yogsototh/deft
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
deft/reports/FY24Q2-tmp-report.org
Yann Esposito (Yogsototh) 0110eee062
save
2024-02-01 15:16:14 +01:00

17 KiB
Raw Blame History

FY24Q2 Report

IROH

lead

[1]

iroh [1]

between 3 and 4 months old

  • Don't fire disabled webhooks #8741

data

Mario Aquino [15]

iroh [10]
  • Fix disabled threat-hunt test #8814
  • Update incident_time when updating incident status #8801
  • incident enrichment activity diagram #8712
  • Separate Risk score & incident enrichment #8751

between 3 and 4 months old

  • Improve safe-filtering #8731
  • iroh-async: Flatten Datadog context #8706
  • iroh-async logging & tracing context #8705
  • Socket timeout milliseconds (not seconds) #8690
  • Risk Score socket-timeout #8687
  • Threat Hunt Module Exclusion #8646
tenzin-config [5]
  • Increase conn-manager thread count after PROD performance monitoring #1042
  • Increase thread pool size for EU private intel conn mgr #1039
  • Increase connection mgr thread pool for NAM/EU/TEST #1030

between 3 and 4 months old

  • Increase thread pool size for engine connection manager #1012
  • Config for skipping Private Intel during investigation threat hunt #1009

[3]

ctia [1]

between 3 and 4 months old

  • fix wait_for for delete search #1399
iroh [2]

between 3 and 4 months old

  • bundle import activity diagrams #8708
  • scoring at bundle import #8694

Ambrose Bonnaire-Sergeant [16]

ctia [10]
  • Fix 2XX response swagger/coercion, ban :return #1407
  • Remove asset properties/mapping merging during bundle patch #1408

between 3 and 4 months old

  • Fix :body descriptions #1409
  • Fix POST /bulk schema checking #1406
  • Use prn instead of pprint for logs #1401
  • Eval routes and options given to context at initialization time #1394
  • Use st/merge to merge schemas instead of into #1398
  • Never match existing asset-* entities when patch-existing=false #1395
  • Re-enable incident tests #1393
  • Add external_ids to investigation select fields #1392
iroh [4]
  • Generate valid DI auth tokens for incident subscriptions #8804
  • Fix (reset) #8799
  • Subscribe to incident asset rescoring via DI #8699

between 3 and 4 months old

  • Only pass default patch-existing query params in bundle/import proxy if patch-existing=true #8725
tenzin-config [2]
  • Add config for DI client in iroh-engine #1036
  • Add device insights url to iroh-engine config #1014

integrations

[4]

iroh [4]

between 3 and 4 months old

  • JMX metrics for clj-http connection manager #8765
  • Always decompress the body when status is not 2xx #8527
  • Restore default expiration (24h) for the local session token #8747
  • Workflow event schema changes #8656

Kirill Chernyshov [10]

iroh [7]
  • Refactor data streams service #8793
  • DRY'ed out client-creds-token namespace #8783
  • Kafka connect monitoring #8278

between 3 and 4 months old

  • Handle undelivered records #8634
  • Events data retention enforcement job #8722
  • Iroh events data retention implementation #8666
  • Iroh events postgres data retention #8693
tenzin-config [3]
  • Add ES sink connector v2 to test full migration #1035
  • Fix broken data stream on TEST #1034
  • Config for DataStreams service #1033

Shafiq [7]

iroh [4]
  • Fix schema of proxy health check #8827
  • Add string matching for health check #8815
  • Fallback to iroh-events store when kafka send fails #8786

between 3 and 4 months old

  • Fix mapping for incident events #8703
tenzin-config [3]

between 3 and 4 months old

  • Swtich to new sink-connector in INT #1024
  • Add updated sink connector for all envs #1021
  • Add sink connector for new iroh-event datastream #1019

auth

bartuka [26]

iroh [22]
  • [IROH Auth] Support FMC in the jwks service #8830
  • [IROH Auth] Fix DI onboarding in Universal Provisioning Flow #8813
  • Revert "[IROH Auth] support for FMC token in JWKS Service" #8816
  • [IROH Auth] support for FMC token in JWKS Service #8808
  • [IROH Auth] Check QA callback_url to complete provisioning tests #8763

between 3 and 4 months old

  • [IROH Auth] better swagger descriptions for Universal Provisioning #8752
  • [IROH Auth] remove empty strings from client-id got from Vault #8760
  • [IROH Auth] add missing scope to get OKTA JWT #8759
  • [IROH Auth] add logs to investigate get okta jwt #8758
  • [IROH Auth] bugfix - client/post should use :form-params instead of :body #8753
  • [IROH Auth] bugfixes - arity exception, change product-response datatype, change pmap to map #8738
  • [IROH Auth] bugfix - fix urls in POST /tenants returned value and payload field names #8733
  • [IROH Auth] Cache OKTA JWT used for provisioning callback #8727
  • [IROH Auth] Improvements on logs and error handling to UniversalProvisioning and JWKSService #8707
  • [IROH Auth] Duplicate universal-provisioning web routes to accept IROH JWTs #8675
  • [IROH Auth] Expose callbacks packages store to check Universal Provisioning status #8702
  • [IROH Auth] Improve 202 Accepted response for /universal-provisioning/create-tenants #8701
  • [IROH Auth] Fix name convention to callbacks route in Universal Provisioning flow #8691
  • [IROH Auth] Gen OKTA JWT to callback request in Universal Provisioning flow #8673
  • bugfix - missing UniversalProvisioningCallbackService to deploy IROH nodes #8680
  • [IROH Auth] Check pending provisions from time-to-time. Endpoint that will be called by OPS tick #8674
  • [IROH Auth] Add callback handler to receive provisioning status from downstream apps #8633
tenzin-config [4]
  • FMC base-urls to configure JWKS #1040

