Skip to content

Prisma Cloud v2 #24171

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 82 commits into from
Mar 2, 2023
Merged

Prisma Cloud v2 #24171

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
82 commits
Select commit Hold shift + click to select a range
ee7a182
initial commit
BEAdi Nov 7, 2022
aa43314
fetch
BEAdi Jan 19, 2023
20c1ce6
commands
BEAdi Jan 19, 2023
d19f446
Merge remote-tracking branch 'origin/master' into prisma-cloud-v2
BEAdi Jan 30, 2023
c94ce0f
Merge remote-tracking branch 'origin/master' into prisma-cloud-v2
BEAdi Jan 31, 2023
b1d9304
pre demo updates & beautify
BEAdi Jan 31, 2023
70ee438
UTs
BEAdi Feb 1, 2023
1489dca
Merge branch 'master' into prisma-cloud-v2
BEAdi Feb 2, 2023
b4ac193
initial commit
BEAdi Nov 7, 2022
1a46db7
fetch
BEAdi Jan 19, 2023
546770c
commands
BEAdi Jan 19, 2023
f97b4cf
pre demo updates & beautify
BEAdi Jan 31, 2023
32d24a8
UTs
BEAdi Feb 1, 2023
a65e5b7
demo updates (mapper, outputs, display name, parameters, test module)
BEAdi Feb 5, 2023
bf52cef
add v1 commands
BEAdi Feb 14, 2023
976dc82
remove deprecated riskDetail
BEAdi Feb 15, 2023
f3cd930
Merge remote-tracking branch 'origin/prisma-cloud-v2' into prisma-clo…
BEAdi Feb 15, 2023
5cba889
Merge remote-tracking branch 'origin/master' into prisma-cloud-v2
BEAdi Feb 15, 2023
8c38eaf
fix lint
BEAdi Feb 15, 2023
15514d7
update playbooks
BEAdi Feb 15, 2023
519b672
add README
BEAdi Feb 19, 2023
e48609b
fetch UTs
BEAdi Feb 20, 2023
405c6ae
Merge remote-tracking branch 'origin/master' into prisma-cloud-v2
BEAdi Feb 21, 2023
2ef095b
Merge remote-tracking branch 'origin/master' into prisma-cloud-v2
BEAdi Feb 21, 2023
edfd4df
Merge remote-tracking branch 'origin/master' into prisma-cloud-v2
BEAdi Feb 21, 2023
e2c753f
add final UTs
BEAdi Feb 21, 2023
4828404
doc review fixes
BEAdi Feb 27, 2023
6d748b6
Update PrismaCloudV2_description.md
ShirleyDenkberg Feb 27, 2023
daedcfe
Update playbook-PCR_-_AWS_CloudTrail_Misconfig_v2.yml
ShirleyDenkberg Feb 27, 2023
06a19dc
Update playbook-PCR_-_AWS_CloudTrail_Misconfig_v2_README.md
ShirleyDenkberg Feb 27, 2023
967ec38
Update playbook-PCR_-_AWS_EC2_Instance_Misconfig_v2.yml
ShirleyDenkberg Feb 27, 2023
e5c3b91
Update playbook-PCR_-_AWS_EC2_Instance_Misconfig_v2_README.md
ShirleyDenkberg Feb 27, 2023
f4b8d24
Update playbook-PCR_-_AWS_IAM_Policy_Misconfig_v2.yml
ShirleyDenkberg Feb 27, 2023
c7e0d03
Update playbook-PCR_-_Azure_AKS_Misconfig_v2.yml
ShirleyDenkberg Feb 27, 2023
484665c
doc review updates
BEAdi Feb 27, 2023
0e115b9
Merge remote-tracking branch 'origin/prisma-cloud-v2' into prisma-clo…
BEAdi Feb 27, 2023
f570d16
Update playbook-PCR_-_Azure_AKS_Misconfig_v2_README.md
ShirleyDenkberg Feb 27, 2023
faf41be
Update playbook-PCR_-_Azure_Network_Misconfig_v2.yml
ShirleyDenkberg Feb 27, 2023
252bdc9
Update playbook-PCR_-_Azure_Network_Misconfig_v2_README.md
ShirleyDenkberg Feb 27, 2023
5ff6dc1
Update playbook-PCR_-_Azure_SQL_Misconfig_README.md
ShirleyDenkberg Feb 27, 2023
f482875
Update playbook-PCR_-_Azure_SQL_Misconfig_v2.yml
ShirleyDenkberg Feb 27, 2023
c985c52
Update playbook-PCR_-_Azure_SQL_Misconfig_v2_README.md
ShirleyDenkberg Feb 27, 2023
b01151b
Update playbook-PCR_-_Azure_Storage_Misconfig_v2.yml
ShirleyDenkberg Feb 27, 2023
0f6a9db
Update playbook-PCR_-_Azure_Storage_Misconfig_v2_README.md
