Add a role instrospection route to help the UI and other clients #7785
    • +
  • Fix scopes declaration for execute-workflow route #7799
    • +
+

>1w

+
    +
  • Fix a Swagger bug due to schema name conflict #7790
    • +
+

tenzin-config [2]

+

>1w

+
    +
  • fix missing iroh-async web-services #884
    • +
  • align iroh and iroh-async confs #883
    • +
+

xdr-provisioning [5]

+
    +
  • Improve help regarding setting env vars
    • +
  • Improve the command line parsing
    • +
  • rename script to .sh
    • +
  • Add onboarding of DI and CSC
    • +
+

>1w

+
    +
  • Initial provisioning Script
    • +
+

Olivier Barbeau [1]

+

tenzin-config [1]

+

>1w

+
    +
  • sets the :xdr-roles feature flag in INT and TEST #840
    • +
+

(Yogsototh) [5]

+

xdr-provisioning [5]

+
    +
  • Improve help regarding setting env vars
    • +
  • Improve the command line parsing
    • +
  • rename script to .sh
    • +
  • Add onboarding of DI and CSC
    • +
+

>1w

+
    +
  • Initial provisioning Script
    • +
+

iroh-ops

+

Jerome Schneider [1]

+

tenzin [1]

+
    +
  • Upgrade TF AWS provider
    • +
+

Patrick Patat [1]

+

tenzin [1]

+
    +
  • allows iroh-ops dev platform to access redis #2755
    • +
+

Other

+

Other

+

Robert Levy [2]

+

iroh [2]

+

>1w

+
    +
  • fix dev-resources config to use the correct key signer-ops instead +of signer #7778
    • +
  • Add registered trademark to MITRE tile title #7775
    • +
+

Eric Gierach [4]

+

iroh-engine [4]

+

>1w

+
    +
  • Merge pull request #1387 from advthreat/v0.15.5-rc
    • +
  • Prepare for 0.15.5 release.
    • +
  • Merge pull request #1386 from advthreat/enrich-all-targets
    • +
  • Fix typo in log
    • +
+

Devin Walters [2]

+

tenzin [2]

+
    +
  • Set tmpdir to /local for conure task #2930
    • +
  • Mount datadog socket in conure task #2922
    • +
+

Mia [1]

+

iroh [1]

+

>1w

+
    +
  • Update risk score docs to include overview of enrich-targets process +#7773
    • +
+

Adam Sayer [3]

+

tenzin [3]

+
    +
  • increase ES storage iops/throughput #2927
    • +
  • Vercel CICD accept 409 and watch http state
    • +
  • Add Vercel CI/CD to Saltmaster #2920
    • +
+

milehrer [1]

+

iroh-engine [1]

+

>1w

+
    +
  • move forward if no new targets or asset
    • +
+

Martin Bruchanov [2]

+

tenzin [2]

+
    +
  • Security groups for OPS VPN in INT #2924
    • +
+

>1w

+
    +
  • Added CLI parameters for ES administration tools #2915
    • +
+

Ag Ibragimov [3]

+

iroh [1]

+
    +
  • Control center: Navigate to Incidents page from tile #7760
    • +
+

tenzin-config [2]

+
    +
  • adds :xdr-site-url #885
    • +
+

>1w

+
    +
  • adds detection sources config for PROD #881
    • +
+

Sofiia Mykytiuk [8]

+

tenzin [8]

+
    +
  • Update VPNator lambda functions in INT #2929
    • +
  • Update min capacity for ASG in backup regions #2917
    • +
  • Update readme in terraform folders for backup regions #2896
    • +
+

>1w

+
    +
  • Saltstack changes for backup regions #2822
    • +
  • ROAdmin role for STAGE and PROD #2909
    • +
  • Update saml in terraform to sync with AWS STAGE and PROD accounts #2910
    • +
  • ROAdmin role for INT #2903
    • +
  • Add nodes to ES-metrics cluster in EU #2905
    • +
+

Will Lorand [1]

+

iroh [1]

+

>1w

+
    +
  • Update summary.org #7603
    • +
+

Michael Pendergrass [1]

+

iroh [1]

+

>1w

+ +

Scott McLeod [1]

+

iroh [1]

+
    +
  • Improve performance of IncidentReportService #7745
    • +
+

Sam Waggoner [1]

+

tenzin-config [1]

+
    +
  • Add hydrant es-metrics configs for events.
    • +
+

t2sw [1]

+

iroh [1]

+

>1w

+
    +
  • modify get-tiles and get-tiles-data endpoints for xdr query +parameter #7757
    • +
+

Gayan Jayasundara [1]

+

tenzin [1]

+

>1w

+
    +
  • Bump crowdstrike and SentinalOne - Ian requested #2904
    • +
+

Pawan Bahuguna [4]

+

tenzin [4]

+
    +
  • Added health check header #2921
    • +
  • Added Health check header to crowdstrike for testing #2916
    • +
+

>1w

+
    +
  • Increased the Max size to 6 #2908
    • +
  • Updated the version to 7.0.7 to sync with AWS #2907
    • +
+

Trent Boyd [1]

+

tenzin-config [1]

+
    +
  • chore: add https dev urls to xdr projects #886
    • +
+ + diff --git a/reports/weekly-17.org b/reports/weekly-17.org new file mode 100644 index 00000000..6521a97b --- /dev/null +++ b/reports/weekly-17.org @@ -0,0 +1,308 @@ +#+title: Code Weekly Report 17 +#+subtitle: logs goes 2 weeks back +#+date: 2023-04-28 +#+options: H:6 +* IROH +** lead + + +*** Guillaume Buisson [1] + +**** iroh [1] + +- Initial Incident Response Design Draft [[https://github.com/advthreat/iroh/pull/7398][#7398]] +** data + + +*** Mario Aquino [2] + +**** iroh [2] + +- Add audiences to client [[https://github.com/advthreat/iroh/pull/7812][#7812]] +- OrgTokenProviderService [[https://github.com/advthreat/iroh/pull/7731][#7731]] + +*** Guillaume Erétéo [4] + +**** ctia [1] + +- add total-hits headers to metric responses [[https://github.com/advthreat/ctia/pull/1363][#1363]] +**** iroh [3] + + +_>1w_ + +- introduce aggregation in crud store [[https://github.com/advthreat/iroh/pull/7734][#7734]] +- Add Scott to CODEOWNERS [[https://github.com/advthreat/iroh/pull/7782][#7782]] +- first stats [[https://github.com/advthreat/iroh/pull/7765][#7765]] + +*** Ambrose Bonnaire-Sergeant [1] + +**** ctia [1] + +- Push sighting store's coercion pattern into def-es-store [[https://github.com/advthreat/ctia/pull/1361][#1361]] +** integrations + + +*** Matthieu Sprunck [1] + +**** iroh [1] + +- E7469: Event API extension design [[https://github.com/advthreat/iroh/pull/7462][#7462]] + +*** Kirill Chernyshov [3] + +**** iroh [3] + + +_>1w_ + +- Fix configuration option for event signer [[https://github.com/advthreat/iroh/pull/7777][#7777]] +- Add signer options for EventService [[https://github.com/advthreat/iroh/pull/7776][#7776]] +- Simplify kafka-producer integration test [[https://github.com/advthreat/iroh/pull/7769][#7769]] + +*** [0] + +** auth + + +*** bartuka [3] + +**** iroh [3] + +- [IROH Auth] introducing ~TimeService~ in ~AuthService~ [[https://github.com/advthreat/iroh/pull/7806][#7806]] +- [IROH Auth] allow only ~iroh-core.time~ in oauth2.core ns [[https://github.com/advthreat/iroh/pull/7793][#7793]] + +_>1w_ + +- [IROH Auth] - Update IROH Web middleware to build short JWTs with profile data [[https://github.com/advthreat/iroh/pull/7671][#7671]] + +*** Yann Esposito [14] + +**** iroh [7] + +- Add a missing option to disable default configs [[https://github.com/advthreat/iroh/pull/7805][#7805]] +- Add a script to init tokens without login in [[https://github.com/advthreat/iroh/pull/7794][#7794]] +- Fix schema for Response [[https://github.com/advthreat/iroh/pull/7804][#7804]] +- Add support to onboard a single app [[https://github.com/advthreat/iroh/pull/7796][#7796]] +- Add a role instrospection route to help the UI and other clients [[https://github.com/advthreat/iroh/pull/7785][#7785]] +- Fix scopes declaration for execute-workflow route [[https://github.com/advthreat/iroh/pull/7799][#7799]] + +_>1w_ + +- Fix a Swagger bug due to schema name conflict [[https://github.com/advthreat/iroh/pull/7790][#7790]] +**** tenzin-config [2] + + +_>1w_ + +- fix missing iroh-async web-services [[https://github.com/advthreat/tenzin-config/pull/884][#884]] +- align iroh and iroh-async confs [[https://github.com/advthreat/tenzin-config/pull/883][#883]] +**** xdr-provisioning [5] + +- Improve help regarding setting env vars +- Improve the command line parsing +- rename script to .sh +- Add onboarding of DI and CSC + +_>1w_ + +- Initial provisioning Script + +*** Olivier Barbeau [1] + +**** tenzin-config [1] + + +_>1w_ + +- sets the ~:xdr-roles~ feature flag in INT and TEST [[https://github.com/advthreat/tenzin-config/pull/840][#840]] + +*** (Yogsototh) [5] + +**** xdr-provisioning [5] + +- Improve help regarding setting env vars +- Improve the command line parsing +- rename script to .sh +- Add onboarding of DI and CSC + +_>1w_ + +- Initial provisioning Script +** iroh-ops + + +*** Jerome Schneider [1] + +**** tenzin [1] + +- Upgrade TF AWS provider + +*** Patrick Patat [1] + +**** tenzin [1] + +- allows iroh-ops dev platform to access redis [[https://github.com/advthreat/tenzin/pull/2755][#2755]] +* Other +** Other + + +*** Robert Levy [2] + +**** iroh [2] + + +_>1w_ + +- fix dev-resources config to use the correct key signer-ops instead of signer [[https://github.com/advthreat/iroh/pull/7778][#7778]] +- Add registered trademark to MITRE tile title [[https://github.com/advthreat/iroh/pull/7775][#7775]] + +*** Eric Gierach [4] + +**** iroh-engine [4] + + +_>1w_ + +- Merge pull request #1387 from advthreat/v0.15.5-rc +- Prepare for 0.15.5 release. +- Merge pull request #1386 from advthreat/enrich-all-targets +- Fix typo in log + +*** Devin Walters [2] + +**** tenzin [2] + +- Set tmpdir to /local for conure task [[https://github.com/advthreat/tenzin/pull/2930][#2930]] +- Mount datadog socket in conure task [[https://github.com/advthreat/tenzin/pull/2922][#2922]] + +*** Mia [1] + +**** iroh [1] + + +_>1w_ + +- Update risk score docs to include overview of enrich-targets process [[https://github.com/advthreat/iroh/pull/7773][#7773]] + +*** Adam Sayer [3] + +**** tenzin [3] + +- increase ES storage iops/throughput [[https://github.com/advthreat/tenzin/pull/2927][#2927]] +- Vercel CICD accept 409 and watch http state +- Add Vercel CI/CD to Saltmaster [[https://github.com/advthreat/tenzin/pull/2920][#2920]] + +*** milehrer [1] + +**** iroh-engine [1] + + +_>1w_ + +- move forward if no new targets or asset + +*** Martin Bruchanov [2] + +**** tenzin [2] + +- Security groups for OPS VPN in INT [[https://github.com/advthreat/tenzin/pull/2924][#2924]] + +_>1w_ + +- Added CLI parameters for ES administration tools [[https://github.com/advthreat/tenzin/pull/2915][#2915]] + +*** Ag Ibragimov [3] + +**** iroh [1] + +- Control center: Navigate to Incidents page from tile [[https://github.com/advthreat/iroh/pull/7760][#7760]] +**** tenzin-config [2] + +- adds :xdr-site-url [[https://github.com/advthreat/tenzin-config/pull/885][#885]] + +_>1w_ + +- adds detection sources config for PROD [[https://github.com/advthreat/tenzin-config/pull/881][#881]] + +*** Sofiia Mykytiuk [8] + +**** tenzin [8] + +- Update VPNator lambda functions in INT [[https://github.com/advthreat/tenzin/pull/2929][#2929]] +- Update min capacity for ASG in backup regions [[https://github.com/advthreat/tenzin/pull/2917][#2917]] +- Update readme in terraform folders for backup regions [[https://github.com/advthreat/tenzin/pull/2896][#2896]] + +_>1w_ + +- Saltstack changes for backup regions [[https://github.com/advthreat/tenzin/pull/2822][#2822]] +- ROAdmin role for STAGE and PROD [[https://github.com/advthreat/tenzin/pull/2909][#2909]] +- Update saml in terraform to sync with AWS STAGE and PROD accounts [[https://github.com/advthreat/tenzin/pull/2910][#2910]] +- ROAdmin role for INT [[https://github.com/advthreat/tenzin/pull/2903][#2903]] +- Add nodes to ES-metrics cluster in EU [[https://github.com/advthreat/tenzin/pull/2905][#2905]] + +*** Will Lorand [1] + +**** iroh [1] + + +_>1w_ + +- Update summary.org [[https://github.com/advthreat/iroh/pull/7603][#7603]] + +*** Michael Pendergrass [1] + +**** iroh [1] + + +_>1w_ + +- Engine 0.15.5 [[https://github.com/advthreat/iroh/pull/7768][#7768]] + +*** Scott McLeod [1] + +**** iroh [1] + +- Improve performance of IncidentReportService [[https://github.com/advthreat/iroh/pull/7745][#7745]] + +*** Sam Waggoner [1] + +**** tenzin-config [1] + +- Add hydrant es-metrics configs for events. + +*** t2sw [1] + +**** iroh [1] + + +_>1w_ + +- modify get-tiles and get-tiles-data endpoints for xdr query parameter [[https://github.com/advthreat/iroh/pull/7757][#7757]] + +*** Gayan Jayasundara [1] + +**** tenzin [1] + + +_>1w_ + +- Bump crowdstrike and SentinalOne - Ian requested [[https://github.com/advthreat/tenzin/pull/2904][#2904]] + +*** Pawan Bahuguna [4] + +**** tenzin [4] + +- Added health check header [[https://github.com/advthreat/tenzin/pull/2921][#2921]] +- Added Health check header to crowdstrike for testing [[https://github.com/advthreat/tenzin/pull/2916][#2916]] + +_>1w_ + +- Increased the Max size to 6 [[https://github.com/advthreat/tenzin/pull/2908][#2908]] +- Updated the version to 7.0.7 to sync with AWS [[https://github.com/advthreat/tenzin/pull/2907][#2907]] + +*** Trent Boyd [1] + +**** tenzin-config [1] + +- chore: add https dev urls to xdr projects [[https://github.com/advthreat/tenzin-config/pull/886][#886]] diff --git a/reports/weekly-17.pdf b/reports/weekly-17.pdf new file mode 100644 index 00000000..2d38d82a Binary files /dev/null and b/reports/weekly-17.pdf differ diff --git a/reports/weekly-19.html b/reports/weekly-19.html new file mode 100644 index 00000000..729fe8f4 --- /dev/null +++ b/reports/weekly-19.html @@ -0,0 +1,452 @@ + + + + + + + + Code Weekly Report 19 + + + + + +
+

Code Weekly Report 19

+

logs goes 2 weeks back

+

2023-05-09

+
+ +

IROH

+

lead

+

Guillaume Buisson [0]

+

data

+

Mario Aquino [3]

+

iroh [2]

+
    +
  • Generate request-context auth token when async task starts #7825
    • +
  • IncidentSummaryService #7814
    • +
+

tenzin-config [1]

+
    +
  • Fix session queue name for iroh-async #890
    • +
+

Guillaume Erétéo [0]

+

Ambrose Bonnaire-Sergeant [2]

+

ctia [2]

+
    +
  • Revert "Revert "Push sighting store's coercion pattern into +def-es-store (#1361)" (#1364)" #1365
    • +
  • Revert "Push sighting store's coercion pattern into def-es-store +(#1361)" #1364
    • +
+

integrations

+

Matthieu Sprunck [1]

+

iroh [1]

+
    +
  • Remote: Add an optional scope param to the OAuth2 access token +request #7836
    • +
+

[0]

+

[0]

+

auth

+

bartuka [0]

+

Yann Esposito [1]

+

iroh [1]

+
    +
  • replace clj-momo deep-merge #7815
    • +
+

Olivier Barbeau [1]

+

iroh [1]

+
    +
  • fix http status code #7838
    • +
+

(Yogsototh) [0]

+

iroh-ops

+

Jerome Schneider [0]

+

Patrick Patat [0]

+

Other

+

Other

+

Robert Levy [1]

+

iroh [1]

+
    +
  • Epic 7135 tile groups feature branch #7520
    • +
+

Devin Walters [0]

+

Adam Sayer [2]

+

tenzin [2]

+
    +
  • Revert "Issue 2093 setup infra for poc with sneller (#2138)" #2953
    • +
  • encoding fix #2943
    • +
+

Martin Bruchanov [4]

+

tenzin [4]

+
    +
  • PROD Infrastructure for OPS OpenVPN EU/eu-west-1 #2944
    • +
  • PROD Infrastructure for OPS OpenVPN NAM/us-east-1 #2941
    • +
  • PROD Infrastructure for OPS OpenVPN APJC/ap-northeast-1 #2945
    • +
  • Adding data nodes to lower file system utilization #2940
    • +
+

Ag Ibragimov [2]

+

iroh [2]

+
    +
  • Refactor: move around tiles code #7813
    • +
  • Unassigned Incidents Tile should show relative time #7824
    • +
+

Michael Simonson [0]

+

Sofiia Mykytiuk [5]

+

tenzin [5]

+
    +
  • SXOPS-584: Update OPS vpnator list #2950
    • +
  • Update AWS Backup rule name to fix length issue #2946
    • +
  • Update vault unseal configuration for PROD #2856
    • +
  • Update VPNator in TEST, STAGE and PROD #2932
    • +
  • Update STAGE docs S3 bucket #2938
    • +
+

muhammad-xdr-ops [1]

+

tenzin [1]

+
    +
  • adding some more API calls for cluster info/troubleshooting #2954
    • +
+

Dmytro Budko [1]

+

tenzin [1]

+
    +
  • SXOPS-684 Access for GitHub Action Workflow to Production S3 and +Clou… #2947
    • +
+

Scott McLeod [0]

+

Cisco Boz [1]

+

tenzin [1]

+
    +
  • Replace Threat Response -> XDR for 502 pages on caddy-* public +& private #2934
    • +
+

Sam Waggoner [0]

+

Jerome Schneider [2]

+

tenzin [2]

+
    +
  • PROD APJC: replace not existing r6a (only on APJC) instances by r6i +#2901
    • +
  • NOMAD-drain-nodes: fixed nomad urls and ASG #2902
    • +
+

Yurii Ivanisenko [1]

+

tenzin [1]

+
    +
  • Added Terraform plan and apply workflows #2942
    • +
+

Pawan Bahuguna [4]

+

tenzin [4]

+
    +
  • SXOPS-712 (part of SXOPS 29 ) PROD Remove CloudWatch CSIRT #2956
    • +
  • Removed CloudWatch CSIRT Role #2957
    • +
  • Updated desired capacity as per AWS #2949
    • +
  • Added Instance Refresh #2948
    • +
+

Trent Boyd [0]

+ + diff --git a/reports/weekly-19.org b/reports/weekly-19.org new file mode 100644 index 00000000..5100807a --- /dev/null +++ b/reports/weekly-19.org @@ -0,0 +1,171 @@ +#+title: Code Weekly Report 19 +#+subtitle: logs goes 2 weeks back +#+date: 2023-05-09 +#+options: H:6 +* IROH +** lead + + +*** Guillaume Buisson [0] + +** data + + +*** Mario Aquino [3] + +**** iroh [2] + +- Generate request-context auth token when async task starts [[https://github.com/advthreat/iroh/pull/7825][#7825]] +- IncidentSummaryService [[https://github.com/advthreat/iroh/pull/7814][#7814]] +**** tenzin-config [1] + +- Fix session queue name for iroh-async [[https://github.com/advthreat/tenzin-config/pull/890][#890]] + +*** Guillaume Erétéo [0] + + +*** Ambrose Bonnaire-Sergeant [2] + +**** ctia [2] + +- Revert "Revert "Push sighting store's coercion pattern into def-es-store (#1361)" (#1364)" [[https://github.com/advthreat/ctia/pull/1365][#1365]] +- Revert "Push sighting store's coercion pattern into def-es-store (#1361)" [[https://github.com/advthreat/ctia/pull/1364][#1364]] +** integrations + + +*** Matthieu Sprunck [1] + +**** iroh [1] + +- Remote: Add an optional scope param to the OAuth2 access token request [[https://github.com/advthreat/iroh/pull/7836][#7836]] + +*** [0] + + +*** [0] + +** auth + + +*** bartuka [0] + + +*** Yann Esposito [1] + +**** iroh [1] + +- replace clj-momo deep-merge [[https://github.com/advthreat/iroh/pull/7815][#7815]] + +*** Olivier Barbeau [1] + +**** iroh [1] + +- fix http status code [[https://github.com/advthreat/iroh/pull/7838][#7838]] + +*** (Yogsototh) [0] + +** iroh-ops + + +*** Jerome Schneider [0] + + +*** Patrick Patat [0] + +* Other +** Other + + +*** Robert Levy [1] + +**** iroh [1] + +- Epic 7135 tile groups feature branch [[https://github.com/advthreat/iroh/pull/7520][#7520]] + +*** Devin Walters [0] + + +*** Adam Sayer [2] + +**** tenzin [2] + +- Revert "Issue 2093 setup infra for poc with sneller (#2138)" [[https://github.com/advthreat/tenzin/pull/2953][#2953]] +- encoding fix [[https://github.com/advthreat/tenzin/pull/2943][#2943]] + +*** Martin Bruchanov [4] + +**** tenzin [4] + +- PROD Infrastructure for OPS OpenVPN EU/eu-west-1 [[https://github.com/advthreat/tenzin/pull/2944][#2944]] +- PROD Infrastructure for OPS OpenVPN NAM/us-east-1 [[https://github.com/advthreat/tenzin/pull/2941][#2941]] +- PROD Infrastructure for OPS OpenVPN APJC/ap-northeast-1 [[https://github.com/advthreat/tenzin/pull/2945][#2945]] +- Adding data nodes to lower file system utilization [[https://github.com/advthreat/tenzin/pull/2940][#2940]] + +*** Ag Ibragimov [2] + +**** iroh [2] + +- Refactor: move around tiles code [[https://github.com/advthreat/iroh/pull/7813][#7813]] +- Unassigned Incidents Tile should show relative time [[https://github.com/advthreat/iroh/pull/7824][#7824]] + +*** Michael Simonson [0] + + +*** Sofiia Mykytiuk [5] + +**** tenzin [5] + +- SXOPS-584: Update OPS vpnator list [[https://github.com/advthreat/tenzin/pull/2950][#2950]] +- Update AWS Backup rule name to fix length issue [[https://github.com/advthreat/tenzin/pull/2946][#2946]] +- Update vault unseal configuration for PROD [[https://github.com/advthreat/tenzin/pull/2856][#2856]] +- Update VPNator in TEST, STAGE and PROD [[https://github.com/advthreat/tenzin/pull/2932][#2932]] +- Update STAGE docs S3 bucket [[https://github.com/advthreat/tenzin/pull/2938][#2938]] + +*** muhammad-xdr-ops [1] + +**** tenzin [1] + +- adding some more API calls for cluster info/troubleshooting [[https://github.com/advthreat/tenzin/pull/2954][#2954]] + +*** Dmytro Budko [1] + +**** tenzin [1] + +- SXOPS-684 Access for GitHub Action Workflow to Production S3 and Clou… [[https://github.com/advthreat/tenzin/pull/2947][#2947]] + +*** Scott McLeod [0] + + +*** Cisco Boz [1] + +**** tenzin [1] + +- Replace Threat Response -> XDR for 502 pages on caddy-* public & private [[https://github.com/advthreat/tenzin/pull/2934][#2934]] + +*** Sam Waggoner [0] + + +*** Jerome Schneider [2] + +**** tenzin [2] + +- PROD APJC: replace not existing r6a (only on APJC) instances by r6i [[https://github.com/advthreat/tenzin/pull/2901][#2901]] +- NOMAD-drain-nodes: fixed nomad urls and ASG [[https://github.com/advthreat/tenzin/pull/2902][#2902]] + +*** Yurii Ivanisenko [1] + +**** tenzin [1] + +- Added Terraform plan and apply workflows [[https://github.com/advthreat/tenzin/pull/2942][#2942]] + +*** Pawan Bahuguna [4] + +**** tenzin [4] + +- SXOPS-712 (part of SXOPS 29 ) PROD Remove CloudWatch CSIRT [[https://github.com/advthreat/tenzin/pull/2956][#2956]] +- Removed CloudWatch CSIRT Role [[https://github.com/advthreat/tenzin/pull/2957][#2957]] +- Updated desired capacity as per AWS [[https://github.com/advthreat/tenzin/pull/2949][#2949]] +- Added Instance Refresh [[https://github.com/advthreat/tenzin/pull/2948][#2948]] + +*** Trent Boyd [0] + diff --git a/reports/weekly-19.pdf b/reports/weekly-19.pdf new file mode 100644 index 00000000..203dad0f Binary files /dev/null and b/reports/weekly-19.pdf differ diff --git a/reports/weekly-22.html b/reports/weekly-22.html new file mode 100644 index 00000000..69c35456 --- /dev/null +++ b/reports/weekly-22.html @@ -0,0 +1,657 @@ + + + + + + + + Code Weekly Report 22 + + + + + +
+

