Code Weekly Report 24
IROH
lead
Guillaume Buisson [1]
iroh [1]
- Initial XDR Incident Manager Response 1.1 Draft Spec #7847
data
Mario Aquino [4]
iroh [4]
- Fix flaky test #7971
- Partition and batch threat hunt observables #7958
>1w
- Establish a task timeout option for async work #7948
- Issue 7823/incident summary mapping #7907
Guillaume Erétéo [2]
iroh [2]
- Update risk-score.md #7974
>1w
- adding org mode for calculating data volume #7941
Ambrose Bonnaire-Sergeant [1]
ctia [1]
>1w
- Disable /metric/average route for irrelevant entities #1372
integrations
Matthieu Sprunck [2]
tenzin-config [2]
>1w
- Share the same module configurations in iroh and iroh-async in PROD #905
- Disable HTTP Proxy in IROH proxy (PROD)#903
Kirill Chernyshov [8]
iroh [3]
- Remove try/catch for better error handling #7980
- Fix NullPointerException #7961
>1w
- Use event id for the key of kafka record #7923
tenzin-config [5]
- Enable KafkaServices on INT #921
- Disable KafkaServices once again #918
- Enable Kafka related services on INT #916
>1w
- Temporary disable services #914
- Set SSL kafka security protocol on INT #912
Shafiq [1]
iroh [1]
- Creating iroh-events datastream should succeed even if it exists already #7959
auth
bartuka [1]
iroh [1]
- [IROH Auth] RBAC JWT Revocation on
role
change #7875
Yann Esposito [16]
iroh [4]
- Upgrade SX to XDR org via provisioning #7981
- feature-flag scopes are considered as special #7985
- fix local dev environment to be able to start locally without docker #7944
>1w
- Use org to display the roles as expected #7952
ring-jwt-middleware [3]
- Version 1.1.4-SNAPSHOT
- Version 1.1.3
- Support external error via is-revoked-fn
tenzin-config [9]
- Enable XDR roles in PROD #919
- factorize PROD #917
- Add role-web-service config everywhere #911
>1w
- Canonicalize the configs (#913) #915
- Canonicalize the configs #913
- Add missing role-web-service everywhere #910
- Gen configs git pre-commit hook #908
- Factorisation iroh/iroh-async confs #904
- Tree config structures to prevent config duplication. #901
Olivier Barbeau [7]
iroh [7]
- Upgrade Babashka #7967
- add missing exclusions for uberjar #7963
- fix bug when Org has no entitlement #7956
- [IROH configuration]: Generate service diagram #7872
- GH pages updates #7960
>1w
- fix alias arguments #7954
- Issue 7930 GitHub pages styling #7932
(Yogsototh) [3]
ring-jwt-middleware [3]
- Version 1.1.4-SNAPSHOT
- Version 1.1.3
- Support external error via is-revoked-fn
iroh-ops
Jerome Schneider [1]
tenzin [1]
- Kafka Connect: fixed cluster conf and use our own cacerts file
Patrick Patat [1]
iroh-ops [1]
- Merge pull request #75 from advthreat/squid
Patrick Patat [1]
iroh-ops [1]
- add squid server for vector in public subnet
Other
Other
Robert Levy [2]
iroh [1]
>1w
- user and team mean time tiles #7873
tenzin-config [1]
>1w
- add migration for iroh issue #7819 to TEST and PROD environments #902
Devin Walters [2]
tenzin-config [2]
- Add config.edn for other conure-distributor environments #920
>1w
- Reduce conure-distributor worker count #906
Mia [3]
iroh [1]
- Snapshot for risk score #7964
iroh-engine [2]
>1w
- Merge pull request #1394 from advthreat/v0.15.6-rc
- Merge pull request #1393 from advthreat/save-asset-snapshot
Scott McLeod [1]
tenzin-config [1]
>1w
- Config changes supporting IROH PR #7934 #899
krishna Ganugapenta [4]
tenzin [4]
- COnure-distributor PROD ASG modules fix #3062
- ops_vpn_cidr removal from TEST and other backup regions as ops vpn not present there #3061
- Conure-distributor setup config for TEST/PROD #3049
>1w
- Conure_distributor terraform modules config updates #3027
milehrer [2]
iroh-engine [2]
>1w
- prepare for v0.15.6
- Remove sightings from asset enrichment response, save snapshot instead
Martin Bruchanov [2]
tenzin [2]
- Clean-up of the old ES5 deployment code #3053
>1w
- Fix for consul registration of ops-openvpn service #2968
Kirill Chernyshov [1]
tenzin-config [1]
>1w
- IROH Events migration to Elasticsearch #909
John Jardine [2]
tenzin [2]
- Add endpoint generation procedure and update endpoints. #3058
- SXOPS-792: QA complaining of long queue times for incidents enrichment #3054
Sofiia Mykytiuk [9]
tenzin [9]
- Update ASG for ES metrics in NAM and EU #3063
- Update vpnator list #3050
>1w
- Remove CSIRT_Investigator role #3045
- Policy to allow access to DynamoDB items for ROAdmin #3043
- Remove jbusboom ssh configs #3042
- Dmarc record for STAGE #3040
- Remove ssh access for Michael Simonson #3035
- Update OPS vpnator list #3034
- Consul fix for ops vpn #3032
muhammad-xdr-ops [4]
tenzin [4]
- SXOPS-805 - adding CNAMEs for secure-client-forms MFE #3065
- enabled trendmicro and defender in all prod regions #3055
- SXOPS-763 - updating integrations version #3052
>1w
- SXOPS-702 removing INT access to PROD S3 bucket #3024
Dmytro Budko [5]
tenzin [5]
- SXOPS-191 Terraform: Bring INT and Test into sync with AWS #3056
>1w
- SXOPS-766 [PROD] Fix 'docs' related Terraform Delta #3046
- SXOPS-636 Docs XDR Deployment, Publish and Host #3048
- SXOPS-636 Docs XDR Deployment, Publish and Host #3041
- SXOPS-636 Docs XDR Deployment, Publish and Host #3016
Scott McLeod [1]
iroh [1]
>1w
- Use filter-map-search directly from CRUDStoreService #7934
Rekha Gupta [2]
tenzin-config [2]
- fix: to port 4008 because ribbon uses 4007 #925
- feat: port for new client management MFE #924
Jerome Schneider [1]
tenzin [1]
- SXOPS 801: Kafka connect open port 8083 and use static port in Nomad #3059
Yurii Ivanisenko [2]
tenzin [2]
>1w
- connected self-hosted runner #3038
- added wokeignore file #3036
Gayan Jayasundara [2]
tenzin [2]
- Add Adam as codeowner to Tenzin repo #3060
>1w
- SXOPS-472 & SXOPS-498 - Enable sentinelone and crowdstrike in Production for v1.122 Release #3031