ShirleyDenkberg Feb 27, 2023
806c899
Update playbook-PCR_-_GCP_Compute_Engine_Misconfig_v2.yml
ShirleyDenkberg Feb 27, 2023
3dfd8c4
Update playbook-PCR_-_GCP_Compute_Engine_Misconfig_v2_README.md
ShirleyDenkberg Feb 27, 2023
81bb7bf
Update playbook-PCR_-_GCP_Kub_Engine_Misconfig_v2.yml
ShirleyDenkberg Feb 27, 2023
ba47089
Update playbook-PCR_-_GCP_Kub_Engine_Misconfig_v2_README.md
ShirleyDenkberg Feb 27, 2023
8e70774
Update playbook-PCR_-_GCP_VPC_Network_Misconfig_README.md
ShirleyDenkberg Feb 27, 2023
1892aba
Update playbook-PCR_-_GCP_VPC_Network_Misconfig_v2.yml
ShirleyDenkberg Feb 27, 2023
d52e305
Update playbook-PCR_-_GCP_VPC_Network_Misconfig_v2_README.md
ShirleyDenkberg Feb 27, 2023
df58837
Update playbook-Prisma_Cloud_-_Find_AWS_Resource_by_FQDN_v2.yml
ShirleyDenkberg Feb 27, 2023
12f0176
Update playbook-Prisma_Cloud_-_Find_AWS_Resource_by_FQDN_v2_README.md
ShirleyDenkberg Feb 27, 2023
ab2eb4a
Update playbook-Prisma_Cloud_-_Find_AWS_Resource_by_Public_IP_v2.yml
ShirleyDenkberg Feb 27, 2023
df3f133
Update playbook-Prisma_Cloud_-_Find_AWS_Resource_by_Public_IP_v2_READ…
ShirleyDenkberg Feb 27, 2023
b1e8039
Update playbook-Prisma_Cloud_-_Find_Azure_Resource_by_FQDN.yml
ShirleyDenkberg Feb 27, 2023
7254462
Update playbook-Prisma_Cloud_-_Find_Azure_Resource_by_FQDN_v2.yml
ShirleyDenkberg Feb 27, 2023
f616cbe
Update playbook-Prisma_Cloud_-_Find_Azure_Resource_by_FQDN_v2_README.md
ShirleyDenkberg Feb 27, 2023
2fe1aa7
Update playbook-Prisma_Cloud_-_Find_Azure_Resource_by_Public_IP_v2.yml
ShirleyDenkberg Feb 27, 2023
c83a83f
Update playbook-Prisma_Cloud_-_Find_Azure_Resource_by_Public_IP_v2_RE…
ShirleyDenkberg Feb 27, 2023
f9486f8
Update playbook-Prisma_Cloud_-_Find_GCP_Resource_by_FQDN.yml
ShirleyDenkberg Feb 27, 2023
b277a51
Update playbook-Prisma_Cloud_-_Find_GCP_Resource_by_FQDN_v2.yml
ShirleyDenkberg Feb 27, 2023
7899078
Update playbook-Prisma_Cloud_-_Find_GCP_Resource_by_FQDN_v2_README.md
ShirleyDenkberg Feb 27, 2023
054f0f3
Update playbook-Prisma_Cloud_-_Find_GCP_Resource_by_Public_IP_v2.yml
ShirleyDenkberg Feb 27, 2023
8a51865
Update playbook-Prisma_Cloud_-_Find_GCP_Resource_by_Public_IP_v2_READ…
ShirleyDenkberg Feb 27, 2023
3511c6b
Update playbook-Prisma_Cloud_Correlate_Alerts_v2.yml
ShirleyDenkberg Feb 27, 2023
5687904
Update playbook-Prisma_Cloud_Correlate_Alerts_v2_README.md
ShirleyDenkberg Feb 27, 2023
1f0e075
Update README.md
ShirleyDenkberg Feb 27, 2023
01bda25
doc review updates
BEAdi Feb 27, 2023
0a88931
Merge remote-tracking branch 'origin/master' into prisma-cloud-v2
BEAdi Feb 27, 2023
f2d42bb
CR changes
BEAdi Feb 27, 2023
6c74b3e
add TPB
BEAdi Feb 28, 2023
1eac624
return riskDetail
BEAdi Feb 28, 2023
a14af16
update RN
BEAdi Feb 28, 2023
7dc77aa
CR changes
BEAdi Mar 2, 2023
f95150b
pyupgrade
BEAdi Mar 2, 2023
08ed9c8
sourcery, refurb & RN
BEAdi Mar 2, 2023
cc98b5b
Merge remote-tracking branch 'origin/master' into prisma-cloud-v2
BEAdi Mar 2, 2023
6e89210
Merge remote-tracking branch 'origin/master' into prisma-cloud-v2
BEAdi Mar 2, 2023
fb8c667
RN
BEAdi Mar 2, 2023
e4f0499
update Last_Update_Time
BEAdi Mar 2, 2023
50c928d
RN
BEAdi Mar 2, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions Packs/CommonTypes/.pack-ignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -347,6 +347,8 @@ swid
cpe
TLDs
mailto
Misconfiguration
CloudTrail