Code Weekly Report 22

+

logs goes 2 weeks back

+

2023-05-30

+
+ +

IROH

+

lead

+

[0]

+

data

+

Mario Aquino [1]

+

iroh [1]

+
+

>1w

+
    +
  • Disable incident-summary store until mapping is in place #7900
    • +
+
+

Guillaume Erétéo [2]

+

iroh [2]

+
    +
  • Mean tiles avg fixtures #7791
    • +
+
+

>1w

+
    +
  • document org data deletion #7864
    • +
+
+

Ambrose Bonnaire-Sergeant [4]

+

ctia [4]

+
    +
  • Fix X-Total-Hits in incident average metric #1371
    • +
  • Remove unused creds #1370
    • +
  • Remove old deps scanner #1369
    • +
  • Average aggregations for incidents #1358
    • +
+

integrations

+

[0]

+

Kirill Chernyshov [4]

+

iroh [4]

+
    +
  • Generate DataStream names #7903
    • +
+
+

>1w

+
    +
  • KafkaAdminService #7893
    • +
  • Use ES API to create DataStream #7889
    • +
  • Small adjustments for iroh-events datastream #7884
    • +
+
+

[0]

+

auth

+

bartuka [8]

+

iroh [8]

+
+

>1w

+
    +
  • [IROH Auth] Fix wrong role name in Invites for XDR roles #7908
    • +
  • [IROH Auth] add :entitlement-summary to profile org +return values #7896
    • +
  • [IROH Auth] Fix /profile swagger.json bug #7897
    • +
  • [IROH Auth] add Entitlement Summary to whoami #7894
    • +
  • [IROH Auth] Expose entitlement methods in Profile webservice #7881
    • +
  • [IROH Auth] Declare entitlement-svc in default-bootstrap #7891
    • +
  • [IROH Auth] fix EntitlementSummary structure #7886
    • +
  • [IROH Auth] Decide JWT format based on the new client's +tokens-format property #7789
    • +
+
+

[0]

+

Olivier Barbeau [3]

+

iroh [3]

+
    +
  • Code coverage in GitHub Pages #7924
    • +
+
+

>1w

+
    +
  • add provisioning platform entitlements #7895
    • +
  • add entitlements field to the provision/platform/account endpoint #7882
    • +
+
+

[0]

+

iroh-ops

+

[0]

+

[0]

+

Other

+

Other

+

II [1]

+

iroh [1]

+
    +
  • Adds orbital to the list of allowed AO token scopes #7919
    • +
+

Devin Walters [1]

+

tenzin [1]

+
+

>1w

+
    +
  • Undo change to move java tmpdir to /local #2990
    • +
+
+

Mia [1]

+

iroh-engine [1]

+
+

>1w

+
    +
  • Merge pull request #1390 from advthreat/update-resolvable-types
    • +
+
+

Adam Sayer [6]

+

tenzin [6]

+
    +
  • Nomad version upgrade to 1.5.6 #3003
    • +
+
+

>1w

+
    +
  • Upgrade vault version to 1.13.2 #2994
    • +
  • consul 1.9.3 to 1.15.2 #2984
    • +
  • move vjayakod to non-prod #2979
    • +
  • fix state name #2975
    • +
  • Sxops 437 stage vercel #2687
    • +
+
+

krishna Ganugapenta [5]

+

tenzin [5]

+
    +
  • S3 permissions allowed for datadog-java-agent #3008
    • +
  • Conure task dd-java-agent version update #3001
    • +
+
+

>1w

+
    +
  • Dtatdog-agent config updated to allow APM #2985
    • +
  • Added datadog.yaml file for agent container #2983
    • +
  • Datadog java agent added for Conure #2970
    • +
+
+

milehrer [3]

+

iroh-engine [3]

+
+

>1w

+
    +
  • remove ip and ipv6 from list of resolvable types
    • +
  • fix tests for new observable types
    • +
  • add new resolvable types
    • +
+
+

Martin Bruchanov [3]

+

tenzin [3]

+
+

>1w

+
    +
  • Fixed, user creation of vjayakod non-PROD environments #2993
    • +
  • Added XDR hostnames and compatible check for zero size #2987
    • +
  • Fixed syntax of conure.job #2981
    • +
+
+

Chris Duane [1]

+

iroh [1]

+
+

>1w

+
    +
  • Removing ZeroNorth vuln scan. #7890
    • +
+
+

[1]

+

iroh [1]

+
    +
  • Adds orbital to the list of allowed AO token scopes #7919
    • +
+

John Jardine [1]

+

tenzin [1]

+
+

>1w

+
    +
  • Change INT/TEST hydrant to v1.37 #2978
    • +
+
+

Sofiia Mykytiuk [5]

+

tenzin [5]

+
    +
  • Revert "Remove datadog-ro vault policy (#2999)" #3010
    • +
  • Remove cleaner lambda setup from PROD #2996
    • +
  • Remove datadog-ro vault policy #2999
    • +
+
+

>1w

+
    +
  • Route53 records to verify domain in STAGE #2980
    • +
  • Fix statuspage sync lambda #2973
    • +
+
+

muhammad-xdr-ops [4]

+

tenzin [4]

+
    +
  • SXOPS-745 - aws ec2 keys rotated for all prod envs #3018
    • +
  • SXOPS-703 remove public access to SNS topics #3011
    • +
  • SXOPS-740 - int/test/stage aws ec2 default key rotation #3007
    • +
+
+

>1w

+
    +
  • SXOPS-740 - Remove bbozhev #2988
    • +
+
+

Dmytro Budko [1]

+

tenzin [1]

+
    +
  • SXOPS-716 [ACTION REQUIRED] Changes to AWS Billing, Cost Management, +and Account access control policies #2995
    • +
+

Cisco Boz [1]

+

tenzin [1]

+
+

>1w

+
    +
  • SXOPS-605: Updated jobs.sls for us-east-1 , eu-west-1, +ap-northeast-1 with the overriten configurations for each env #2974
    • +
+
+

Jerome Schneider [1]

+

tenzin [1]

+
+

>1w

+
    +
  • Migrate INT on TF 1.4 #2549
    • +
+
+

Brooke Swanson [1]

+

tenzin [1]

+
+

>1w

+
    +
  • Add service tags and enable profiling in int. #2989
    • +
+
+

Yurii Ivanisenko [3]

+

tenzin [2]

+
    +
  • add WAF ipv6 lists #2991
    • +
  • linter tool master branch #2998
    • +
+

tenzin-config [1]

+
    +
  • woke tool added #894
    • +
+

Pawan Bahuguna [5]

+

tenzin [5]

+
    +
  • SXOPS-29 [PROD] Added multiazenabled #3012
    • +
  • Removing duo-cloudmapper as it is not supported now #3005
    • +
  • Updated the desired capacity to match AWS #3000
    • +
+
+

>1w

+
    +
  • SXOPS-29 PROD VPC Peering Correction #2986
    • +
  • SXOPS-29 NAM EU R53 #2977
    • +
+
+

vjayakody [2]

+

tenzin [2]

+ +
+

>1w

+
    +
  • updating ssh key #2992
    • +
+
+ + diff --git a/reports/weekly-22.org b/reports/weekly-22.org new file mode 100644 index 00000000..cd944180 --- /dev/null +++ b/reports/weekly-22.org @@ -0,0 +1,334 @@ +#+title: Code Weekly Report 22 +#+subtitle: logs goes 2 weeks back +#+date: 2023-05-30 +#+options: H:6 +* IROH +** lead + + +*** [0] + +** data + + +*** Mario Aquino [1] + +**** iroh [1] + +#+BEGIN_QUOTE + +_>1w_ + +- Disable incident-summary store until mapping is in place [[https://github.com/advthreat/iroh/pull/7900][#7900]] +#+END_QUOTE + +*** Guillaume Erétéo [2] + +**** iroh [2] + +- Mean tiles avg fixtures [[https://github.com/advthreat/iroh/pull/7791][#7791]] +#+BEGIN_QUOTE + +_>1w_ + +- document org data deletion [[https://github.com/advthreat/iroh/pull/7864][#7864]] +#+END_QUOTE + +*** Ambrose Bonnaire-Sergeant [4] + +**** ctia [4] + +- Fix X-Total-Hits in incident average metric [[https://github.com/advthreat/ctia/pull/1371][#1371]] +- Remove unused creds [[https://github.com/advthreat/ctia/pull/1370][#1370]] +- Remove old deps scanner [[https://github.com/advthreat/ctia/pull/1369][#1369]] +- Average aggregations for incidents [[https://github.com/advthreat/ctia/pull/1358][#1358]] +** integrations + + +*** [0] + + +*** Kirill Chernyshov [4] + +**** iroh [4] + +- Generate DataStream names [[https://github.com/advthreat/iroh/pull/7903][#7903]] +#+BEGIN_QUOTE + +_>1w_ + +- KafkaAdminService [[https://github.com/advthreat/iroh/pull/7893][#7893]] +- Use ES API to create DataStream [[https://github.com/advthreat/iroh/pull/7889][#7889]] +- Small adjustments for iroh-events datastream [[https://github.com/advthreat/iroh/pull/7884][#7884]] +#+END_QUOTE + +*** [0] + +** auth + + +*** bartuka [8] + +**** iroh [8] + +#+BEGIN_QUOTE + +_>1w_ + +- [IROH Auth] Fix wrong role name in Invites for XDR roles [[https://github.com/advthreat/iroh/pull/7908][#7908]] +- [IROH Auth] add ~:entitlement-summary~ to profile org return values [[https://github.com/advthreat/iroh/pull/7896][#7896]] +- [IROH Auth] Fix ~/profile~ swagger.json bug [[https://github.com/advthreat/iroh/pull/7897][#7897]] +- [IROH Auth] add Entitlement Summary to ~whoami~ [[https://github.com/advthreat/iroh/pull/7894][#7894]] +- [IROH Auth] Expose entitlement methods in Profile webservice [[https://github.com/advthreat/iroh/pull/7881][#7881]] +- [IROH Auth] Declare entitlement-svc in default-bootstrap [[https://github.com/advthreat/iroh/pull/7891][#7891]] +- [IROH Auth] fix EntitlementSummary structure [[https://github.com/advthreat/iroh/pull/7886][#7886]] +- [IROH Auth] Decide JWT format based on the new ~client~'s ~tokens-format~ property [[https://github.com/advthreat/iroh/pull/7789][#7789]] +#+END_QUOTE + +*** [0] + + +*** Olivier Barbeau [3] + +**** iroh [3] + +- Code coverage in GitHub Pages [[https://github.com/advthreat/iroh/pull/7924][#7924]] +#+BEGIN_QUOTE + +_>1w_ + +- add provisioning platform entitlements [[https://github.com/advthreat/iroh/pull/7895][#7895]] +- add entitlements field to the provision/platform/account endpoint [[https://github.com/advthreat/iroh/pull/7882][#7882]] +#+END_QUOTE + +*** [0] + +** iroh-ops + + +*** [0] + + +*** [0] + +* Other +** Other + + +*** II [1] + +**** iroh [1] + +- Adds orbital to the list of allowed AO token scopes [[https://github.com/advthreat/iroh/pull/7919][#7919]] + +*** Devin Walters [1] + +**** tenzin [1] + +#+BEGIN_QUOTE + +_>1w_ + +- Undo change to move java tmpdir to /local [[https://github.com/advthreat/tenzin/pull/2990][#2990]] +#+END_QUOTE + +*** Mia [1] + +**** iroh-engine [1] + +#+BEGIN_QUOTE + +_>1w_ + +- Merge pull request #1390 from advthreat/update-resolvable-types +#+END_QUOTE + +*** Adam Sayer [6] + +**** tenzin [6] + +- Nomad version upgrade to 1.5.6 [[https://github.com/advthreat/tenzin/pull/3003][#3003]] +#+BEGIN_QUOTE + +_>1w_ + +- Upgrade vault version to 1.13.2 [[https://github.com/advthreat/tenzin/pull/2994][#2994]] +- consul 1.9.3 to 1.15.2 [[https://github.com/advthreat/tenzin/pull/2984][#2984]] +- move vjayakod to non-prod [[https://github.com/advthreat/tenzin/pull/2979][#2979]] +- fix state name [[https://github.com/advthreat/tenzin/pull/2975][#2975]] +- Sxops 437 stage vercel [[https://github.com/advthreat/tenzin/pull/2687][#2687]] +#+END_QUOTE + +*** krishna Ganugapenta [5] + +**** tenzin [5] + +- S3 permissions allowed for datadog-java-agent [[https://github.com/advthreat/tenzin/pull/3008][#3008]] +- Conure task dd-java-agent version update [[https://github.com/advthreat/tenzin/pull/3001][#3001]] +#+BEGIN_QUOTE + +_>1w_ + +- Dtatdog-agent config updated to allow APM [[https://github.com/advthreat/tenzin/pull/2985][#2985]] +- Added datadog.yaml file for agent container [[https://github.com/advthreat/tenzin/pull/2983][#2983]] +- Datadog java agent added for Conure [[https://github.com/advthreat/tenzin/pull/2970][#2970]] +#+END_QUOTE + +*** milehrer [3] + +**** iroh-engine [3] + +#+BEGIN_QUOTE + +_>1w_ + +- remove ip and ipv6 from list of resolvable types +- fix tests for new observable types +- add new resolvable types +#+END_QUOTE + +*** Martin Bruchanov [3] + +**** tenzin [3] + +#+BEGIN_QUOTE + +_>1w_ + +- Fixed, user creation of vjayakod non-PROD environments [[https://github.com/advthreat/tenzin/pull/2993][#2993]] +- Added XDR hostnames and compatible check for zero size [[https://github.com/advthreat/tenzin/pull/2987][#2987]] +- Fixed syntax of conure.job [[https://github.com/advthreat/tenzin/pull/2981][#2981]] +#+END_QUOTE + +*** Chris Duane [1] + +**** iroh [1] + +#+BEGIN_QUOTE + +_>1w_ + +- Removing ZeroNorth vuln scan. [[https://github.com/advthreat/iroh/pull/7890][#7890]] +#+END_QUOTE + +*** [1] + +**** iroh [1] + +- Adds orbital to the list of allowed AO token scopes [[https://github.com/advthreat/iroh/pull/7919][#7919]] + +*** John Jardine [1] + +**** tenzin [1] + +#+BEGIN_QUOTE + +_>1w_ + +- Change INT/TEST hydrant to v1.37 [[https://github.com/advthreat/tenzin/pull/2978][#2978]] +#+END_QUOTE + +*** Sofiia Mykytiuk [5] + +**** tenzin [5] + +- Revert "Remove datadog-ro vault policy (#2999)" [[https://github.com/advthreat/tenzin/pull/3010][#3010]] +- Remove cleaner lambda setup from PROD [[https://github.com/advthreat/tenzin/pull/2996][#2996]] +- Remove datadog-ro vault policy [[https://github.com/advthreat/tenzin/pull/2999][#2999]] +#+BEGIN_QUOTE + +_>1w_ + +- Route53 records to verify domain in STAGE [[https://github.com/advthreat/tenzin/pull/2980][#2980]] +- Fix statuspage sync lambda [[https://github.com/advthreat/tenzin/pull/2973][#2973]] +#+END_QUOTE + +*** muhammad-xdr-ops [4] + +**** tenzin [4] + +- SXOPS-745 - aws ec2 keys rotated for all prod envs [[https://github.com/advthreat/tenzin/pull/3018][#3018]] +- SXOPS-703 remove public access to SNS topics [[https://github.com/advthreat/tenzin/pull/3011][#3011]] +- SXOPS-740 - int/test/stage aws ec2 default key rotation [[https://github.com/advthreat/tenzin/pull/3007][#3007]] +#+BEGIN_QUOTE + +_>1w_ + +- SXOPS-740 - Remove bbozhev [[https://github.com/advthreat/tenzin/pull/2988][#2988]] +#+END_QUOTE + +*** Dmytro Budko [1] + +**** tenzin [1] + +- SXOPS-716 [ACTION REQUIRED] Changes to AWS Billing, Cost Management, and Account access control policies [[https://github.com/advthreat/tenzin/pull/2995][#2995]] + +*** Cisco Boz [1] + +**** tenzin [1] + +#+BEGIN_QUOTE + +_>1w_ + +- SXOPS-605: Updated jobs.sls for us-east-1 , eu-west-1, ap-northeast-1 with the overriten configurations for each env [[https://github.com/advthreat/tenzin/pull/2974][#2974]] +#+END_QUOTE + +*** Jerome Schneider [1] + +**** tenzin [1] + +#+BEGIN_QUOTE + +_>1w_ + +- Migrate INT on TF 1.4 [[https://github.com/advthreat/tenzin/pull/2549][#2549]] +#+END_QUOTE + +*** Brooke Swanson [1] + +**** tenzin [1] + +#+BEGIN_QUOTE + +_>1w_ + +- Add service tags and enable profiling in int. [[https://github.com/advthreat/tenzin/pull/2989][#2989]] +#+END_QUOTE + +*** Yurii Ivanisenko [3] + +**** tenzin [2] + +- add WAF ipv6 lists [[https://github.com/advthreat/tenzin/pull/2991][#2991]] +- linter tool master branch [[https://github.com/advthreat/tenzin/pull/2998][#2998]] +**** tenzin-config [1] + +- woke tool added [[https://github.com/advthreat/tenzin-config/pull/894][#894]] + +*** Pawan Bahuguna [5] + +**** tenzin [5] + +- SXOPS-29 [PROD] Added multi_az_enabled [[https://github.com/advthreat/tenzin/pull/3012][#3012]] +- Removing duo-cloudmapper as it is not supported now [[https://github.com/advthreat/tenzin/pull/3005][#3005]] +- Updated the desired capacity to match AWS [[https://github.com/advthreat/tenzin/pull/3000][#3000]] +#+BEGIN_QUOTE + +_>1w_ + +- SXOPS-29 PROD VPC Peering Correction [[https://github.com/advthreat/tenzin/pull/2986][#2986]] +- SXOPS-29 NAM EU R53 [[https://github.com/advthreat/tenzin/pull/2977][#2977]] +#+END_QUOTE + +*** vjayakody [2] + +**** tenzin [2] + +- ssh key update [[https://github.com/advthreat/tenzin/pull/3002][#3002]] +#+BEGIN_QUOTE + +_>1w_ + +- updating ssh key [[https://github.com/advthreat/tenzin/pull/2992][#2992]] +#+END_QUOTE diff --git a/reports/weekly-22.pdf b/reports/weekly-22.pdf new file mode 100644 index 00000000..4f5d0af7 Binary files /dev/null and b/reports/weekly-22.pdf differ diff --git a/reports/weekly-23.html b/reports/weekly-23.html new file mode 100644 index 00000000..7b985eea --- /dev/null +++ b/reports/weekly-23.html @@ -0,0 +1,663 @@ + + + + + + + + Code Weekly Report 23 + + + + + +
+

Code Weekly Report 23

+

logs goes 2 weeks back

+

2023-06-06

+
+ +

IROH

+

lead

+

[0]

+

data

+

Mario Aquino [1]

+

iroh [1]

+
    +
  • Issue 7823/incident summary mapping #7907
    • +
+

Guillaume Erétéo [1]

+

iroh [1]

+
+

>1w

+
    +
  • Mean tiles avg fixtures #7791
    • +
+
+

Ambrose Bonnaire-Sergeant [4]

+

ctia [4]

+
+

>1w

+
    +
  • Fix X-Total-Hits in incident average metric #1371
    • +
  • Remove unused creds #1370
    • +
  • Remove old deps scanner #1369
    • +
  • Average aggregations for incidents #1358
    • +
+
+

integrations

+

Matthieu Sprunck [3]

+

tenzin-config [3]

+
    +
  • Share the same module configurations in iroh and iroh-async in PROD +#905
    • +
  • Disable HTTP Proxy in IROH proxy (PROD)#903
    • +
  • Configure the Microsoft Defender module record #897
    • +
+

Kirill Chernyshov [2]

+

iroh [2]

+
    +
  • Use event id for the key of kafka record #7923
    • +
+
+

>1w

+
    +
  • Generate DataStream names #7903
    • +
+
+

[0]

+

auth

+

[0]

+

Yann Esposito [7]

+

iroh [3]

+
    +
  • Fix SCSO rebrand name. #7937
    • +
  • Rebrand from SecureX Sign-On to Secure Cloud Sign-on #7935
    • +
  • A few additional helpers #7914
    • +
+

tenzin-config [4]

+
    +
  • Factorisation iroh/iroh-async confs #904
    • +
  • Tree config structures to prevent config duplication. #901
    • +
  • Fix SCSO name #898
    • +
  • rebrand from SecureX Sign-On to Secure Cloud Sign-on #896
    • +
+

