664 lines
31 KiB
Org Mode
664 lines
31 KiB
Org Mode
|
||
|
||
* 2022
|
||
|
||
** 2022-W05
|
||
|
||
*** 2022-02-03 Thursday
|
||
**** IN-PROGRESS activate logout issue :work:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-03 Thu 17:17]--[2022-02-03 Thu 19:02] => 1:45
|
||
:END:
|
||
[2022-02-03 Thu 17:17]
|
||
- ref :: [[id:7fa185e4-9866-4ce8-ab60-d62d8c80b041][Mode d'évaluation au paradis]]
|
||
|
||
For https://github.com/advthreat/iroh/issues/6250
|
||
|
||
The fix (https://github.com/advthreat/iroh/pull/6194) has been reverted
|
||
(https://github.com/advthreat/iroh/pull/6246) because SecureX and CTR work
|
||
differently.
|
||
|
||
GLaDOS and CTR must find a common solution, for now, we are blocked.
|
||
I think the technical solution to return a 401 when the org change from
|
||
unactivated to activated was proposed by @alucigna but I couldn't find the link
|
||
to the discussion.
|
||
|
||
cc: @alucigna @DarMontou @sabrinamokerji
|
||
|
||
*** 2022-02-04 Friday
|
||
**** MEETING Weekly Kirill Presentation :work:meeting:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-04 Fri 17:04]--[2022-02-04 Fri 20:24] => 3:20
|
||
:END:
|
||
[2022-02-04 Fri 17:04]
|
||
- ref ::
|
||
***** Notes
|
||
|
||
|
||
|
||
**** MEETING Simplify Registration :work:meeting:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-04 Fri 16:37]--[2022-02-04 Fri 17:04] => 0:27
|
||
:END:
|
||
[2022-02-04 Fri 16:37]
|
||
- ref :: https://cisco-my.sharepoint.com/:w:/p/prdass/EXwUr_HCwOVNte7KFcFzUeABxvTZiL8vZTgd8-5WInt4hA?e=4%3an55ogS&at=9
|
||
|
||
Add your status in
|
||
|
||
https://cisco-my.sharepoint.com/:w:/p/prdass/EXwUr_HCwOVNte7KFcFzUeABxvTZiL8vZTgd8-5WInt4hA?e=4%3an55ogS&at=9
|
||
|
||
***** Agenda (to discuss about)
|
||
***** Notes
|
||
***** Actions
|
||
|
||
** 2022-W06
|
||
|
||
*** 2022-02-07 Monday
|
||
**** REVIEW Github tour :work:review:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-07 Mon 10:54]--[2022-02-08 Tue 09:49] => 22:55
|
||
:END:
|
||
[2022-02-07 Mon 10:54]
|
||
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Webex tour][Webex tour]]
|
||
**** CHAT Webex tour :work:chat:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-07 Mon 10:33]--[2022-02-07 Mon 10:54] => 0:21
|
||
:END:
|
||
[2022-02-07 Mon 10:53]
|
||
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Check Customer bug with tiles.][Check Customer bug with tiles.]]
|
||
**** IN-PROGRESS Check Customer bug with tiles. :work:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-07 Mon 09:52]--[2022-02-07 Mon 10:33] => 0:41
|
||
:END:
|
||
[2022-02-07 Mon 10:52]
|
||
- ref :: https://github.com/advthreat/response/issues/1076
|
||
|
||
Confirmed this is UI for now.
|
||
|
||
*** 2022-02-08 Tuesday
|
||
**** CHAT random rambling :work:chat:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-08 Tue 10:47]--[2022-02-08 Tue 17:32] => 6:45
|
||
:END:
|
||
[2022-02-08 Tue 10:47]
|
||
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Email tour][Email tour]]
|
||
**** EMAIL Email tour :work:email:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-08 Tue 10:13]--[2022-02-08 Tue 10:47] => 0:34
|
||
:END:
|
||
[2022-02-08 Tue 10:13]
|
||
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Replace SSE IDB with SXSO][Replace SSE IDB with SXSO]]
|
||
**** CHAT Webex tour :work:chat:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-08 Tue 09:49]--[2022-02-08 Tue 10:13] => 0:24
|
||
:END:
|
||
[2022-02-08 Tue 09:49]
|
||
***** IROH
|
||
Remark about deps in IROH for Ag (pb with the formatting-stack and clojurescript)
|
||
***** IROH-Social
|
||
***** OPs General
|
||
***** DI Integration
|
||
***** Replace SSE IDB with SXSO
|
||
Jason Chamber links:
|
||
|
||
- A-Ha link (Epic) https://ciscosecurity.aha.io/epics/SECUREX-E-471
|
||
- A-Ha link (Feature) https://ciscosecurity.aha.io/features/SECUREX-557
|
||
- Jira link https://jira-eng-rtp3.cisco.com/jira/projects/SSO/issues/SSO-458?filter=myopenissues
|
||
|
||
Demand A-HA access
|
||
***** SecureX + ThreatGrid
|
||
|
||
Follow 1-click deactivation discussion.
|
||
|
||
*** 2022-02-09 Wednesday
|
||
**** MEETING API Design Meeting :work:meeting:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-09 Wed 17:30]--[2022-02-09 Wed 18:16] => 0:46
|
||
:END:
|
||
[2022-02-09 Wed 17:30]
|
||
- ref ::
|
||
***** Agenda (to discuss about)
|
||
***** Notes
|
||
***** Actions
|
||
**** MEETING Sync on the IROH Team capacity :work:meeting:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-09 Wed 15:26]--[2022-02-09 Wed 17:30] => 2:04
|
||
:END:
|
||
[2022-02-09 Wed 15:26]
|
||
|
||
- participants :: Prerna
|
||
|
||
***** notes
|
||
|
||
*** 2022-02-10 Thursday
|
||
**** MEETING Town Hall Namrata :work:meeting:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-10 Thu 20:02]--[2022-02-10 Fri 21:09] => 1:07
|
||
:END:
|
||
[2022-02-10 Thu 20:02]
|
||
|
||
Really excited for our session today.
