31 KiB
31 KiB
FY23Q1 Report
- IROH
- Other
IROH
lead
Guillaume Buisson [23]
ctia [1]
between 3 and 4 months old
- Revert "woke tool added (#1375)"
iroh [6]
between 3 and 4 months old
iroh-offsite-fy24 [15]
- Added coffee section
- Added Workstation
- fixed time
- Individual Presentations Schedule
- Adding my retrospective
- updated program
- Changed the program
- moved stuff
- typo
- Added schedule CS
- Update program.org
- Update program.org
- Update README.org
- Added schedule CS
- Added Program
tenzin-config [1]
between 3 and 4 months old
- Set the IROH API version #965
data
Mario Aquino [35]
iroh [29]
- Incident Summary migration re-run #8597
- Notification request uses paginated user search #8606
- Add support for role-targetted notification #8557
- Issue 8438/notification request phase 1 #8470
- Fix flaky test #8521
- Use int-req-ctx when calling post-bundle-import #8500
- Use incident long-id for incident summary lookup #8489
- Establish timeout limit for incident enrichment #8484
- Use org virtual user for threat hunt enrichment enqueuing #8458
- Prevent incident-summary ID patching #8468
- Limit fields returned by Incident Summary Search #8435
- Incident summary update migration #8416
- Incident Summary search max page size increase #8414
- Update Incident Summary #8386
- Fix support for sorting on source or title #8392
- Prevent caching Talos threat hunt if missing judgements #8357
- Set default page size to 10, max to 25 for incident summary search #8344
- Prevent empty threat data from saving with threat hunt status #8314
- Add info logging for visibility into incident determination #8305
- Incident Summary timestamp and search filters support #8262
- Incident Summary modification timestamps #8229
between 3 and 4 months old
- Async metrics doc #7774
- [Bugfix] Enforce groups filtering when searching incident summaries #8211
- Prepend bearer prefix if missing #8190
- Fix CTIA auth parameter #8174
- Incident Summary Migration (v2) #8167
- Incident Summary Migration #8092
- Developer doc for the migration task #8087
- Issue 8081/configure incident summary index settings #8086
iroh-offsite-fy24 [1]
- The Mario you know…
tenzin-config [5]
Guillaume Erétéo [26]
iroh [15]
- entitlement-enforcement-jobs-service in default #8612
- incident status_disposition #8587
- introduce admin common web service for cisco services #8573
- speed up listing of entilements #8516
- Update CODEOWNERS #8524
- Add entitlement summaries endpoint for external policy enforcement jobs #8508
- ductile 0.4.8 #8453
- XDR intel retention design #8153
- Manual Data Deletion of Private Intel Data #8384
between 3 and 4 months old
iroh-offsite-fy24 [3]
- fix
- typos
- ge
Ambrose Bonnaire-Sergeant [23]
ctia [4]
iroh [6]
iroh-offsite-fy24 [13]
- Merge branch 'main' of github.com:advthreat/iroh-offsite-fy24
- wip
- successes
- leak
- 120
- plumbing
- flaky
- stuff
- schema
- assess
- me
- stuff
- start
integrations
Matthieu Sprunck [12]
iroh [5]
tenzin-config [7]
- Configure new CSC domain in the provisioning service #988
- New CSC domain for TEST #987
- Add missing config to ExtraHop module record #974
- IROH Proxy config for ExtraHop integration #973
- Disable all relay apis in the Duo module #971
- Configure the IROH Proxy for the Duo module #969
between 3 and 4 months old
- IROH Proxy configuration for PAN Cortex XDR #947
Kirill Chernyshov [24]
iroh [20]
- Add draft design for IROH Events data retention #8585
- Fix shutdown process of Kafka Consumer #8558
- Fixes for CTIA Transfer service #8552
- Transfer CTIA Events #8514
- Tiny fix for EventWebservice router #8493
- Handle a case when no include-filters given #8405
- Replace symbols in random nonce #8374
- Add :client-credentials-basic-rfc auth type #8367
- Add new authentication scheme #8353
- Add automation events and adjust filters #8349
- Add
include
query parameter to incident events #8331 - Fix sorting for incident events #8317
- Revert changes to events/search endpoint #8292
- Deduplicate incident events + note events #8282
- Trim incident keys to match response schema #8273
- Fix double uri encoding during passing through parameter to PrivateIntel #8269
- Add PrivateIntelEventService to default-bootstrap.cfg #8267
- Add API endpoint to combine events from IROH and PrivateIntel #8245
between 3 and 4 months old
Shafiq [11]
iroh [9]
- Update iroh-event developer doc #8596
- Add x-sort header to support search_after pagination #8586
- Identify trusted service to service req for SE #8495
- Add error log for unsuccessful proxy health checks #8442
- Include module flags with proxy-endpoints-metadata response #8439
- Support Darktrace authentication for IROH-Proxy #8385
- Generate error message with applied url-template #8332
- Generate appropriate errors for invalid url template #8322
- Implement proxy health checks for Relay modules #8250
auth
bartuka [41]
iroh [23]
- [IROH Auth] Add support to accept IROH Auth JWTs and External JWTs in a WebService #8528
- [IROH Auth] bump
ring-jwt-middleware
to1.1.5
#8568 - [IROH Auth] check entitlements schema in universal piam flow #8560
- [IROH Auth] fix check of
allowed-origins
forregistration_redirect
query param #8559 - [IROH Auth] move
oauth2-jwkset
tojwks-svc
#8534 - [IROH Auth] - Expose
universal-provisioning-web-service
#8499 - [IROH Auth] move
is-trusted-clients?