Olivier Barbeau [1]

+

iroh [1]

+
+

>1w

+
    +
  • Code coverage in GitHub Pages #7924
    • +
+
+

[0]

+

iroh-ops

+

Jerome Schneider [11]

+

tenzin [11]

+
    +
  • IROH-async: improve auto scaling
    • +
  • Fixed TF MSK configuration
    • +
  • TEST IROH Async: increase maximum instances to 12
    • +
  • PROD NAM: add Kafka and Kafka Connect support
    • +
  • PROD EU: add Kafka and kafka Connect
    • +
  • PROD APJC: add Kafka and kafka Connect support
    • +
  • STAGE: add Kafka and Kafka Connect
    • +
  • TEST: add Kafka and Kafka Connect support
    • +
  • INT: add kafka Connect support
    • +
  • Add kafka connect support
    • +
  • new terraform module to gen and send credential
    • +
+

[0]

+

Other

+

Other

+

Robert Levy [3]

+

iroh [1]

+
    +
  • user and team mean time tiles #7873
    • +
+

tenzin-config [2]

+
    +
  • add migration for iroh issue #7819 to TEST and PROD environments #902
    • +
  • add migration for iroh issue #7819 #895
    • +
+

II [2]

+

iroh [2]

+
    +
  • Issue 7819 - Rename SecureX Orchestrator module instances to +Automation #7927
    • +
+
+

>1w

+
    +
  • Adds orbital to the list of allowed AO token scopes #7919
    • +
+
+

Devin Walters [2]

+

tenzin-config [2]

+
    +
  • Reduce conure-distributor worker count #906
    • +
  • Init conure-distributor config.edn #900
    • +
+

Mia [3]

+

iroh [1]

+
    +
  • update risk score calculation based on #7915 #7931
    • +
+

iroh-engine [2]

+
    +
  • Merge pull request #1394 from advthreat/v0.15.6-rc
    • +
  • Merge pull request #1393 from advthreat/save-asset-snapshot
    • +
+

Scott McLeod [1]

+

tenzin-config [1]

+
    +
  • Config changes supporting IROH PR #7934 #899
    • +
+

Adam Sayer [1]

+

tenzin [1]

+
+

>1w

+
    +
  • Nomad version upgrade to 1.5.6 #3003
    • +
+
+

krishna Ganugapenta [7]

+

tenzin [7]

+
    +
  • Conuredistrib listen port changed to 8088 #3030
    • +
  • conure distributor vault roles modified #3029
    • +
  • Conure node target fix #3026
    • +
  • Conure Target nodes excluded distributor nodes #3025
    • +
  • Conure Distributor Infra set up #3013
    • +
+
+

>1w

+
    +
  • S3 permissions allowed for datadog-java-agent #3008
    • +
  • Conure task dd-java-agent version update #3001
    • +
+
+

milehrer [2]

+

iroh-engine [2]

+
    +
  • prepare for v0.15.6
    • +
  • Remove sightings from asset enrichment response, save snapshot +instead
    • +
+

[2]

+

iroh [2]

+
    +
  • Issue 7819 - Rename SecureX Orchestrator module instances to +Automation #7927
    • +
+
+

>1w

+
    +
  • Adds orbital to the list of allowed AO token scopes #7919
    • +
+
+

John Jardine [2]

+

tenzin [2]

+
    +
  • Update PROD sw component versions, resequence. #3006
    • +
  • Remove zeronorth specific configurations #2976
    • +
+

Sofiia Mykytiuk [7]

+

tenzin [7]

+
    +
  • Consul fix for ops vpn #3032
    • +
  • Add jyoverma to ops vpnator list #3021
    • +
  • Update backup retention period for RDS conure #3014
    • +
+
+

>1w

+
    +
  • Clean up securex-news from backup regions #3015
    • +
  • Revert "Remove datadog-ro vault policy (#2999)" #3010
    • +
  • Remove cleaner lambda setup from PROD #2996
    • +
  • Remove datadog-ro vault policy #2999
    • +
+
+

muhammad-xdr-ops [4]

+

tenzin [4]

+
    +
  • SXOPS-748 - remove public access to SNS topics #3020
    • +
+
+

>1w

+
    +
  • SXOPS-745 - aws ec2 keys rotated for all prod envs #3018
    • +
  • SXOPS-703 remove public access to SNS topics #3011
    • +
  • SXOPS-740 - int/test/stage aws ec2 default key rotation #3007
    • +
+
+

Dmytro Budko [1]

+

tenzin [1]

+
+

>1w

+
    +
  • SXOPS-716 [ACTION REQUIRED] Changes to AWS Billing, Cost Management, +and Account access control policies #2995
    • +
+
+

Scott McLeod [1]

+

iroh [1]

+
    +
  • Use filter-map-search directly from CRUDStoreService #7934
    • +
+

Yurii Ivanisenko [3]

+

tenzin [2]

+
+

>1w

+
    +
  • add WAF ipv6 lists #2991
    • +
  • linter tool master branch #2998
    • +
+
+

tenzin-config [1]

+
+

>1w

+
    +
  • woke tool added #894
    • +
+
+

Gayan Jayasundara [1]

+

tenzin [1]

+
    +
  • SXOPS-472 & SXOPS-498 - Enable sentinelone and crowdstrike in +Production for v1.122 Release #3031
    • +
+

Pawan Bahuguna [4]

+

tenzin [4]

+
    +
  • SXOPS-752 multi az redis iroh async #3017
    • +
+
+

>1w

+
    +
  • SXOPS-29 [PROD] Added multiazenabled #3012
    • +
  • Removing duo-cloudmapper as it is not supported now #3005
    • +
  • Updated the desired capacity to match AWS #3000
    • +
+
+

vjayakody [1]

+

tenzin [1]

+
+

>1w

+ +
+ + diff --git a/reports/weekly-23.org b/reports/weekly-23.org new file mode 100644 index 00000000..e00e4945 --- /dev/null +++ b/reports/weekly-23.org @@ -0,0 +1,323 @@ +#+title: Code Weekly Report 23 +#+subtitle: logs goes 2 weeks back +#+date: 2023-06-06 +#+options: H:6 +* IROH +** lead + + +*** [0] + +** data + + +*** Mario Aquino [1] + +**** iroh [1] + +- Issue 7823/incident summary mapping [[https://github.com/advthreat/iroh/pull/7907][#7907]] + +*** Guillaume Erétéo [1] + +**** iroh [1] + +#+BEGIN_QUOTE + +_>1w_ + +- Mean tiles avg fixtures [[https://github.com/advthreat/iroh/pull/7791][#7791]] +#+END_QUOTE + +*** Ambrose Bonnaire-Sergeant [4] + +**** ctia [4] + +#+BEGIN_QUOTE + +_>1w_ + +- Fix X-Total-Hits in incident average metric [[https://github.com/advthreat/ctia/pull/1371][#1371]] +- Remove unused creds [[https://github.com/advthreat/ctia/pull/1370][#1370]] +- Remove old deps scanner [[https://github.com/advthreat/ctia/pull/1369][#1369]] +- Average aggregations for incidents [[https://github.com/advthreat/ctia/pull/1358][#1358]] +#+END_QUOTE +** integrations + + +*** Matthieu Sprunck [3] + +**** tenzin-config [3] + +- Share the same module configurations in iroh and iroh-async in PROD [[https://github.com/advthreat/tenzin-config/pull/905][#905]] +- Disable HTTP Proxy in IROH proxy (PROD)[[https://github.com/advthreat/tenzin-config/pull/903][#903]] +- Configure the Microsoft Defender module record [[https://github.com/advthreat/tenzin-config/pull/897][#897]] + +*** Kirill Chernyshov [2] + +**** iroh [2] + +- Use event id for the key of kafka record [[https://github.com/advthreat/iroh/pull/7923][#7923]] +#+BEGIN_QUOTE + +_>1w_ + +- Generate DataStream names [[https://github.com/advthreat/iroh/pull/7903][#7903]] +#+END_QUOTE + +*** [0] + +** auth + + +*** [0] + + +*** Yann Esposito [7] + +**** iroh [3] + +- Fix SCSO rebrand name. [[https://github.com/advthreat/iroh/pull/7937][#7937]] +- Rebrand from SecureX Sign-On to Secure Cloud Sign-on [[https://github.com/advthreat/iroh/pull/7935][#7935]] +- A few additional helpers [[https://github.com/advthreat/iroh/pull/7914][#7914]] +**** tenzin-config [4] + +- Factorisation iroh/iroh-async confs [[https://github.com/advthreat/tenzin-config/pull/904][#904]] +- Tree config structures to prevent config duplication. [[https://github.com/advthreat/tenzin-config/pull/901][#901]] +- Fix SCSO name [[https://github.com/advthreat/tenzin-config/pull/898][#898]] +- rebrand from SecureX Sign-On to Secure Cloud Sign-on [[https://github.com/advthreat/tenzin-config/pull/896][#896]] + +*** Olivier Barbeau [1] + +**** iroh [1] + +#+BEGIN_QUOTE + +_>1w_ + +- Code coverage in GitHub Pages [[https://github.com/advthreat/iroh/pull/7924][#7924]] +#+END_QUOTE + +*** [0] + +** iroh-ops + + +*** Jerome Schneider [11] + +**** tenzin [11] + +- IROH-async: improve auto scaling +- Fixed TF MSK configuration +- TEST IROH Async: increase maximum instances to 12 +- PROD NAM: add Kafka and Kafka Connect support +- PROD EU: add Kafka and kafka Connect +- PROD APJC: add Kafka and kafka Connect support +- STAGE: add Kafka and Kafka Connect +- TEST: add Kafka and Kafka Connect support +- INT: add kafka Connect support +- Add kafka connect support +- new terraform module to gen and send credential + +*** [0] + +* Other +** Other + + +*** Robert Levy [3] + +**** iroh [1] + +- user and team mean time tiles [[https://github.com/advthreat/iroh/pull/7873][#7873]] +**** tenzin-config [2] + +- add migration for iroh issue #7819 to TEST and PROD environments [[https://github.com/advthreat/tenzin-config/pull/902][#902]] +- add migration for iroh issue #7819 [[https://github.com/advthreat/tenzin-config/pull/895][#895]] + +*** II [2] + +**** iroh [2] + +- Issue 7819 - Rename SecureX Orchestrator module instances to Automation [[https://github.com/advthreat/iroh/pull/7927][#7927]] +#+BEGIN_QUOTE + +_>1w_ + +- Adds orbital to the list of allowed AO token scopes [[https://github.com/advthreat/iroh/pull/7919][#7919]] +#+END_QUOTE + +*** Devin Walters [2] + +**** tenzin-config [2] + +- Reduce conure-distributor worker count [[https://github.com/advthreat/tenzin-config/pull/906][#906]] +- Init conure-distributor config.edn [[https://github.com/advthreat/tenzin-config/pull/900][#900]] + +*** Mia [3] + +**** iroh [1] + +- update risk score calculation based on #7915 [[https://github.com/advthreat/iroh/pull/7931][#7931]] +**** iroh-engine [2] + +- Merge pull request #1394 from advthreat/v0.15.6-rc +- Merge pull request #1393 from advthreat/save-asset-snapshot + +*** Scott McLeod [1] + +**** tenzin-config [1] + +- Config changes supporting IROH PR #7934 [[https://github.com/advthreat/tenzin-config/pull/899][#899]] + +*** Adam Sayer [1] + +**** tenzin [1] + +#+BEGIN_QUOTE + +_>1w_ + +- Nomad version upgrade to 1.5.6 [[https://github.com/advthreat/tenzin/pull/3003][#3003]] +#+END_QUOTE + +*** krishna Ganugapenta [7] + +**** tenzin [7] + +- Conure_distrib listen port changed to 8088 [[https://github.com/advthreat/tenzin/pull/3030][#3030]] +- conure distributor vault roles modified [[https://github.com/advthreat/tenzin/pull/3029][#3029]] +- Conure node target fix [[https://github.com/advthreat/tenzin/pull/3026][#3026]] +- Conure Target nodes excluded distributor nodes [[https://github.com/advthreat/tenzin/pull/3025][#3025]] +- Conure Distributor Infra set up [[https://github.com/advthreat/tenzin/pull/3013][#3013]] +#+BEGIN_QUOTE + +_>1w_ + +- S3 permissions allowed for datadog-java-agent [[https://github.com/advthreat/tenzin/pull/3008][#3008]] +- Conure task dd-java-agent version update [[https://github.com/advthreat/tenzin/pull/3001][#3001]] +#+END_QUOTE + +*** milehrer [2] + +**** iroh-engine [2] + +- prepare for v0.15.6 +- Remove sightings from asset enrichment response, save snapshot instead + +*** [2] + +**** iroh [2] + +- Issue 7819 - Rename SecureX Orchestrator module instances to Automation [[https://github.com/advthreat/iroh/pull/7927][#7927]] +#+BEGIN_QUOTE + +_>1w_ + +- Adds orbital to the list of allowed AO token scopes [[https://github.com/advthreat/iroh/pull/7919][#7919]] +#+END_QUOTE + +*** John Jardine [2] + +**** tenzin [2] + +- Update PROD sw component versions, resequence. [[https://github.com/advthreat/tenzin/pull/3006][#3006]] +- Remove zeronorth specific configurations [[https://github.com/advthreat/tenzin/pull/2976][#2976]] + +*** Sofiia Mykytiuk [7] + +**** tenzin [7] + +- Consul fix for ops vpn [[https://github.com/advthreat/tenzin/pull/3032][#3032]] +- Add jyoverma to ops vpnator list [[https://github.com/advthreat/tenzin/pull/3021][#3021]] +- Update backup retention period for RDS conure [[https://github.com/advthreat/tenzin/pull/3014][#3014]] +#+BEGIN_QUOTE + +_>1w_ + +- Clean up securex-news from backup regions [[https://github.com/advthreat/tenzin/pull/3015][#3015]] +- Revert "Remove datadog-ro vault policy (#2999)" [[https://github.com/advthreat/tenzin/pull/3010][#3010]] +- Remove cleaner lambda setup from PROD [[https://github.com/advthreat/tenzin/pull/2996][#2996]] +- Remove datadog-ro vault policy [[https://github.com/advthreat/tenzin/pull/2999][#2999]] +#+END_QUOTE + +*** muhammad-xdr-ops [4] + +**** tenzin [4] + +- SXOPS-748 - remove public access to SNS topics [[https://github.com/advthreat/tenzin/pull/3020][#3020]] +#+BEGIN_QUOTE + +_>1w_ + +- SXOPS-745 - aws ec2 keys rotated for all prod envs [[https://github.com/advthreat/tenzin/pull/3018][#3018]] +- SXOPS-703 remove public access to SNS topics [[https://github.com/advthreat/tenzin/pull/3011][#3011]] +- SXOPS-740 - int/test/stage aws ec2 default key rotation [[https://github.com/advthreat/tenzin/pull/3007][#3007]] +#+END_QUOTE + +*** Dmytro Budko [1] + +**** tenzin [1] + +#+BEGIN_QUOTE + +_>1w_ + +- SXOPS-716 [ACTION REQUIRED] Changes to AWS Billing, Cost Management, and Account access control policies [[https://github.com/advthreat/tenzin/pull/2995][#2995]] +#+END_QUOTE + +*** Scott McLeod [1] + +**** iroh [1] + +- Use filter-map-search directly from CRUDStoreService [[https://github.com/advthreat/iroh/pull/7934][#7934]] + +*** Yurii Ivanisenko [3] + +**** tenzin [2] + +#+BEGIN_QUOTE + +_>1w_ + +- add WAF ipv6 lists [[https://github.com/advthreat/tenzin/pull/2991][#2991]] +- linter tool master branch [[https://github.com/advthreat/tenzin/pull/2998][#2998]] +#+END_QUOTE +**** tenzin-config [1] + +#+BEGIN_QUOTE + +_>1w_ + +- woke tool added [[https://github.com/advthreat/tenzin-config/pull/894][#894]] +#+END_QUOTE + +*** Gayan Jayasundara [1] + +**** tenzin [1] + +- SXOPS-472 & SXOPS-498 - Enable sentinelone and crowdstrike in Production for v1.122 Release [[https://github.com/advthreat/tenzin/pull/3031][#3031]] + +*** Pawan Bahuguna [4] + +**** tenzin [4] + +- SXOPS-752 multi az redis iroh async [[https://github.com/advthreat/tenzin/pull/3017][#3017]] +#+BEGIN_QUOTE + +_>1w_ + +- SXOPS-29 [PROD] Added multi_az_enabled [[https://github.com/advthreat/tenzin/pull/3012][#3012]] +- Removing duo-cloudmapper as it is not supported now [[https://github.com/advthreat/tenzin/pull/3005][#3005]] +- Updated the desired capacity to match AWS [[https://github.com/advthreat/tenzin/pull/3000][#3000]] +#+END_QUOTE + +*** vjayakody [1] + +**** tenzin [1] + +#+BEGIN_QUOTE + +_>1w_ + +- ssh key update [[https://github.com/advthreat/tenzin/pull/3002][#3002]] +#+END_QUOTE diff --git a/reports/weekly-23.pdf b/reports/weekly-23.pdf new file mode 100644 index 00000000..bd12b3b7 Binary files /dev/null and b/reports/weekly-23.pdf differ diff --git a/reports/weekly-24.html b/reports/weekly-24.html new file mode 100644 index 00000000..f2d53663 --- /dev/null +++ b/reports/weekly-24.html @@ -0,0 +1,774 @@ + + + + + + + + Code Weekly Report 24 + + + + + +
+

Code Weekly Report 24

+

logs goes 2 weeks back

+

2023-06-16

+
+ +

IROH

+

lead

+

Guillaume Buisson [1]

+

iroh [1]

+
    +
  • Initial XDR Incident Manager Response 1.1 Draft Spec #7847
    • +
+

data

+

Mario Aquino [4]

+

iroh [4]

+
    +
  • Fix flaky test #7971
    • +
  • Partition and batch threat hunt observables #7958
    • +
+
+

>1w

+
    +
  • Establish a task timeout option for async work #7948
    • +
  • Issue 7823/incident summary mapping #7907
    • +
+
+

Guillaume Erétéo [2]

+

iroh [2]

+
    +
  • Update risk-score.md #7974
    • +
+
+

>1w

+
    +
  • adding org mode for calculating data volume #7941
    • +
+
+

Ambrose Bonnaire-Sergeant [1]

+

ctia [1]

+
+

>1w

+
    +
  • Disable /metric/average route for irrelevant entities #1372
    • +
+
+

integrations

+

Matthieu Sprunck [2]

+

tenzin-config [2]

+
+

>1w

+
    +
  • Share the same module configurations in iroh and iroh-async in PROD +#905
    • +
  • Disable HTTP Proxy in IROH proxy (PROD)#903
    • +
+
+

Kirill Chernyshov [8]

+

iroh [3]

+
    +
  • Remove try/catch for better error handling #7980
    • +
  • Fix NullPointerException #7961
    • +
+
+

>1w

+
    +
  • Use event id for the key of kafka record #7923
    • +
+
+

tenzin-config [5]

+
    +
  • Enable KafkaServices on INT #921
    • +
  • Disable KafkaServices once again #918
    • +
  • Enable Kafka related services on INT #916
    • +
+
+

>1w

+
    +
  • Temporary disable services #914
    • +
  • Set SSL kafka security protocol on INT #912
    • +
+
+

Shafiq [1]

+

iroh [1]

+
    +
  • Creating iroh-events datastream should succeed even if it exists +already #7959
    • +
+

auth

+

bartuka [1]

+

iroh [1]

+
    +
  • [IROH Auth] RBAC JWT Revocation on role change #7875
    • +
+

Yann Esposito [16]

+

iroh [4]

+
    +
  • Upgrade SX to XDR org via provisioning #7981
    • +
  • feature-flag scopes are considered as special #7985
    • +
  • fix local dev environment to be able to start locally without docker +#7944
    • +
+
+

>1w

+
    +
  • Use org to display the roles as expected #7952
    • +
+
+

ring-jwt-middleware [3]

+
    +
  • Version 1.1.4-SNAPSHOT
    • +
  • Version 1.1.3
    • +
  • Support external error via is-revoked-fn
    • +
+

tenzin-config [9]

+
    +
  • Enable XDR roles in PROD #919
    • +
  • factorize PROD #917
    • +
  • Add role-web-service config everywhere #911
    • +
+
+

>1w

+
    +
  • Canonicalize the configs (#913) #915
    • +
  • Canonicalize the configs #913
    • +
  • Add missing role-web-service everywhere #910
    • +
  • Gen configs git pre-commit hook #908
    • +
  • Factorisation iroh/iroh-async confs #904
    • +
  • Tree config structures to prevent config duplication. #901
    • +
+
+

Olivier Barbeau [7]

+

iroh [7]

+
    +
  • Upgrade Babashka #7967
    • +
  • add missing exclusions for uberjar #7963
    • +
  • fix bug when Org has no entitlement #7956
    • +
  • [IROH configuration]: Generate service diagram #7872
    • +
  • GH pages updates #7960
    • +
+
+

>1w

+
    +
  • fix alias arguments #7954
    • +
  • Issue 7930 GitHub pages styling #7932
    • +
+
+

(Yogsototh) [3]

+

ring-jwt-middleware [3]

+
    +
  • Version 1.1.4-SNAPSHOT
    • +
  • Version 1.1.3
    • +
  • Support external error via is-revoked-fn
    • +
+

iroh-ops

+

Jerome Schneider [1]

+

tenzin [1]

+
    +
  • Kafka Connect: fixed cluster conf and use our own cacerts file
    • +
+

Patrick Patat [1]

+

iroh-ops [1]

+
    +
  • Merge pull request #75 from advthreat/squid
    • +
+

Patrick Patat [1]

+

iroh-ops [1]

+
    +
  • add squid server for vector in public subnet
    • +
+

Other

+

Other

+

Robert Levy [2]

+

iroh [1]

+
+

>1w

+
    +
  • user and team mean time tiles #7873
    • +
+
+

tenzin-config [1]

+
+

>1w

+
    +
  • add migration for iroh issue #7819 to TEST and PROD environments #902
    • +
+
+

Devin Walters [2]

+

tenzin-config [2]

+
    +
  • Add config.edn for other conure-distributor environments #920
    • +
+
+

>1w

+
    +
  • Reduce conure-distributor worker count #906
    • +
+
+

Mia [3]

+

iroh [1]

+
    +
  • Snapshot for risk score #7964
    • +
+

iroh-engine [2]

+
+

>1w

+
    +
  • Merge pull request #1394 from advthreat/v0.15.6-rc
    • +
  • Merge pull request #1393 from advthreat/save-asset-snapshot
    • +
+
+

Scott McLeod [1]

+

tenzin-config [1]

+
+

>1w

+
    +
  • Config changes supporting IROH PR #7934 #899
    • +
+
+

krishna Ganugapenta [4]

+

tenzin [4]

+
    +
  • COnure-distributor PROD ASG modules fix #3062
    • +
  • opsvpncidr removal from TEST and other backup regions as +ops vpn not present there #3061
    • +
  • Conure-distributor setup config for TEST/PROD #3049
    • +
+
+