[file:classifier-Mail-listener.json]
ignore=BA101
8 changes: 7 additions & 1 deletion Packs/CommonTypes/IncidentFields/incidentfield-Last_Update_Time.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,13 @@
"AWS Guard Duty Kubernetes Finding",
"AWS Guard Duty Malware Protection Finding",
"AWS Guard Duty S3 Finding",
"Microsoft Sentinel Incident"
"Microsoft Sentinel Incident",
"Prisma Cloud",
"GCP Compute Engine Misconfiguration",
"GCP Kubernetes Engine Misconfiguration",
"AWS CloudTrail Misconfiguration",
"AWS IAM Policy Misconfiguration",
"AWS EC2 Instance Misconfiguration"
],
"breachScript": "",
"caseInsensitive": true,
Expand Down
4 changes: 4 additions & 0 deletions Packs/CommonTypes/ReleaseNotes/3_3_53.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@

#### Incident Fields
Added the following incident field to be associated with the *Prisma Cloud*, *GCP Compute Engine Misconfiguration*, *GCP Kubernetes Engine Misconfiguration*, *AWS CloudTrail Misconfiguration*, *AWS IAM Policy Misconfiguration* and *AWS EC2 Instance Misconfiguration* incident types.
- **Last Update Time**
2 changes: 1 addition & 1 deletion Packs/CommonTypes/pack_metadata.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"name": "Common Types",
"description": "This Content Pack will get you up and running in no-time and provide you with the most commonly used incident & indicator fields and types.",
"support": "xsoar",
"currentVersion": "3.3.52",
"currentVersion": "3.3.53",
"author": "Cortex XSOAR",
"url": "https://www.paloaltonetworks.com/cortex",
"email": "",
Expand Down
4 changes: 4 additions & 0 deletions Packs/PrismaCloud/.pack-ignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,10 @@ ignore=IM111
[known_words]
SSH
Misconfiguration
RRN
FQDN
VPC
CloudTrail

