778 lines
28 KiB
HTML
778 lines
28 KiB
HTML
<!DOCTYPE html>
|
|
<html xmlns="http://www.w3.org/1999/xhtml" lang="" xml:lang="">
|
|
<head>
|
|
<meta charset="utf-8" />
|
|
<meta name="generator" content="pandoc" />
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes" />
|
|
<meta name="dcterms.date" content="2024-01-26" />
|
|
<title>FY24Q2 Report</title>
|
|
<style>
|
|
html {
|
|
line-height: 1.5;
|
|
font-family: Georgia, serif;
|
|
font-size: 20px;
|
|
color: #1a1a1a;
|
|
background-color: #fdfdfd;
|
|
}
|
|
body {
|
|
margin: 0 auto;
|
|
max-width: 36em;
|
|
padding-left: 50px;
|
|
padding-right: 50px;
|
|
padding-top: 50px;
|
|
padding-bottom: 50px;
|
|
hyphens: auto;
|
|
overflow-wrap: break-word;
|
|
text-rendering: optimizeLegibility;
|
|
font-kerning: normal;
|
|
}
|
|
@media (max-width: 600px) {
|
|
body {
|
|
font-size: 0.9em;
|
|
padding: 1em;
|
|
}
|
|
h1 {
|
|
font-size: 1.8em;
|
|
}
|
|
}
|
|
@media print {
|
|
body {
|
|
background-color: transparent;
|
|
color: black;
|
|
font-size: 12pt;
|
|
}
|
|
p, h2, h3 {
|
|
orphans: 3;
|
|
widows: 3;
|
|
}
|
|
h2, h3, h4 {
|
|
page-break-after: avoid;
|
|
}
|
|
}
|
|
p {
|
|
margin: 1em 0;
|
|
}
|
|
a {
|
|
color: #1a1a1a;
|
|
}
|
|
a:visited {
|
|
color: #1a1a1a;
|
|
}
|
|
img {
|
|
max-width: 100%;
|
|
}
|
|
h1, h2, h3, h4, h5, h6 {
|
|
margin-top: 1.4em;
|
|
}
|
|
h5, h6 {
|
|
font-size: 1em;
|
|
font-style: italic;
|
|
}
|
|
h6 {
|
|
font-weight: normal;
|
|
}
|
|
ol, ul {
|
|
padding-left: 1.7em;
|
|
margin-top: 1em;
|
|
}
|
|
li > ol, li > ul {
|
|
margin-top: 0;
|
|
}
|
|
blockquote {
|
|
margin: 1em 0 1em 1.7em;
|
|
padding-left: 1em;
|
|
border-left: 2px solid #e6e6e6;
|
|
color: #606060;
|
|
}
|
|
code {
|
|
font-family: Menlo, Monaco, 'Lucida Console', Consolas, monospace;
|
|
font-size: 85%;
|
|
margin: 0;
|
|
}
|
|
pre {
|
|
margin: 1em 0;
|
|
overflow: auto;
|
|
}
|
|
pre code {
|
|
padding: 0;
|
|
overflow: visible;
|
|
overflow-wrap: normal;
|
|
}
|
|
.sourceCode {
|
|
background-color: transparent;
|
|
overflow: visible;
|
|
}
|
|
hr {
|
|
background-color: #1a1a1a;
|
|
border: none;
|
|
height: 1px;
|
|
margin: 1em 0;
|
|
}
|
|
table {
|
|
margin: 1em 0;
|
|
border-collapse: collapse;
|
|
width: 100%;
|
|
overflow-x: auto;
|
|
display: block;
|
|
font-variant-numeric: lining-nums tabular-nums;
|
|
}
|
|
table caption {
|
|
margin-bottom: 0.75em;
|
|
}
|
|
tbody {
|
|
margin-top: 0.5em;
|
|
border-top: 1px solid #1a1a1a;
|
|
border-bottom: 1px solid #1a1a1a;
|
|
}
|
|
th {
|
|
border-top: 1px solid #1a1a1a;
|
|
padding: 0.25em 0.5em 0.25em 0.5em;
|
|
}
|
|
td {
|
|
padding: 0.125em 0.5em 0.25em 0.5em;
|
|
}
|
|
header {
|
|
margin-bottom: 4em;
|
|
text-align: center;
|
|
}
|
|
#TOC li {
|
|
list-style: none;
|
|
}
|
|
#TOC ul {
|
|
padding-left: 1.3em;
|
|
}
|
|
#TOC > ul {
|
|
padding-left: 0;
|
|
}
|
|
#TOC a:not(:hover) {
|
|
text-decoration: none;
|
|
}
|
|
code{white-space: pre-wrap;}
|
|
span.smallcaps{font-variant: small-caps;}
|
|
span.underline{text-decoration: underline;}
|
|
div.column{display: inline-block; vertical-align: top; width: 50%;}
|
|
div.hanging-indent{margin-left: 1.5em; text-indent: -1.5em;}
|
|
ul.task-list{list-style: none;}
|
|
.display.math{display: block; text-align: center; margin: 0.5rem auto;}
|
|
</style>
|
|
<style>
|
|
body { font-family: monospace; font-size: 14px; line-height: 1.5em; max-width: 60em; margin: 0 auto; padding-top: 0; }
|
|
h1,h2,h3,h4 { margin: 0.25em 0; }
|
|
header { margin-bottom: 0; }
|
|
header h1 { border: none; }
|
|
h1 { border-top: solid 10px; border-bottom: solid 10px; margin-bottom: 1em; padding: 0.5em 0; width: 100%; text-align: center;}
|
|
h2 { border-top: solid; text-align: center; margin-top: 1em; padding-top: 1em; }
|
|
h3 { margin-left: 1em; color: #cb4b16; }
|
|
h4 { margin-left: 2em; }