>1w

+
    +
  • Conuredistributor terraform modules config updates #3027
    • +
+
+

milehrer [2]

+

iroh-engine [2]

+
+

>1w

+
    +
  • prepare for v0.15.6
    • +
  • Remove sightings from asset enrichment response, save snapshot +instead
    • +
+
+

Martin Bruchanov [2]

+

tenzin [2]

+
    +
  • Clean-up of the old ES5 deployment code #3053
    • +
+
+

>1w

+
    +
  • Fix for consul registration of ops-openvpn service #2968
    • +
+
+

Kirill Chernyshov [1]

+

tenzin-config [1]

+
+

>1w

+
    +
  • IROH Events migration to Elasticsearch #909
    • +
+
+

John Jardine [2]

+

tenzin [2]

+
    +
  • Add endpoint generation procedure and update endpoints. #3058
    • +
  • SXOPS-792: QA complaining of long queue times for incidents +enrichment #3054
    • +
+

Sofiia Mykytiuk [9]

+

tenzin [9]

+
    +
  • Update ASG for ES metrics in NAM and EU #3063
    • +
  • Update vpnator list #3050
    • +
+
+

>1w

+
    +
  • Remove CSIRTInvestigator role #3045
    • +
  • Policy to allow access to DynamoDB items for ROAdmin #3043
    • +
  • Remove jbusboom ssh configs #3042
    • +
  • Dmarc record for STAGE #3040
    • +
  • Remove ssh access for Michael Simonson #3035
    • +
  • Update OPS vpnator list #3034
    • +
  • Consul fix for ops vpn #3032
    • +
+
+

muhammad-xdr-ops [4]

+

tenzin [4]

+
    +
  • SXOPS-805 - adding CNAMEs for secure-client-forms MFE #3065
    • +
  • enabled trendmicro and defender in all prod regions #3055
    • +
  • SXOPS-763 - updating integrations version #3052
    • +
+
+

>1w

+
    +
  • SXOPS-702 removing INT access to PROD S3 bucket #3024
    • +
+
+

Dmytro Budko [5]

+

tenzin [5]

+
    +
  • SXOPS-191 Terraform: Bring INT and Test into sync with AWS #3056
    • +
+
+

>1w

+
    +
  • SXOPS-766 [PROD] Fix 'docs' related Terraform Delta #3046
    • +
  • SXOPS-636 Docs XDR Deployment, Publish and Host #3048
    • +
  • SXOPS-636 Docs XDR Deployment, Publish and Host #3041
    • +
  • SXOPS-636 Docs XDR Deployment, Publish and Host #3016
    • +
+
+

Scott McLeod [1]

+

iroh [1]

+
+

>1w

+
    +
  • Use filter-map-search directly from CRUDStoreService #7934
    • +
+
+

Rekha Gupta [2]

+

tenzin-config [2]

+
    +
  • fix: to port 4008 because ribbon uses 4007 #925
    • +
  • feat: port for new client management MFE #924
    • +
+

Jerome Schneider [1]

+

tenzin [1]

+
    +
  • SXOPS 801: Kafka connect open port 8083 and use static port in Nomad +#3059
    • +
+

Yurii Ivanisenko [2]

+

tenzin [2]

+
+

>1w

+
    +
  • connected self-hosted runner #3038
    • +
  • added wokeignore file #3036
    • +
+
+

Gayan Jayasundara [2]

+

tenzin [2]