toOAuth2ClientService
#8502 - [IROH Auth] add
UniversalProvisioningService
#8459 - [IROH Auth] Add support to use
jwt-pubkey-fn
to IROH Web #8450 - [IROH Auth] add
JWKSService
withcache-jwks
andget-public-keys
methods #8449 - [IROH Auth] Universal Provisioning Flow - Design #8300
- fix webhook schemas for GET search #8379
- [IROH Auth] Add
allow-all-role-to-login
to/profile/accounts
#8271 - [IROH Auth] Get
create_org
query-param fromorigin
at the/login
endpoint #8316 - [IROH Auth] Add
create-org
query-param to show Create org options in Reg UI #8308 - [IROH Auth] make
AO
scope public #8223
between 3 and 4 months old
- Revert "[IROH Auth] Add
insights:read
scope to be visible to Admin … #8225 - [IROH Auth] Add
insights:read
scope to be visible to Admin and Master users #8186 - [IROH Auth] add
insights
root scope #8185 - [IROH Auth] emit event on entitlement change #8164
- Design doc to webhook support on Entitlement create/update #8112
- NewEvent
:created-at
is optional for IROH internal calls and mandatory to HTTP events #8121 - [IROH Auth] Support XDR
signup-url
#8117
iroh-offsite-fy24 [4]
- Merge remote-tracking branch 'refs/remotes/origin/main'
- sync
- fix
- retro
ring-jwt-middleware [11]
- add test case
- update readme
- fix schema
- log the full jwt when error
- use the default value
- fix tests by adding
post-jwt-format-fn-arg-fn
to config and schema - fix all tests by changing the output of
decode
- Merge pull request #28 from threatgrid/pubkey-fn-arg-fn
- fix config_test
- add test case
- initial commit
Yann Esposito [63]
iroh [22]
- Generalize default indexes for data retention #8598
- [Data Retention Policy]: Delete incident summaries along incident #8576
- [Provisioning] Introduce
product-instance-id
#8577 - Simply wait a lot more for ES to sync #8553
- Quick fix on the IROH login page #8564
- Prevent org duplication during provisioning #8556
- Declared scopes tree #8537
- Improve constraints against Entitlements #8525
- Fix admin route to support combinators #8377
- Data Retention endpoint returns immediately #8486
- Data retention policy enforcement #8431
- PIAM: Support filtered out onboardings #8275
- Improved entitlement doc #8261
- Expose XDR-enabled? SX-enabled? on whoami #8274
between 3 and 4 months old
- Fix a URL detection from HTML #8165
- Revert "Incident Summary Migration" #8163
- [Monetization]: Fix business logic of data retention #8142
- Allow braces with iroh-core/strint #8051
- Remove SecureX branding and attempt to match SCSO branding for invitation and OAuth2 authorization #8111
- [Registration UI]: Reword to remove SX reference #8110
- Entitlement summary technical values #8094
- [PIAM] Make enterprise id mandatory for piam #8069
iroh-offsite-fy24 [2]
- Update content + reveal
- Initial commit
iroh-scripts [21]
- add scope to a client
- Help support cider
- add admin to org
- Improved descriptions
- promote-to-master script
- Fix and small improvements
- Improve robustness
- Scripts for admin
- client-pass
- Improve scripting lib
- improve error message
- small rename improved search
- add search
- improve + new scripts
- Provision orgs for developers with some fixed entitlements
- attempt 2
- Attempt to fix links in README
- Improve README.org
- create an admin util ns
- add a nice example with get-client.sh
- initial commit with an example
ring-jwt-middleware [4]
- Version 1.1.6-SNAPSHOT
- Version 1.1.5
- v1.1.5-SNAPSHOT
- Version 1.1.4
tenzin-config [4]
xdr-provisioning [10]
- fix exit
- prevent duplicate onboard calls
between 3 and 4 months old
- Add a script to cleanup test accounts
- rename script and improve error
- minor improvement
- fix ISO code to use 2 chars only
- use the env from the table
- fix tsv-to-commands.sh
- add tsv-to-commands.sh
- add an option to force di and csc onboarding even for org upgrade
Olivier Barbeau [29]
iroh [27]
- Implement
Module Instance service
event handler #8592 - Updates to the design 'entitlement changes for integration modules' #8541
- E8388: add new module-instance events, register Module Instance service as handler #8547
- E8388: Issue 8531 add state to module instance schema #8544
- Issue 8389 design entitlement changes for integration modules #8510
- More modules restrictions tests #8411
- Modules restrictions: Fix missing known exception #8380
- Apply entitlements to the IntService #8350