|
|
u { display: inline-block; margin-left: 2.75em; opacity: 0.3; }
|
|
hr { opacity: 0; }
|
|
a { color: #06a;}
|
|
ul { margin-left: 3em; }
|
|
#TOC ul { margin-left: 0.5em; }
|
|
li { clear: both; }
|
|
li > a { float: right; }
|
|
nav li a { float: none; }
|
|
blockquote { opacity: 0.7; }
|
|
</style>
|
|
<!--[if lt IE 9]>
|
|
<script src="//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv-printshiv.min.js"></script>
|
|
<![endif]-->
|
|
</head>
|
|
<body>
|
|
<header id="title-block-header">
|
|
<h1 class="title">FY24Q2 Report</h1>
|
|
<p class="subtitle">logs goes 4 months back</p>
|
|
<p class="date">2024-01-26</p>
|
|
</header>
|
|
<nav id="TOC" role="doc-toc">
|
|
<ul>
|
|
<li><a href="#iroh">IROH</a>
|
|
<ul>
|
|
<li><a href="#lead">lead</a>
|
|
<ul>
|
|
<li><a href="#section">[1]</a>
|
|
<ul>
|
|
<li><a href="#iroh-1">iroh [1]</a></li>
|
|
</ul></li>
|
|
</ul></li>
|
|
<li><a href="#data">data</a>
|
|
<ul>
|
|
<li><a href="#mario-aquino-15">Mario Aquino [15]</a>
|
|
<ul>
|
|
<li><a href="#iroh-10">iroh [10]</a></li>
|
|
<li><a href="#tenzin-config-5">tenzin-config [5]</a></li>
|
|
</ul></li>
|
|
<li><a href="#section-1">[3]</a>
|
|
<ul>
|
|
<li><a href="#ctia-1">ctia [1]</a></li>
|
|
<li><a href="#iroh-2">iroh [2]</a></li>
|
|
</ul></li>
|
|
<li><a href="#ambrose-bonnaire-sergeant-16">Ambrose Bonnaire-Sergeant
|
|
[16]</a>
|
|
<ul>
|
|
<li><a href="#ctia-10">ctia [10]</a></li>
|
|
<li><a href="#iroh-4">iroh [4]</a></li>
|
|
<li><a href="#tenzin-config-2">tenzin-config [2]</a></li>
|
|
</ul></li>
|
|
</ul></li>
|
|
<li><a href="#integrations">integrations</a>
|
|
<ul>
|
|
<li><a href="#section-2">[4]</a>
|
|
<ul>
|
|
<li><a href="#iroh-4-1">iroh [4]</a></li>
|
|
</ul></li>
|
|
<li><a href="#kirill-chernyshov-10">Kirill Chernyshov [10]</a>
|
|
<ul>
|
|
<li><a href="#iroh-7">iroh [7]</a></li>
|
|
<li><a href="#tenzin-config-3">tenzin-config [3]</a></li>
|
|
</ul></li>
|
|
<li><a href="#shafiq-7">Shafiq [7]</a>
|
|
<ul>
|
|
<li><a href="#iroh-4-2">iroh [4]</a></li>
|
|
<li><a href="#tenzin-config-3-1">tenzin-config [3]</a></li>
|
|
</ul></li>
|
|
</ul></li>
|
|
<li><a href="#auth">auth</a>
|
|
<ul>
|
|
<li><a href="#bartuka-26">bartuka [26]</a>
|
|
<ul>
|
|
<li><a href="#iroh-22">iroh [22]</a></li>
|
|
<li><a href="#tenzin-config-4">tenzin-config [4]</a></li>
|
|
</ul></li>
|
|
<li><a href="#yann-esposito-27">Yann Esposito [27]</a>
|
|
<ul>
|
|
<li><a href="#iroh-17">iroh [17]</a></li>
|
|
<li><a href="#iroh-scripts-6">iroh-scripts [6]</a></li>
|
|
<li><a href="#tenzin-config-2-1">tenzin-config [2]</a></li>
|
|
<li><a href="#xdr-provisioning-2">xdr-provisioning [2]</a></li>
|
|
</ul></li>
|
|
<li><a href="#olivier-barbeau-25">Olivier Barbeau [25]</a>
|
|
<ul>
|
|
<li><a href="#iroh-15">iroh [15]</a></li>
|
|
<li><a href="#tenzin-config-10">tenzin-config [10]</a></li>
|
|
</ul></li>
|
|
<li><a href="#yogsototh-8">(Yogsototh) [8]</a>
|
|
<ul>
|
|
<li><a href="#iroh-scripts-6-1">iroh-scripts [6]</a></li>
|
|
<li><a href="#xdr-provisioning-2-1">xdr-provisioning [2]</a></li>
|
|
</ul></li>
|
|
</ul></li>
|
|
<li><a href="#iroh-ops">iroh-ops</a>
|
|
<ul>
|
|
<li><a href="#section-3">[0]</a></li>
|
|
<li><a href="#section-4">[0]</a></li>
|
|
</ul></li>
|
|
</ul></li>
|
|
<li><a href="#other">Other</a>
|
|
<ul>
|
|
<li><a href="#other-1">Other</a>
|
|
<ul>
|
|
<li><a href="#ii-4">II [4]</a>
|
|
<ul>
|
|
<li><a href="#iroh-4-3">iroh [4]</a></li>
|
|
</ul></li>
|
|
<li><a href="#section-5">[4]</a>
|
|
<ul>
|
|
<li><a href="#iroh-4-4">iroh [4]</a></li>
|
|
</ul></li>
|
|
<li><a href="#scott-mcleod-1">Scott McLeod [1]</a>
|
|
<ul>
|
|
<li><a href="#iroh-1-1">iroh [1]</a></li>
|
|
</ul></li>
|
|
<li><a href="#brooke-swanson-3">Brooke Swanson [3]</a>
|
|
<ul>
|
|
<li><a href="#ctia-1-1">ctia [1]</a></li>
|
|
<li><a href="#iroh-1-2">iroh [1]</a></li>