between 3 and 4 months old

  • [IROH Auth] bugfix - add config to okta jwks #1017
  • [IROH Auth] add OKTA config for Universal Provisioning flow #1010 #1013
  • add universal_provisioning_callbacks store #1011

Yann Esposito [27]

iroh [17]
  • Fix PIAM Universal Provisioning routes #8828
  • Should fix open impersonate flaky test #8809
  • Keep track of impersonators #8736
  • Restrict TAC routes to admins #8794

between 3 and 4 months old

  • Remove with-tk #8779
  • Code/Test Improvements #8767
  • add a test for matching schema #8770
  • Custom Role Design doc #8497
  • Attempt to improve error message of match? #8769
  • Use cid for trace_id when present #8754
  • Support public client for custom routes #8749
  • Add playbook scope #8739
  • Fix webhook race condition risk #8728
  • Call get-org only once for org-virtual user #8724
  • Use a cache for entitlement summaries #8667
  • upgrade jetty version #8714
  • Remove a forgotten pretty printer #8713
iroh-scripts [6]
  • save improvements

between 3 and 4 months old

  • create dashboard clients
  • Support client aliases in get-client
  • Update client with client-aliases
  • many new scripts
  • added a 1-time script
tenzin-config [2]

between 3 and 4 months old

  • Check vault templating error #1023
  • Add Universal Provisioning Services #1015
xdr-provisioning [2]

between 3 and 4 months old

  • Manage entitlements add-ons
  • add a re-provisioning script that rerun onboardings

Olivier Barbeau [25]

iroh [15]
  • Check the list of services for a node type #8800
  • Fix merge error on PR 8784 #8797
  • [IROH configuration]: Move role-web-service config to default tk files #8782
  • [IROH configuration]: Universal Provisioning Services config refactor #8784
  • [IROH configuration]: explicit name for generated conf and meta #8785
  • Clean bootstrap.cfg; remove tmp file #8781

between 3 and 4 months old

  • Add few additional tests to iroh services #8762
  • rewrite tests #8773
  • more info for debugging #8717
  • [IROH configuration]: general documentation #8764
  • update developer doc for api-gateway #8723
  • Some test clean-up #8716
  • High volume of SQL queries for a single observe/deliberate call #8682
  • Remove the state of module instances in obfuscate-module-instance #8670
  • E8388: update proxy-endpoints-metadata endpoint and metadata #8663
tenzin-config [10]
  • Deep merge for vectors and sets with duplicates check #1032
  • Reduce configuration duplicates - config.edn part #1031
  • Reduce configuration duplicates - bootstrap.cfg part #1028
  • Move role-web-service config to IROH #1026
  • Move Universal Provisioning Services config to IROH #1027
  • Clean bootstrap cfg #1025

between 3 and 4 months old

  • Remove the :registration flag in all environments #963
  • Remove the :merge-users-by-email flag in all environments #962
  • Remove the :account-activation-optim flag in all environments as it is now activated everywhere. #961
  • Remove the xdr-roles flag in all environments #964

(Yogsototh) [8]

iroh-scripts [6]
  • save improvements

between 3 and 4 months old

  • create dashboard clients
  • Support client aliases in get-client
  • Update client with client-aliases
  • many new scripts
  • added a 1-time script
xdr-provisioning [2]

between 3 and 4 months old

  • Manage entitlements add-ons
  • add a re-provisioning script that rerun onboardings

iroh-ops

[0]

[0]

Other

Other

II [4]

iroh [4]
  • Merges module type props on create and update health check #8845
  • Implements v2 threat hunting #8833
  • This should fix issue with parent settings not used on create-patch #8822

between 3 and 4 months old

  • Adds insights scope to allowed Automation scopes in gen-ao-jwt #8678

[4]

iroh [4]
  • Merges module type props on create and update health check #8845
  • Implements v2 threat hunting #8833
  • This should fix issue with parent settings not used on create-patch #8822

between 3 and 4 months old

  • Adds insights scope to allowed Automation scopes in gen-ao-jwt #8678

Scott McLeod [1]

iroh [1]
  • tk store: Add delete-search method #8213 #8692

Brooke Swanson [3]

ctia [1]

between 3 and 4 months old

  • Add brookeswanson to codeowners. #1396
iroh [1]

between 3 and 4 months old

  • Add no-doc true and prevent explosion due to mismatched types. #8548
tenzin-config [1]
  • Playbook automation config. #1037