- Apply entitlements to the ModuleInstance API #8327
- Clear reason of error when creating a module instance with wrong module type #8320
- Apply entitlements to the ModuleType API #8303
- Update
search-module-types-response
with combinator search query #8290 - Stores optimization: Update search-module-instances-internal with combinator search query #8287
- fix test: use two stores #8285
- Stores optimization: modify
load-module-instances
andload-module-types
#8281 - [Cleanup] Remove the
:xdr-roles
feature flag #8205 - [Cleanup] Remove the
:merge-users-by-email
feature flag #8198 - [Cleanup] Remove the
:registration
feature flag #8199
between 3 and 4 months old
- Annotated diagram for
check_node_types.clj
#8133 - Increases the time allocated to node start-up #8125
- [IROH configuration]: Checks that each IROH node type starts correctly #8043
- fix format-style args logs #8119
- Adapt OrgAccessRequest to XDR #8108
- Redirect invited user to XDR #8105
- Duplicate
one-click-module-service
in bootstrap #8071 - Start node with type and env #8085
- matrix config for
in-isolation
tests #8082
iroh-offsite-fy24 [1]
- Olivier's retro
tenzin-config [1]
between 3 and 4 months old
- add first-url for both SX and XDR #952
(Yogsototh) [37]
iroh-offsite-fy24 [2]
- Update content + reveal
- Initial commit
iroh-scripts [21]
- add scope to a client
- Help support cider
- add admin to org
- Improved descriptions
- promote-to-master script
- Fix and small improvements
- Improve robustness
- Scripts for admin
- client-pass
- Improve scripting lib
- improve error message
- small rename improved search
- add search
- improve + new scripts
- Provision orgs for developers with some fixed entitlements
- attempt 2
- Attempt to fix links in README
- Improve README.org
- create an admin util ns
- add a nice example with get-client.sh
- initial commit with an example
ring-jwt-middleware [4]
- Version 1.1.6-SNAPSHOT
- Version 1.1.5
- v1.1.5-SNAPSHOT
- Version 1.1.4
xdr-provisioning [10]
- fix exit
- prevent duplicate onboard calls
between 3 and 4 months old
- Add a script to cleanup test accounts
- rename script and improve error
- minor improvement
- fix ISO code to use 2 chars only
- use the env from the table
- fix tsv-to-commands.sh
- add tsv-to-commands.sh
- add an option to force di and csc onboarding even for org upgrade
iroh-ops
Jerome Schneider [3]
iroh-offsite-fy24 [3]
- Jerome: last minute changes
- add percentages for my day look like
- add personal presentation
[0]
Other
Other
Robert Levy [5]
iroh [4]
tenzin-config [1]
- Revert "Adds cache configuration for CrowdStrike (#1002)" #1005
Eric Gierach [6]
II [9]
ctia [1]
- Bumps CTIM version to 1.3.10 #1385
iroh [7]
- 8496 - relay module token cache #8580
- Issue 8456 - Uses string instead of regex fake route to fix flaky test #8462
- Only returns proxy endpoint metadata when v2 is configured #8447
- 8239 migrate umbrella routes #8247
- Issue 8383 ao header ids #8433
- Issue 8429 bump ctim version darktrace #8430
between 3 and 4 months old
- 8114 - API proxy for Umbrella v2 routes #8228
tenzin-config [1]
- Adds cache configuration for CrowdStrike #1002
Devin Walters [4]
Cisco [1]
iroh-offsite-fy24 [1]
- Olivier's retro
Ag Ibragimov [1]
ctia [1]
- Filter incidents on timestamp not created #1377
[9]
ctia [1]
- Bumps CTIM version to 1.3.10 #1385
iroh [7]
- 8496 - relay module token cache #8580
- Issue 8456 - Uses string instead of regex fake route to fix flaky test #8462
- Only returns proxy endpoint metadata when v2 is configured #8447
- 8239 migrate umbrella routes #8247
- Issue 8383 ao header ids #8433
- Issue 8429 bump ctim version darktrace #8430
between 3 and 4 months old
- 8114 - API proxy for Umbrella v2 routes #8228
tenzin-config [1]
- Adds cache configuration for CrowdStrike #1002
Andrew Parisi [3]
shafjama [1]
iroh-offsite-fy24 [1]
- Last minute
Scott McLeod [8]
Matthieu Sprunck [1]
iroh-offsite-fy24 [1]
- Matthieu's retro
Patrick Patat [1]
iroh-offsite-fy24 [1]
- add presentation
t2sw [2]
Jerome Schneider [1]
iroh [1]
- Upgrade riemann server (#8253) #8254
Brooke Swanson [1]
tenzin-config [1]
- Up distributor worker counts for test and prod. #993
Jillian Flook [1]
tenzin-config [1]
- update dashboard UserResearchCTA #997
(msprunck) [1]
iroh-offsite-fy24 [1]
- Matthieu's retro
Pawan Bahuguna [2]
James Brock [1]
easy-purescript-nix [1]
- Upgrades