|
|
<li><a href="#tenzin-config-1">tenzin-config [1]</a></li>
|
|
</ul></li>
|
|
</ul></li>
|
|
</ul></li>
|
|
</ul>
|
|
</nav>
|
|
<h1 id="iroh">IROH</h1>
|
|
<h2 id="lead">lead</h2>
|
|
<h3 id="section">[1]</h3>
|
|
<h4 id="iroh-1">iroh [1]</h4>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Don't fire disabled webhooks <a
|
|
href="https://github.com/advthreat/iroh/pull/8741">#8741</a></li>
|
|
</ul>
|
|
<h2 id="data">data</h2>
|
|
<h3 id="mario-aquino-15">Mario Aquino [15]</h3>
|
|
<h4 id="iroh-10">iroh [10]</h4>
|
|
<ul>
|
|
<li>Fix disabled threat-hunt test <a
|
|
href="https://github.com/advthreat/iroh/pull/8814">#8814</a></li>
|
|
<li>Update incident_time when updating incident status <a
|
|
href="https://github.com/advthreat/iroh/pull/8801">#8801</a></li>
|
|
<li>incident enrichment activity diagram <a
|
|
href="https://github.com/advthreat/iroh/pull/8712">#8712</a></li>
|
|
<li>Separate Risk score & incident enrichment <a
|
|
href="https://github.com/advthreat/iroh/pull/8751">#8751</a></li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Improve safe-filtering <a
|
|
href="https://github.com/advthreat/iroh/pull/8731">#8731</a></li>
|
|
<li>iroh-async: Flatten Datadog context <a
|
|
href="https://github.com/advthreat/iroh/pull/8706">#8706</a></li>
|
|
<li>iroh-async logging & tracing context <a
|
|
href="https://github.com/advthreat/iroh/pull/8705">#8705</a></li>
|
|
<li>Socket timeout milliseconds (not seconds) <a
|
|
href="https://github.com/advthreat/iroh/pull/8690">#8690</a></li>
|
|
<li>Risk Score socket-timeout <a
|
|
href="https://github.com/advthreat/iroh/pull/8687">#8687</a></li>
|
|
<li>Threat Hunt Module Exclusion <a
|
|
href="https://github.com/advthreat/iroh/pull/8646">#8646</a></li>
|
|
</ul>
|
|
<h4 id="tenzin-config-5">tenzin-config [5]</h4>
|
|
<ul>
|
|
<li>Increase conn-manager thread count after PROD performance monitoring
|
|
<a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1042">#1042</a></li>
|
|
<li>Increase thread pool size for EU private intel conn mgr <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1039">#1039</a></li>
|
|
<li>Increase connection mgr thread pool for NAM/EU/TEST <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1030">#1030</a></li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Increase thread pool size for engine connection manager <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1012">#1012</a></li>
|
|
<li>Config for skipping Private Intel during investigation threat hunt
|
|
<a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1009">#1009</a></li>
|
|
</ul>
|
|
<h3 id="section-1">[3]</h3>
|
|
<h4 id="ctia-1">ctia [1]</h4>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>fix wait_for for delete search <a
|
|
href="https://github.com/threatgrid/ctia/pull/1399">#1399</a></li>
|
|
</ul>
|
|
<h4 id="iroh-2">iroh [2]</h4>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>bundle import activity diagrams <a
|
|
href="https://github.com/advthreat/iroh/pull/8708">#8708</a></li>
|
|
<li>scoring at bundle import <a
|
|
href="https://github.com/advthreat/iroh/pull/8694">#8694</a></li>
|
|
</ul>
|
|
<h3 id="ambrose-bonnaire-sergeant-16">Ambrose Bonnaire-Sergeant
|
|
[16]</h3>
|
|
<h4 id="ctia-10">ctia [10]</h4>
|
|
<ul>
|
|
<li>Fix 2XX response swagger/coercion, ban <code>:return</code> <a
|
|
href="https://github.com/threatgrid/ctia/pull/1407">#1407</a></li>
|
|
<li>Remove asset properties/mapping merging during bundle patch <a
|
|
href="https://github.com/threatgrid/ctia/pull/1408">#1408</a></li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Fix :body descriptions <a
|
|
href="https://github.com/threatgrid/ctia/pull/1409">#1409</a></li>
|
|
<li>Fix POST /bulk schema checking <a
|
|
href="https://github.com/threatgrid/ctia/pull/1406">#1406</a></li>
