339 lines
17 KiB
Org Mode
339 lines
17 KiB
Org Mode
* 2021
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W03.org][2021-W03]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W04.org][2021-W04]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W05.org][2021-W05]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W06.org][2021-W06]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W07.org][2021-W07]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W08.org][2021-W08]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W09.org][2021-W09]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W10.org][2021-W10]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W11.org][2021-W11]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W12.org][2021-W12]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W13.org][2021-W13]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W14.org][2021-W14]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W15.org][2021-W15]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W16.org][2021-W16]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W17.org][2021-W17]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W18.org][2021-W18]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W19.org][2021-W19]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W20.org][2021-W20]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W21.org][2021-W21]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W22.org][2021-W22]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W23.org][2021-W23]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W24.org][2021-W24]]
|
|
** [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/2021-W25.org][2021-W25]]
|
|
** 2021-W33
|
|
#+BEGIN: clocktable :scope subtree :maxlevel 4 :timestamp t :link t :tags t :narrow 36! :match "work"
|
|
#+CAPTION: Clock summary at [2021-08-19 Thu 11:04]
|
|
| Timestamp | Tags | Headline | Time | | | |
|
|
|------------------------+------------+----------------------------------------------+------+------+------+------|
|
|
| | | *Total time* | *4:40* | | | |
|
|
|------------------------+------------+----------------------------------------------+------+------+------+------|
|
|
| <2021-08-16 Mon> | | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*2021-W33][2021-W33]] | | 4:40 | | |
|
|
| | | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*2021-08-16 Monday][2021-08-16 Monday]] | | | 1:52 | |
|
|
| [2021-08-16 Mon 15:11] | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Fix Carlos Hidalgo account][Fix Carlos Hidalgo account]] | | | | 0:20 |
|
|
| <2021-08-16 Mon> | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*create an issue about email search case sensitivity][create an issue about email...]] | | | | 1:32 |
|
|
| | | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*2021-08-17 Tuesday][2021-08-17 Tuesday]] | | | 2:48 | |
|
|
| <2021-08-18 Wed> | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Add scope to TG clients][Add scope to TG clients]] | | | | 0:38 |
|
|
| <2021-08-17 Tue> | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Write an issue about 1-click module setup][Write an issue about 1-click...]] | | | | 2:03 |
|
|
| [2021-08-17 Tue 15:44] | work, chat | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Jyoti about CDO 1-click module setup][Jyoti about CDO 1-click module setup]] | | | | 0:07 |
|
|
#+END:
|
|
|
|
#+BEGIN: clocktable :scope subtree :maxlevel 4 :timestamp t :link t :tags t :narrow 36! :match "work"
|
|
#+CAPTION: Clock summary at [2021-08-17 Tue 15:45]
|
|
| Timestamp | Tags | Headline | Time | | | |
|
|
|------------------------+------+----------------------------------------+------+------+------+------|
|
|
| | | *Total time* | *1:52* | | | |
|
|
|------------------------+------+----------------------------------------+------+------+------+------|
|
|
| | | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*2021-W33][2021-W33]] | | 1:52 | | |
|
|
| | | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*2021-08-16 Monday][2021-08-16 Monday]] | | | 1:52 | |
|
|
| [2021-08-16 Mon 15:11] | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Fix Carlos Hidalgo account][Fix Carlos Hidalgo account]] | | | | 0:20 |
|
|
| <2021-08-16 Mon> | work | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*create an issue about email search case sensitivity][create an issue about email...]] | | | | 1:32 |
|
|
#+END:
|
|
|
|
*** 2021-08-16 Monday
|
|
**** DONE Fix Carlos Hidalgo account :work:
|
|
:LOGBOOK:
|
|
CLOCK: [2021-08-16 Mon 15:11]--[2021-08-16 Mon 15:31] => 0:20
|
|
:END:
|
|
[2021-08-16 Mon 15:11]
|
|
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*create an issue about email search case sensitivity][create an issue about email search case sensitivity]]
|
|
**** DONE create an issue about email search case sensitivity :work:
|
|
SCHEDULED: <2021-08-16 Mon>
|
|
:LOGBOOK:
|
|
CLOCK: [2021-08-17 Tue 14:16]--[2021-08-17 Tue 15:44] => 1:28
|
|
CLOCK: [2021-08-16 Mon 15:03]--[2021-08-16 Mon 15:07] => 0:04
|
|
:END:
|
|
[2021-08-16 Mon 15:03]
|
|
- ref :: https://github.com/threatgrid/response/issues/818
|
|
|
|
***** Fix email case sensitivity
|
|
|
|
> Related https://github.com/threatgrid/response/issues/818
|
|
|
|
We often need to search by email. The main issue being that, currently our
|
|
search mechanism does not support case insensitive matches.