+
    +
  • Add Adam as codeowner to Tenzin repo #3060
    • +
+
+

>1w

+
    +
  • SXOPS-472 & SXOPS-498 - Enable sentinelone and crowdstrike in +Production for v1.122 Release #3031
    • +
+
+ + diff --git a/reports/weekly-24.org b/reports/weekly-24.org new file mode 100644 index 00000000..872e721c --- /dev/null +++ b/reports/weekly-24.org @@ -0,0 +1,397 @@ +#+title: Code Weekly Report 24 +#+subtitle: logs goes 2 weeks back +#+date: 2023-06-16 +#+options: H:6 +* IROH +** lead + + +*** Guillaume Buisson [1] + +**** iroh [1] + +- Initial XDR Incident Manager Response 1.1 Draft Spec [[https://github.com/advthreat/iroh/pull/7847][#7847]] +** data + + +*** Mario Aquino [4] + +**** iroh [4] + +- Fix flaky test [[https://github.com/advthreat/iroh/pull/7971][#7971]] +- Partition and batch threat hunt observables [[https://github.com/advthreat/iroh/pull/7958][#7958]] +#+BEGIN_QUOTE + +_>1w_ + +- Establish a task timeout option for async work [[https://github.com/advthreat/iroh/pull/7948][#7948]] +- Issue 7823/incident summary mapping [[https://github.com/advthreat/iroh/pull/7907][#7907]] +#+END_QUOTE + +*** Guillaume Erétéo [2] + +**** iroh [2] + +- Update risk-score.md [[https://github.com/advthreat/iroh/pull/7974][#7974]] +#+BEGIN_QUOTE + +_>1w_ + +- adding org mode for calculating data volume [[https://github.com/advthreat/iroh/pull/7941][#7941]] +#+END_QUOTE + +*** Ambrose Bonnaire-Sergeant [1] + +**** ctia [1] + +#+BEGIN_QUOTE + +_>1w_ + +- Disable /metric/average route for irrelevant entities [[https://github.com/advthreat/ctia/pull/1372][#1372]] +#+END_QUOTE +** integrations + + +*** Matthieu Sprunck [2] + +**** tenzin-config [2] + +#+BEGIN_QUOTE + +_>1w_ + +- Share the same module configurations in iroh and iroh-async in PROD [[https://github.com/advthreat/tenzin-config/pull/905][#905]] +- Disable HTTP Proxy in IROH proxy (PROD)[[https://github.com/advthreat/tenzin-config/pull/903][#903]] +#+END_QUOTE + +*** Kirill Chernyshov [8] + +**** iroh [3] + +- Remove try/catch for better error handling [[https://github.com/advthreat/iroh/pull/7980][#7980]] +- Fix NullPointerException [[https://github.com/advthreat/iroh/pull/7961][#7961]] +#+BEGIN_QUOTE + +_>1w_ + +- Use event id for the key of kafka record [[https://github.com/advthreat/iroh/pull/7923][#7923]] +#+END_QUOTE +**** tenzin-config [5] + +- Enable KafkaServices on INT [[https://github.com/advthreat/tenzin-config/pull/921][#921]] +- Disable KafkaServices once again [[https://github.com/advthreat/tenzin-config/pull/918][#918]] +- Enable Kafka related services on INT [[https://github.com/advthreat/tenzin-config/pull/916][#916]] +#+BEGIN_QUOTE + +_>1w_ + +- Temporary disable services [[https://github.com/advthreat/tenzin-config/pull/914][#914]] +- Set SSL kafka security protocol on INT [[https://github.com/advthreat/tenzin-config/pull/912][#912]] +#+END_QUOTE + +*** Shafiq [1] + +**** iroh [1] + +- Creating iroh-events datastream should succeed even if it exists already [[https://github.com/advthreat/iroh/pull/7959][#7959]] +** auth + + +*** bartuka [1] + +**** iroh [1] + +- [IROH Auth] RBAC JWT Revocation on ~role~ change [[https://github.com/advthreat/iroh/pull/7875][#7875]] + +*** Yann Esposito [16] + +**** iroh [4] + +- Upgrade SX to XDR org via provisioning [[https://github.com/advthreat/iroh/pull/7981][#7981]] +- feature-flag scopes are considered as special [[https://github.com/advthreat/iroh/pull/7985][#7985]] +- fix local dev environment to be able to start locally without docker [[https://github.com/advthreat/iroh/pull/7944][#7944]] +#+BEGIN_QUOTE + +_>1w_ + +- Use org to display the roles as expected [[https://github.com/advthreat/iroh/pull/7952][#7952]] +#+END_QUOTE +**** ring-jwt-middleware [3] + +- Version 1.1.4-SNAPSHOT +- Version 1.1.3 +- Support external error via is-revoked-fn +**** tenzin-config [9] + +- Enable XDR roles in PROD [[https://github.com/advthreat/tenzin-config/pull/919][#919]] +- factorize PROD [[https://github.com/advthreat/tenzin-config/pull/917][#917]] +- Add role-web-service config everywhere [[https://github.com/advthreat/tenzin-config/pull/911][#911]] +#+BEGIN_QUOTE + +_>1w_ + +- Canonicalize the configs (#913) [[https://github.com/advthreat/tenzin-config/pull/915][#915]] +- Canonicalize the configs [[https://github.com/advthreat/tenzin-config/pull/913][#913]] +- Add missing role-web-service everywhere [[https://github.com/advthreat/tenzin-config/pull/910][#910]] +- Gen configs git pre-commit hook [[https://github.com/advthreat/tenzin-config/pull/908][#908]] +- Factorisation iroh/iroh-async confs [[https://github.com/advthreat/tenzin-config/pull/904][#904]] +- Tree config structures to prevent config duplication. [[https://github.com/advthreat/tenzin-config/pull/901][#901]] +#+END_QUOTE + +*** Olivier Barbeau [7] + +**** iroh [7] + +- Upgrade Babashka [[https://github.com/advthreat/iroh/pull/7967][#7967]] +- add missing exclusions for uberjar [[https://github.com/advthreat/iroh/pull/7963][#7963]] +- fix bug when Org has no entitlement [[https://github.com/advthreat/iroh/pull/7956][#7956]] +- [IROH configuration]: Generate service diagram [[https://github.com/advthreat/iroh/pull/7872][#7872]] +- GH pages updates [[https://github.com/advthreat/iroh/pull/7960][#7960]] +#+BEGIN_QUOTE + +_>1w_ + +- fix alias arguments [[https://github.com/advthreat/iroh/pull/7954][#7954]] +- Issue 7930 GitHub pages styling [[https://github.com/advthreat/iroh/pull/7932][#7932]] +#+END_QUOTE + +*** (Yogsototh) [3] + +**** ring-jwt-middleware [3] + +- Version 1.1.4-SNAPSHOT +- Version 1.1.3 +- Support external error via is-revoked-fn +** iroh-ops + + +*** Jerome Schneider [1] + +**** tenzin [1] + +- Kafka Connect: fixed cluster conf and use our own cacerts file + +*** Patrick Patat [1] + +**** iroh-ops [1] + +- Merge pull request #75 from advthreat/squid + +*** Patrick Patat [1] + +**** iroh-ops [1] + +- add squid server for vector in public subnet +* Other +** Other + + +*** Robert Levy [2] + +**** iroh [1] + +#+BEGIN_QUOTE + +_>1w_ + +- user and team mean time tiles [[https://github.com/advthreat/iroh/pull/7873][#7873]] +#+END_QUOTE +**** tenzin-config [1] + +#+BEGIN_QUOTE + +_>1w_ + +- add migration for iroh issue #7819 to TEST and PROD environments [[https://github.com/advthreat/tenzin-config/pull/902][#902]] +#+END_QUOTE + +*** Devin Walters [2] + +**** tenzin-config [2] + +- Add config.edn for other conure-distributor environments [[https://github.com/advthreat/tenzin-config/pull/920][#920]] +#+BEGIN_QUOTE + +_>1w_ + +- Reduce conure-distributor worker count [[https://github.com/advthreat/tenzin-config/pull/906][#906]] +#+END_QUOTE + +*** Mia [3] + +**** iroh [1] + +- Snapshot for risk score [[https://github.com/advthreat/iroh/pull/7964][#7964]] +**** iroh-engine [2] + +#+BEGIN_QUOTE + +_>1w_ + +- Merge pull request #1394 from advthreat/v0.15.6-rc +- Merge pull request #1393 from advthreat/save-asset-snapshot +#+END_QUOTE + +*** Scott McLeod [1] + +**** tenzin-config [1] + +#+BEGIN_QUOTE + +_>1w_ + +- Config changes supporting IROH PR #7934 [[https://github.com/advthreat/tenzin-config/pull/899][#899]] +#+END_QUOTE + +*** krishna Ganugapenta [4] + +**** tenzin [4] + +- COnure-distributor PROD ASG modules fix [[https://github.com/advthreat/tenzin/pull/3062][#3062]] +- ops_vpn_cidr removal from TEST and other backup regions as ops vpn not present there [[https://github.com/advthreat/tenzin/pull/3061][#3061]] +- Conure-distributor setup config for TEST/PROD [[https://github.com/advthreat/tenzin/pull/3049][#3049]] +#+BEGIN_QUOTE + +_>1w_ + +- Conure_distributor terraform modules config updates [[https://github.com/advthreat/tenzin/pull/3027][#3027]] +#+END_QUOTE + +*** milehrer [2] + +**** iroh-engine [2] + +#+BEGIN_QUOTE + +_>1w_ + +- prepare for v0.15.6 +- Remove sightings from asset enrichment response, save snapshot instead +#+END_QUOTE + +*** Martin Bruchanov [2] + +**** tenzin [2] + +- Clean-up of the old ES5 deployment code [[https://github.com/advthreat/tenzin/pull/3053][#3053]] +#+BEGIN_QUOTE + +_>1w_ + +- Fix for consul registration of ops-openvpn service [[https://github.com/advthreat/tenzin/pull/2968][#2968]] +#+END_QUOTE + +*** Kirill Chernyshov [1] + +**** tenzin-config [1] + +#+BEGIN_QUOTE + +_>1w_ + +- IROH Events migration to Elasticsearch [[https://github.com/advthreat/tenzin-config/pull/909][#909]] +#+END_QUOTE + +*** John Jardine [2] + +**** tenzin [2] + +- Add endpoint generation procedure and update endpoints. [[https://github.com/advthreat/tenzin/pull/3058][#3058]] +- SXOPS-792: QA complaining of long queue times for incidents enrichment [[https://github.com/advthreat/tenzin/pull/3054][#3054]] + +*** Sofiia Mykytiuk [9] + +**** tenzin [9] + +- Update ASG for ES metrics in NAM and EU [[https://github.com/advthreat/tenzin/pull/3063][#3063]] +- Update vpnator list [[https://github.com/advthreat/tenzin/pull/3050][#3050]] +#+BEGIN_QUOTE + +_>1w_ + +- Remove CSIRT_Investigator role [[https://github.com/advthreat/tenzin/pull/3045][#3045]] +- Policy to allow access to DynamoDB items for ROAdmin [[https://github.com/advthreat/tenzin/pull/3043][#3043]] +- Remove jbusboom ssh configs [[https://github.com/advthreat/tenzin/pull/3042][#3042]] +- Dmarc record for STAGE [[https://github.com/advthreat/tenzin/pull/3040][#3040]] +- Remove ssh access for Michael Simonson [[https://github.com/advthreat/tenzin/pull/3035][#3035]] +- Update OPS vpnator list [[https://github.com/advthreat/tenzin/pull/3034][#3034]] +- Consul fix for ops vpn [[https://github.com/advthreat/tenzin/pull/3032][#3032]] +#+END_QUOTE + +*** muhammad-xdr-ops [4] + +**** tenzin [4] + +- SXOPS-805 - adding CNAMEs for secure-client-forms MFE [[https://github.com/advthreat/tenzin/pull/3065][#3065]] +- enabled trendmicro and defender in all prod regions [[https://github.com/advthreat/tenzin/pull/3055][#3055]] +- SXOPS-763 - updating integrations version [[https://github.com/advthreat/tenzin/pull/3052][#3052]] +#+BEGIN_QUOTE + +_>1w_ + +- SXOPS-702 removing INT access to PROD S3 bucket [[https://github.com/advthreat/tenzin/pull/3024][#3024]] +#+END_QUOTE + +*** Dmytro Budko [5] + +**** tenzin [5] + +- SXOPS-191 Terraform: Bring INT and Test into sync with AWS [[https://github.com/advthreat/tenzin/pull/3056][#3056]] +#+BEGIN_QUOTE + +_>1w_ + +- SXOPS-766 [PROD] Fix 'docs' related Terraform Delta [[https://github.com/advthreat/tenzin/pull/3046][#3046]] +- SXOPS-636 Docs XDR Deployment, Publish and Host [[https://github.com/advthreat/tenzin/pull/3048][#3048]] +- SXOPS-636 Docs XDR Deployment, Publish and Host [[https://github.com/advthreat/tenzin/pull/3041][#3041]] +- SXOPS-636 Docs XDR Deployment, Publish and Host [[https://github.com/advthreat/tenzin/pull/3016][#3016]] +#+END_QUOTE + +*** Scott McLeod [1] + +**** iroh [1] + +#+BEGIN_QUOTE + +_>1w_ + +- Use filter-map-search directly from CRUDStoreService [[https://github.com/advthreat/iroh/pull/7934][#7934]] +#+END_QUOTE + +*** Rekha Gupta [2] + +**** tenzin-config [2] + +- fix: to port 4008 because ribbon uses 4007 [[https://github.com/advthreat/tenzin-config/pull/925][#925]] +- feat: port for new client management MFE [[https://github.com/advthreat/tenzin-config/pull/924][#924]] + +*** Jerome Schneider [1] + +**** tenzin [1] + +- SXOPS 801: Kafka connect open port 8083 and use static port in Nomad [[https://github.com/advthreat/tenzin/pull/3059][#3059]] + +*** Yurii Ivanisenko [2] + +**** tenzin [2] + +#+BEGIN_QUOTE + +_>1w_ + +- connected self-hosted runner [[https://github.com/advthreat/tenzin/pull/3038][#3038]] +- added wokeignore file [[https://github.com/advthreat/tenzin/pull/3036][#3036]] +#+END_QUOTE + +*** Gayan Jayasundara [2] + +**** tenzin [2] + +- Add Adam as codeowner to Tenzin repo [[https://github.com/advthreat/tenzin/pull/3060][#3060]] +#+BEGIN_QUOTE + +_>1w_ + +- SXOPS-472 & SXOPS-498 - Enable sentinelone and crowdstrike in Production for v1.122 Release [[https://github.com/advthreat/tenzin/pull/3031][#3031]] +#+END_QUOTE diff --git a/styles/write-good/Cliches.yml b/styles/write-good/Cliches.yml new file mode 100644 index 00000000..c9531438 --- /dev/null +++ b/styles/write-good/Cliches.yml @@ -0,0 +1,702 @@ +extends: existence +message: "Try to avoid using clichés like '%s'." +ignorecase: true +level: warning +tokens: + - a chip off the old block + - a clean slate + - a dark and stormy night + - a far cry + - a fine kettle of fish + - a loose cannon + - a penny saved is a penny earned + - a tough row to hoe + - a word to the wise + - ace in the hole + - acid test + - add insult to injury + - against all odds + - air your dirty laundry + - all fun and games + - all in a day's work + - all talk, no action + - all thumbs + - all your eggs in one basket + - all's fair in love and war + - all's well that ends well + - almighty dollar + - American as apple pie + - an axe to grind + - another day, another dollar + - armed to the teeth + - as luck would have it + - as old as time + - as the crow flies + - at loose ends + - at my wits end + - avoid like the plague + - babe in the woods + - back against the wall + - back in the saddle + - back to square one + - back to the drawing board + - bad to the bone + - badge of honor + - bald faced liar + - ballpark figure + - banging your head against a brick wall + - baptism by fire + - barking up the wrong tree + - bat out of hell + - be all and end all + - beat a dead horse + - beat around the bush + - been there, done that + - beggars can't be choosers + - behind the eight ball + - bend over backwards + - benefit of the doubt + - bent out of shape + - best thing since sliced bread + - bet your bottom dollar + - better half + - better late than never + - better mousetrap + - better safe than sorry + - between a rock and a hard place + - beyond the pale + - bide your time + - big as life + - big cheese + - big fish in a small pond + - big man on campus + - bigger they are the harder they fall + - bird in the hand + - bird's eye view + - birds and the bees + - birds of a feather flock together + - bit the hand that feeds you + - bite the bullet + - bite the dust + - bitten off more than he can chew + - black as coal + - black as pitch + - black as the ace of spades + - blast from the past + - bleeding heart + - blessing in disguise + - blind ambition + - blind as a bat + - blind leading the blind + - blood is thicker than water + - blood sweat and tears + - blow off steam + - blow your own horn + - blushing bride + - boils down to + - bolt from the blue + - bone to pick + - bored stiff + - bored to tears + - bottomless pit + - boys will be boys + - bright and early + - brings home the bacon + - broad across the beam + - broken record + - brought back to reality + - bull by the horns + - bull in a china shop + - burn the midnight oil + - burning question + - burning the candle at both ends + - burst your bubble + - bury the hatchet + - busy as a bee + - by hook or by crook + - call a spade a spade + - called onto the carpet + - calm before the storm + - can of worms + - can't cut the mustard + - can't hold a candle to + - case of mistaken identity + - cat got your tongue + - cat's meow + - caught in the crossfire + - caught red-handed + - checkered past + - chomping at the bit + - cleanliness is next to godliness + - clear as a bell + - clear as mud + - close to the vest + - cock and bull story + - cold shoulder + - come hell or high water + - cool as a cucumber + - cool, calm, and collected + - cost a king's ransom + - count your blessings + - crack of dawn + - crash course + - creature comforts + - cross that bridge when you come to it + - crushing blow + - cry like a baby + - cry me a river + - cry over spilt milk + - crystal clear + - curiosity killed the cat + - cut and dried + - cut through the red tape + - cut to the chase + - cute as a bugs ear + - cute as a button + - cute as a puppy + - cuts to the quick + - dark before the dawn + - day in, day out + - dead as a doornail + - devil is in the details + - dime a dozen + - divide and conquer + - dog and pony show + - dog days + - dog eat dog + - dog tired + - don't burn your bridges + - don't count your chickens + - don't look a gift horse in the mouth + - don't rock the boat + - don't step on anyone's toes + - don't take any wooden nickels + - down and out + - down at the heels + - down in the dumps + - down the hatch + - down to earth + - draw the line + - dressed to kill + - dressed to the nines + - drives me up the wall + - dull as dishwater + - dyed in the wool + - eagle eye + - ear to the ground + - early bird catches the worm + - easier said than done + - easy as pie + - eat your heart out + - eat your words + - eleventh hour + - even the playing field + - every dog has its day + - every fiber of my being + - everything but the kitchen sink + - eye for an eye + - face the music + - facts of life + - fair weather friend + - fall by the wayside + - fan the flames + - feast or famine + - feather your nest + - feathered friends + - few and far between + - fifteen minutes of fame + - filthy vermin + - fine kettle of fish + - fish out of water + - fishing for a compliment + - fit as a fiddle + - fit the bill + - fit to be tied + - flash in the pan + - flat as a pancake + - flip your lid + - flog a dead horse + - fly by night + - fly the coop + - follow your heart + - for all intents and purposes + - for the birds + - for what it's worth + - force of nature + - force to be reckoned with + - forgive and forget + - fox in the henhouse + - free and easy + - free as a bird + - fresh as a daisy + - full steam ahead + - fun in the sun + - garbage in, garbage out + - gentle as a lamb + - get a kick out of + - get a leg up + - get down and dirty + - get the lead out + - get to the bottom of + - get your feet wet + - gets my goat + - gilding the lily + - give and take + - go against the grain + - go at it tooth and nail + - go for broke + - go him one better + - go the extra mile + - go with the flow + - goes without saying + - good as gold + - good deed for the day + - good things come to those who wait + - good time was had by all + - good times were had by all + - greased lightning + - greek to me + - green thumb + - green-eyed monster + - grist for the mill + - growing like a weed + - hair of the dog + - hand to mouth + - happy as a clam + - happy as a lark + - hasn't a clue + - have a nice day + - have high hopes + - have the last laugh + - haven't got a row to hoe + - head honcho + - head over heels + - hear a pin drop + - heard it through the grapevine + - heart's content + - heavy as lead + - hem and haw + - high and dry + - high and mighty + - high as a kite + - hit paydirt + - hold your head up high + - hold your horses + - hold your own + - hold your tongue + - honest as the day is long + - horns of a dilemma + - horse of a different color + - hot under the collar + - hour of need + - I beg to differ + - icing on the cake + - if the shoe fits + - if the shoe were on the other foot + - in a jam + - in a jiffy + - in a nutshell + - in a pig's eye + - in a pinch + - in a word + - in hot water + - in the gutter + - in the nick of time + - in the thick of it + - in your dreams + - it ain't over till the fat lady sings + - it goes without saying + - it takes all kinds + - it takes one to know one + - it's a small world + - it's only a matter of time + - ivory tower + - Jack of all trades + - jockey for position + - jog your memory + - joined at the hip + - judge a book by its cover + - jump down your throat + - jump in with both feet + - jump on the bandwagon + - jump the gun + - jump to conclusions + - just a hop, skip, and a jump + - just the ticket + - justice is blind + - keep a stiff upper lip + - keep an eye on + - keep it simple, stupid + - keep the home fires burning + - keep up with the Joneses + - keep your chin up + - keep your fingers crossed + - kick the bucket + - kick up your heels + - kick your feet up + - kid in a candy store + - kill two birds with one stone + - kiss of death + - knock it out of the park + - knock on wood + - knock your socks off + - know him from Adam + - know the ropes + - know the score + - knuckle down + - knuckle sandwich + - knuckle under + - labor of love + - ladder of success + - land on your feet + - lap of luxury + - last but not least + - last hurrah + - last-ditch effort + - law of the jungle + - law of the land + - lay down the law + - leaps and bounds + - let sleeping dogs lie + - let the cat out of the bag + - let the good times roll + - let your hair down + - let's talk turkey + - letter perfect + - lick your wounds + - lies like a rug + - life's a bitch + - life's a grind + - light at the end of the tunnel + - lighter than a feather + - lighter than air + - like clockwork + - like father like son + - like taking candy from a baby + - like there's no tomorrow + - lion's share + - live and learn + - live and let live + - long and short of it + - long lost love + - look before you leap + - look down your nose + - look what the cat dragged in + - looking a gift horse in the mouth + - looks like death warmed over + - loose cannon + - lose your head + - lose your temper + - loud as a horn + - lounge lizard + - loved and lost + - low man on the totem pole + - luck of the draw + - luck of the Irish + - make hay while the sun shines + - make money hand over fist + - make my day + - make the best of a bad situation + - make the best of it + - make your blood boil + - man of few words + - man's best friend + - mark my words + - meaningful dialogue + - missed the boat on that one + - moment in the sun + - moment of glory + - moment of truth + - money to burn + - more power to you + - more than one way to skin a cat + - movers and shakers + - moving experience + - naked as a jaybird + - naked truth + - neat as a pin + - needle in a haystack + - needless to say + - neither here nor there + - never look back + - never say never + - nip and tuck + - nip it in the bud + - no guts, no glory + - no love lost + - no pain, no gain + - no skin off my back + - no stone unturned + - no time like the present + - no use crying over spilled milk + - nose to the grindstone + - not a hope in hell + - not a minute's peace + - not in my backyard + - not playing with a full deck + - not the end of the world + - not written in stone + - nothing to sneeze at + - nothing ventured nothing gained + - now we're cooking + - off the top of my head + - off the wagon + - off the wall + - old hat + - older and wiser + - older than dirt + - older than Methuselah + - on a roll + - on cloud nine + - on pins and needles + - on the bandwagon + - on the money + - on the nose + - on the rocks + - on the spot + - on the tip of my tongue + - on the wagon + - on thin ice + - once bitten, twice shy + - one bad apple doesn't spoil the bushel + - one born every minute + - one brick short + - one foot in the grave + - one in a million + - one red cent + - only game in town + - open a can of worms + - open and shut case + - open the flood gates + - opportunity doesn't knock twice + - out of pocket + - out of sight, out of mind + - out of the frying pan into the fire + - out of the woods + - out on a limb + - over a barrel + - over the hump + - pain and suffering + - pain in the + - panic button + - par for the course + - part and parcel + - party pooper + - pass the buck + - patience is a virtue + - pay through the nose + - penny pincher + - perfect storm + - pig in a poke + - pile it on + - pillar of the community + - pin your hopes on + - pitter patter of little feet + - plain as day + - plain as the nose on your face + - play by the rules + - play your cards right + - playing the field + - playing with fire + - pleased as punch + - plenty of fish in the sea + - point with pride + - poor as a church mouse + - pot calling the kettle black + - pretty as a picture + - pull a fast one + - pull your punches + - pulling your leg + - pure as the driven snow + - put it in a nutshell + - put one over on you + - put the cart before the horse + - put the pedal to the metal + - put your best foot forward + - put your foot down + - quick as a bunny + - quick as a lick + - quick as a wink + - quick as lightning + - quiet as a dormouse + - rags to riches + - raining buckets + - raining cats and dogs + - rank and file + - rat race + - reap what you sow + - red as a beet + - red herring + - reinvent the wheel + - rich and famous + - rings a bell + - ripe old age + - ripped me off + - rise and shine + - road to hell is paved with good intentions + - rob Peter to pay Paul + - roll over in the grave + - rub the wrong way + - ruled the roost + - running in circles + - sad but true + - sadder but wiser + - salt of the earth + - scared stiff + - scared to death + - sealed with a kiss + - second to none + - see eye to eye + - seen the light + - seize the day + - set the record straight + - set the world on fire + - set your teeth on edge + - sharp as a tack + - shoot for the moon + - shoot the breeze + - shot in the dark + - shoulder to the wheel + - sick as a dog + - sigh of relief + - signed, sealed, and delivered + - sink or swim + - six of one, half a dozen of another + - skating on thin ice + - slept like a log + - slinging mud + - slippery as an eel + - slow as molasses + - smart as a whip + - smooth as a baby's bottom + - sneaking suspicion + - snug as a bug in a rug + - sow wild oats + - spare the rod, spoil the child + - speak of the devil + - spilled the beans + - spinning your wheels + - spitting image of + - spoke with relish + - spread like wildfire + - spring to life + - squeaky wheel gets the grease + - stands out like a sore thumb + - start from scratch + - stick in the mud + - still waters run deep + - stitch in time + - stop and smell the roses + - straight as an arrow + - straw that broke the camel's back + - strong as an ox + - stubborn as a mule + - stuff that dreams are made of + - stuffed shirt + - sweating blood + - sweating bullets + - take a load off + - take one for the team + - take the bait + - take the bull by the horns + - take the plunge + - takes one to know one + - takes two to tango + - the more the merrier + - the real deal + - the real McCoy + - the red carpet treatment + - the same old story + - there is no accounting for taste + - thick as a