[file:classifier-Prisma_Cloud.json]
ignore=BA101
Expand Down
4 changes: 3 additions & 1 deletion Packs/PrismaCloud/.secrets-ignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,6 @@ [email protected]
172.21.21.111
10.0.1.3
10.0.0.3
10.0.2.5
10.0.2.5
https://app
https://api
84 changes: 84 additions & 0 deletions Packs/PrismaCloud/Classifiers/classifier-mapper-incoming-Prisma_Cloud.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,17 @@
]
}
},
"Last Update Time": {
"complex": {
"filters": [],
"root": "lastUpdated",
"transformers": [
{
"operator": "TimeStampToDate"
}
]
}
},
"Policy Deleted": {
"complex": {
"accessor": "deleted",
Expand Down Expand Up @@ -160,6 +171,9 @@
"transformers": []
}
},
"RRN": {
"simple": "resource.rrn"
},
"Region": {
"complex": {
"accessor": "region",
Expand Down Expand Up @@ -412,6 +426,17 @@
]
}
},
"Last Update Time": {
"complex": {
"filters": [],
"root": "lastUpdated",
"transformers": [
{
"operator": "TimeStampToDate"
}
]
}
},
"Policy Deleted": {
"complex": {
"accessor": "deleted",
Expand Down Expand Up @@ -507,6 +532,9 @@
"transformers": []
}
},
"RRN": {
"simple": "resource.rrn"
},
"Region": {
"complex": {
"accessor": "region",
Expand Down Expand Up @@ -759,6 +787,17 @@
]
}
},
"Last Update Time": {
"complex": {
"filters": [],
"root": "lastUpdated",
"transformers": [
{
"operator": "TimeStampToDate"
}
]
}
},
"Policy Deleted": {
"complex": {
"accessor": "deleted",
Expand Down Expand Up @@ -854,6 +893,9 @@
"transformers": []
}
},
"RRN": {
"simple": "resource.rrn"
},
"Region": {
"complex": {
"accessor": "region",
Expand Down Expand Up @@ -1106,6 +1148,17 @@
]
}
},
"Last Update Time": {
"complex": {
"filters": [],
"root": "lastUpdated",
"transformers": [
{
"operator": "TimeStampToDate"
}
]
}
},
"Policy Deleted": {
"complex": {
"accessor": "deleted",
Expand Down Expand Up @@ -1201,6 +1254,9 @@
"transformers": []
}
},
"RRN": {
"simple": "resource.rrn"
},
"Region": {
"complex": {
"accessor": "region",
Expand Down Expand Up @@ -1453,6 +1509,17 @@
]
}
},
"Last Update Time": {
"complex": {
"filters": [],
"root": "lastUpdated",
"transformers": [
{
"operator": "TimeStampToDate"
}
]
}
},
"Policy Deleted": {
"complex": {
"accessor": "deleted",
Expand Down Expand Up @@ -1548,6 +1615,9 @@
"transformers": []
}
},
"RRN": {
"simple": "resource.rrn"
},
"Region": {
"complex": {
"accessor": "region",
Expand Down Expand Up @@ -1795,6 +1865,17 @@
]
}
},
"Last Update Time": {
"complex": {
"filters": [],
"root": "lastUpdated",
"transformers": [
{
"operator": "TimeStampToDate"
}
]
}
},
"Policy Deleted": {
"complex": {
"accessor": "deleted",
Expand Down Expand Up @@ -1890,6 +1971,9 @@
"transformers": []
}
},
"RRN": {
"simple": "resource.rrn"
},
"Region": {
"complex": {
"accessor": "region",
Expand Down
Loading