|
|
|
|
We have 4 possible solutions:
|
|
|
|
1. Lower case the user email at creation. We need to also update the user
|
|
emails in our DB. The safest route to achieve this will be via the
|
|
iroh-migration service.
|
|
2. Keep the email case sensitive and add a new case insensitive field =lc-user-email=
|
|
for example. But same as for case 1, we need to perform a DB migration to
|
|
add this new field to all existing user in DB.
|
|
3. Add support for case insensitive search in tk-store, perhaps with a new
|
|
tk-store service, or improving current =CRUDStoreService.=
|
|
4. Add a specific service just for search user emails that could take care
|
|
of this specific case by using a Postgres specific query. This could
|
|
also be the occasion to provide a tk-store hole in the abstraction service.
|
|
|
|
The simplest is probably option 1.
|
|
Option 2 would be slightly more complex and we would not lose any detail.
|
|
Option 3 seems the most generic one, and we could totally imagine we would
|
|
appreciate a case insensitive search support.
|
|
Option 4 looks like a specific case of 3.
|
|
|
|
My preference then goes to option 3, but we need to understand if this is
|
|
not too difficult to achieve, what would be the API? The most natural one
|
|
would probably add an option along =filter-map= like =case-insensitive-fields=.
|
|
One issue would be to write the support for case insensitive match for =atom=
|
|
and =redis=.
|
|
|
|
|
|
**** TODO Interview Steven Collins
|
|
:LOGBOOK:
|
|
CLOCK: [2021-08-16 Mon 15:49]--[2021-08-16 Mon 19:04] => 3:15
|
|
:END:
|
|
|
|
*** 2021-08-17 Tuesday
|
|
**** DONE Add scope to TG clients :work:
|
|
DEADLINE: <2021-08-18 Wed>
|
|
:LOGBOOK:
|
|
CLOCK: [2021-08-17 Tue 17:54]--[2021-08-17 Tue 18:32] => 0:38
|
|
:END:
|
|
[2021-08-17 Tue 17:54]
|
|
|
|
In tenzin config:
|
|
|
|
#+begin_src
|
|
- INT: 34d94c8c-2041-4708-8172-ebe2df295ca7-2
|
|
- TEST: f993f6a0-8075-43e0-a9e5-dae9c3980513
|
|
- NAM: 7b8d9fef-bd93-4ef3-88af-ae4174ee02e5
|
|
- EU: a1662193-9155-44fd-aa1f-43afd42c889c
|
|
#+end_src
|
|
**** DONE Write an issue about 1-click module setup :work:
|
|
SCHEDULED: <2021-08-17 Tue>
|
|
:LOGBOOK:
|
|
CLOCK: [2021-08-17 Tue 15:51]--[2021-08-17 Tue 17:54] => 2:03
|
|
:END:
|
|
[2021-08-17 Tue 15:51]
|
|
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/Cisco.org.gpg::*Activation Optimization][Activation Optimization]]
|
|
**** CHAT Jyoti about CDO 1-click module setup :work:chat:
|
|
:LOGBOOK:
|
|
CLOCK: [2021-08-17 Tue 15:44]--[2021-08-17 Tue 15:51] => 0:07
|
|
:END:
|
|
[2021-08-17 Tue 15:44]
|
|
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/Cisco.org.gpg::*Epics][Epics]]
|
|
|
|
*** 2021-08-19 Thursday
|
|
#+BEGIN: clocktable :scope subtree :maxlevel 4 :timestamp t :link t :tags t :narrow 36! :match "work"
|
|
#+CAPTION: Clock summary at [2021-08-19 Thu 17:43]
|
|
| Timestamp | Tags | Headline | Time | | | |