brick + - thick as thieves + - thin as a rail + - think outside of the box + - third time's the charm + - this day and age + - this hurts me worse than it hurts you + - this point in time + - three sheets to the wind + - through thick and thin + - throw in the towel + - tie one on + - tighter than a drum + - time and time again + - time is of the essence + - tip of the iceberg + - tired but happy + - to coin a phrase + - to each his own + - to make a long story short + - to the best of my knowledge + - toe the line + - tongue in cheek + - too good to be true + - too hot to handle + - too numerous to mention + - touch with a ten foot pole + - tough as nails + - trial and error + - trials and tribulations + - tried and true + - trip down memory lane + - twist of fate + - two cents worth + - two peas in a pod + - ugly as sin + - under the counter + - under the gun + - under the same roof + - under the weather + - until the cows come home + - unvarnished truth + - up the creek + - uphill battle + - upper crust + - upset the applecart + - vain attempt + - vain effort + - vanquish the enemy + - vested interest + - waiting for the other shoe to drop + - wakeup call + - warm welcome + - watch your p's and q's + - watch your tongue + - watching the clock + - water under the bridge + - weather the storm + - weed them out + - week of Sundays + - went belly up + - wet behind the ears + - what goes around comes around + - what you see is what you get + - when it rains, it pours + - when push comes to shove + - when the cat's away + - when the going gets tough, the tough get going + - white as a sheet + - whole ball of wax + - whole hog + - whole nine yards + - wild goose chase + - will wonders never cease? + - wisdom of the ages + - wise as an owl + - wolf at the door + - words fail me + - work like a dog + - world weary + - worst nightmare + - worth its weight in gold + - wrong side of the bed + - yanking your chain + - yappy as a dog + - years young + - you are what you eat + - you can run but you can't hide + - you only live once + - you're the boss + - young and foolish + - young and vibrant diff --git a/styles/write-good/E-Prime.yml b/styles/write-good/E-Prime.yml new file mode 100644 index 00000000..074a102b --- /dev/null +++ b/styles/write-good/E-Prime.yml @@ -0,0 +1,32 @@ +extends: existence +message: "Try to avoid using '%s'." +ignorecase: true +level: suggestion +tokens: + - am + - are + - aren't + - be + - been + - being + - he's + - here's + - here's + - how's + - i'm + - is + - isn't + - it's + - she's + - that's + - there's + - they're + - was + - wasn't + - we're + - were + - weren't + - what's + - where's + - who's + - you're diff --git a/styles/write-good/Illusions.yml b/styles/write-good/Illusions.yml new file mode 100644 index 00000000..b4f13218 --- /dev/null +++ b/styles/write-good/Illusions.yml @@ -0,0 +1,11 @@ +extends: repetition +message: "'%s' is repeated!" +level: warning +alpha: true +action: + name: edit + params: + - truncate + - " " +tokens: + - '[^\s]+' diff --git a/styles/write-good/Passive.yml b/styles/write-good/Passive.yml new file mode 100644 index 00000000..f472cb90 --- /dev/null +++ b/styles/write-good/Passive.yml @@ -0,0 +1,183 @@ +extends: existence +message: "'%s' may be passive voice. Use active voice if you can." +ignorecase: true +level: warning +raw: + - \b(am|are|were|being|is|been|was|be)\b\s* +tokens: + - '[\w]+ed' + - awoken + - beat + - become + - been + - begun + - bent + - beset + - bet + - bid + - bidden + - bitten + - bled + - blown + - born + - bought + - bound + - bred + - broadcast + - broken + - brought + - built + - burnt + - burst + - cast + - caught + - chosen + - clung + - come + - cost + - crept + - cut + - dealt + - dived + - done + - drawn + - dreamt + - driven + - drunk + - dug + - eaten + - fallen + - fed + - felt + - fit + - fled + - flown + - flung + - forbidden + - foregone + - forgiven + - forgotten + - forsaken + - fought + - found + - frozen + - given + - gone + - gotten + - ground + - grown + - heard + - held + - hidden + - hit + - hung + - hurt + - kept + - knelt + - knit + - known + - laid + - lain + - leapt + - learnt + - led + - left + - lent + - let + - lighted + - lost + - made + - meant + - met + - misspelt + - mistaken + - mown + - overcome + - overdone + - overtaken + - overthrown + - paid + - pled + - proven + - put + - quit + - read + - rid + - ridden + - risen + - run + - rung + - said + - sat + - sawn + - seen + - sent + - set + - sewn + - shaken + - shaven + - shed + - shod + - shone + - shorn + - shot + - shown + - shrunk + - shut + - slain + - slept + - slid + - slit + - slung + - smitten + - sold + - sought + - sown + - sped + - spent + - spilt + - spit + - split + - spoken + - spread + - sprung + - spun + - stolen + - stood + - stridden + - striven + - struck + - strung + - stuck + - stung + - stunk + - sung + - sunk + - swept + - swollen + - sworn + - swum + - swung + - taken + - taught + - thought + - thrived + - thrown + - thrust + - told + - torn + - trodden + - understood + - upheld + - upset + - wed + - wept + - withheld + - withstood + - woken + - won + - worn + - wound + - woven + - written + - wrung diff --git a/styles/write-good/README.md b/styles/write-good/README.md new file mode 100644 index 00000000..3edcc9b3 --- /dev/null +++ b/styles/write-good/README.md @@ -0,0 +1,27 @@ +Based on [write-good](https://github.com/btford/write-good). + +> Naive linter for English prose for developers who can't write good and wanna learn to do other stuff good too. + +``` +The MIT License (MIT) + +Copyright (c) 2014 Brian Ford + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. +``` diff --git a/styles/write-good/So.yml b/styles/write-good/So.yml new file mode 100644 index 00000000..e57f099d --- /dev/null +++ b/styles/write-good/So.yml @@ -0,0 +1,5 @@ +extends: existence +message: "Don't start a sentence with '%s'." +level: error +raw: + - '(?:[;-]\s)so[\s,]|\bSo[\s,]' diff --git a/styles/write-good/ThereIs.yml b/styles/write-good/ThereIs.yml new file mode 100644 index 00000000..8b82e8f6 --- /dev/null +++ b/styles/write-good/ThereIs.yml @@ -0,0 +1,6 @@ +extends: existence +message: "Don't start a sentence with '%s'." +ignorecase: false +level: error +raw: + - '(?:[;-]\s)There\s(is|are)|\bThere\s(is|are)\b' diff --git a/styles/write-good/TooWordy.yml b/styles/write-good/TooWordy.yml new file mode 100644 index 00000000..275701b1 --- /dev/null +++ b/styles/write-good/TooWordy.yml @@ -0,0 +1,221 @@ +extends: existence +message: "'%s' is too wordy." +ignorecase: true +level: warning +tokens: + - a number of + - abundance + - accede to + - accelerate + - accentuate + - accompany + - accomplish + - accorded + - accrue + - acquiesce + - acquire + - additional + - adjacent to + - adjustment + - admissible + - advantageous + - adversely impact + - advise + - aforementioned + - aggregate + - aircraft + - all of + - all things considered + - alleviate + - allocate + - along the lines of + - already existing + - alternatively + - amazing + - ameliorate + - anticipate + - apparent + - appreciable + - as a matter of fact + - as a means of + - as far as I'm concerned + - as of yet + - as to + - as yet + - ascertain + - assistance + - at the present time + - at this time + - attain + - attributable to + - authorize + - because of the fact that + - belated + - benefit from + - bestow + - by means of + - by virtue of + - by virtue of the fact that + - cease + - close proximity + - commence + - comply with + - concerning + - consequently + - consolidate + - constitutes + - demonstrate + - depart + - designate + - discontinue + - due to the fact that + - each and every + - economical + - eliminate + - elucidate + - employ + - endeavor + - enumerate + - equitable + - equivalent + - evaluate + - evidenced + - exclusively + - expedite + - expend + - expiration + - facilitate + - factual evidence + - feasible + - finalize + - first and foremost + - for all intents and purposes + - for the most part + - for the purpose of + - forfeit + - formulate + - have a tendency to + - honest truth + - however + - if and when + - impacted + - implement + - in a manner of speaking + - in a timely manner + - in a very real sense + - in accordance with + - in addition + - in all likelihood + - in an effort to + - in between + - in excess of + - in lieu of + - in light of the fact that + - in many cases + - in my opinion + - in order to + - in regard to + - in some instances + - in terms of + - in the case of + - in the event that + - in the final analysis + - in the nature of + - in the near future + - in the process of + - inception + - incumbent upon + - indicate + - indication + - initiate + - irregardless + - is applicable to + - is authorized to + - is responsible for + - it is + - it is essential + - it seems that + - it was + - magnitude + - maximum + - methodology + - minimize + - minimum + - modify + - monitor + - multiple + - necessitate + - nevertheless + - not certain + - not many + - not often + - not unless + - not unlike + - notwithstanding + - null and void + - numerous + - objective + - obligate + - obtain + - on the contrary + - on the other hand + - one particular + - optimum + - overall + - owing to the fact that + - participate + - particulars + - pass away + - pertaining to + - point in time + - portion + - possess + - preclude + - previously + - prior to + - prioritize + - procure + - proficiency + - provided that + - purchase + - put simply + - readily apparent + - refer back + - regarding + - relocate + - remainder + - remuneration + - requirement + - reside + - residence + - retain + - satisfy + - shall + - should you wish + - similar to + - solicit + - span across + - strategize + - subsequent + - substantial + - successfully complete + - sufficient + - terminate + - the month of + - the point I am trying to make + - therefore + - time period + - took advantage of + - transmit + - transpire + - type of + - until such time as + - utilization + - utilize + - validate + - various different + - what I mean to say is + - whether or not + - with respect to + - with the exception of + - witnessed diff --git a/styles/write-good/Weasel.yml b/styles/write-good/Weasel.yml new file mode 100644 index 00000000..e2939144 --- /dev/null +++ b/styles/write-good/Weasel.yml @@ -0,0 +1,207 @@ +extends: existence +message: "'%s' is a weasel word!" +ignorecase: true +level: warning +tokens: + - absolutely + - accidentally + - additionally + - allegedly + - alternatively + - angrily + - anxiously + - approximately + - awkwardly + - badly + - barely + - beautifully + - blindly + - boldly + - bravely + - brightly + - briskly + - bristly + - bubbly + - busily + - calmly + - carefully + - carelessly + - cautiously + - cheerfully + - clearly + - closely + - coldly + - completely + - consequently + - correctly + - courageously + - crinkly + - cruelly + - crumbly + - cuddly + - currently + - daily + - daringly + - deadly + - definitely + - deliberately + - doubtfully + - dumbly + - eagerly + - early + - easily + - elegantly + - enormously + - enthusiastically + - equally + - especially + - eventually + - exactly + - exceedingly + - exclusively + - extremely + - fairly + - faithfully + - fatally + - fiercely + - finally + - fondly + - few + - foolishly + - fortunately + - frankly + - frantically + - generously + - gently + - giggly + - gladly + - gracefully + - greedily + - happily + - hardly + - hastily + - healthily + - heartily + - helpfully + - honestly + - hourly + - hungrily + - hurriedly + - immediately + - impatiently + - inadequately + - ingeniously + - innocently + - inquisitively + - interestingly + - irritably + - jiggly + - joyously + - justly + - kindly + - largely + - lately + - lazily + - likely + - literally + - lonely + - loosely + - loudly + - loudly + - luckily + - madly + - many + - mentally + - mildly + - monthly + - mortally + - mostly + - mysteriously + - neatly + - nervously + - nightly + - noisily + - normally + - obediently + - occasionally + - only + - openly + - painfully + - particularly + - patiently + - perfectly + - politely + - poorly + - powerfully + - presumably + - previously + - promptly + - punctually + - quarterly + - quickly + - quietly + - rapidly + - rarely + - really + - recently + - recklessly + - regularly + - remarkably + - relatively + - reluctantly + - repeatedly + - rightfully + - roughly + - rudely + - sadly + - safely + - selfishly + - sensibly + - seriously + - sharply + - shortly + - shyly + - significantly + - silently + - simply + - sleepily + - slowly + - smartly + - smelly + - smoothly + - softly + - solemnly + - sparkly + - speedily + - stealthily + - sternly + - stupidly + - substantially + - successfully + - suddenly + - surprisingly + - suspiciously + - swiftly + - tenderly + - tensely + - thoughtfully + - tightly + - timely + - truthfully + - unexpectedly + - unfortunately + - usually + - very + - victoriously + - violently + - vivaciously + - warmly + - waverly + - weakly + - wearily + - weekly + - wildly + - wisely + - worldly + - wrinkly + - yearly diff --git a/styles/write-good/meta.json b/styles/write-good/meta.json new file mode 100644 index 00000000..a115d288 --- /dev/null +++ b/styles/write-good/meta.json @@ -0,0 +1,4 @@ +{ + "feed": "https://github.com/errata-ai/write-good/releases.atom", + "vale_version": ">=1.0.0" +} diff --git a/tracker.org b/tracker.org index a13304d6..2edc4b65 100644 --- a/tracker.org +++ b/tracker.org @@ -1,1454 +1,567 @@ + * 2023 -** 2023-W01 -*** 2023-01-03 Tuesday -**** MEETING 1-1 Wanderson :work:meeting: -[2023-01-03 Tue 14:26] +** 2023-W26 +*** 2023-06-29 Thursday +**** CANCELED Investigate invite bug :work: +SCHEDULED: <2023-07-03 Mon 11:00> +:LOGBOOK: +- State "CANCELED" from "TODO" [2023-07-11 Tue 10:51] \\ + Whatever +:END: +[2023-06-29 Thu 11:06] + +https://github.com/advthreat/response/issues/1888 + +Deleted user-id c59db89d-212a-4a0c-92d0-ff1a2c7de25b +** 2023-W27 +*** 2023-07-04 Tuesday +**** MEETING 1-1 Wanderson :work:meeting: +:LOGBOOK: +CLOCK: [2023-07-04 Tue 16:04]--[2023-07-04 Tue 16:33] => 0:29 +:END: +[2023-07-04 Tue 16:04] +***** Agenda (to discuss about) +- Provisioning + - PIAM status + - Orbital/Single SE status +- RBAC status +- offsite +***** Notes +***** Actions +- create a backlog of technical work to do +*** 2023-07-05 Wednesday +**** DONE Cleanup all "TO DELETE" entities :work: +SCHEDULED: <2023-07-28 Fri 11:00> +[2023-07-05 Wed 19:51] +*** 2023-07-06 Thursday +**** CANCELED Remove ability to create new Org :work: +SCHEDULED: <2023-07-06 Thu> +:LOGBOOK: +- State "CANCELED" from "TODO" [2023-07-11 Tue 10:52] \\ + Whatever +:END: +[2023-07-06 Thu 16:19] +** 2023-W28 +*** 2023-07-11 Tuesday +**** DONE IROH Sync :work: +SCHEDULED: <2023-07-11 Tue 17:00> +[2023-07-11 Tue 10:49] +**** DONE IROH-Auth weekly :work: +SCHEDULED: <2023-07-11 Tue 16:35> +[2023-07-11 Tue 10:49] +**** DONE 1-1 Wanderson :work: +SCHEDULED: <2023-07-11 Tue 16:05> +[2023-07-11 Tue 10:49] +**** DONE 1-1 Olivier :work: +SCHEDULED: <2023-07-11 Tue 15:35> +[2023-07-11 Tue 10:48] +**** DONE Lead Weekly :work: +SCHEDULED: <2023-07-11 Tue 15:00> +[2023-07-11 Tue 10:48] +**** DONE Provide doc to Guy Mackenzy :work: +SCHEDULED: <2023-07-11 Tue 11:30> +[2023-07-11 Tue 10:13] +**** DONE Create Entitlement Presentation :work: +SCHEDULED: <2023-07-11 Tue 10:30> DEADLINE: <2023-07-12 Wed 15:00> +[2023-07-11 Tue 10:12] +*** 2023-07-12 Wednesday +**** DONE Make enterprise_id mandatory field for PIAM endpoints :work: +DEADLINE: <2023-07-12 Wed 18:00> SCHEDULED: <2023-07-12 Wed> +[2023-07-12 Wed 17:14] +**** MEETING Monetization first meeting :work:meeting: +:LOGBOOK: +CLOCK: [2023-07-12 Wed 16:07]--[2023-07-12 Wed 17:07] => 1:00 +:END: +[2023-07-12 Wed 16:07] +***** Notes + +tier +*** 2023-07-13 Thursday +**** DONE Review [[https://github.com/advthreat/iroh/pull/8043][[Olivier PR] Check IROH node start in test]] :work: +SCHEDULED: <2023-07-13 Thu> +[2023-07-13 Thu 12:11] +**** DONE Add enterprise_id to many orgs [[https://github.com/advthreat/securex-ui-shell/issues/297#issuecomment-1633099674][list here]] :work: +SCHEDULED: <2023-07-13 Thu 14:30> +[2023-07-13 Thu 12:06] +**** DONE Provide Q1 technical items :work: +DEADLINE: <2023-07-13 Thu 16:00> SCHEDULED: <2023-07-13 Thu> +[2023-07-13 Thu 11:57] + + +1. *IROH-Auth Testing Framework-Refactor*: + IROH-Auth passed through many different evolution phases and different refactor + tentatives. Most of them failed to achieve. + One of the result is that the tests are scattered, some should be removed + entirely. + Some test are very complex to understand, and still not + entirely migrated to the new better norm. + We reclaim some official time to fix that discrepancy in the code, because it + could either hide some bugs, or make development of certain features a lot + harder longer than expected. + + Main concrete ideas: + - improve DBFixture service, + - try to regroup tests details into the same test-file so a reader will not be + forced to dig between different files to understand what is going on. +2. *Developer Targeted documentation*. + Currently the descriptions of the APIs in Swagger UI lack of precision. + We could greatly improve the understanding of developer facing it by + adding examples, and cleaner content in swagger UI. +3. *IROH-Auth isolation* + A potential effort to think how we could improve the reliability and security + of IROH by isolating IROH-Auth from the rest of IROH. This question + was raised multiple times, but we do not have yet a definitive answer about what + would be an ideal solution. + - potentially, this could mean improving building time, and development time + by decoupling Auth from the more feature-oriented work. + - potentially, open new unexpected integration solution by having + iroh-auth-only specific nodes, and perhaps even, removing the IROH-Auth + service from other nodes entirely + - Seems like a natural "next-step" related to the work related to specific nodes. + +This one is more feature oriented as we know we will need this soon: + +4. *Token Exchange Service* + We need to produce a service that could provide the ability for an entity to + get access to other tokens. + To make this safe and useful, we need to go beyond the Token Exchange RFC and + consider how to build an access rule system, logging, and keep track of the + token chain. + So first take the time to have a clear understanding of the feature needed, + search and find a technical solution, and design the work to be done. + + We have a current working first example with the Account Switching. + We should extend this to improve Impersonation (for TAC and some Devs), + future work with PIAM, and open the door to other integration mechanisms. + +**** DONE Sustaining items for Q1 :work: +SCHEDULED: <2023-07-13 Thu 17:00> +[2023-07-13 Thu 11:56] + +** 2023-W29 +*** 2023-07-17 Monday +**** MEETING Deep dive XDR Monetization :work:meeting: +:LOGBOOK: +CLOCK: [2023-07-17 Mon 16:31]--[2023-07-17 Mon 17:31] => 1:00 +:END: +[2023-07-17 Mon 16:31] ***** Agenda (to discuss about) ***** Notes +- hide 3rd party modules to "Essentials" users ***** Actions -** 2023-W02 -*** 2023-01-09 Monday -**** MEETING RSA :work:meeting: +- Restrict via the API too +**** DONE Add scopes to Scott Burnettes orgs/clients? :work: +SCHEDULED: <2023-07-17 Mon 11:00> +[2023-07-17 Mon 08:58] +*** 2023-07-19 Wednesday +**** MEETING API Design Meeting :work:meeting: :LOGBOOK: -CLOCK: [2023-01-09 Mon 16:32]--[2023-01-09 Mon 20:04] => 3:32 +CLOCK: [2023-07-19 Wed 18:47]--[2023-07-19 Wed 19:42] => 0:55 :END: -[2023-01-09 Mon 16:31] - -Option 1, Reduced features in time -- April 2023 -Option 2, more features, but longer -- April (1 scope) -- July 31 (additional scope) - -RBAC (pushed to Q4) - -- Beta on Jan 18th. - no client yet. - -- Full beta for RSA (April 24) - (option 1 scope only) - - high quality - - working software in customer environment - - limited # of customers - - -- Beta: April 24 -- LA (Limited Availability): June 30 -- GA (General Availbility): July 31 - -Detailed planning for Q3 and higher confidence for Q4 scope. -Q4 planning will require iterative refinement in Q3. - -Bi-weekly Demos -- increased visibility into work in progress -- Cross-functional, coordinated effort around feature delivery every 2 weeks -- Limit work in progress so we can demonstrate end to end functionality -- All resources should be focused on MVP items (no side distraction) -*** 2023-01-11 Wednesday -**** MEETING Q3 Incident logs Notes :work:meeting: -:LOGBOOK: -CLOCK: [2023-01-11 Wed 17:11]--[2023-01-11 Wed 17:12] => 0:01 -:END: -[2023-01-11 Wed 17:11] +[2023-07-19 Wed 18:47] ***** Agenda (to discuss about) ***** Notes +****** Data Retention + +How to delete private-intel events older than 90 days? +How to delete orgs data? + +Private Intel. + +Incidents related to other entities. +If we delete data older than 90 days? + +@Jyoti: if an incident is closed you can clear it. + +****** Deleting all data from an Org + +If no one logs for 90 days. We can delete it. +All users, modules, OAuth2 clients, etc… + +@Matthieu: do we send a warning email? + +@Jyoti: how to delete data in other components. +Send a notification. + +IROH Events for deletion. +Keep the main topic, and create sub-filtered topics. + +Order of deletion is important. + +1. Mark the Org as archived state (no login, only accessible through Cisco clients) +2. send notifications to all cisco components that need to cleanup +3. wait 1 week +4. real deletion + +Design doc. + +****** Monetization + +Lot of cases for upgrading. +In all these case, we do not have Entitlement. So no enforcement. + +****** Playbook retrieval API + +Read entities from public-intel, and UI call that API instead of a static file. +We had a design doc where we talked about this API. + ***** Actions -**** MEETING IROH Events Meeting :work:meeting: -:LOGBOOK: -CLOCK: [2023-01-11 Wed 10:31]--[2023-01-11 Wed 16:28] => 5:57 -:END: -[2023-01-11 Wed 10:31] -***** Agenda (to discuss about) -***** Notes -- what about forced shutdown? - - how to ensure transaction, like event was not missed? -- what occurs if we detect a corruption? - -#+begin_src clojure -(do - (send-event :command-action) - ;; <--- shut-down - (action user-provided-data-that-create-a-shutdown-bug) - ;; <--- shut-down - (send-event :action-done x)) -#+end_src -***** Actions -*** 2023-01-12 Thursday -**** MEETING Q3 Planning :work:meeting: -:LOGBOOK: -CLOCK: [2023-01-12 Thu 17:02]--[2023-01-14 Sat 00:36] => 31:34 -:END: -[2023-01-12 Thu 17:01] -***** Response Tab - -List of recommended actions. -- some I can execute -- some that need confirmation -- log of action taken (on the right) -****** UX Standpoint -Steps: phases (identification, containment, eradication, recovery) - -*Playbook?