323 lines
8.6 KiB
Org Mode
323 lines
8.6 KiB
Org Mode
#+title: Code Weekly Report 23
|
|
#+subtitle: logs goes 2 weeks back
|
|
#+date: 2023-06-06
|
|
#+options: H:6
|
|
* IROH
|
|
** lead
|
|
|
|
|
|
*** [0]
|
|
|
|
** data
|
|
|
|
|
|
*** Mario Aquino [1]
|
|
|
|
**** iroh [1]
|
|
|
|
- Issue 7823/incident summary mapping [[https://github.com/advthreat/iroh/pull/7907][#7907]]
|
|
|
|
*** Guillaume Erétéo [1]
|
|
|
|
**** iroh [1]
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
_>1w_
|
|
|
|
- Mean tiles avg fixtures [[https://github.com/advthreat/iroh/pull/7791][#7791]]
|
|
#+END_QUOTE
|
|
|
|
*** Ambrose Bonnaire-Sergeant [4]
|
|
|
|
**** ctia [4]
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
_>1w_
|
|
|
|
- Fix X-Total-Hits in incident average metric [[https://github.com/advthreat/ctia/pull/1371][#1371]]
|
|
- Remove unused creds [[https://github.com/advthreat/ctia/pull/1370][#1370]]
|
|
- Remove old deps scanner [[https://github.com/advthreat/ctia/pull/1369][#1369]]
|
|
- Average aggregations for incidents [[https://github.com/advthreat/ctia/pull/1358][#1358]]
|
|
#+END_QUOTE
|
|
** integrations
|
|
|
|
|
|
*** Matthieu Sprunck [3]
|
|
|
|
**** tenzin-config [3]
|
|
|
|
- Share the same module configurations in iroh and iroh-async in PROD [[https://github.com/advthreat/tenzin-config/pull/905][#905]]
|
|
- Disable HTTP Proxy in IROH proxy (PROD)[[https://github.com/advthreat/tenzin-config/pull/903][#903]]
|
|
- Configure the Microsoft Defender module record [[https://github.com/advthreat/tenzin-config/pull/897][#897]]
|
|
|
|
*** Kirill Chernyshov [2]
|
|
|
|
**** iroh [2]
|
|
|
|
- Use event id for the key of kafka record [[https://github.com/advthreat/iroh/pull/7923][#7923]]
|
|
#+BEGIN_QUOTE
|
|
|
|
_>1w_
|
|
|
|
- Generate DataStream names [[https://github.com/advthreat/iroh/pull/7903][#7903]]
|
|
#+END_QUOTE
|
|
|
|
*** [0]
|
|
|
|
** auth
|
|
|
|
|
|
*** [0]
|
|
|
|
|
|
*** Yann Esposito [7]
|
|
|
|
**** iroh [3]
|
|
|
|
- Fix SCSO rebrand name. [[https://github.com/advthreat/iroh/pull/7937][#7937]]
|
|
- Rebrand from SecureX Sign-On to Secure Cloud Sign-on [[https://github.com/advthreat/iroh/pull/7935][#7935]]
|
|
- A few additional helpers [[https://github.com/advthreat/iroh/pull/7914][#7914]]
|
|
**** tenzin-config [4]
|
|
|
|
- Factorisation iroh/iroh-async confs [[https://github.com/advthreat/tenzin-config/pull/904][#904]]
|
|
- Tree config structures to prevent config duplication. [[https://github.com/advthreat/tenzin-config/pull/901][#901]]
|
|
- Fix SCSO name [[https://github.com/advthreat/tenzin-config/pull/898][#898]]
|
|
- rebrand from SecureX Sign-On to Secure Cloud Sign-on [[https://github.com/advthreat/tenzin-config/pull/896][#896]]
|
|
|
|
*** Olivier Barbeau [1]
|
|
|
|
**** iroh [1]
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
_>1w_
|
|
|
|
- Code coverage in GitHub Pages [[https://github.com/advthreat/iroh/pull/7924][#7924]]
|
|
#+END_QUOTE
|
|
|
|
*** [0]
|
|
|
|
** iroh-ops
|
|
|
|
|
|
*** Jerome Schneider [11]
|
|
|
|
**** tenzin [11]
|
|
|
|
- IROH-async: improve auto scaling
|
|
- Fixed TF MSK configuration
|
|
- TEST IROH Async: increase maximum instances to 12
|
|
- PROD NAM: add Kafka and Kafka Connect support
|
|
- PROD EU: add Kafka and kafka Connect
|
|
- PROD APJC: add Kafka and kafka Connect support
|
|
- STAGE: add Kafka and Kafka Connect
|
|
- TEST: add Kafka and Kafka Connect support