|
||
Really candid feedback from you.
|
||
Every Quarter.
|
||
|
||
What we are working on and why and where we're headed.
|
||
***** Intro
|
||
|
||
- Business Result (Martin)
|
||
- Product Strategy (demos)
|
||
- Product Demonstrations
|
||
|
||
|
||
Leave a few minutes at the end for some Q&A.
|
||
***** Business update & strategy discussion
|
||
|
||
****** Made a sell by showing SecureX
|
||
****** XDR FY23 (top priority for Cisco)
|
||
****** 10k customers
|
||
****** Improve Renewals Rates
|
||
****** Customer with EndPoint + Umbrella lot of usage.
|
||
****** Big Users use SecureX more than small ones
|
||
|
||
**** MEETING Farewell Alex :work:meeting:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-10 Thu 19:01]--[2022-02-10 Thu 20:02] => 1:01
|
||
:END:
|
||
[2022-02-10 Thu 19:01]
|
||
|
||
Expertise and broad culture.
|
||
|
||
You have always been extremely helpful.
|
||
Your insights were essential.
|
||
Without them I wouldn't have been able to grasp the scope about what we are building.
|
||
|
||
And thanks for helping me remember about Gundam and all the first times.
|
||
**** MEETING Weekly Team Meeting :work:meeting:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-10 Thu 17:00]--[2022-02-10 Thu 19:01] => 2:01
|
||
:END:
|
||
[2022-02-10 Thu 17:00]
|
||
|
||
Waiting
|
||
|
||
Discussion about updating doc in the response repository.
|
||
***** Ag
|
||
- Module Type Patch UI
|
||
***** Ambrose
|
||
- put something in TEST might break something
|
||
***** G2
|
||
Description of lot of work for Q3, etc…
|
||
***** Irina
|
||
- soft delete
|
||
***** Kirill
|
||
Improve timeouts. Started a work around =pmap=.
|
||
***** Mark
|
||
|
||
OIDC with AO.
|
||
***** Matt
|
||
|
||
Addressing security issue discovered by the Engine team.
|
||
***** Olivier
|
||
|
||
Emails of users in lower-case.
|
||
Done in the code.
|
||
Rollback system.
|
||
And maintenance service that could update the stores.
|
||
|
||
Adding a new search function.
|
||
***** Rob
|
||
|
||
Support all modules that have a module-type in App Links.
|
||
Integrating SXSO into that.
|
||
SecureX endpoint.
|
||
***** Wanderson
|
||
|
||
Simplification Registration FT
|
||
|
||
Adding a new session to a new frontend.
|
||
|
||
***** Yann
|
||
|
||
- customer session to fix a bug
|
||
- IDB decommission must take the time, probably ask Matt some help.
|
||
- Registration Simplification
|
||
- Wanderson work make it possible to finally have an IROH-Auth Application Session.
|
||
- Olivier is working on improving our textual search services and API.
|
||
- Reduction of the scope should make it possible to finish for Q3
|
||
- The current work will make it a lot easier to provide a better UI to
|
||
manage your multiple orgs (like hide/disable/rename etc…)
|
||
- (background) fix the issue related to refresh token state in the DB, most
|
||
of the work is now done for the new services, just need to populate the
|
||
data during OAuth2 Code flow.
|
||
|
||
***** Guillaume
|
||
|
||
Removed the arrow, and now, design with OIDC to propose trial.
|
||
|
||
*** 2022-02-11 Friday
|
||
**** MEETING Registration Simlification :work:meeting:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-11 Fri 16:31]--[2022-02-11 Fri 17:48] => 1:17
|
||
:END:
|
||
[2022-02-11 Fri 16:31]
|
||
- ref ::
|
||
***** Agenda (to discuss about)
|
||
***** Notes
|
||
***** Actions
|
||
**** CHAT Olivier Question like-match rule :work:chat:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-11 Fri 15:19]--[2022-02-11 Fri 16:31] => 1:12
|
||
:END:
|
||
[2022-02-11 Fri 15:19]
|
||
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Security Training][Security Training]]
|
||
**** DONE Security Training :work:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-11 Fri 11:24]--[2022-02-11 Fri 11:50] => 0:26
|
||
:END:
|
||
[2022-02-11 Fri 11:24]
|
||