* -A list of things to do, and the user click on a button: confirm, execute, Add note, update, etc… - -Big button to skip a phase to next one. -****** Questions - -How to keep track of the state. -Probably one solution is to have a "Playbook Instance", which will be a specific -instance for an incident of a global Playbook. -So this will contains, run-ids for workflow ids, state of the playbook from user -interactions, actions, notes, etc… -** 2023-W04 -*** 2023-01-24 Tuesday -**** MEETING 1-1 Wanderson :work:meeting: -:LOGBOOK: -CLOCK: [2023-01-24 Tue 14:25]--[2023-01-24 Tue 14:45] => 0:20 -:END: -[2023-01-24 Tue 14:25] -*** 2023-01-26 Thursday -**** MEETING Weekly meeting :work:meeting: -:LOGBOOK: -CLOCK: [2023-01-26 Thu 17:01]--[2023-01-26 Thu 18:08] => 1:07 -:END: -[2023-01-26 Thu 17:01] - -- -**** REVIEW Invitation RBAC :work:review: -:LOGBOOK: -CLOCK: [2023-01-26 Thu 16:10]--[2023-01-26 Thu 16:22] => 0:12 -:END: -[2023-01-26 Thu 16:10] -**** DONE Ask to cherry-pick the fix https://github.com/advthreat/iroh/pull/7480 :work: -DEADLINE: <2023-01-26 Thu 17:00> SCHEDULED: <2023-01-26 Thu> -[2023-01-26 Thu 10:17] -**** DONE Prévenir le salon RBAC et Prerna :work: -DEADLINE: <2023-02-13 Mon 16:00> -[2023-01-26 Thu 10:06] - -Hi all, the work toward supporting new roles in the API-only is going great so -far and I think we will be able to support the new roles in a few weeks from now. -That being said, I don't think we will be able to activate that change before -taking the time to think about the implications. - -I can provide more details about the risk I identified already. -But even before that, I want to point this particular PR that will have a direct -UX/UI implication once the XDR roles will be merged. - -The "Org Access Request" flow. -Mainly, when a user login for the first time (and every time the user reach the -Registration UI page), -the user could request access to the Orgs whose admin email matches their own. -Note for those not familiar with this, as we use cisco email, we don't see this. -So when a user request access to such Org, a sub-set of admins of this Org will -receive an email. Currently the email contains 3 links: - -- Grant access as User -- Grant access as Admin -- Reject - -But when we will activate the XDR Roles, I think we will show 1 link per role -(7) + the reject link. -Which is probably not the best UX we can think of, but at least this will be -functional. -See a screenshot example of an email here: https://github.com/advthreat/iroh/pull/7465 - -This PR will probably be merged soon and will not change anything in any -environment before we activate the XDR-Roles feature flag. -I think this should probably start a discussion about wether this is acceptable -or if we need to improve the content of the email somehow, or potentially, have -a single link that will redirect the admin to the UI on a specific -administration page to grant access to the user with a specific role. -In the last case, this would imply another UI effort to update this. - -Another remark, once we will enable the new XDR roles, some have fewer scopes -than the scopes provided to the current non-admin, user role. -One major consequence is that every integration using an OAuth2 Client asking -for scopes present in the current user role, but not present in the future XDR -role will not be able to work as the user with the new more restrictive role -will not be able to approve the client. -So we will probably need to take the time, integration by integration to check -which one could be affected. -***** Could break - -- The email to accept Org requests will have one link per role (should probably - be discussed, improved, check UX) - + Should we create the UI in the dashboard for administrate Org Access Requests? - Backend job already done to make it work with all basic features. - But if we want a full working system we need to take advantage of - notifications between admins of an Org. Should be covered by the "Audit - Logs" effort, but need a backend integration. -- In the UI, the invitation role drop-down (appear to not be difficult). Minor - backend work close to completion. -- Integration with OAuth2 Auth-Code/Device Grant clients: - + Normal clients without ~allow-partial-user-scopes~ that request a scope that - is currently provided to user, but not for some new role. - Those users will not be allowed to use this client, or existing connection - (refresh token) will be rejected on next usage. - + Advanced clients with ~allow-partial-user-scopes~ example, (Ribbon, DI, FMC I - think, etc…), in this case, the client need to have made the display, disable - status of element depending on the scopes, not just on the "role" as there - will be many more specific element that could be disabled separately. -- Potentially, some SXO discussions to provide, so working toward providing - small JWT for them and switching to it in the future. -** 2023-W06 -*** 2023-02-07 Tuesday -**** MEETING RBAC meeting :work:meeting: -:LOGBOOK: -CLOCK: [2023-02-07 Tue 16:17]--[2023-02-08 Wed 16:01] => 23:44 -:END: -[2023-02-07 Tue 16:17] - -- We will try to work on Security Analyst first. -- Discussed about sync between SXO and SX about scopes and their internal - permissions or roles (they choose their preference) -*** 2023-02-08 Wednesday -**** DONE Create the issues for PIAM work to be done :work: -SCHEDULED: <2023-02-09 Thu> -[2023-02-08 Wed 19:33] -**** MEETING Weekly API Meeting :work:meeting: -:LOGBOOK: -CLOCK: [2023-02-08 Wed 18:33]--[2023-02-08 Wed 22:44] => 4:11 -:END: -[2023-02-08 Wed 18:33] - -Talk about: - -- Minor Admin works: - - fix a security bug - - update the list of or to be part of the XDR beta - - a little bit of TAC help -- Long term background work: - - some work related to the new deployment, some work to improve node configuration - To give an idea, at first it was a duplication of 5 envs. INT, TEST and 3 PRODs. - Now we have 20 I think. This is bad, I think I need to help ops handle this. - - Waiting to talk about PIAM provisioning and Org init (activation + integrations) - - creating a scope ~insight~ for device insight needs. -- RBAC (on track) - - Olivier: right now trying to prepare retro-compatibility and revert the - feature-flag at zero cost. - - Wanderson: work toward short JWT (should be useful for AO), added DB for - access/refresh tokens which will provide the ability to have access/refresh - tokens revocation API which is currently missing. - - Next steps: wait for the return of Christopher and just after discuss with - SXO how to communicate the permissions (most probably using scopes but maybe - not in the JWT). -***** TODO Provide an impersonate route on the provisioning API to make calls -***** TODO Check SCA can init 1-click module setup -**** DONE Add scopes to Beta orgs :work: -:LOGBOOK: -CLOCK: [2023-02-08 Wed 16:51]--[2023-02-08 Wed 17:39] => 0:48 -:END: -[2023-02-08 Wed 16:51] - -Added for: - -- NAM c4538cf2-e6aa-4c13-b27a-e67788b51089 -- 4986f84e-745f-4f32-b840-803b97856e68 -*** 2023-02-10 Friday -**** CANCELED Add the impersonate scope to PIAM clients :work: -CLOSED: [2023-03-03 Fri 08:30] SCHEDULED: <2023-02-13 Mon 15:00> -:LOGBOOK: -- State "CANCELED" from "HOLD" [2023-03-03 Fri 08:30] -- State "HOLD" from "TODO" [2023-02-16 Thu 15:47] \\ - We need to wait to know if we are going to provision internally. -:END: -[2023-02-10 Fri 15:23] -** 2023-W07 -*** 2023-02-13 Monday -**** DONE Créer un meeting avec Murali et Christopher Van Der Made :work: -SCHEDULED: <2023-02-14 Tue 10:00> -[2023-02-13 Mon 17:06] - -We would like to talk with you to find a way to synchronize between IROH and SXO permissions. -**** MEETING RBAC :work:meeting: -:LOGBOOK: -CLOCK: [2023-02-13 Mon 16:32]--[2023-02-13 Mon 17:32] => 1:00 -:END: -[2023-02-13 Mon 16:32] -***** Agenda (to discuss about) -***** Notes -***** Actions -*** 2023-02-14 Tuesday -**** DONE Finish to answer to Paul :work: -DEADLINE: <2023-02-15 Wed 11:00> SCHEDULED: <2023-02-14 Tue> -[2023-02-14 Tue 18:32] -**** DONE Répondre à Paul Cichonski :work: -SCHEDULED: <2023-02-13 Mon 17:00> -[2023-02-14 Tue 15:46] -*** 2023-02-15 Wednesday -**** DONE Create an issue to internalize provisioning :work: -DEADLINE: <2023-02-21 Tue 17:30> SCHEDULED: <2023-02-21 Tue> -:LOGBOOK: -CLOCK: [2023-02-22 Wed 14:00]--[2023-02-22 Wed 15:00] => 1:00 -:END: -[2023-02-15 Wed 19:17] -***** Epic - -Epic https://github.com/advthreat/iroh/issues/7533 -****** Specialized Provisioning Route for PIAM - :PROPERTIES: - :CUSTOM_ID: specialized-provisioning-route-for-piam - :END: -We should provide a route that will in the body a =NewAccount=, being - -#+begin_src clojure -(s/defschema NewAccount - "The schema to create a New Account, - mainly all data needed to create a new Org, - a main admin User for this org and onboard it." - {:org NewOrg - :user NewUser}) - -(s/defschema NewOrg - "Org before being saved to DB" - (st/merge - {:id OrgId} - (st/optional-keys - {:name (describe s/Str "The name of the Organization specified during login.") - :enterprise-id (describe s/Str "The Cisco SBG Platform Enterprise id associated to this Org.") - :scim-status (describe SCIMStatus "Determine if your Org is activated or not (allowed values are activated or waiting-activation)") - :address OrgAddress}))) - -(s/defschema OrgAddress - (st/optional-keys - {:department s/Str - :street1 s/Str - :street2 s/Str - :postal-code s/Str - :city s/Str - :country-iso-code (apply s/enum country-iso-codes)})) - -(s/defschema NewUser - "provisioned User before being saved to DB" - (st/merge - {:user-email s/Str - :role LegacyOrXDRRoleId - :idp-mappings [PlatformUserIdPMapping]} - (st/optional-keys - {:user-name s/Str - :user-nick s/Str}))) - - - -(s/defschema PlatformUserIdPMapping - {:idp s/Str - :user-identity-id s/Str - (s/optional-key :organization-id) s/Str - :enabled? s/Bool}) -#+end_src - -From there, the endpoint will create the Org and User, then call every -onboarding URL with a user session token. - -#+begin_src clojure -(let [org (create-org new-org) - user (create-user (assoc new-user :org-id (:id org))) - user-session-token (gen-session-token user) - onboarding-responses ;; a JSON Object whose keys are URLs and values are HTTP responses objects - (->> iroh-integration-onboarding-urls - (pmap #(http/post % user-session-token)) - (map (fn [url http-response] [url http-response]) iroh-integration-onboarding-urls) - (into {}))] - ;; 201 - (created {:user user - :org org - :onboarding-responses onboarding-responses})) -#+end_src - -Ideally every external service should answer quickly but after having -successfully created an IROH Module. Ideally, the response should -contain the =module-id=. - -In order for this work to be completed every different team should -provide a new endpoint to trigger the onboarding. -****** =/onboard= Endpoint Specification - :PROPERTIES: - :CUSTOM_ID: onboard-endpoint-specification - :END: -Provide a URL that listens to HTTP POST. It must only accept queries -containing an Authorization header that will contain a Bearer token. The -token must be a valid (correctly signed, non-expired) IROH JWT. If not, -it must return a 401. - -That route should not accept any query parameter nor any body. All the -data could be retrieved from the session token passed in the -Authorization header. - -Example: - -#+begin_example -POST https://product.env.security.cisco.com/onboarding -Authorization: Bearer $JWT -Accept: application/json -#+end_example - -#+begin_example -HTTP/2 201 -server: nginx -date: Wed, 21 Feb 2023 13:43:31 GMT -content-type: text/html; charset=utf-8 -content-length: 61 -strict-transport-security: max-age=31536000; includeSubDomains -accept-ranges: bytes - -{"module-instance-id":"1e5bb994-b2b4-11ed-9de6-325096b39f47"} -#+end_example - -The server should ideally answer in less than a few seconds. If for your -product, the internal provisioning takes longer then you should simply -return a response explaining that the provisioning is in progress. The -response must be a JSON Object. Ideally, it should contain a field named -=module-instance-id= for the module-instance-id created. And potentially -other data related to the onboarding. - -#+begin_example -{"module-instance-id": String, ...} -#+end_example -******* Expectations - :PROPERTIES: - :CUSTOM_ID: expectations - :END: -The expected background work to be performed after receiving this HTTP -call is: - -1. Call =/iroh/oauth2/custom/tokens= with the User Session Token in - header (same Authorization header as received) and the body must - contain the =cliend-id= and =client-secret= created for your Product - in IROH. From this call, you should get back both an access and - refresh token. -2. You should save the refresh token. -3. The access token could be used to: - - retrieve needed data to provision a new tenant by calling - =/iroh/profile/whoami= for example - - create the module instance in IROH. - -Here is an example diagram (for Device Insight): - -#+begin_src plantuml :file Onboarding_endpoint.png -skinparam handwritten false -skinparam shadowing false - -skinparam sequence { -ParticipantFontName Chalkboard; -ParticipantBackgroundColor white; -ParticipantBorderColor #37C -GroupBorderColor #888 -ArrowColor #37C -LifeLineBorderColor #37C -} - -participant IROH as iroh -participant "Device Insight" as di - -group Provision all sub-components (should not need the IROH_TOKEN) -group#EEF #EEF Device Insights -iroh->di: POST /onboard SESSION_TOKEN -di->di: internal provisioning -di->iroh: create module -di->iroh: 201 {module-id=..., ...} -end -#+end_src - -#+caption: Onboarding_endpoint -[[https://user-images.githubusercontent.com/93899/220635593-80305d45-0f32-45a5-a94c-780ed8c244da.png]] -****** IROH internal notes - -We need to introduce a new notion of /onboardable module./ -A module is onboardable, if its module-type contain an ~onboard~ field pointing to -a single URL that follow the previous section specification. - -We should probably have an internal data structure that will associate to every -entitlement a list of /onboardable modules/. -Ideally, we should have a convention to identify internal module-type by name, -so we could refer to the device-insight module for example instead of having to -specify manually the module-id. - -Once this is done, the provisioning endpoint will be able to retrieve, from a -specific entitlement, a list of onboarding URL to call. -Instead of writing all details here, we should first write a short specification -about what is the best way to achieve this. -****** Tasks - -- [ ] *dependency* DI check or update the onboarding endpoint -- [ ] *dependency* CSC check or update the onboarding endpoint -- [ ] *dependency* SXO check or update the onboarding endpoint -- [ ] *dependency* SCA check or update the onboarding endpoint -- [ ] Write the design related to the configuration of the onboarding URLs -- [ ] Create the new endpoint -**** MEETING RBAC sync with SXO :work:meeting: -:LOGBOOK: -CLOCK: [2023-02-15 Wed 17:51]--[2023-02-15 Wed 18:51] => 1:00 -:END: -[2023-02-15 Wed 17:51] -***** Agenda (to discuss about) -1. Explain the goal -2. Propose a technical solution -****** Explain the goals - -Currently in (XDR/SecureX/CTR) IROH we only have two roles, user and admin. -We want to introduce new roles with more granular permissions, in particular for -SXO. - -SXO has a matrix of Read/Write/Execute for example. The notion of Execute does -not exists in IROH. -But SXO also has some roles. - -A first step will be to introduce new role to propose up to 7 roles (instead of -the current 2) in XDR. -But an issue is that we also want to provide a way for IROH (XDR/SecureX/CTR) -admin to create their own *custom roles*. -****** Propose a technical solution -******* Problematic solution (SXO uses the claim for the role in the JWT) - -It will work in phase 1, as we could provide a consistent list of roles. -But as soon as IROH will introduce custom role this will stop working as these -new role will probably be random ids (both in the JWT and in /whoami). -******* Proposed Solution 1 - -Use the scopes in the JWT. - -AO should provide IROH a list of scopes for every new role. - -All starting with =ao/= - -- ~ao/sxo-role-1~ -~- ao/sxo-role-2~ -~- ao/sxo-role-3~ - -or - -- ~ao/admin/sub-role-2/sub-role-3~ -******* Proposed Solution 2 - -- ~ao/sxo-permission-1~ -- ~ao/sxo-permission-2~ -- ~ao/sxo-permission-3~ -******* Proposed Solution 3 - -- ~ao~ can read, write and execute -- ~ao:read~ can read, but cannot write nor execute -- ~ao/execute~ can read and execute, but cannot write -***** Notes -***** Actions -*** 2023-02-16 Thursday -**** MEETING TD&R Checking :work:meeting: -:LOGBOOK: -CLOCK: [2023-02-16 Thu 17:04]--[2023-02-17 Fri 10:22] => 17:18 -:END: -[2023-02-16 Thu 17:04] -***** AJ - -Address rumors: - -1. Earnings, yesterday, 133M$ -**** DONE Ecrire doc pour expliquer les changements RBAC à SXO :work: -SCHEDULED: <2023-03-27 Mon 16:00> -[2023-02-16 Thu 10:20] -**** DONE Upgrade Client to ribbon 2 in TEST :work: -DEADLINE: <2023-02-16 Thu 12:00> SCHEDULED: <2023-02-16 Thu> -[2023-02-16 Thu 09:15] - -webexteams://im?space=db149a90-e8b4-11eb-9fdb-3b8d98a2bf4d - -I'm starting to look at the process to update our ribbon to use 2.0. One of the first steps in the upgrade documentation is to reach out to IROH team to get the "investigation" and "registry/user" scopes added to our oauth client. - -To start, I'd like to update the oauth client used in the test environment with client id client-b63b916a-a606-4076-9f9b-15469aec0b93. -*** 2023-02-17 Friday -**** IN-PROGRESS Fix log PR :work: -:LOGBOOK: -CLOCK: [2023-02-17 Fri 10:50]--[2023-02-22 Wed 14:31] => 123:41 -:END: -[2023-02-17 Fri 10:50] -**** DONE Extraire les logs de logins pour Prerna :work: -DEADLINE: <2023-02-17 Fri 09:45> SCHEDULED: <2023-02-17 Fri> -[2023-02-17 Fri 08:53] -** 2023-W08 -*** 2023-02-22 Wednesday -**** MEETING Weekly API Design Meeting :work:meeting: -:LOGBOOK: -CLOCK: [2023-02-22 Wed 18:35]--[2023-02-22 Wed 19:43] => 1:08 -:END: -[2023-02-22 Wed 18:35] -***** Agenda (to discuss about) -***** Notes -***** Actions -**** MEETING RBAC weekly :work:meeting: -:LOGBOOK: -CLOCK: [2023-02-22 Wed 17:03]--[2023-02-22 Wed 17:34] => 0:31 -:END: -[2023-02-22 Wed 17:03] -***** Agenda (to discuss about) -***** Notes -***** Actions -Look deeper into dependencies (3rd party scopes like sse, ao, etc…) -*** 2023-02-23 Thursday -**** DONE Check Secure Endpoint error logs :work: -CLOSED: [2023-05-06 Sat 09:06] DEADLINE: <2023-02-24 Fri 10:30> SCHEDULED: <2023-02-23 Thu> -:LOGBOOK: -- State "DONE" from "HOLD" [2023-05-06 Sat 09:06] -- State "HOLD" from "TODO" [2023-02-24 Fri 14:19] \\ - En attente du retour de Matt pour tester -:END: -[2023-02-23 Thu 19:00] -Discussion in "SecureX Secure Endpoint" -webexteams://im?space=d42b0de0-48b3-11ec-924a-a3c1923cd1c3 -Fix PR https://github.com/advthreat/iroh/pull/7473 -**** MEETING Weekly IROH Services Meeting :work:meeting: -:LOGBOOK: -CLOCK: [2023-02-23 Thu 17:04]--[2023-02-23 Thu 18:34] => 1:30 -:END: -[2023-02-23 Thu 17:04] -***** Agenda (to discuss about) -***** Notes -***** Actions -*** 2023-02-24 Friday -**** DONE Help Yannis to fix the Orbital Client :work: -SCHEDULED: <2023-02-24 Fri> -[2023-02-24 Fri 14:18] -** 2023-W09 -*** 2023-02-27 Monday -**** MEETING Staging Env :work:meeting: -:LOGBOOK: -CLOCK: [2023-02-27 Mon 16:00]--[2023-02-27 Mon 16:39] => 0:39 -:END: -[2023-02-27 Mon 16:00] -***** Agenda (to discuss about) -***** Notes -***** Actions -**** DONE Help UI beta team list the IdP used by beta org :chore: -:LOGBOOK: -CLOCK: [2023-02-27 Mon 16:39]--[2023-02-27 Mon 17:02] => 0:23 -:END: -[2023-02-27 Mon 16:59] - -There is a bug for user login via SMA -https://github.com/advthreat/securex-ui-shell/issues/115 - -In order to check if this must be resolved before going to prod, I had to check -if every org part of the beta uses TG to login. Result none. - -NAM: - -- SX Test org: b5935c68-c16a-4290-a49a-aad9bb2ea733 SXSO -- Cisco SBG Customer Insights: 40f4c64b-7934-4dc6-87d9-5ebf36c13d54 SXSO -- Jazz Air: 1b7024af-bc0a-4de1-8ce6-f093340ed5fb SXSO -- MEMIC: b62f0113-f26e-42f1-89e3-b45254c416a7 CSA and SXSO (did not perform the full IdP migration from CSA) -- Opus Holding: 4b1b4bba-f310-4251-88c3-bdf3b93d6456 CSA (some users used SXSO) -- Room & Board: 794047a5-b023-489e-b5ee-6407fcdf0daa SXSO (Migrated from CSA) -- Talos Energy: c074a67d-1e57-4e4f-9f9d-0b9ed7847bf8 SXSO (Migrated from CSA) - -EU: - -- DPD Group UK LTD: cee614cb-f35b-4147-bd27-9968d173c3ce: SXSO -*** 2023-03-01 Wednesday -**** MEETING API Design Meeting :work:meeting: -:LOGBOOK: -CLOCK: [2023-03-01 Wed 18:35]--[2023-03-01 Wed 19:50] => 1:15 -:END: -[2023-03-01 Wed 18:34] -***** Matt -Jyoti: -Leave it retro-compat for UI. -Just for the engine. - -Matt: -- in AMP, 2 calls: - 1. retrieve computers - 2. then trajectory - -Jyoti: -> Too many timeouts AMP-module. -> Use events API instead (not now). -> We should revisit. - -GB: -We have to do something uniform. -Passing additional query parameters it's ok, but for some specific servers we -could break the contract. -Suggest create a new endpoint. - -Jyoti: -Looking into AMP API to search for time constraint in search APIs. -*** 2023-03-02 Thursday -**** MEETING Workshop Day 1 :work:meeting: -:LOGBOOK: -CLOCK: [2023-03-02 Thu 17:03]--[2023-03-02 Thu 22:03] => 5:00 -:END: -[2023-03-02 Thu 17:03] - -Leave with a common understanding, but not precise technical specification. -***** Agenda -- DI -- Response -***** Device Insight -- Priorities: - - P1: - - DB simplification - - Simplification of Sources - - P2: - - Unified view of users and associated devices -** 2023-W10 -*** 2023-03-06 Monday -**** DONE Add scope to TAC-OPS orgs :work:meeting: -:LOGBOOK: -CLOCK: [2023-03-06 Mon 16:50]--[2023-03-06 Mon 20:50] => 4:00 -:END: -[2023-03-06 Mon 17:01] -**** MEETING RBAC Workshop :work:meeting: -:LOGBOOK: -CLOCK: [2023-03-06 Mon 17:02]--[2023-03-06 Mon 17:15] => 0:13 -:END: -[2023-03-06 Mon 17:01] -***** New tile to measure time of incident resolution -*** 2023-03-07 Tuesday -**** CANCELED Create a new Epic for Registration UI admin/impersonate :work: -SCHEDULED: <2023-03-28 Tue 11:30> -:LOGBOOK: -- State "CANCELED" from "TODO" [2023-04-20 Thu 15:43] -:END: -[2023-03-07 Tue 14:54] - -- https://github.com/advthreat/iroh/pull/6927 - - -In order to debug and use the Swagger UI for the Registration UI we need to add -new features. - -1. Support a selection of the registration_url from a query parameter in the - login routes. We, must check that the registration_url is part of an allowed - list of domains. -2. Centralize JWT generation that can take care of keeping the =act= (actor) claim - of an originating JWT. Tyically, if the registration UI JWT contains an =act= - we should copy it inside every JWT generated from it. By that, I mean, - session and refresh tokens, but also id_tokens, access tokens from authorized - clients, etc... - -Once we have that we will be able to use the Swagger UI for the iroh-auth-ui API. -And once we have the second we could provide an impersonate for the Registration UI. -*** 2023-03-08 Wednesday -**** IN-PROGRESS Entitlements :work: -:LOGBOOK: -CLOCK: [2023-03-08 Wed 10:43]--[2023-03-08 Wed 11:43] => 1:00 -:END: -[2023-03-08 Wed 10:42] -*** 2023-03-09 Thursday -**** DONE Review Mark PRs :work: -SCHEDULED: <2023-03-09 Thu> -[2023-03-09 Thu 18:01] - -https://github.com/advthreat/iroh/pull/7315 -**** MEETING Weekly :work:meeting: -:LOGBOOK: -CLOCK: [2023-03-09 Thu 17:13]--[2023-03-09 Thu 18:26] => 1:13 -:END: -[2023-03-09 Thu 17:13] -***** Status - -*Progress*: PIAM provisioning/entitlement/demo plan seems to be ok with all teams -involved (PIAM, IROH, SCA, Secure Client, DI, SXO) - -Open question: -- where should we put the onboarding configuration (URLs?) -** 2023-W12 -*** 2023-03-20 Monday -**** CANCELED Add org-habit+ for daily work tasks :work: -DEADLINE: <2023-03-21 Tue 10:00> SCHEDULED: <2023-03-20 Mon> -:LOGBOOK: -- State "CANCELED" from "TODO" [2023-03-21 Tue 10:47] -:END: -[2023-03-20 Mon 10:07] -**** CANCELED Améliorer issue Clients TG / Config :work: -SCHEDULED: <2023-04-19 Wed 11:00> -:LOGBOOK: -- State "CANCELED" from "IN-PROGRESS" [2023-04-20 Thu 15:43] -:END: -[2023-03-20 Mon 09:57] - -INT: - -Org-id: 5a439753-42e9-5058-872e-cb69be5455e6 -Austin Haas user-id: 553788bd-25a4-543d-b6c3-cf7dddcfda5a - - -#+begin_src clojure -{:password "13c74602-2" - :availability "everyone" - :org-id "5a439753-42e9-5058-872e-cb69be5455e6" - :owner-id "553788bd-25a4-543d-b6c3-cf7dddcfda5a" - :client-type :confidential - :grants #{:auth-code} - :redirects #{"https://int.threatgrid.com/oauth2/cb/visibility" - "https://int.threatgrid.com/oauth2/cb/securex" - "http://localhost:8080/oauth2/cb/visibility" - "http://localhost:8080/oauth2/cb/securex" - "http://localhost:8080/oauth2/cb/securex_one_click_activation" - "https://int.threatgrid.com/oauth2/cb/securex_one_click_activation"} - :id "34d94c8c-2041-4708-8172-ebe2df295ca7-2" - :name "secure malware analytics" - :allow-partial-user-scopes? true - :scopes #{"admin" - "casebook" - "enrich" - "global-intel:read" - "inspect" - "integration/module-instance" - "integration:read" - "investigation" - "notification" - "orbital" - "private-intel" - "profile" - "registry/user" - "response" - "telemetry:write" - "users"} - :approved? true - :enabled? true - :created-at #inst "2018-02-27t10:00:00" - :updated-at #inst "2018-02-27t10:00:00" - :enabled-at #inst "2018-02-27t10:00:00" - :activated-at #inst "2018-02-27t10:00:00" - :approved-at #inst "2018-02-27t10:00:00" - } -#+end_src -*** 2023-03-25 Saturday -**** DONE Add orgs to beta :work: -DEADLINE: <2023-03-27 Mon 10:00> SCHEDULED: <2023-03-25 Sat> -[2023-03-25 Sat 09:51] - -See webexteams://im?space=d6d28420-c403-11ed-8526-0db030ef0b12 -**** DONE Support body for onboardings :work: -SCHEDULED: <2023-03-27 Mon 11:00> -[2023-03-25 Sat 09:47] -**** DONE recursive search data-structure :work: -SCHEDULED: <2023-03-27 Mon 16:00> -[2023-03-25 Sat 09:44] - -Replace in TK-Store Search by -Search | [:or Search*] | [:and Search*] | [:not Search*] - -by using the trick return {:query ... :args [...]