|
|
<li>Use prn instead of pprint for logs <a
|
|
href="https://github.com/threatgrid/ctia/pull/1401">#1401</a></li>
|
|
<li>Eval routes and options given to <code>context</code> at
|
|
initialization time <a
|
|
href="https://github.com/threatgrid/ctia/pull/1394">#1394</a></li>
|
|
<li>Use <code>st/merge</code> to merge schemas instead of
|
|
<code>into</code> <a
|
|
href="https://github.com/threatgrid/ctia/pull/1398">#1398</a></li>
|
|
<li>Never match existing asset-* entities when patch-existing=false <a
|
|
href="https://github.com/threatgrid/ctia/pull/1395">#1395</a></li>
|
|
<li>Re-enable incident tests <a
|
|
href="https://github.com/threatgrid/ctia/pull/1393">#1393</a></li>
|
|
<li>Add external_ids to investigation select fields <a
|
|
href="https://github.com/threatgrid/ctia/pull/1392">#1392</a></li>
|
|
</ul>
|
|
<h4 id="iroh-4">iroh [4]</h4>
|
|
<ul>
|
|
<li>Generate valid DI auth tokens for incident subscriptions <a
|
|
href="https://github.com/advthreat/iroh/pull/8804">#8804</a></li>
|
|
<li>Fix <code>(reset)</code> <a
|
|
href="https://github.com/advthreat/iroh/pull/8799">#8799</a></li>
|
|
<li>Subscribe to incident asset rescoring via DI <a
|
|
href="https://github.com/advthreat/iroh/pull/8699">#8699</a></li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Only pass default patch-existing query params in bundle/import proxy
|
|
if patch-existing=true <a
|
|
href="https://github.com/advthreat/iroh/pull/8725">#8725</a></li>
|
|
</ul>
|
|
<h4 id="tenzin-config-2">tenzin-config [2]</h4>
|
|
<ul>
|
|
<li>Add config for DI client in iroh-engine <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1036">#1036</a></li>
|
|
<li>Add device insights url to iroh-engine config <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1014">#1014</a></li>
|
|
</ul>
|
|
<h2 id="integrations">integrations</h2>
|
|
<h3 id="section-2">[4]</h3>
|
|
<h4 id="iroh-4-1">iroh [4]</h4>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>JMX metrics for clj-http connection manager <a
|
|
href="https://github.com/advthreat/iroh/pull/8765">#8765</a></li>
|
|
<li>Always decompress the body when status is not 2xx <a
|
|
href="https://github.com/advthreat/iroh/pull/8527">#8527</a></li>
|
|
<li>Restore default expiration (24h) for the local session token <a
|
|
href="https://github.com/advthreat/iroh/pull/8747">#8747</a></li>
|
|
<li>Workflow event schema changes <a
|
|
href="https://github.com/advthreat/iroh/pull/8656">#8656</a></li>
|
|
</ul>
|
|
<h3 id="kirill-chernyshov-10">Kirill Chernyshov [10]</h3>
|
|
<h4 id="iroh-7">iroh [7]</h4>
|
|
<ul>
|
|
<li>Refactor data streams service <a
|
|
href="https://github.com/advthreat/iroh/pull/8793">#8793</a></li>
|
|
<li>DRY'ed out client-creds-token namespace <a
|
|
href="https://github.com/advthreat/iroh/pull/8783">#8783</a></li>
|
|
<li>Kafka connect monitoring <a
|
|
href="https://github.com/advthreat/iroh/pull/8278">#8278</a></li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Handle undelivered records <a
|
|
href="https://github.com/advthreat/iroh/pull/8634">#8634</a></li>
|
|
<li>Events data retention enforcement job <a
|
|
href="https://github.com/advthreat/iroh/pull/8722">#8722</a></li>
|
|
<li>Iroh events data retention implementation <a
|
|
href="https://github.com/advthreat/iroh/pull/8666">#8666</a></li>
|
|
<li>Iroh events postgres data retention <a
|
|
href="https://github.com/advthreat/iroh/pull/8693">#8693</a></li>
|
|
</ul>
|
|
<h4 id="tenzin-config-3">tenzin-config [3]</h4>
|
|
<ul>
|
|
<li>Add ES sink connector v2 to test full migration <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1035">#1035</a></li>
|
|
<li>Fix broken data stream on TEST <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1034">#1034</a></li>
|
|