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*github notifications morning tour][github notifications morning tour]]
|
||
**** DISC github notifications morning tour :work:discussion:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-11 Fri 10:15]--[2022-02-11 Fri 11:23] => 1:08
|
||
:END:
|
||
[2022-02-11 Fri 10:15]
|
||
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Webex morning tour][Webex morning tour]]
|
||
**** CHAT Webex morning tour :work:chat:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-11 Fri 10:00]--[2022-02-11 Fri 10:15] => 0:15
|
||
:END:
|
||
[2022-02-11 Fri 10:14]
|
||
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Morning Email Tour][Morning Email Tour]]
|
||
**** EMAIL Morning Email Tour :work:email:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-11 Fri 10:11]--[2022-02-11 Fri 10:14] => 0:03
|
||
:END:
|
||
[2022-02-11 Fri 10:11]
|
||
|
||
** 2022-W07
|
||
|
||
*** 2022-02-14 Monday
|
||
**** MEETING Simplify Registration :work:meeting:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-14 Mon 16:30]--[2022-02-14 Mon 17:19] => 0:49
|
||
:END:
|
||
[2022-02-14 Mon 16:30]
|
||
|
||
*** 2022-02-17 Thursday
|
||
**** MEETING Weekly Team Meetings :work:meeting:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-17 Thu 17:00]--[2022-02-17 Thu 20:45] => 3:45
|
||
:END:
|
||
[2022-02-17 Thu 17:00]
|
||
- ref ::
|
||
|
||
***** Ag
|
||
|
||
index page is always tk-server
|
||
|
||
*** 2022-02-18 Friday
|
||
**** IN-PROGRESS Fix module-type :work:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-18 Fri 12:21]--[2022-02-18 Fri 15:51] => 3:30
|
||
:END:
|
||
[2022-02-18 Fri 12:21]
|
||
- ref :: [[file:~/dev/iroh/lib/iroh-core/test/iroh_core/test_helpers_test.clj::(deftest is-similar?-test]]
|
||
|
||
|
||
APJC SCA
|
||
|
||
#+begin_src js
|
||
{
|
||
"description": "Cisco Secure Cloud Analytics (formerly Stealthwatch Cloud) improves security and incident response across the distributed network, from the private network and branch office to the public cloud. This solution addresses the need for digital businesses to quickly identify threats posed by their network devices and cloud resources, and to do so with minimal management, oversight, and security manpower.\n\nThe network is evolving. IT resources are frequently being moved into the cloud. At the same time, the number of connected devices on the private network is increasing dramatically. Security personnel are struggling just to know what entities are operating in their environment, let alone whether they pose a threat to the organization.\n\nSecure Cloud Analytics addresses this problem by providing comprehensive visibility and high-precision alerts with low noise, without the use of agents. Organizations can accurately detect threats in real time, regardless of whether an attack is taking place on the network, in the cloud, or across both environments. Secure Cloud Analytics is a cloud-based, Software-as-a-Service (SaaS)-delivered solution. It detects ransomware and other malware, data exfiltration, network vulnerabilities, and role changes that indicate compromise.\n\nAlso, developer teams are continuously adopting new and more dynamic compute environments like serverless and containers such as AWS Lambda and Kubernetes. Secure Cloud Analytics provides visibility into these environments as well, so that organizations don’t have to compromise on security on their path to digital transformation.",
|
||
"properties": "2MGqPrzLNIrfFeFK/UUzdpA98pKEUHLvd6d7+snqeh1lXokV9n6J8lKeAwp7tRdCSHT+crPhmilCkfBXkvfT+8NLp/rq+4TD32EkYqcYNngmgsAji/UJ6NuChgJnPd+FwwembDj2iPh7vFXHnGmLKlgOkweQzokI2CUROgbTw2JNruDhL47ws3LhMl2LRqlbJQP83yeGMmwjV0mjFSth/w25D1oIHR+mnYH7mrcKUH0XT/6xQzqJ3l6URkbun6wvzLycJhqtOtqtJSdB3cAfYlhfkpCY8ZXt9IO8/MyOeGJ6Qf2iz9gXIFAgtNBBz9bkZAPk4Uv0nei39F4lwFv9lmUdVGuHIHtHJKf4sn/qB40=",
|
||
"capabilities": [
|
||
{
|
||
"id": "health",