|
|
|------------------------+---------------+-----------------------------------+------+---+------+------|
|
|
| | | *Total time* | *1:39* | | | |
|
|
|------------------------+---------------+-----------------------------------+------+---+------+------|
|
|
| | | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*2021-08-19 Thursday][2021-08-19 Thursday]] | | | 1:39 | |
|
|
| [2021-08-19 Thu 16:04] | work, meeting | \_ [[file:/Users/esposito/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Interview Olivier Barbeau][Interview Olivier Barbeau]] | | | | 1:39 |
|
|
#+END:
|
|
|
|
**** MEETING Interview Olivier Barbeau :work:meeting:
|
|
:LOGBOOK:
|
|
CLOCK: [2021-08-19 Thu 16:04]--[2021-08-19 Thu 17:43] => 1:39
|
|
:END:
|
|
[2021-08-19 Thu 16:04]
|
|
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/Cisco.org.gpg::*Self Presentation][Self Presentation]]
|
|
|
|
** 2021-W35
|
|
|
|
*** 2021-09-02 Thursday
|
|
**** MEETING Weekly meeting :work:meeting:
|
|
:LOGBOOK:
|
|
CLOCK: [2021-09-02 Thu 17:06]--[2021-09-02 Thu 20:00] => 2:54
|
|
:END:
|
|
[2021-09-02 Thu 17:06]
|
|
|
|
Guillaume start about the *Design Planning* github project.
|
|
|
|
- SecureX session
|
|
- High Impact Incident
|
|
|
|
Sorry
|
|
|
|
** 2021-W36
|
|
|
|
*** 2021-09-08 Wednesday
|
|
**** MEETING 1-click module setup weekly meeting :work:meeting:
|
|
:LOGBOOK:
|
|
CLOCK: [2021-09-08 Wed 17:30]--[2021-09-08 Wed 18:22] => 0:52
|
|
:END:
|
|
[2021-09-08 Wed 17:30]
|
|
- ref :: https://miro.com/app/board/o9J_l57_gro=/
|
|
|
|
Miro dashboard from Chloe:
|
|
|
|
https://miro.com/app/board/o9J_l57_gro=/
|
|
|
|
|
|
Discussion:
|
|
|
|
When to TEST, tomorrow.
|
|
Asking for client_id in TEST.
|
|
|
|
|
|
Client-id: client-555c1f7a-b57b-4a6b-9f0b-015e311a6d06
|
|
|
|
*** 2021-09-09 Thursday
|
|
**** MEETING Interview: Florin Braghis :work:meeting:
|
|
:LOGBOOK:
|
|
CLOCK: [2021-09-09 Thu 15:49]--[2021-09-09 Thu 18:45] => 2:56
|
|
:END:
|
|
[2021-09-09 Thu 15:49]
|
|
|
|
** 2021-W37
|
|
|
|
*** 2021-09-14 Tuesday
|
|
**** IN-PROGRESS Device Grant :work:
|
|
:LOGBOOK:
|
|
CLOCK: [2021-09-14 Tue 19:31]--[2021-09-14 Tue 20:35] => 1:04
|
|
:END:
|
|
[2021-09-14 Tue 19:31]
|
|
- ref ::
|
|
|
|
*** 2021-09-16 Thursday
|
|
**** MEETING Team weekly :work:meeting:
|
|
:LOGBOOK:
|
|
CLOCK: [2021-09-16 Thu 17:25]--[2021-09-17 Fri 14:32] => 21:07
|
|
:END:
|
|
[2021-09-16 Thu 17:25]
|
|
|
|
Ambrose, Irina, Guillaume, Matt, Yann
|
|
|
|
TO MENTION: Device Grant with FMC => Public clients
|
|
|
|
***** Incident discussion
|
|
|
|
*** 2021-09-17 Friday
|
|
**** MEETING Presenting the projects :work:meeting:
|
|
[2021-09-17 Fri 14:32]
|
|
- ref :: https://github.com/advthreat/iroh/projects
|
|
.
|
|
|
|
***** Pres
|
|
|
|
****** General
|
|
|
|
******* Project Organization
|
|
|
|
Every project has an owner (main point of contact for the FT)
|
|
Now only leads, but could be anyone in the future.