<li>Config for DataStreams service <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1033">#1033</a></li>
|
|
</ul>
|
|
<h3 id="shafiq-7">Shafiq [7]</h3>
|
|
<h4 id="iroh-4-2">iroh [4]</h4>
|
|
<ul>
|
|
<li>Fix schema of proxy health check <a
|
|
href="https://github.com/advthreat/iroh/pull/8827">#8827</a></li>
|
|
<li>Add string matching for health check <a
|
|
href="https://github.com/advthreat/iroh/pull/8815">#8815</a></li>
|
|
<li>Fallback to iroh-events store when kafka send fails <a
|
|
href="https://github.com/advthreat/iroh/pull/8786">#8786</a></li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Fix mapping for incident events <a
|
|
href="https://github.com/advthreat/iroh/pull/8703">#8703</a></li>
|
|
</ul>
|
|
<h4 id="tenzin-config-3-1">tenzin-config [3]</h4>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Swtich to new sink-connector in INT <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1024">#1024</a></li>
|
|
<li>Add updated sink connector for all envs <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1021">#1021</a></li>
|
|
<li>Add sink connector for new iroh-event datastream <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1019">#1019</a></li>
|
|
</ul>
|
|
<h2 id="auth">auth</h2>
|
|
<h3 id="bartuka-26">bartuka [26]</h3>
|
|
<h4 id="iroh-22">iroh [22]</h4>
|
|
<ul>
|
|
<li>[IROH Auth] Support FMC in the <code>jwks</code> service <a
|
|
href="https://github.com/advthreat/iroh/pull/8830">#8830</a></li>
|
|
<li>[IROH Auth] Fix DI onboarding in Universal Provisioning Flow <a
|
|
href="https://github.com/advthreat/iroh/pull/8813">#8813</a></li>
|
|
<li>Revert "[IROH Auth] support for FMC token in JWKS Service" <a
|
|
href="https://github.com/advthreat/iroh/pull/8816">#8816</a></li>
|
|
<li>[IROH Auth] support for FMC token in JWKS Service <a
|
|
href="https://github.com/advthreat/iroh/pull/8808">#8808</a></li>
|
|
<li>[IROH Auth] Check QA <code>callback_url</code> to complete
|
|
provisioning tests <a
|
|
href="https://github.com/advthreat/iroh/pull/8763">#8763</a></li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>[IROH Auth] better swagger descriptions for Universal Provisioning
|
|
<a href="https://github.com/advthreat/iroh/pull/8752">#8752</a></li>
|
|
<li>[IROH Auth] remove empty strings from <code>client-id</code> got
|
|
from Vault <a
|
|
href="https://github.com/advthreat/iroh/pull/8760">#8760</a></li>
|
|
<li>[IROH Auth] add missing scope to get OKTA JWT <a
|
|
href="https://github.com/advthreat/iroh/pull/8759">#8759</a></li>
|
|
<li>[IROH Auth] add logs to investigate get okta jwt <a
|
|
href="https://github.com/advthreat/iroh/pull/8758">#8758</a></li>
|
|
<li>[IROH Auth] bugfix - <code>client/post</code> should use
|
|
<code>:form-params</code> instead of <code>:body</code> <a
|
|
href="https://github.com/advthreat/iroh/pull/8753">#8753</a></li>
|
|
<li>[IROH Auth] bugfixes - arity exception, change
|
|
<code>product-response</code> datatype, change <code>pmap</code> to
|
|
<code>map</code> <a
|
|
href="https://github.com/advthreat/iroh/pull/8738">#8738</a></li>
|
|
<li>[IROH Auth] bugfix - fix urls in <code>POST /tenants</code> returned
|
|
value and payload field names <a
|
|
href="https://github.com/advthreat/iroh/pull/8733">#8733</a></li>
|
|
<li>[IROH Auth] Cache OKTA JWT used for provisioning callback <a
|
|
href="https://github.com/advthreat/iroh/pull/8727">#8727</a></li>
|
|
<li>[IROH Auth] Improvements on logs and error handling to
|
|
UniversalProvisioning and JWKSService <a
|
|
href="https://github.com/advthreat/iroh/pull/8707">#8707</a></li>
|
|
<li>[IROH Auth] Duplicate <code>universal-provisioning</code> web routes
|
|
to accept IROH JWTs <a
|
|
href="https://github.com/advthreat/iroh/pull/8675">#8675</a></li>
|
|
<li>[IROH Auth] Expose <code>callbacks packages</code> store to check
|
|
Universal Provisioning status <a