} instead of just query -** 2023-W13 -*** 2023-03-28 Tuesday -**** DONE Create issues for SSE onboarding :work: -SCHEDULED: <2023-03-28 Tue> -[2023-03-28 Tue 18:35] - -1. create client for SSE with Secure Client and DI scopes -2. Configure SCA -2. Support provisioning for free Org - (empty entitlement or entitlement.tier = free) and should only onboard CSC - and DI. -**** MEETING Performance Management :work:meeting: -:LOGBOOK: -CLOCK: [2023-03-28 Tue 18:05]--[2023-03-30 Thu 11:46] => 41:41 -:END: -[2023-03-28 Tue 18:05] - -Focus on performance management. - -Why / what are we doing? - -@Pat_Chatterton: -1. prioty, transforming the business, change what we are doing with our teams. -Conversation with our teams about where we are going. -My teams discuss once a week. - -Something that I am passionate about. Align everybody. - -This is not new. -Everybody is doing in their own way. -Lot of tools already in place. -Refresher of what we're doing. - -Tons of info come out of this. -Not only listen, but also think about it because you will be doing this. -Make sure our team is ready for next step. - -@Amelia_Lombard: -Program. - -An invitation for how to approach "performance management". - -- We as leader can be better by bing more authentically. -- Channeling *our values*. - - build and learn together - - create clarity to drive momentum - - be kinder than necessary - - celebrate together -- with empathy, support and accountability - -Sharing that data to our team members. -Look for opportunities to build on success. -Also celebrate on progress on weaknesses. - -First be clear about our expectations. -And ultimately they'll need to deliver. - -Core Career Beliefs (illuminate.cisco.com) -(share with your team) - -Please do engage. -Slido.com event code: SBGPerfMgmt pass: lift -***** Goals - -1. Understand where each of your team members perf is today -2. if some are underperforming, reach out to perf consultants for support (by - 31th March) -3. Plan for Quarterly Developement discussions -***** Performance at Cisco -@Shelly_Collins - -1. Clearly communicate how they are doing. -2. how to assess performance. - results / principles-behaviors / team-impact -3. data points: - - team space check-in insights report - - OKRs, KPIs, Scorecards - - seek feedback from peers, stakeholders - - connected recognition - - expectations set in your quarterly development -****** Performing - -Thinking about their carreer? -1. Exploring (looking for new opportunity) -2. Establishing (build my skillset) -3. Achieving (find ways to grow) -4. Excelling (broaden opportunity) -5. Reinventing (build new skillset) -****** Underperformance - -@Felicia_Glace - -1. Employee consistently missing critical meetings without reason -2. Employee not meeting business deliverables that has amplified impact -3. Lack of care in quality of work being delivered -4. Challenges with engagement -5. Individual Performance Factor (IPF) lower than 100% - -*Low performance is NOT* - -- Employee dealing with personal loss, life event -- Behavorial concerns -****** Lifting Low Performance - -Open a case with the Performance Management team - -The Low Performance Management Website. - -From a case: - -4 steps: Expectations, Notice, Opportunity, Consequences - -- Clearly communicate expectations -- Provide notice to the team member they are not meeting expectations. - Be specific about where performance is falling short. -- Provide an opportunity for the team member to improve their performance. -****** Coaching conversation - -BEFORE - -- be prepared to address questions -- both verbal coaching and documented coaching should align that employee is not - meeting expectations. -- Prepare for the first conversation by preparing documentation and gathering - supporting facts - -DURING - -AFTER -- Follow up with an email to the employee outlining progress and summarizing - discussion point -- Document feedback regularly -****** Individual Dev Template - -- short-term goals -- long-term carreer -*** 2023-03-30 Thursday -**** MEETING weekly :work:meeting: -:LOGBOOK: -CLOCK: [2023-03-30 Thu 17:01]--[2023-04-05 Wed 18:37] => 145:36 -:END: -[2023-03-30 Thu 17:01] -***** Status update -- PIAM work -- TK-Store work for composable query with and/org/not -- Work on configs -- Entitlement brainstorm -- Lot of XDR beta-flag requests -** 2023-W14 -*** 2023-04-07 Friday -**** MEETING Weekly meeting :work:meeting: -:LOGBOOK: -CLOCK: [2023-04-07 Fri 16:28]--[2023-04-07 Fri 16:30] => 0:02 -:END: -[2023-04-07 Fri 16:28] -***** Agenda (to discuss about) -***** Notes -***** Actions -** 2023-W16 -*** 2023-04-18 Tuesday -**** DONE Créer issue pour la route de description des roles :work: -SCHEDULED: <2023-04-18 Tue> -[2023-04-18 Tue 16:41] -**** MEETING RBAC Weekly Feature Sync :work:meeting: -:LOGBOOK: -CLOCK: [2023-04-18 Tue 16:01]--[2023-04-18 Tue 16:40] => 0:39 -:END: -[2023-04-18 Tue 16:01] - -- Name from "admin" to "Administrator" -- Name from "user" to "Incident Responder" -- new role "sat" named "Security Analyst" -*** 2023-04-19 Wednesday -**** DONE Create the SSE (0 Trust) scripts :work: -SCHEDULED: <2023-04-21 Fri 10:00> -:LOGBOOK: -CLOCK: [2023-04-21 Fri 09:42]--[2023-04-21 Fri 19:46] => 10:04 -:END: -[2023-04-19 Wed 20:01] -**** MEETING API Design Meeting :work:meeting: -:LOGBOOK: -CLOCK: [2023-04-19 Wed 18:30]--[2023-04-20 Thu 16:26] => 21:56 -:END: -[2023-04-19 Wed 18:30] -***** Confs -Create project board about configurations. -***** Entitlements - -PIAM Entitlements: - -#+begin_src clojure -[{:entitlement-name "tier" - :value "essential" - :quantity 4000 - :created-at ,,,} - {:entitlement-name "extra-data-retention" - :quantity 90 - :created-at ,,,}] -#+end_src - -Entitlement ids, - -In the config - -#+begin_src clojure -{:free {,,,} - :essential {:allowed-modules [?] - :apps [:sxo :di :csc :sca :ssx] - :additional-scopes [,,,] - :data-retention-in-GB 200 - :rate-limits-per-hour 8000 - ,,,} - :advantage {:allowed-modules [?] - :apps [:sxo :di :csc :sca :ssx] - :additional-scopes [,,,] - :data-retention-in-GB 1000 - :rate-limits-per-hour 8000 - ,,,} - :premier {:allowed-modules [?] - :apps [:sxo :di :csc :sca :ssx] - :additional-scopes [,,,] - :data-retention-in-GB 2000 - :rate-limits-per-hour 8000 - ,,,}} -#+end_src - -An Entitlements data-store. - -#+begin_src clojure -{:id 0001 - :org-id 0001 - :created-at ,,, - :entitlement {:tier :premier - :seat-count 4000} - :entitlement-capabilities-snapshot {:allowed-modules [?] - :apps [:sxo :di :csc :sca :ssx] - :additional-scopes [,,,] - :data-retention-in-GB 2000 - :rate-limits-per-hour 8000 - ,,,}} - -{:id 0002 - :org-id 0001 - :created-at ,,, - :entitlement {:extra-data-retention-in-GB 90} } -#+end_src - -FOR org 0001 -#+begin_src clojure -{:summary {:tier :premier - :allowed-modules [?] - :apps [:sxo :di :csc :sca :ssx] - :data-retention-in-GB 2090 ;; <---- 2000 + 90 - :rate-limits-per-hour 8000 - ,,,} - :history [{:id 0001 :org-id 0001 - :created-at ,,, - :entitlement-view {:allowed-modules [?] - :apps [:sxo :di :csc :sca :ssx] - :data-retention-in-GB 2000 - :rate-limits-per-hour 8000 - ,,,}} - {:id 0002 :org-id 0001 - :created-at ,,, - :entitlement-view {:data-retention-in-GB 200}}]}} -#+end_src -***** SSE (0-Trust) - -Free Entitlement - -apps: Secure Client and Device Insight. - -Write the doc with an example. - -1.a Prior change the scopes required for =POST /iroh/provisioning/platform/org= -1.b Prior change the scopes required for =POST /iroh/provisioning/platform/user= - -2. Create a client with that scope - => get a client-id/client-secret - -3. Write a script (python/bash/maybe HTML+JS): - input: user-email/user-name/org-name/org-address etc… - 1. get the JWT from client-id/client-secret - 2. create the ORG - 3. create the User -****** Think about onboarding - -Onboard only DI and Secure Client -*** 2023-04-20 Thursday -**** DONE Create todo list for work :work: -SCHEDULED: <2023-04-28 Fri> -[2023-04-20 Thu 16:30] -1. prepare 1-1 tasks -2. select to make a iroh-auth call to prevent repeat myself (better group feeling) -**** MEETING RBAC UI meeting :work:meeting: -:LOGBOOK: -CLOCK: [2023-04-20 Thu 16:26]--[2023-04-20 Thu 17:40] => 1:14 -:END: -[2023-04-20 Thu 16:26] -***** Agenda -***** Notes -***** Actions -** 2023-W18 -*** 2023-05-02 Tuesday -**** DONE Prepare Quaterly Meeting! [[https://www.cisco.com/c/dam/r/team-development/performance/assets/Guide_to_Quarterly_Development_Discussions-for_Team_Leaders.pdf][quarterly pdf]] :work: -SCHEDULED: <2023-05-03 Wed 15:00> -[2023-05-02 Tue 17:37] -**** DONE [#7835] Create and Estimate all tasks related to [[https://github.com/advthreat/iroh/issues/7835]] :work: -SCHEDULED: <2023-05-03 Wed 11:30> -[2023-05-02 Tue 17:36] -**** MEETING Epic PIAM :work:meeting: -[2023-05-02 Tue 15:30] -**** MEETING Weekly lead :work:meeting: -:LOGBOOK: -CLOCK: [2023-05-02 Tue 15:04]--[2023-05-02 Tue 16:51] => 1:47 -:END: -[2023-05-02 Tue 15:04] -***** Agenda (to discuss about) -***** Notes -@GB: travaille sur la nouvelle API de l'incident manager. -***** Actions -**** DONE Prepare Quarterly development :work: -SCHEDULED: <2023-05-02 Tue 17:00> DEADLINE: <2023-05-05 Fri 12:00> -[2023-05-02 Tue 14:44] -**** DONE Add an XDR beta flag to an Org :work: -:LOGBOOK: -CLOCK: [2023-05-02 Tue 14:34]--[2023-05-02 Tue 14:37] => 0:03 -:END: -[2023-05-02 Tue 14:34] -**** DONE Epic Provisioning :work: -DEADLINE: <2023-05-02 Tue 15:30> SCHEDULED: <2023-05-02 Tue> -[2023-05-02 Tue 12:40] -**** DONE Weekly Leads :work: -SCHEDULED: <2023-05-02 Tue 15:00> -[2023-05-02 Tue 12:40] -**** DONE Review O's PR about services :work: -DEADLINE: <2023-05-03 Wed 15:00> SCHEDULED: <2023-05-02 Tue> -:LOGBOOK: -CLOCK: [2023-05-03 Wed 17:33]--[2023-05-04 Thu 09:28] => 15:55 -:END: -[2023-05-02 Tue 10:41] -**** DONE Discuss with Wanderson about short-token strategy :work: -DEADLINE: <2023-05-02 Tue 14:40> SCHEDULED: <2023-05-02 Tue> -[2023-05-02 Tue 10:41] -*** 2023-05-03 Wednesday -**** DONE Election CSE :work: -SCHEDULED: <2023-05-03 Wed 14:00> -[2023-05-03 Wed 10:45] -**** DONE API Design Meeting :work: -SCHEDULED: <2023-05-03 Wed 18:30> -[2023-05-03 Wed 10:29] -**** DONE Ajouter les beta flags [[webexteams://im?space=d6d28420-c403-11ed-8526-0db030ef0b12][beta-room]] :work: -SCHEDULED: <2023-05-03 Wed 11:10> -[2023-05-03 Wed 10:19] -**** DONE Répondre à Paul [[webexteams://im?space=7e5c4ac0-b232-11ed-8863-ef048e50358a][room]] :work: -SCHEDULED: <2023-05-03 Wed 11:00> [2023-05-03 Wed 10:17] -*** 2023-05-04 Thursday -**** MEETING Weekly IROH :work:meeting: -:LOGBOOK: -CLOCK: [2023-05-04 Thu 17:01]--[2023-05-04 Thu 17:59] => 0:58 -:END: -[2023-05-04 Thu 17:21] -***** Agenda (to discuss about) -***** Notes -***** Actions -**** DONE IROH Weekly :work: -SCHEDULED: <2023-05-04 Thu 17:00> [2023-05-04 Thu 11:36] -- Next week Response API in IROH with UI -- Problem with backfill for Jon -**** DONE QDD Olivier :work: -SCHEDULED: <2023-05-04 Thu 15:35> -[2023-05-04 Thu 11:35] -**** DONE QDD Wanderson :work: -SCHEDULED: <2023-05-04 Thu 14:35> -[2023-05-04 Thu 11:35] -**** IN-PROGRESS Personal QDD FY23Q3 :work: -:LOGBOOK: -CLOCK: [2023-05-04 Thu 09:28]--[2023-05-04 Thu 09:59] => 0:31 -:END: -[2023-05-04 Thu 09:28] -***** Results -****** Accomplishments -Accomplishments: -- Added support for AND/OR queries in tk-store. Should help -- PIAM (Provisioning / Entitlement start) -- Free Tier Provisioning -- XDR Flags via scopes -****** Improvements/opportunities for development: -- Work closer to PIAM -- Entitlement will be a nice beast -***** Principles & Behaviors -****** Accomplishments -- Advocate (only positive XDR feedback to the team) -- Customer value (AND/OR queries) -- Learn (clojure in scripts) -- Team for results: engaged team for iroh config issue -****** Improvements/opportunities for development: -***** Team Impact -****** Accomplishments -- admin-clj scripts should be helpful -- IROH default config should help ops -- PIAM -****** Improvements/opportunities for development: -*** 2023-05-05 Friday -**** DONE Change the scope for feature-flag API to use cisco/tac :work: -SCHEDULED: <2023-05-09 Tue 10:00> -[2023-05-05 Fri 22:41] -**** DONE IMPORTANT QDD Returns Actions :work: -SCHEDULED: <2023-05-11 Thu 10:00> -[2023-05-05 Fri 16:24] - -Both of you are tagged with not enough implication. - -- Lack of visibility! - - Webex support ! - - Webex implication in external discussions with UI, PO, PMs, etc… - - Everyday messages - -** 2023-W19 -*** 2023-05-10 Wednesday -**** IN-PROGRESS Ecrire un kudos pour la team. :work: -:LOGBOOK: -CLOCK: [2023-05-10 Wed 16:13]--[2023-05-10 Wed 16:38] => 0:25 -:END: -[2023-05-10 Wed 16:13] - -Thanks Wanderson and Olivier for your dedication. -You prepared the RBAC work for the next quarter so most backend work is already done. - -Olivier you managed to update and refactor all the IROH-Auth code to introduce -new roles everywhere in the code. -You also improved the work so now it is possible to launch specialized IROH nodes. -**** DONE Merge [[https://github.com/advthreat/iroh/pull/7857][7857]] :work: -SCHEDULED: <2023-05-10 Wed> -[2023-05-10 Wed 12:04] -**** DONE Prepare some kudos messages for your teams. :work: -SCHEDULED: <2023-05-10 Wed 17:00> -:LOGBOOK: -CLOCK: [2023-05-10 Wed 16:38]--[2023-05-10 Wed 17:38] => 1:00 -:END: -[2023-05-10 Wed 10:41] -**** TODO Fill Talent Assessments in workday :work: -SCHEDULED: <2023-05-24 Wed 15:40> DEADLINE: <2023-05-26 Fri> -[2023-05-10 Wed 10:33] **** DONE API Design Meeting :work: -SCHEDULED: <2023-05-10 Wed 19:00> -[2023-05-10 Wed 09:51] -**** DONE RSA Celebration :work: -SCHEDULED: <2023-05-10 Wed 18:00> -[2023-05-10 Wed 09:50] -**** DONE Check with Hissan who to contact for Provisioning bug :work: -SCHEDULED: <2023-05-10 Wed 16:20> -[2023-05-10 Wed 09:48] -**** DONE Propose options for FF in [[webexteams://im?space=93aefba0-e28c-11ec-bfd4-93d97d332464][XDR RBAC]] :work: -SCHEDULED: <2023-05-10 Wed 16:00> -[2023-05-10 Wed 09:47] -**** DONE Add Jeffrey Zankowits to the XDR beta :work: -SCHEDULED: <2023-05-10 Wed 16:00> -[2023-05-10 Wed 09:46] -*** 2023-05-11 Thursday +SCHEDULED: <2023-07-19 Wed 18:30> +[2023-07-19 Wed 14:36] +** 2023-W30 +*** 2023-07-25 Tuesday +**** DONE Retrieve the list of entities from IROH Auth :work: +SCHEDULED: <2023-07-25 Tue> +[2023-07-25 Tue 17:38] + +#+begin_src clojure +IROH-Auth + no entities dbs + "auth-codes" + "auth-requests" + "auth-responses" + "auth-login-filters" + "oauth-client-presets" + "oauth-code" + "oauth-csrf" + "oauth-device-grant-user-auth" + "oauth-grants" + "oauth-trusted-clients" + "revoked-jwt" + "revoked-entities" + +For Mark + "ao-bootstrap" + +For Matt: + + "amp-user-credentials" + "archived-module-instances" + "iroh-events" + "module-cache" + "module-instances" + "module-type-patches" + "module-types" + "notifications" + "sse-tenants" + "sse-users" + "tiles-cache" + "webhook-results" + "webhooks" + +Used By UI: + "iroh-registry" + +For GE: + + "ctia-investigate-talos-hunt" + "enrichment-status" + "feedback" + "incident-summary" + "iroh-async-sessions" + "private-intel-cache" + "risk-score" + "threat-hunt-status" +#+end_src + +**** DONE Ask Paul Cichonski about the quantity values :work: +SCHEDULED: <2023-07-25 Tue 19:00> +See data retention, should be 90, 180, 365. +What would be the value, how should I compute? + +SCHEDULED: <2023-07-25 Tue> +[2023-07-25 Tue 17:36] +**** MEETING XDR Monetization: XDR data retention :work:meeting: +:LOGBOOK: +CLOCK: [2023-07-25 Tue 16:31]--[2023-07-25 Tue 17:51] => 1:20 +:END: +[2023-07-25 Tue 16:31] +***** Agenda (to discuss about) + +- https://github.com/advthreat/iroh/issues/8135 +- https://ciscosecurity.aha.io/epics/SECUREX-E-897 + +Discuss Uses cases #1. + +***** Notes + +What happens when this user goes. +Clearing data in 90 days. + +Notion about when to delete data. + +- Create or update for device. +- Create for incident, sightings, relationships. +- Comment on Incident recent, can we delete the incident? + +***** Actions + +****** Ask @Paul about the add-on quantity value for data retention + +Data Retention is 90 days by default, add-on to go 180, or 365. +Need to sync with PIAM because these are not the values in the first doc. + +**** MEETING 1-1 Wanderson :work:meeting: +[2023-07-25 Tue 16:04] +***** Agenda (to discuss about) + +****** Things to handle during my vacations. +:LOGBOOK: +CLOCK: [2023-07-25 Tue 16:04]--[2023-07-25 Tue 16:31] => 0:27 +:END: + +1. P1: fix XDR bugs, quick improvements +2. Add ~insights~ scope for DI (take care of updating the client, perhaps fix the + issue with non existing root scope. Could potentially be a real improvement). +3. Add event on Entitlement change. Optionally configure a webhook for this + event, depend on the need. Check with Matt and Guy. +4. Perhaps: + - Disable Org creation if SX EOL is officially announced. + - [NO] improve provisioning script. Check if module exist before invoking /onboard + - work related to short tokens (expose a token-exchange route not the RFC + one, a simpler to use one). + +5. Think about exposed data structure to make every type of org explicit and + centralize the business logic to help the UI. + - Retrieve a full list of Org case: + - created via PIAM or not + - XDR-enabled? + - SX-enabled? + - Entitlements/no-Entitlement + + We should be able to give a field to the UI (and other teams) + so they know how to react. + + For example for Orbital-only or SE-only orgs, not sure if we will use SX or + XDR UI. + + Should we add an Org field like ~external-product-only-org? s/Bool~ + And if true, affect the scopes accordingly to ensure they could not use + neither SX nor XDR paid features. + +***** Notes + +****** Work on the Events for the Entitlements + +update problem. + +***** Actions **** MEETING 1-1 Olivier :work:meeting: :LOGBOOK: -CLOCK: [2023-05-11 Thu 15:03]--[2023-05-12 Fri 08:49] => 17:46 +CLOCK: [2023-07-25 Tue 15:05]--[2023-07-25 Tue 16:04] => 0:59 :END: -[2023-05-11 Thu 15:03] +[2023-07-25 Tue 15:05] ***** Agenda (to discuss about) + +****** Things to handle during my vacations. + +1. P1: fix XDR bugs, quick improvements +2. Add ~insights~ scope for DI (take care of updating the client, perhaps fix the + issue with non existing root scope. Could potentially be a real improvement). +3. Add event on Entitlement change. Optionally configure a webhook for this + event, depend on the need. Check with Matt and Guy. +4. Perhaps: + - Disable Org creation if SX EOL is officially announced. + - improve provisioning script. Check if module exist before invoking /onboard + - work related to short tokens (expose a token-exchange route not the RFC + one, a simpler to use one). + +5. Think about exposed data structure to make every type of org explicit and + centralize the business logic to help the UI. + - Retrieve a full list of Org case: + - created via PIAM or not + - XDR-enabled? + - SX-enabled? + - Entitlements/no-Entitlement + + We should be able to give a field to the UI (and other teams) + so they know how to react. + + For example for Orbital-only or SE-only orgs, not sure if we will use SX or + XDR UI. + + Should we add an Org field like ~external-product-only-org? s/Bool~ + And if true, affect the scopes accordingly to ensure they could not use + neither SX nor XDR paid features. + ***** Notes ***** Actions -**** DONE Performance Training :work: -SCHEDULED: <2023-05-11 Thu 17:00> -[2023-05-11 Thu 10:10] -**** DONE Weekly Team :work: -SCHEDULED: <2023-05-11 Thu 17:00> -[2023-05-11 Thu 10:10] -**** DONE 1-1 Olivier :work: -SCHEDULED: <2023-05-11 Thu 15:05> -[2023-05-11 Thu 10:09] -**** DONE 1-1 Wanderson :work: -SCHEDULED: <2023-05-11 Thu 14:35> -[2023-05-11 Thu 10:09] -*** 2023-05-12 Friday -**** MEETING Orbital :work:meeting: +**** DONE XDR Data Retention Policy Implementation Discussion :work: +SCHEDULED: <2023-07-25 Tue 16:30> +[2023-07-25 Tue 11:07] +**** DONE 1-1 Wanderson :work: +SCHEDULED: <2023-07-25 Tue 16:05> +[2023-07-25 Tue 11:06] +**** DONE 1-1 Olivier :work: +SCHEDULED: <2023-07-25 Tue 15:35> +[2023-07-25 Tue 11:00] +*** 2023-07-27 Thursday +**** DONE Message Equipe :work: +SCHEDULED: <2023-07-26 Wed 14:00> +[2023-07-27 Thu 11:45] + +- P1. (prob. 30%) XDR Bug fixes +- P1. (prob. 20%) Scott Burnette issue with the Provisioning API / OAuth2 clients +- P2. (prob. 10%) Help Jyoti with ~xdr-provisioning~ script +- P2. FY24Q1 Monetization: Prepare the PR for Disable Org Creation. +- P3. FY24Q1 Monetization: Entitlements Events; + Check with Matthieu before configuring a webhook for /Automation/ + (previously Orchestration, previously SXO, previsouly AO) as it + might not be necessary. +- P4. Dashboard https://github.com/orgs/advthreat/projects/7/views/9 + - [RBAC] ~insights~ scope + sync with DI team (Roman Eremin) + - (prob. 10%) [RBAC] if asked to prevent non-admin to create clients, + add ~admin~ to the scopes in the routes of the IROH Auth client web service. + - Config Simplification + Presentation for the team +- P4. *Universal Provisioning Flow* (PIAM want to rename themselve "Security Cloud"). +- P4. Designs + + New Org concepts that need to be exposed: + List the concepts we want to be exposed for each org. + - ~:xdr-enabled?/sx-enable?~ perhaps a single ~:enabled-products [:xdr :sx]~. + - ~piam-managed?~ etc… + - Notion of Product (XDR, SX, but also, visibility, Orbital, SE). + Effects on configuration, init of nodes, etc… + + Token Exchange (not the RFC). + We want to: + - Give the ability for someone with a JWT to generate another one with some + restrictions and complete tracking. + Restrictions by default: + - do not extend the :exp + - do not change user + - do not change org + Tracking: + - should be an ~act~ claim that could be recursive and we should take great + care of not making that grow. + It is ok not to have ~act~ in some cases like: + - Org switching + - format switching + because the real owner is always the same. + It is not ok to forget ~act~ if there is an impersonation involved. + Typically during provisioning, real impersonation, etc… + - Main difficulty; what is the correct data structure to represent rules of + allowed JWT exchanges. + +- Take care of asks that could leak internal abstractions: + - do not return the full list of allowed modules, IROH-Int will take care of + the filtering business rule. + - use scopes, not role to filter for permissions +- Sync with Matt with everything related to modules for Monetization. Not just + directly with Guy, Matt needs to know. + +**** CANCELED XDR-flag [[https://github.com/advthreat/response/issues/1906#issuecomment-1652405093][1906]] :work: +SCHEDULED: <2023-07-27 Thu 11:45> :LOGBOOK: -CLOCK: [2023-05-12 Fri 17:01]--[2023-05-12 Fri 17:39] => 0:38 +- State "CANCELED" from "TODO" [2023-07-28 Fri 13:23] :END: -[2023-05-12 Fri 17:01] +[2023-07-27 Thu 11:30] + +*** 2023-07-28 Friday +**** MEETING Monthly Engineering :work:meeting: +:LOGBOOK: +CLOCK: [2023-07-28 Fri 18:01]--[2023-07-28 Fri 19:04] => 1:03 +:END: +[2023-07-28 Fri 18:01] ***** Agenda (to discuss about) ***** Notes -Purpose EOL of SecureX. -Starting after GA. -Only supporting existing subscribers. +****** Operation -User management and onboarding. +@Gayan +Good release. +Pass it to John. Metrics. -Ask Eduardo for use cases: +New hires: -@Eduardo: +- @Vidun_Jayakody Automation +- @Geaog-Nokila_Pavlov -After GA, advantage and premier. -Access Orbital without. +@John: upgrade platform, thanks to @Adam + +****** QA + +@Houman: XDR finally in production. Thanks for the fixes. +Everything went pretty well. +Performance testing, everything went pretty well in TEST. +Documented in a wiki page. + +@Pujan_Trivedi: Thanks everyone for answering that quickly and efficiently. + +****** Service + +@GB People deliver XDR in my absence. + +****** Engine + +@Eric + +****** Integration + +@Mark + +****** UI Dar + +@Dar, thanks for @Jilian and ... +@Rekah refactoring. Lots of bug fixes. + +****** UI Sabrina + +- Congrats everyone. +- Code freeze for a while, so lot of bug fixes. +- Features been worked on. +- Search for relation. +- Configurable layout. +- Performance improvements. +- Lucas, bunch of telementry +- Miroslav, incident breadcrumb. +- Advance table. + +****** Documentation @Mary + + +****** Demos + +@Scott_McLeod incident report + +@Mike next time. + +@Sam_Waggoner -Flexibility on how to use Orbital. ***** Actions +**** DONE Monthly Engineering Meeting :work: +SCHEDULED: <2023-07-28 Fri 18:00> +[2023-07-28 Fri 11:34] +**** DONE Answer Namrata :work: +SCHEDULED: <2023-07-28 Fri> +[2023-07-28 Fri 10:20] -Consider all use cases and review them with Engineering. -**** MEETING PenTest with Chris Duane :work:meeting: -:LOGBOOK: -CLOCK: [2023-05-12 Fri 15:45]--[2023-05-12 Fri 16:19] => 0:34 -:END: -[2023-05-12 Fri 15:45] -***** Agenda (to discuss about) -***** Notes -***** Actions -** 2023-W20 -*** 2023-05-15 Monday -**** MEETING Q1 priority :work:meeting: -:LOGBOOK: -CLOCK: [2023-05-15 Mon 16:52]--[2023-05-15 Mon 17:52] => 1:00 -:END: -[2023-05-15 Mon 16:52] -***** Notes +I am not sure about the amount of money. +But, if this is Clojurist Together, I can give more precise answer. +Looking here: https://www.clojuriststogether.org/projects/ -Access Control to allow for feature restriction per monetization option. +I can attest that our team intensively uses: -****** Q1FY24 +- Bozhidar work (he develop cider, and most of us use it everyday, and I know he + maintain and update the work) +- Michiel Borkent (he develop babashka which we also use daily to write scripts + that are easier to write. And he is also very active) +- Tommi Reiman, our API uses compojure-api and lot of his related libraries. + Even if this is very stable, he continues to work on libraries that we could + potentially use to improve part of our internal system, like provide a better + documentation for developer about the expectation of our routing. +- Peter Taoussanis, we use his redis and timber lib (so DB access + logs) -- ACL additional roles and more granular. -- Additional Integrations - - Data Loss Prevention - - IDM solutions - - ISE - - CNAPP solutions - - App Discovery / Insights / AppSec solutions - - Kenna -- Localization: Language Support and internationalization -- Assess existing integrations for relevancy and functionality - - convert existing into data warehouse -- Assess existing Orchestration content for relevancy and functionality; prune - and enhance -- Usage Reporting to support Common Platform display requirements and monetization +And looking at funded projects here are the one we use every day: -****** Q2FY24 +- cider (daily in our editor) +- clj-kondo (in our editor for writing code + used in our CI) +- clj-http (this is an essential lib we use to call other APIs) +- babashka / SCI (daily + used in our CI + used for admin tasks) +- clojure-lsp (used daily in our editor) +- dependabot (used daily in our CI) -- Continue convert integrations -- Continue SCA and XDR convergence -- Ensure continuous analysis of generated incidents against existing data -- Ability for other TD&R solution to poll the XDR data warehouse for conviction -- Incorporate vuln, etc…... into event analysis -- Email security detection enhancement, insight identity potential - -****** Q3FY24 - -- Continue SCA and XDR convergence -- Multi-tenancy for Managed Detection and Response -- OS event logs (windows/linux) -- continue -- telemetry -- AI for playbook - -****** Q4FY24 - -- CSC Management -- Proxying communication traffic and on - premises solutions telemetry -- Mult- tenancy for Managed Detection and Response -- Role - Based Access Control -- Notification Options Improvements -- Common Integrations management -- Data Enhancement for enhanced correlation across Cisco data source -****** Potentially related items - -- ACL, Monetization restriction, and multi-tenancy for MDR -****** FY24 Dependencies for other components' roadmap - -- Secure Client Management -- Proxying comm -- Multi tenancy -- Role -- Notification -- Common Integrations management -- Data Enhancements for enhanced correlation across Cisco data sources - -**** DONE Q1 Priorities :work: -SCHEDULED: <2023-05-15 Mon 16:00> -[2023-05-15 Mon 10:36] - -*** 2023-05-16 Tuesday -**** DONE Cisco Performance Training for Leaders :work: -SCHEDULED: <2023-05-16 Tue 17:00> -[2023-05-16 Tue 15:34] -*** 2023-05-17 Wednesday -**** MEETING RBAC Weekly :work:meeting: -:LOGBOOK: -CLOCK: [2023-05-17 Wed 16:31]--[2023-05-17 Wed 17:15] => 0:44 -:END: -[2023-05-17 Wed 16:31] -- invitation workflow tickets -- revocation endpoint on role change -**** MEETING SCA Provisioning :work:meeting: -:LOGBOOK: -CLOCK: [2023-05-17 Wed 15:58]--[2023-05-17 Wed 16:31] => 0:33 -:END: -[2023-05-17 Wed 15:58] -People: Yann Esposito, Brandon Thacker, Jeff Markey, Michael Schultz, Paul Cichonski -***** Agenda (to discuss about) -- questions for IROH -***** Notes -@Jeff: number of tickets, understanding high level -@Paul: no push entitlements -@Michael: we'll do pull first -@Paul: no requirement to enforce requirements for GA -***** Actions -- [optional] Webhooks for update entitlements? - -**** MEETING API Design Meeting :work: -SCHEDULED: <2023-05-17 Wed 18:30> -[2023-05-17 Wed 11:27] -**** MEETING RBAC Weekly :work: -SCHEDULED: <2023-05-17 Wed 16:30> -[2023-05-17 Wed 11:24] -**** MEETING SCA/IROH design discussions :work: -SCHEDULED: <2023-05-17 Wed 16:00> -[2023-05-17 Wed 11:22] +To me it seems we have interrest in contributing back to the open source Clojure community. +Not only it improve the maintenance quality of essential libs to our +architecture but it also helps during hiring. +Now, regarding how much we should give, this probably depend a lot of our +current budget.