|
||
"description": "Healthcheck"
|
||
},
|
||
{
|
||
"id": "deliberate",
|
||
"description": "Deliberation"
|
||
},
|
||
{
|
||
"id": "observe",
|
||
"description": "Enrichments"
|
||
},
|
||
{
|
||
"id": "refer",
|
||
"description": "Reference links"
|
||
},
|
||
{
|
||
"id": "tiles",
|
||
"description": "Dashboard Tiles"
|
||
}
|
||
],
|
||
"app_link_meta": {
|
||
"url": "https://portal-anz.obsrvbl.com/auth/?next=%2Fv2%2F%23%2Fsettings%2Fintegrations%2Fsecurex",
|
||
"meta": {
|
||
"x_okta_bookmark_id": "0oa1idxamsrOKeFuN357"
|
||
},
|
||
"title": "Stealthwatch Cloud (ANZ)"
|
||
},
|
||
"tips": "If the Secure Cloud Analytics (formerly Stealthwatch Cloud) integration module displays a **Bidirectional** icon on the module panel, it indicates that the integration was enabled in Secure Cloud Analytics or SecureX. \n\nFor information on the Secure Cloud Analytics integration with SecureX, see [Secure Cloud Analytics SecureX integration Guide](https://www.cisco.com/c/dam/en/us/td/docs/security/stealthwatch/cloud/SecureX/SecureX_Integration_Guide_DV_2_0.pdf).",
|
||
"logo": "data:image/svg+xml;base64,PHN2ZyBkYXRhLW5hbWU9IkxheWVyIDEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgdmlld0JveD0iMCAwIDM0LjEgMzIuMiI+PHBhdGggZmlsbD0iIzI3NGJhMCIgZD0iTTAgMGgzNC4xdjMyLjE2SDB6Ii8+PHBhdGggZD0iTTIyLjcgMTYuOGEzIDMgMCAwMC0zLTNoLS4xYTQuMyA0LjMgMCAwMC04LjEgMS41IDIuMyAyLjMgMCAwMC0yLjYgMS44LjkuOSAwIDAwLS4xLjUgMi4yIDIuMiAwIDAwMi40IDIuMkgyMGEzIDMgMCAwMDIuNy0zeiIgZmlsbD0iI2ZmZiIvPjxwYXRoIGQ9Ik0yMC4zIDhhOC43IDguNyAwIDAwLTUuOC0yLjIgMTEuNyAxMS43IDAgMDAtNS4xIDEuNk0xMC4xIDIzLjZoMTMuM3M1LjctLjcgNS43LTYuM2E2LjUgNi41IDAgMDAtMi45LTUuNCIgZmlsbD0ibm9uZSIgc3Ryb2tlPSIjZmZmIiBzdHJva2UtbGluZWNhcD0icm91bmQiIHN0cm9rZS1taXRlcmxpbWl0PSIxMCIvPjxjaXJjbGUgY3g9IjIyLjciIGN5PSIxMC44IiByPSIxLjciIGZpbGw9IiNmZmYiLz48Y2lyY2xlIGN4PSI2LjMiIGN5PSIyMy42IiByPSIxLjgiIGZpbGw9IiNmZmYiLz48Y2lyY2xlIGN4PSI4IiBjeT0iOC43IiByPSIxLjQiIGZpbGw9Im5vbmUiIHN0cm9rZT0iI2ZmZiIgc3Ryb2tlLW1pdGVybGltaXQ9IjEwIi8+PC9zdmc+",
|
||
"org_id": "4f169b08-bb0d-4e97-a358-8fd3fd819066",
|
||
"configuration_spec": [
|
||
{
|
||
"key": "token",
|
||
"type": "api_key",
|
||
"label": "Authorization Token",
|
||
"required": true
|
||
}
|
||
],
|
||
"short_description": "Gain the visibility and continuous threat detection needed to secure your public cloud, private network, and hybrid environments.",
|
||
"title": "Secure Cloud Analytics",
|
||
"external_references": [
|
||
{
|
||
"link": "https://info.securexanalytics.com/SecureX-Trial-Request.html",
|
||
"label": "Free Trial"
|
||
},
|
||
{
|
||
"link": "https://www.cisco.com/c/en/us/products/security/stealthwatch-cloud/index.html",
|
||
"label": "Product Information"
|
||
},
|
||
{
|
||
"link": "https://www.cisco.com/c/dam/r/ctp/docs/privacydatasheet/security/cisco-stealthwatch-cloud-privacy-data-sheet.pdf",
|
||
"label": "Privacy Policy"
|
||
},
|
||
{
|
||
"link": "https://portal-anz.obsrvbl.com/auth/?next=%2Fv2%2F%23%2Fsettings%2Fintegrations%2Fsecurex%3Fstatus%3Dtrue",
|
||
"class": "activation",
|
||
"label": "Activate"
|
||
}
|
||
],
|
||
"updated_at": "2022-02-18T10:17:14.710Z",
|
||
"id": "f31e83d1-48e7-4384-9c6a-64a5c9cee05b",
|
||
"record": "relay-module.module/RelayModule",
|
||
"user_id": "207347d9-65c0-402b-88ce-ef028989e95f",
|
||
"client_id": "iroh-ui",
|
||
"default_name": "Secure Cloud Analytics",
|
||
"flags": [
|
||
"default"
|
||
],
|
||
"enabled": true,
|
||
"visibility": "global",
|
||
"created_at": "2020-05-15T17:45:46.904Z",
|
||
"former_title": "Stealthwatch Cloud"
|
||
}
|
||
#+end_src
|
||
|
||
NAM:
|
||
|
||
|
||
#+begin_src js
|
||
{
|
||