|
|
href="https://github.com/advthreat/iroh/pull/8702">#8702</a></li>
|
|
<li>[IROH Auth] Improve 202 Accepted response for
|
|
<code>/universal-provisioning/create-tenants</code> <a
|
|
href="https://github.com/advthreat/iroh/pull/8701">#8701</a></li>
|
|
<li>[IROH Auth] Fix name convention to callbacks route in Universal
|
|
Provisioning flow <a
|
|
href="https://github.com/advthreat/iroh/pull/8691">#8691</a></li>
|
|
<li>[IROH Auth] Gen OKTA JWT to callback request in Universal
|
|
Provisioning flow <a
|
|
href="https://github.com/advthreat/iroh/pull/8673">#8673</a></li>
|
|
<li>bugfix - missing <code>UniversalProvisioningCallbackService</code>
|
|
to deploy IROH nodes <a
|
|
href="https://github.com/advthreat/iroh/pull/8680">#8680</a></li>
|
|
<li>[IROH Auth] Check pending provisions from time-to-time. Endpoint
|
|
that will be called by OPS tick <a
|
|
href="https://github.com/advthreat/iroh/pull/8674">#8674</a></li>
|
|
<li>[IROH Auth] Add callback handler to receive provisioning status from
|
|
downstream apps <a
|
|
href="https://github.com/advthreat/iroh/pull/8633">#8633</a></li>
|
|
</ul>
|
|
<h4 id="tenzin-config-4">tenzin-config [4]</h4>
|
|
<ul>
|
|
<li>FMC base-urls to configure JWKS <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1040">#1040</a></li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>[IROH Auth] bugfix - add config to okta jwks <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1017">#1017</a></li>
|
|
<li>[IROH Auth] add OKTA config for Universal Provisioning flow #1010 <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1013">#1013</a></li>
|
|
<li>add universal_provisioning_callbacks store <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1011">#1011</a></li>
|
|
</ul>
|
|
<h3 id="yann-esposito-27">Yann Esposito [27]</h3>
|
|
<h4 id="iroh-17">iroh [17]</h4>
|
|
<ul>
|
|
<li>Fix PIAM Universal Provisioning routes <a
|
|
href="https://github.com/advthreat/iroh/pull/8828">#8828</a></li>
|
|
<li>Should fix open impersonate flaky test <a
|
|
href="https://github.com/advthreat/iroh/pull/8809">#8809</a></li>
|
|
<li>Keep track of impersonators <a
|
|
href="https://github.com/advthreat/iroh/pull/8736">#8736</a></li>
|
|
<li>Restrict TAC routes to admins <a
|
|
href="https://github.com/advthreat/iroh/pull/8794">#8794</a></li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Remove with-tk <a
|
|
href="https://github.com/advthreat/iroh/pull/8779">#8779</a></li>
|
|
<li>Code/Test Improvements <a
|
|
href="https://github.com/advthreat/iroh/pull/8767">#8767</a></li>
|
|
<li>add a test for matching schema <a
|
|
href="https://github.com/advthreat/iroh/pull/8770">#8770</a></li>
|
|
<li>Custom Role Design doc <a
|
|
href="https://github.com/advthreat/iroh/pull/8497">#8497</a></li>
|
|
<li>Attempt to improve error message of match? <a
|
|
href="https://github.com/advthreat/iroh/pull/8769">#8769</a></li>
|
|
<li>Use <code>cid</code> for <code>trace_id</code> when present <a
|
|
href="https://github.com/advthreat/iroh/pull/8754">#8754</a></li>
|
|
<li>Support public client for custom routes <a
|
|
href="https://github.com/advthreat/iroh/pull/8749">#8749</a></li>
|
|
<li>Add playbook scope <a
|
|
href="https://github.com/advthreat/iroh/pull/8739">#8739</a></li>
|
|
<li>Fix webhook race condition risk <a
|
|
href="https://github.com/advthreat/iroh/pull/8728">#8728</a></li>
|
|
<li>Call get-org only once for org-virtual user <a
|
|
href="https://github.com/advthreat/iroh/pull/8724">#8724</a></li>
|
|
<li>Use a cache for entitlement summaries <a
|
|
href="https://github.com/advthreat/iroh/pull/8667">#8667</a></li>
|
|
<li>upgrade jetty version <a
|
|
href="https://github.com/advthreat/iroh/pull/8714">#8714</a></li>
|
|
<li>Remove a forgotten pretty printer <a
|
|
href="https://github.com/advthreat/iroh/pull/8713">#8713</a></li>