|
|
- INT: add kafka Connect support
|
|
- Add kafka connect support
|
|
- new terraform module to gen and send credential
|
|
|
|
*** [0]
|
|
|
|
* Other
|
|
** Other
|
|
|
|
|
|
*** Robert Levy [3]
|
|
|
|
**** iroh [1]
|
|
|
|
- user and team mean time tiles [[https://github.com/advthreat/iroh/pull/7873][#7873]]
|
|
**** tenzin-config [2]
|
|
|
|
- add migration for iroh issue #7819 to TEST and PROD environments [[https://github.com/advthreat/tenzin-config/pull/902][#902]]
|
|
- add migration for iroh issue #7819 [[https://github.com/advthreat/tenzin-config/pull/895][#895]]
|
|
|
|
*** II [2]
|
|
|
|
**** iroh [2]
|
|
|
|
- Issue 7819 - Rename SecureX Orchestrator module instances to Automation [[https://github.com/advthreat/iroh/pull/7927][#7927]]
|
|
#+BEGIN_QUOTE
|
|
|
|
_>1w_
|
|
|
|
- Adds orbital to the list of allowed AO token scopes [[https://github.com/advthreat/iroh/pull/7919][#7919]]
|
|
#+END_QUOTE
|
|
|
|
*** Devin Walters [2]
|
|
|
|
**** tenzin-config [2]
|
|
|
|
- Reduce conure-distributor worker count [[https://github.com/advthreat/tenzin-config/pull/906][#906]]
|
|
- Init conure-distributor config.edn [[https://github.com/advthreat/tenzin-config/pull/900][#900]]
|
|
|
|
*** Mia [3]
|
|
|
|
**** iroh [1]
|
|
|
|
- update risk score calculation based on #7915 [[https://github.com/advthreat/iroh/pull/7931][#7931]]
|
|
**** iroh-engine [2]
|
|
|
|
- Merge pull request #1394 from advthreat/v0.15.6-rc
|
|
- Merge pull request #1393 from advthreat/save-asset-snapshot
|
|
|
|
*** Scott McLeod [1]
|
|
|
|
**** tenzin-config [1]
|
|
|
|
- Config changes supporting IROH PR #7934 [[https://github.com/advthreat/tenzin-config/pull/899][#899]]
|
|
|
|
*** Adam Sayer [1]
|
|
|
|
**** tenzin [1]
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
_>1w_
|
|
|
|
- Nomad version upgrade to 1.5.6 [[https://github.com/advthreat/tenzin/pull/3003][#3003]]
|
|
#+END_QUOTE
|
|
|
|
*** krishna Ganugapenta [7]
|
|
|
|
**** tenzin [7]
|
|
|
|
- Conure_distrib listen port changed to 8088 [[https://github.com/advthreat/tenzin/pull/3030][#3030]]
|
|
- conure distributor vault roles modified [[https://github.com/advthreat/tenzin/pull/3029][#3029]]
|
|
- Conure node target fix [[https://github.com/advthreat/tenzin/pull/3026][#3026]]
|
|
- Conure Target nodes excluded distributor nodes [[https://github.com/advthreat/tenzin/pull/3025][#3025]]
|
|
- Conure Distributor Infra set up [[https://github.com/advthreat/tenzin/pull/3013][#3013]]
|
|
#+BEGIN_QUOTE
|
|
|
|
_>1w_
|
|
|
|
- S3 permissions allowed for datadog-java-agent [[https://github.com/advthreat/tenzin/pull/3008][#3008]]
|
|
- Conure task dd-java-agent version update [[https://github.com/advthreat/tenzin/pull/3001][#3001]]
|
|
#+END_QUOTE
|
|
|
|
*** milehrer [2]
|
|
|
|
**** iroh-engine [2]
|
|
|
|
- prepare for v0.15.6
|
|
- Remove sightings from asset enrichment response, save snapshot instead
|
|
|
|
*** [2]
|
|
|
|
**** iroh [2]
|
|
|
|
- Issue 7819 - Rename SecureX Orchestrator module instances to Automation [[https://github.com/advthreat/iroh/pull/7927][#7927]]
|
|
#+BEGIN_QUOTE
|
|
|
|
_>1w_
|
|
|
|
- Adds orbital to the list of allowed AO token scopes [[https://github.com/advthreat/iroh/pull/7919][#7919]]
|
|
#+END_QUOTE
|
|
|
|
*** John Jardine [2]
|
|
|
|
**** tenzin [2]
|
|
|
|
- Update PROD sw component versions, resequence. [[https://github.com/advthreat/tenzin/pull/3006][#3006]]