"description": "Cisco Secure Cloud Analytics (formerly Stealthwatch Cloud) improves security and incident response across the distributed network, from the private network and branch office to the public cloud. This solution addresses the need for digital businesses to quickly identify threats posed by their network devices and cloud resources, and to do so with minimal management, oversight, and security manpower.\n\nThe network is evolving. IT resources are frequently being moved into the cloud. At the same time, the number of connected devices on the private network is increasing dramatically. Security personnel are struggling just to know what entities are operating in their environment, let alone whether they pose a threat to the organization.\n\nSecure Cloud Analytics addresses this problem by providing comprehensive visibility and high-precision alerts with low noise, without the use of agents. Organizations can accurately detect threats in real time, regardless of whether an attack is taking place on the network, in the cloud, or across both environments. Secure Cloud Analytics is a cloud-based, Software-as-a-Service (SaaS)-delivered solution. It detects ransomware and other malware, data exfiltration, network vulnerabilities, and role changes that indicate compromise.\n\nAlso, developer teams are continuously adopting new and more dynamic compute environments like serverless and containers such as AWS Lambda and Kubernetes. Secure Cloud Analytics provides visibility into these environments as well, so that organizations don’t have to compromise on security on their path to digital transformation.",
|
||
"properties": "yUY5o15RUpAfB7Lk3RxosIJYx2JpDTaf4TkddVzepwSbz3A9m9b+/KyHxuiSH1SbTf6r5qk2SgaSKA8efk3pbDqL2RQC248eQoez0EI0GaAmnXnnhuEH91ZFtddwyQdvX+tUY+vxbHfdkES6rKP0hLWxMMZcYikD5ONBfNwak3kqlq0g07c52Gnx9Qgg5UOdzwBqTVb883tJZ+fRAFhYU7Hu7DNZDRDnccTOUFNJw84hmg7NEFMjK5Z48BG51qBgW50u/Wxv7+ceCUFUYrwbFzQLB/zbspQcFJtlUwZHZ7jl/VQbLT5QqJLthRnphAIGE/xIsEeCG66fZg1Ds60Vwp/c12ueYJVsVZyhHBIG0wk=",
|
||
"capabilities": [
|
||
{
|
||
"id": "health",
|
||
"description": "Healthcheck"
|
||
},
|
||
{
|
||
"id": "deliberate",
|
||
"description": "Deliberation"
|
||
},
|
||
{
|
||
"id": "observe",
|
||
"description": "Enrichments"
|
||
},
|
||
{
|
||
"id": "refer",
|
||
"description": "Reference links"
|
||
},
|
||
{
|
||
"id": "tiles",
|
||
"description": "Dashboard Tiles"
|
||
}
|
||
],
|
||
"app_link_meta": {
|
||
"url": "https://portal-staging.obsrvbl.com/auth/?next=%2Fv2%2F%23%2Fsettings%2Fintegrations%2Fsecurex",
|
||
"meta": {
|
||
"x_okta_bookmark_id": "0oa1hyf3xtXD6Xqxg357"
|
||
},
|
||
"title": "Stealthwatch Cloud (US)"
|
||
},
|
||
"tips": "If the Secure Cloud Analytics (formerly Stealthwatch Cloud) integration module displays a **Bidirectional** icon on the module panel, it indicates that the integration was enabled in Secure Cloud Analytics or SecureX. \n\nFor information on the Secure Cloud Analytics integration with SecureX, see [Secure Cloud Analytics SecureX integration Guide](https://www.cisco.com/c/dam/en/us/td/docs/security/stealthwatch/cloud/SecureX/SecureX_Integration_Guide_DV_2_0.pdf).",
|
||
"logo": "data:image/svg+xml;base64,PHN2ZyBkYXRhLW5hbWU9IkxheWVyIDEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgdmlld0JveD0iMCAwIDM0LjEgMzIuMiI+PHBhdGggZmlsbD0iIzI3NGJhMCIgZD0iTTAgMGgzNC4xdjMyLjE2SDB6Ii8+PHBhdGggZD0iTTIyLjcgMTYuOGEzIDMgMCAwMC0zLTNoLS4xYTQuMyA0LjMgMCAwMC04LjEgMS41IDIuMyAyLjMgMCAwMC0yLjYgMS44LjkuOSAwIDAwLS4xLjUgMi4yIDIuMiAwIDAwMi40IDIuMkgyMGEzIDMgMCAwMDIuNy0zeiIgZmlsbD0iI2ZmZiIvPjxwYXRoIGQ9Ik0yMC4zIDhhOC43IDguNyAwIDAwLTUuOC0yLjIgMTEuNyAxMS43IDAgMDAtNS4xIDEuNk0xMC4xIDIzLjZoMTMuM3M1LjctLjcgNS43LTYuM2E2LjUgNi41IDAgMDAtMi45LTUuNCIgZmlsbD0ibm9uZSIgc3Ryb2tlPSIjZmZmIiBzdHJva2UtbGluZWNhcD0icm91bmQiIHN0cm9rZS1taXRlcmxpbWl0PSIxMCIvPjxjaXJjbGUgY3g9IjIyLjciIGN5PSIxMC44IiByPSIxLjciIGZpbGw9IiNmZmYiLz48Y2lyY2xlIGN4PSI2LjMiIGN5PSIyMy42IiByPSIxLjgiIGZpbGw9IiNmZmYiLz48Y2lyY2xlIGN4PSI4IiBjeT0iOC43IiByPSIxLjQiIGZpbGw9Im5vbmUiIHN0cm9rZT0iI2ZmZiIgc3Ryb2tlLW1pdGVybGltaXQ9IjEwIi8+PC9zdmc+",
|
||
"org_id": "964a8c3b-9aef-4e1d-aadf-e2754004d230",
|
||
"configuration_spec": [
|
||
{
|
||
"key": "token",