|
|
</ul>
|
|
<h4 id="iroh-scripts-6">iroh-scripts [6]</h4>
|
|
<ul>
|
|
<li>save improvements</li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>create dashboard clients</li>
|
|
<li>Support client aliases in get-client</li>
|
|
<li>Update client with client-aliases</li>
|
|
<li>many new scripts</li>
|
|
<li>added a 1-time script</li>
|
|
</ul>
|
|
<h4 id="tenzin-config-2-1">tenzin-config [2]</h4>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Check vault templating error <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1023">#1023</a></li>
|
|
<li>Add Universal Provisioning Services <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1015">#1015</a></li>
|
|
</ul>
|
|
<h4 id="xdr-provisioning-2">xdr-provisioning [2]</h4>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Manage entitlements add-ons</li>
|
|
<li>add a re-provisioning script that rerun onboardings</li>
|
|
</ul>
|
|
<h3 id="olivier-barbeau-25">Olivier Barbeau [25]</h3>
|
|
<h4 id="iroh-15">iroh [15]</h4>
|
|
<ul>
|
|
<li>Check the list of services for a node type <a
|
|
href="https://github.com/advthreat/iroh/pull/8800">#8800</a></li>
|
|
<li>Fix merge error on PR 8784 <a
|
|
href="https://github.com/advthreat/iroh/pull/8797">#8797</a></li>
|
|
<li>[IROH configuration]: Move role-web-service config to default tk
|
|
files <a
|
|
href="https://github.com/advthreat/iroh/pull/8782">#8782</a></li>
|
|
<li>[IROH configuration]: Universal Provisioning Services config
|
|
refactor <a
|
|
href="https://github.com/advthreat/iroh/pull/8784">#8784</a></li>
|
|
<li>[IROH configuration]: explicit name for generated conf and meta <a
|
|
href="https://github.com/advthreat/iroh/pull/8785">#8785</a></li>
|
|
<li>Clean bootstrap.cfg; remove tmp file <a
|
|
href="https://github.com/advthreat/iroh/pull/8781">#8781</a></li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Add few additional tests to iroh services <a
|
|
href="https://github.com/advthreat/iroh/pull/8762">#8762</a></li>
|
|
<li>rewrite tests <a
|
|
href="https://github.com/advthreat/iroh/pull/8773">#8773</a></li>
|
|
<li>more info for debugging <a
|
|
href="https://github.com/advthreat/iroh/pull/8717">#8717</a></li>
|
|
<li>[IROH configuration]: general documentation <a
|
|
href="https://github.com/advthreat/iroh/pull/8764">#8764</a></li>
|
|
<li>update developer doc for api-gateway <a
|
|
href="https://github.com/advthreat/iroh/pull/8723">#8723</a></li>
|
|
<li>Some test clean-up <a
|
|
href="https://github.com/advthreat/iroh/pull/8716">#8716</a></li>
|
|
<li>High volume of SQL queries for a single observe/deliberate call <a
|
|
href="https://github.com/advthreat/iroh/pull/8682">#8682</a></li>
|
|
<li>Remove the state of module instances in
|
|
<code>obfuscate-module-instance</code> <a
|
|
href="https://github.com/advthreat/iroh/pull/8670">#8670</a></li>
|
|
<li>E8388: update proxy-endpoints-metadata endpoint and metadata <a
|
|
href="https://github.com/advthreat/iroh/pull/8663">#8663</a></li>
|
|
</ul>
|
|
<h4 id="tenzin-config-10">tenzin-config [10]</h4>
|
|
<ul>
|
|
<li>Deep merge for vectors and sets with duplicates check <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1032">#1032</a></li>
|
|
<li>Reduce configuration duplicates - config.edn part <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1031">#1031</a></li>
|
|
<li>Reduce configuration duplicates - bootstrap.cfg part <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1028">#1028</a></li>
|
|
<li>Move role-web-service config to IROH <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1026">#1026</a></li>
|
|
<li>Move Universal Provisioning Services config to IROH <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1027">#1027</a></li>
|
|
