#+title: Code Weekly Report 17 #+subtitle: logs goes 2 weeks back #+date: 2023-04-28 #+options: H:6 * IROH ** lead *** Guillaume Buisson [1] **** iroh [1] - Initial Incident Response Design Draft [[https://github.com/advthreat/iroh/pull/7398][#7398]] ** data *** Mario Aquino [2] **** iroh [2] - Add audiences to client [[https://github.com/advthreat/iroh/pull/7812][#7812]] - OrgTokenProviderService [[https://github.com/advthreat/iroh/pull/7731][#7731]] *** Guillaume Erétéo [4] **** ctia [1] - add total-hits headers to metric responses [[https://github.com/advthreat/ctia/pull/1363][#1363]] **** iroh [3] _>1w_ - introduce aggregation in crud store [[https://github.com/advthreat/iroh/pull/7734][#7734]] - Add Scott to CODEOWNERS [[https://github.com/advthreat/iroh/pull/7782][#7782]] - first stats [[https://github.com/advthreat/iroh/pull/7765][#7765]] *** Ambrose Bonnaire-Sergeant [1] **** ctia [1] - Push sighting store's coercion pattern into def-es-store [[https://github.com/advthreat/ctia/pull/1361][#1361]] ** integrations *** Matthieu Sprunck [1] **** iroh [1] - E7469: Event API extension design [[https://github.com/advthreat/iroh/pull/7462][#7462]] *** Kirill Chernyshov [3] **** iroh [3] _>1w_ - Fix configuration option for event signer [[https://github.com/advthreat/iroh/pull/7777][#7777]] - Add signer options for EventService [[https://github.com/advthreat/iroh/pull/7776][#7776]] - Simplify kafka-producer integration test [[https://github.com/advthreat/iroh/pull/7769][#7769]] *** [0] ** auth *** bartuka [3] **** iroh [3] - [IROH Auth] introducing ~TimeService~ in ~AuthService~ [[https://github.com/advthreat/iroh/pull/7806][#7806]] - [IROH Auth] allow only ~iroh-core.time~ in oauth2.core ns [[https://github.com/advthreat/iroh/pull/7793][#7793]] _>1w_ - [IROH Auth] - Update IROH Web middleware to build short JWTs with profile data [[https://github.com/advthreat/iroh/pull/7671][#7671]] *** Yann Esposito [14] **** iroh [7] - Add a missing option to disable default configs [[https://github.com/advthreat/iroh/pull/7805][#7805]] - Add a script to init tokens without login in [[https://github.com/advthreat/iroh/pull/7794][#7794]] - Fix schema for Response [[https://github.com/advthreat/iroh/pull/7804][#7804]] - Add support to onboard a single app [[https://github.com/advthreat/iroh/pull/7796][#7796]] - Add a role instrospection route to help the UI and other clients [[https://github.com/advthreat/iroh/pull/7785][#7785]] - Fix scopes declaration for execute-workflow route [[https://github.com/advthreat/iroh/pull/7799][#7799]] _>1w_ - Fix a Swagger bug due to schema name conflict [[https://github.com/advthreat/iroh/pull/7790][#7790]] **** tenzin-config [2] _>1w_ - fix missing iroh-async web-services [[https://github.com/advthreat/tenzin-config/pull/884][#884]] - align iroh and iroh-async confs [[https://github.com/advthreat/tenzin-config/pull/883][#883]] **** xdr-provisioning [5] - Improve help regarding setting env vars - Improve the command line parsing - rename script to .sh - Add onboarding of DI and CSC _>1w_ - Initial provisioning Script *** Olivier Barbeau [1] **** tenzin-config [1] _>1w_ - sets the ~:xdr-roles~ feature flag in INT and TEST [[https://github.com/advthreat/tenzin-config/pull/840][#840]] *** (Yogsototh) [5] **** xdr-provisioning [5] - Improve help regarding setting env vars - Improve the command line parsing - rename script to .sh - Add onboarding of DI and CSC _>1w_ - Initial provisioning Script ** iroh-ops *** Jerome Schneider [1] **** tenzin [1] - Upgrade TF AWS provider *** Patrick Patat [1] **** tenzin [1] - allows iroh-ops dev platform to access redis [[https://github.com/advthreat/tenzin/pull/2755][#2755]] * Other ** Other *** Robert Levy [2] **** iroh [2] _>1w_ - fix dev-resources config to use the correct key signer-ops instead of signer [[https://github.com/advthreat/iroh/pull/7778][#7778]] - Add