|
||
"type": "api_key",
|
||
"label": "Authorization Token",
|
||
"required": true
|
||
}
|
||
],
|
||
"short_description": "Gain the visibility and continuous threat detection needed to secure your public cloud, private network, and hybrid environments.",
|
||
"title": "Secure Cloud Analytics",
|
||
"external_references": [
|
||
{
|
||
"link": "https://info.securexanalytics.com/SecureX-Trial-Request.html",
|
||
"label": "Free Trial"
|
||
},
|
||
{
|
||
"link": "https://www.cisco.com/c/en/us/products/security/stealthwatch-cloud/index.html",
|
||
"label": "Product Information"
|
||
},
|
||
{
|
||
"link": "https://www.cisco.com/c/dam/r/ctp/docs/privacydatasheet/security/cisco-stealthwatch-cloud-privacy-data-sheet.pdf",
|
||
"label": "Privacy Policy"
|
||
}
|
||
],
|
||
"updated_at": "2022-02-18T08:55:49.295Z",
|
||
"id": "b3874a82-1967-4f9c-a42a-47f1d61ab835",
|
||
"record": "relay-module.module/RelayModule",
|
||
"user_id": "dcffe020-1c6a-4d78-ba09-f21674a59c9c",
|
||
"client_id": "iroh-ui",
|
||
"default_name": "Secure Cloud Analytics",
|
||
"flags": [
|
||
"default"
|
||
],
|
||
"enabled": true,
|
||
"visibility": "global",
|
||
"created_at": "2020-05-15T17:38:39.788Z",
|
||
"former_title": "Stealthwatch Cloud"
|
||
}
|
||
#+end_src
|
||
EU
|
||
|
||
#+begin_src js
|
||
{
|
||
"description": "Cisco Secure Cloud Analytics (formerly Stealthwatch Cloud) improves security and incident response across the distributed network, from the private network and branch office to the public cloud. This solution addresses the need for digital businesses to quickly identify threats posed by their network devices and cloud resources, and to do so with minimal management, oversight, and security manpower.\n\nThe network is evolving. IT resources are frequently being moved into the cloud. At the same time, the number of connected devices on the private network is increasing dramatically. Security personnel are struggling just to know what entities are operating in their environment, let alone whether they pose a threat to the organization.\n\nSecure Cloud Analytics addresses this problem by providing comprehensive visibility and high-precision alerts with low noise, without the use of agents. Organizations can accurately detect threats in real time, regardless of whether an attack is taking place on the network, in the cloud, or across both environments. Secure Cloud Analytics is a cloud-based, Software-as-a-Service (SaaS)-delivered solution. It detects ransomware and other malware, data exfiltration, network vulnerabilities, and role changes that indicate compromise.\n\nAlso, developer teams are continuously adopting new and more dynamic compute environments like serverless and containers such as AWS Lambda and Kubernetes. Secure Cloud Analytics provides visibility into these environments as well, so that organizations don’t have to compromise on security on their path to digital transformation.",
|
||
"properties": "Y+2BcDiVdoyWy7JxQwcOXuCG+S/JH98ncFxmwhz27utYxlhrSNQIHGTGGifUZx4Yw2GQe5oy2051VjsrcTrXVCmXAEVpU7NVqLwjmgT01zoDkE1o2lO3bMQbLTZLkNnUKAnaef/4UFqlcorJ0CGfhQPvWZG6OnAPx5PLzbS0TjsRfSGpVSRPeW+aANy+CEXul1l6FKzHohgTelMZuYNGYncHEa+eqtpSVvFl5HITj7rx7NMPWWeRaqN3Ljnbs3l26picBEvRfPzXeAT26gh0gdieWYtB2xnUU8gFUx4MNcqyMVNwGYbtLQ150uQYbOxuoiVZ41ujCWgt0Eksa/g0MkLg+QC5QBHgquwpVdMDDSE=",
|
||
"capabilities": [
|
||
{
|
||
"id": "health",
|
||
"description": "Healthcheck"
|
||
},
|
||
{
|
||
"id": "deliberate",
|
||
"description": "Deliberation"
|
||
},
|
||
{
|
||
"id": "observe",
|
||
"description": "Enrichments"
|
||
},
|
||
{
|
||
"id": "refer",
|
||
"description": "Reference links"
|
||
},
|
||
{
|
||
"id": "tiles",
|
||
"description": "Dashboard Tiles"
|
||
}
|
||
],
|
||
"app_link_meta": {
|
||
"url": "https://portal-eu.obsrvbl.com/auth/?next=%2Fv2%2F%23%2Fsettings%2Fintegrations%2Fsecurex",
|
||
"meta": {
|
||