|
|
|
|
****** [Design] Shared IROH Auth Session
|
|
|
|
Goal of this Project which is not an official FT is to reflect and write
|
|
proposals to reach the feeling of a shared session across all Cisco
|
|
Security products via SecureX.
|
|
|
|
+ solution using cookies
|
|
+ solution using Open ID Connect
|
|
.
|
|
****** [Design] High Impact Incident
|
|
|
|
/Guillaume Ereteo/ made an awesome work to provide multiple proposals to be
|
|
able to deliver the feature as fast as possible.
|
|
|
|
1. filter on source (only AMP)
|
|
2. Add severity on incident model
|
|
3. Incident with high impact via an IROH route: https://github.com/advthreat/iroh/issues/5710
|
|
+ needs the proxy from Ambrose
|
|
+ need sync with engine team too
|
|
|
|
****** SecureX Suite Session Improvement
|
|
|
|
Delivered yesterday in v1.81
|
|
Limit the number of interstitial pages between SecureX and CTR/SSE
|
|
|
|
+ For orbital, missing the Launch button, the back end work is done as we do
|
|
not need any SXSO app link.
|
|
|
|
****** [HOLD] Cisco Secure Client Integration
|
|
|
|
Still no work to be done by the IROH Services team
|
|
|
|
****** Hiring
|
|
|
|
Since last meeting two new hires will join us in next few weeks.
|
|
Kiril and Olivier.
|
|
|
|
Kiril lives in Germany and Olivier in France.
|
|
|
|
****** 1-Click Module Setup
|
|
|
|
In progress integration by CDO and SWC
|
|
|
|
/Irina/ worked to provide the vault metadata API for SWC.
|
|
|
|
AMP is in the QA test phase.
|
|
|
|
****** ModuleType updates
|
|
|
|
Just saw the rename of "Threat Grid" into "Secure Malware Analytics"
|
|
|
|
****** [HOLD] CTIA Hydrant support
|
|
****** CTIA Incident Manager Improvement
|
|
****** Bug Squashing
|
|
|
|
+ Fix a bug where a user could login to org that reject non-admin user login
|
|
+ Fix a refresh token bug that would provide too much scopes to an access token
|
|
+ Login Page url parsing potential discrepancy fixed
|
|
|
|
****** [HOLD] ES 7 Migration
|
|
****** Device Insights Integration
|
|
|
|
- Wanderson: Webhooks work, trigger a notification for every
|
|
module-instance configuration change.
|
|
|
|
****** AppLinks API
|
|
****** SSE API Extension & OAuth2 Device Grant
|
|
+ FMC ⇒ public clients for Device Grants
|
|
****** Incident Assignment Notifications
|
|
|
|
/Ambrose/ worked to make IROH a proxy to private intel for incident
|
|
assignments notifications.
|
|
Should be delivered in v1.82
|
|
|
|
** 2021-W39
|
|
|
|
*** 2021-09-29 Wednesday
|
|
**** MEETING Interview :work:meeting:
|
|
:LOGBOOK:
|
|
CLOCK: [2021-09-29 Wed 16:12]--[2021-09-29 Wed 19:30] => 3:18
|
|
:END:
|
|
[2021-09-29 Wed 16:12]
|
|
- ref :: [[file:~/dev/ring-jwt-middleware/src/ring_jwt_middleware/core.clj::jwt-check-fn (s/=> s/Any s/Str JwtClaims)]]
|
|
|
|
*** 2021-10-01 Friday
|
|
**** MEETING App Links :work:meeting:
|
|
:LOGBOOK:
|
|
CLOCK: [2021-10-01 Fri 17:26]
|
|
:END:
|
|
[2021-10-01 Fri 17:26]
|
|
- ref :: [[file:~/Library/Mobile Documents/iCloud~com~appsonthemove~beorg/Documents/org/tracker.org::*Secure Client][Secure Client]]
|
|
**** MEETING Secure Client :work:meeting:
|
|
:LOGBOOK:
|
|
CLOCK: [2021-10-01 Fri 15:55]--[2021-10-01 Fri 17:26] => 1:31
|
|
:END:
|
|
[2021-10-01 Fri 15:55]
|
|
|
|
Meeting link:
|
|
https://cisco.webex.com/cisco/j.php?MTID=m5814a8530a0870a19a57230bfd6d4b0e
|