registered trademark to MITRE tile title [[https://github.com/advthreat/iroh/pull/7775][#7775]] *** Eric Gierach [4] **** iroh-engine [4] _>1w_ - Merge pull request #1387 from advthreat/v0.15.5-rc - Prepare for 0.15.5 release. - Merge pull request #1386 from advthreat/enrich-all-targets - Fix typo in log *** Devin Walters [2] **** tenzin [2] - Set tmpdir to /local for conure task [[https://github.com/advthreat/tenzin/pull/2930][#2930]] - Mount datadog socket in conure task [[https://github.com/advthreat/tenzin/pull/2922][#2922]] *** Mia [1] **** iroh [1] _>1w_ - Update risk score docs to include overview of enrich-targets process [[https://github.com/advthreat/iroh/pull/7773][#7773]] *** Adam Sayer [3] **** tenzin [3] - increase ES storage iops/throughput [[https://github.com/advthreat/tenzin/pull/2927][#2927]] - Vercel CICD accept 409 and watch http state - Add Vercel CI/CD to Saltmaster [[https://github.com/advthreat/tenzin/pull/2920][#2920]] *** milehrer [1] **** iroh-engine [1] _>1w_ - move forward if no new targets or asset *** Martin Bruchanov [2] **** tenzin [2] - Security groups for OPS VPN in INT [[https://github.com/advthreat/tenzin/pull/2924][#2924]] _>1w_ - Added CLI parameters for ES administration tools [[https://github.com/advthreat/tenzin/pull/2915][#2915]] *** Ag Ibragimov [3] **** iroh [1] - Control center: Navigate to Incidents page from tile [[https://github.com/advthreat/iroh/pull/7760][#7760]] **** tenzin-config [2] - adds :xdr-site-url [[https://github.com/advthreat/tenzin-config/pull/885][#885]] _>1w_ - adds detection sources config for PROD [[https://github.com/advthreat/tenzin-config/pull/881][#881]] *** Sofiia Mykytiuk [8] **** tenzin [8] - Update VPNator lambda functions in INT [[https://github.com/advthreat/tenzin/pull/2929][#2929]] - Update min capacity for ASG in backup regions [[https://github.com/advthreat/tenzin/pull/2917][#2917]] - Update readme in terraform folders for backup regions [[https://github.com/advthreat/tenzin/pull/2896][#2896]] _>1w_ - Saltstack changes for backup regions [[https://github.com/advthreat/tenzin/pull/2822][#2822]] - ROAdmin role for STAGE and PROD [[https://github.com/advthreat/tenzin/pull/2909][#2909]] - Update saml in terraform to sync with AWS STAGE and PROD accounts [[https://github.com/advthreat/tenzin/pull/2910][#2910]] - ROAdmin role for INT [[https://github.com/advthreat/tenzin/pull/2903][#2903]] - Add nodes to ES-metrics cluster in EU [[https://github.com/advthreat/tenzin/pull/2905][#2905]] *** Will Lorand [1] **** iroh [1] _>1w_ - Update summary.org [[https://github.com/advthreat/iroh/pull/7603][#7603]] *** Michael Pendergrass [1] **** iroh [1] _>1w_ - Engine 0.15.5 [[https://github.com/advthreat/iroh/pull/7768][#7768]] *** Scott McLeod [1] **** iroh [1] - Improve performance of IncidentReportService [[https://github.com/advthreat/iroh/pull/7745][#7745]] *** Sam Waggoner [1] **** tenzin-config [1] - Add hydrant es-metrics configs for events. *** t2sw [1] **** iroh [1] _>1w_ - modify get-tiles and get-tiles-data endpoints for xdr query parameter [[https://github.com/advthreat/iroh/pull/7757][#7757]] *** Gayan Jayasundara [1] **** tenzin [1] _>1w_ - Bump crowdstrike and SentinalOne - Ian requested [[https://github.com/advthreat/tenzin/pull/2904][#2904]] *** Pawan Bahuguna [4] **** tenzin [4] - Added health check header [[https://github.com/advthreat/tenzin/pull/2921][#2921]] - Added Health check header to crowdstrike for testing [[https://github.com/advthreat/tenzin/pull/2916][#2916]] _>1w_ - Increased the Max size to 6 [[https://github.com/advthreat/tenzin/pull/2908][#2908]] - Updated the version to 7.0.7 to sync with AWS [[https://github.com/advthreat/tenzin/pull/2907][#2907]] *** Trent Boyd [1] **** tenzin-config [1] - chore: add https dev urls to xdr projects [[https://github.com/advthreat/tenzin-config/pull/886][#886]]