"x_okta_bookmark_id": "0oa1idwgt8itDu9jQ357"
|
||
},
|
||
"title": "Stealthwatch Cloud (EU)"
|
||
},
|
||
"tips": "If the Secure Cloud Analytics (formerly Stealthwatch Cloud) integration module displays a **Bidirectional** icon on the module panel, it indicates that the integration was enabled in Secure Cloud Analytics or SecureX. \n\nFor information on the Secure Cloud Analytics integration with SecureX, see [Secure Cloud Analytics SecureX integration Guide](https://www.cisco.com/c/dam/en/us/td/docs/security/stealthwatch/cloud/SecureX/SecureX_Integration_Guide_DV_2_0.pdf).",
|
||
"logo": "data:image/svg+xml;base64,PHN2ZyBkYXRhLW5hbWU9IkxheWVyIDEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgdmlld0JveD0iMCAwIDM0LjEgMzIuMiI+PHBhdGggZmlsbD0iIzI3NGJhMCIgZD0iTTAgMGgzNC4xdjMyLjE2SDB6Ii8+PHBhdGggZD0iTTIyLjcgMTYuOGEzIDMgMCAwMC0zLTNoLS4xYTQuMyA0LjMgMCAwMC04LjEgMS41IDIuMyAyLjMgMCAwMC0yLjYgMS44LjkuOSAwIDAwLS4xLjUgMi4yIDIuMiAwIDAwMi40IDIuMkgyMGEzIDMgMCAwMDIuNy0zeiIgZmlsbD0iI2ZmZiIvPjxwYXRoIGQ9Ik0yMC4zIDhhOC43IDguNyAwIDAwLTUuOC0yLjIgMTEuNyAxMS43IDAgMDAtNS4xIDEuNk0xMC4xIDIzLjZoMTMuM3M1LjctLjcgNS43LTYuM2E2LjUgNi41IDAgMDAtMi45LTUuNCIgZmlsbD0ibm9uZSIgc3Ryb2tlPSIjZmZmIiBzdHJva2UtbGluZWNhcD0icm91bmQiIHN0cm9rZS1taXRlcmxpbWl0PSIxMCIvPjxjaXJjbGUgY3g9IjIyLjciIGN5PSIxMC44IiByPSIxLjciIGZpbGw9IiNmZmYiLz48Y2lyY2xlIGN4PSI2LjMiIGN5PSIyMy42IiByPSIxLjgiIGZpbGw9IiNmZmYiLz48Y2lyY2xlIGN4PSI4IiBjeT0iOC43IiByPSIxLjQiIGZpbGw9Im5vbmUiIHN0cm9rZT0iI2ZmZiIgc3Ryb2tlLW1pdGVybGltaXQ9IjEwIi8+PC9zdmc+",
|
||
"org_id": "99c5cf95-7788-4ce1-906f-86811aa57752",
|
||
"configuration_spec": [
|
||
{
|
||
"key": "token",
|
||
"type": "api_key",
|
||
"label": "Authorization Token",
|
||
"required": true
|
||
}
|
||
],
|
||
"short_description": "Gain the visibility and continuous threat detection needed to secure your public cloud, private network, and hybrid environments.",
|
||
"title": "Secure Cloud Analytics",
|
||
"external_references": [
|
||
{
|
||
"link": "https://info.securexanalytics.com/SecureX-Trial-Request.html",
|
||
"label": "Free Trial"
|
||
},
|
||
{
|
||
"link": "https://www.cisco.com/c/en/us/products/security/stealthwatch-cloud/index.html",
|
||
"label": "Product Information"
|
||
},
|
||
{
|
||
"link": "https://www.cisco.com/c/dam/r/ctp/docs/privacydatasheet/security/cisco-stealthwatch-cloud-privacy-data-sheet.pdf",
|
||
"label": "Privacy Policy"
|
||
}
|
||
],
|
||
"updated_at": "2022-02-18T09:00:11.280Z",
|
||
"id": "7739968f-4259-49c2-8c14-21e569a11d1c",
|
||
"record": "relay-module.module/RelayModule",
|
||
"user_id": "be72933d-8e87-4430-8b33-870e3db35bce",
|
||
"client_id": "iroh-ui",
|
||
"default_name": "Secure Cloud Analytics",
|
||
"flags": [
|
||
"default"
|
||
],
|
||
"enabled": true,
|
||
"visibility": "global",
|
||
"created_at": "2020-05-15T17:44:34.285Z",
|
||
"former_title": "Stealthwatch Cloud"
|
||
}
|
||
#+end_src
|
||
|
||
** 2022-W08
|
||
|
||
*** 2022-02-22 Tuesday
|
||
**** CANCELED SXO Meeting :work:meeting:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-22 Tue 18:00]--[2022-02-22 Tue 18:02] => 0:02
|
||
:END:
|
||
[2022-02-22 Tue 18:00]
|
||
- ref ::
|
||
|
||
*** 2022-02-23 Wednesday
|
||
**** IN-PROGRESS IDB Decomissioning :work:
|
||
:LOGBOOK:
|
||
CLOCK: [2022-02-23 Wed 14:48]
|
||
:END:
|
||
[2022-02-23 Wed 14:48]
|
||
|
||
Found in tenzin repository very old commit (ce43ddb)
|
||
|
||
|
||
***** INT
|
||
|
||
#+begin_src yaml
|
||
idps:
|
||
amp:
|
||
kind: saml
|
||
authorize_uri: https://auth.amp.cisco.com/auth/session/new
|
||
cert_path: /srv/iroh/resources/cert/amp_idp.cert
|
||
threatgrid:
|
||
kind: oidc
|
||
authorize_uri: https://int.threatgrid.com/oauth2/authorize
|
||
token_uri: https://int.threatgrid.com/api/v3/oauth/token
|
||
org_id_key: :tg_org
|
||
client_id: 884a152d-e2a2-4552-b56b-7618274ab988
|
||
client_secret: |
|
||
-----BEGIN PGP MESSAGE-----
|
||
Version: GnuPG v1
|
||
hQIMA84RaiSk55caAQ/+NXy974NKjfdujj01jODDqqIIp4QXdGH8pC4LcHDW9rwx