|
|
- Remove zeronorth specific configurations [[https://github.com/advthreat/tenzin/pull/2976][#2976]]
|
|
|
|
*** Sofiia Mykytiuk [7]
|
|
|
|
**** tenzin [7]
|
|
|
|
- Consul fix for ops vpn [[https://github.com/advthreat/tenzin/pull/3032][#3032]]
|
|
- Add jyoverma to ops vpnator list [[https://github.com/advthreat/tenzin/pull/3021][#3021]]
|
|
- Update backup retention period for RDS conure [[https://github.com/advthreat/tenzin/pull/3014][#3014]]
|
|
#+BEGIN_QUOTE
|
|
|
|
_>1w_
|
|
|
|
- Clean up securex-news from backup regions [[https://github.com/advthreat/tenzin/pull/3015][#3015]]
|
|
- Revert "Remove datadog-ro vault policy (#2999)" [[https://github.com/advthreat/tenzin/pull/3010][#3010]]
|
|
- Remove cleaner lambda setup from PROD [[https://github.com/advthreat/tenzin/pull/2996][#2996]]
|
|
- Remove datadog-ro vault policy [[https://github.com/advthreat/tenzin/pull/2999][#2999]]
|
|
#+END_QUOTE
|
|
|
|
*** muhammad-xdr-ops [4]
|
|
|
|
**** tenzin [4]
|
|
|
|
- SXOPS-748 - remove public access to SNS topics [[https://github.com/advthreat/tenzin/pull/3020][#3020]]
|
|
#+BEGIN_QUOTE
|
|
|
|
_>1w_
|
|
|
|
- SXOPS-745 - aws ec2 keys rotated for all prod envs [[https://github.com/advthreat/tenzin/pull/3018][#3018]]
|
|
- SXOPS-703 remove public access to SNS topics [[https://github.com/advthreat/tenzin/pull/3011][#3011]]
|
|
- SXOPS-740 - int/test/stage aws ec2 default key rotation [[https://github.com/advthreat/tenzin/pull/3007][#3007]]
|
|
#+END_QUOTE
|
|
|
|
*** Dmytro Budko [1]
|
|
|
|
**** tenzin [1]
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
_>1w_
|
|
|
|
- SXOPS-716 [ACTION REQUIRED] Changes to AWS Billing, Cost Management, and Account access control policies [[https://github.com/advthreat/tenzin/pull/2995][#2995]]
|
|
#+END_QUOTE
|
|
|
|
*** Scott McLeod [1]
|
|
|
|
**** iroh [1]
|
|
|
|
- Use filter-map-search directly from CRUDStoreService [[https://github.com/advthreat/iroh/pull/7934][#7934]]
|
|
|
|
*** Yurii Ivanisenko [3]
|
|
|
|
**** tenzin [2]
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
_>1w_
|
|
|
|
- add WAF ipv6 lists [[https://github.com/advthreat/tenzin/pull/2991][#2991]]
|
|
- linter tool master branch [[https://github.com/advthreat/tenzin/pull/2998][#2998]]
|
|
#+END_QUOTE
|
|
**** tenzin-config [1]
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
_>1w_
|
|
|
|
- woke tool added [[https://github.com/advthreat/tenzin-config/pull/894][#894]]
|
|
#+END_QUOTE
|
|
|
|
*** Gayan Jayasundara [1]
|
|
|
|
**** tenzin [1]
|
|
|
|
- SXOPS-472 & SXOPS-498 - Enable sentinelone and crowdstrike in Production for v1.122 Release [[https://github.com/advthreat/tenzin/pull/3031][#3031]]
|
|
|
|
*** Pawan Bahuguna [4]
|
|
|
|
**** tenzin [4]
|
|
|
|
- SXOPS-752 multi az redis iroh async [[https://github.com/advthreat/tenzin/pull/3017][#3017]]
|
|
#+BEGIN_QUOTE
|
|
|
|
_>1w_
|
|
|
|
- SXOPS-29 [PROD] Added multi_az_enabled [[https://github.com/advthreat/tenzin/pull/3012][#3012]]
|
|
- Removing duo-cloudmapper as it is not supported now [[https://github.com/advthreat/tenzin/pull/3005][#3005]]
|
|
- Updated the desired capacity to match AWS [[https://github.com/advthreat/tenzin/pull/3000][#3000]]
|
|
#+END_QUOTE
|
|
|
|
*** vjayakody [1]
|
|
|
|
**** tenzin [1]
|
|
|
|
#+BEGIN_QUOTE
|
|
|
|
_>1w_
|
|
|
|
- ssh key update [[https://github.com/advthreat/tenzin/pull/3002][#3002]]
|
|
#+END_QUOTE
|