<li>Clean bootstrap cfg <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1025">#1025</a></li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Remove the <code>:registration</code> flag in all environments <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/963">#963</a></li>
|
|
<li>Remove the <code>:merge-users-by-email</code> flag in all
|
|
environments <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/962">#962</a></li>
|
|
<li>Remove the <code>:account-activation-optim</code> flag in all
|
|
environments as it is now activated everywhere. <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/961">#961</a></li>
|
|
<li>Remove the <code>xdr-roles</code> flag in all environments <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/964">#964</a></li>
|
|
</ul>
|
|
<h3 id="yogsototh-8">(Yogsototh) [8]</h3>
|
|
<h4 id="iroh-scripts-6-1">iroh-scripts [6]</h4>
|
|
<ul>
|
|
<li>save improvements</li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>create dashboard clients</li>
|
|
<li>Support client aliases in get-client</li>
|
|
<li>Update client with client-aliases</li>
|
|
<li>many new scripts</li>
|
|
<li>added a 1-time script</li>
|
|
</ul>
|
|
<h4 id="xdr-provisioning-2-1">xdr-provisioning [2]</h4>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Manage entitlements add-ons</li>
|
|
<li>add a re-provisioning script that rerun onboardings</li>
|
|
</ul>
|
|
<h2 id="iroh-ops">iroh-ops</h2>
|
|
<h3 id="section-3">[0]</h3>
|
|
<h3 id="section-4">[0]</h3>
|
|
<h1 id="other">Other</h1>
|
|
<h2 id="other-1">Other</h2>
|
|
<h3 id="ii-4">II [4]</h3>
|
|
<h4 id="iroh-4-3">iroh [4]</h4>
|
|
<ul>
|
|
<li>Merges module type props on create and update health check <a
|
|
href="https://github.com/advthreat/iroh/pull/8845">#8845</a></li>
|
|
<li>Implements v2 threat hunting <a
|
|
href="https://github.com/advthreat/iroh/pull/8833">#8833</a></li>
|
|
<li>This should fix issue with parent settings not used on create-patch
|
|
<a href="https://github.com/advthreat/iroh/pull/8822">#8822</a></li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Adds insights scope to allowed Automation scopes in gen-ao-jwt <a
|
|
href="https://github.com/advthreat/iroh/pull/8678">#8678</a></li>
|
|
</ul>
|
|
<h3 id="section-5">[4]</h3>
|
|
<h4 id="iroh-4-4">iroh [4]</h4>
|
|
<ul>
|
|
<li>Merges module type props on create and update health check <a
|
|
href="https://github.com/advthreat/iroh/pull/8845">#8845</a></li>
|
|
<li>Implements v2 threat hunting <a
|
|
href="https://github.com/advthreat/iroh/pull/8833">#8833</a></li>
|
|
<li>This should fix issue with parent settings not used on create-patch
|
|
<a href="https://github.com/advthreat/iroh/pull/8822">#8822</a></li>
|
|
</ul>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Adds insights scope to allowed Automation scopes in gen-ao-jwt <a
|
|
href="https://github.com/advthreat/iroh/pull/8678">#8678</a></li>
|
|
</ul>
|
|
<h3 id="scott-mcleod-1">Scott McLeod [1]</h3>
|
|
<h4 id="iroh-1-1">iroh [1]</h4>
|
|
<ul>
|
|
<li>tk store: Add delete-search method #8213 <a
|
|
href="https://github.com/advthreat/iroh/pull/8692">#8692</a></li>
|
|
</ul>
|
|
<h3 id="brooke-swanson-3">Brooke Swanson [3]</h3>
|
|
<h4 id="ctia-1-1">ctia [1]</h4>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Add brookeswanson to codeowners. <a
|
|
href="https://github.com/threatgrid/ctia/pull/1396">#1396</a></li>
|
|
</ul>
|
|
<h4 id="iroh-1-2">iroh [1]</h4>
|
|
<p><u>between 3 and 4 months old</u></p>
|
|
<ul>
|
|
<li>Add no-doc true and prevent explosion due to mismatched types. <a
|
|
href="https://github.com/advthreat/iroh/pull/8548">#8548</a></li>
|
|
</ul>
|
|
<h4 id="tenzin-config-1">tenzin-config [1]</h4>
|
|
<ul>
|
|
<li>Playbook automation config. <a
|
|
href="https://github.com/advthreat/tenzin-config/pull/1037">#1037</a></li>
|
|
</ul>
|
|
</body>
|
|
</html>
|