|
||
EE1XELuP+7eZ1+UA2+qhPwcT+kOCEJteXGJt00FoL4bjfOTHqV6Zjl+KySGGYsHw
|
||
LQRQhI+odKpakGmtnMD7Zjf14phfUTHKs4Zs6EjLP0rm5LMw+eo3PhQ4zNGfoF1G
|
||
W3S7J+dmjNc0ZEsgOStxAmQ5SZM6nIoOo8qJY5p8LujbAzPTGq1hKYVjxM2FnuoQ
|
||
SkoIA77z9twJpFMqr3TgOPI/IZqu8rAAVEeAZHRP0W4j4Wk/PetmG4mJrJT5hFqV
|
||
Z6iOChTL8t2lbSd/QkwoxD2cZzZlY4c3Pe2JqtdfffhaF7LXcOtHm8R2cv2kjEm3
|
||
gdAw2EZucYZa2n78vxofXrLWayltFTzM9hmn616Yy3UtExOHv/ydj0xhLGEx+Woc
|
||
X0LS0La8ElNOMnp99x+9y1xmShlZMsRNOm5kjTFMtLry4K3QKTZLAzVa2835RV3e
|
||
Tb6T2tdkK5fIVpIQpv3E6meAmkFHWHl3rZw4qdPaPbDWctPDt8TxyX4LQ555ED2N
|
||
roCuBSWsu7Efz8s+oUgK3GleSj37O7kIyJq+GxOayyepU8D6WJqqh6TbeFQlyUBJ
|
||
YYrFxd+wUAEdeq4LoTxGrZp4jDopg9wVVdEmlcltJ79GbpOGf9uo0nyrlVRXDoHS
|
||
WwFPEYM+r1FWnWhrH+zbE3LwvVBMi8KluExN8KcilTnzhISrhR40J/HvEBXMM2DV
|
||
7TnS+FyxWHu0vBzIg2y7DdGh4SYw7ru35wH9V8x6L449ffD6diMaXLGoBAU=
|
||
=0OIa
|
||
-----END PGP MESSAGE-----
|
||
#+end_src
|
||
***** TEST
|
||
|
||
#+begin_src yaml
|
||
idps:
|
||
amp:
|
||
kind: saml
|
||
authorize_uri: https://auth.amp.cisco.com/auth/session/new
|
||
cert_path: /srv/iroh/resources/cert/amp_idp.cert
|
||
threatgrid:
|
||
kind: oidc
|
||
authorize_uri: https://test.threatgrid.com/oauth2/authorize
|
||
token_uri: https://test.threatgrid.com/api/v3/oauth/token
|
||
org_id_key: :tg_org
|
||
client_id: d1f5cbd2-610c-44b9-b5dd-92ecc7ef7f24
|
||
client_secret: |
|
||
-----BEGIN PGP MESSAGE-----
|
||
Version: GnuPG v1
|
||
hQIMA84RaiSk55caAQ//czS1KlsdqexkdpO7KizewEY5Wy2rBIT74FYJaJRPOh2k
|
||
YDTs1pxbu4SY/PWmyNVh97UAGVjwMAOEJvMaZt2fOA0EqHVwaPqe5xV1pS9eIAIf
|
||
JfmQyAzaCADaFvLpVwF7yuzJzUhrPq1JBbwssXh0YLnEOfEandspL6Tw2JunK67A
|
||
9GfPiSRNPr90wflsOAObuxRqtThw6usQKDVh8r5lSTpfLN/3gyDX/BNwYOBIgY/D
|
||
TvTtX9zYAKwb9lyvvAjVPueHwLBwwLJ0J2C4soKKM/xyqRfllFzWHAuF8dKAmsNO
|
||
t1HGcSmHh1mT8hLnZf453PHbItVc8gvyeEcFAtWmGI3hB8JGIFLrzSoO3Vu/opRy
|
||
5xovtKDbAcB6xjvkix6s4ppim2lunPa4uzni1XcXUZ5iF424SSSooWmySmFuYniS
|
||
pr5t2sulSWr4ptR5e/jWLr6hx6rkLntvJHf99DkK2MeAe35+lkvnKu4algH0Bul6
|
||
r3eXvtSZl+Ejwy8fLGv3Zkj12xL3eIZ5PIihAqmJ8cPcY8mZfoz7BjpfXLL0ykuY
|
||
HPeAU2YzG9+1TiZk/hADsb6B558nj9DjFbi5P1CyCCWvIAdN+lq3BWaU8VsphC5A
|
||
w8L7DGUSlVQXuvHzvuFktYG5z/2FL4Oil924/jiTMiyglcq0qUqTIaR6F/5UdMfS
|
||
WwFQJ7Mco7nkak9JMzCos+h/l4IpeM0nSK/5ANzXeNRq5TzGXCYsNZhRtH2JNa1d
|
||
Et1dSAy0iR+v5wyozjppTC/o6vOkIVhvYoiDaT9ZVx4/t5552/qGRIdIH8c=
|
||
=RJtM
|
||
-----END PGP MESSAGE-----
|
||
#+end_src
|
||
***** PROD
|
||
|
||
#+begin_src yaml
|
||
idps:
|
||
amp:
|
||
kind: saml
|
||
authorize_uri: https://auth.amp.cisco.com/auth/session/new
|
||
cert_path: /srv/iroh/resources/cert/amp_idp.cert
|
||
threatgrid:
|
||
kind: oidc
|
||
authorize_uri: https://panacea.threatgrid.com/oauth2/authorize
|
||
token_uri: https://panacea.threatgrid.com/api/v3/oauth/token
|
||
org_id_key: :tg_org
|
||
client_id: 4fe0068b-eb2a-4918-871f-dd9c9592990e
|
||
client_secret: |
|
||
-----BEGIN PGP MESSAGE-----
|
||
Version: GnuPG v1
|
||
hQIMA84RaiSk55caAQ/+JHsdFHlM0yxwYJTMgzCPp0wOJozy1/lB4I3pdk/mQlA3
|
||
KX0D9VahiZatTG+N0z2dx+rDs/T3XJIShwJsDbO0kBN18kOSEIU5eFZGTj1u7ev1
|
||
vPAq+ekmxfRnYsQ0CRdp45uM8jhrO19zbJVu7oL1XaLGFYJxzt6BIkCExSnEBA/i
|
||
T3nNxa0CNw7sYUjw0kxDkCwl2RpdmMJ6QWNuqKqRc5olzz0mnu0ioCMXnPu1w4oD
|
||
Sck0pZQYacnr8/bCWsLR7kLA9GFHcApT1DoLDhOr8PB6/blpCd+t+nHflUx5SCgn
|
||
rqeeA8PaFCZ7wBRa8WuVZXmSll8/siSlTUyBxDKq9y5EjhJBFVRgCRjd4WzwGaMn
|
||
F3soOMKKpM1Dj1u3+PkgIprV6nWSUvEOrYxtUEWfBeVdD7Kng57AG+Xz8k1e9ium
|
||
s+ITYdo5oG5O4ks5bXuO9ILpt92GLoKC/TAbo2doxiGk63rBxu9HsUTMZVC96FzE
|
||
PkWXQxD4LDXlFTqIlCQmjUq6Q6K71t0+pvAS0x4dKHhvuJdAJEHrZe6nnLtiBcjA
|
||
TcYoFGHqx32mqbvq7LThoRYFVXvO2tMDoRrDjYKRKNpmTfHNDjhGf+TOhHiw7Rnf
|
||
TAJLWCyHrpupu47NPtqAN1fnY9m6yjNGRe6tzgG78vsdCSR6QdAHILwMjUR1QULS
|
||
WwHmb/heYDgwuhzbcwDAQuiotWA++xYzAy52cXNuunkC+e/4qob7iIN/ifcPDH3z
|
||
rEmF6TVvvE0tzW81X7tdyaOf3Q8rmwMSZzhK7HUhgWIdDhf3Dl6FrrdFoi0=
|
||
=srU6
|
||
-----END PGP MESSAGE-----
|
||
#+end_src
|