added tags to indicators created in create_indicator method

Packs/FeedMandiant/Integrations/FeedMandiant/FeedMandiant.py

@@ -402,7 +402,9 @@ def create_indicator(client: MandiantClient, raw_indicator: Dict) -> Dict:
               'firstseenbysource': raw_indicator.get('first_seen'),
               'lastseenbysource': raw_indicator.get('last_seen'),
               'stixid': raw_indicator.get('id'),
-              'trafficlightprotocol': client.tlp_color
+              'trafficlightprotocol': client.tlp_color,
+              'tags': [industry.get('name') for industry in  # type: ignore
+                       raw_indicator.get('industries', [])] + client.tags
               }
 
     fields = {k: v for k, v in fields.items() if v and v != 'redacted'}  # filter none and redacted values

Packs/FeedMandiant/Integrations/FeedMandiant/FeedMandiant.yml

@@ -8,8 +8,7 @@ configuration:
   name: feed
   required: false
   type: 8
-- additionalinfo: Indicators from this integration instance will be marked with this
-    reputation.
+- additionalinfo: Indicators from this integration instance will be marked with this reputation.
   display: Indicator Reputation
   name: feedReputation
   options:
@@ -32,8 +31,7 @@ configuration:
   - F - Reliability cannot be judged
   required: true
   type: 15
-- additionalinfo: The Traffic Light Protocol (TLP) designation to apply to indicators
-    fetched from the feed.
+- additionalinfo: The Traffic Light Protocol (TLP) designation to apply to indicators fetched from the feed.
   display: Traffic Light Protocol Color
   name: tlp_color
   options:
@@ -66,8 +64,7 @@ configuration:
   name: auth
   required: true
   type: 9
-- additionalinfo: 'The type of indicators to fetch. Indicator type might include the
-    following: Domains, IPs, Files and URLs.'
+- additionalinfo: 'The type of indicators to fetch. Indicator type might include the following: Domains, IPs, Files and URLs.'
   defaultvalue: Malware,Actors,Indicators
   display: Mandiant indicator type
   name: type
@@ -108,15 +105,12 @@ configuration:
   name: insecure
   required: false
   type: 8
-- additionalinfo: When selected, the exclusion list is ignored for indicators from
-    this feed. This means that if an indicator from this feed is on the exclusion
-    list, the indicator might still be added to the system.
+- additionalinfo: When selected, the exclusion list is ignored for indicators from this feed. This means that if an indicator from this feed is on the exclusion list, the indicator might still be added to the system.
   display: Bypass exclusion list
   name: feedBypassExclusionList
   required: false
   type: 8
-- additionalinfo: Retrieve additional information for each indicator. Note that this
-    requires additional API calls.
+- additionalinfo: Retrieve additional information for each indicator. Note that this requires additional API calls.
   defaultvalue: 'false'
   display: Retrieve indicator metadata
   name: indicatorMetadata
@@ -188,7 +182,7 @@ script:
     description: Get mandiant indicators.
     execution: false
     name: feed-mandiant-get-indicators
-  dockerimage: demisto/python3:3.10.10.47713
+  dockerimage: demisto/python3:3.10.10.48392
   feed: true
   isfetch: false
   longRunning: false

Packs/FeedMandiant/ReleaseNotes/1_0_8.md

@@ -0,0 +1,4 @@
+#### Integrations
+##### Mandiant Advantage Feed
+- Updated the Docker image to: *demisto/python3:3.10.10.48392*.
+- Fixed an issue where tags were missing from indicators fetched from the API.

Packs/FeedMandiant/pack_metadata.json

@@ -2,14 +2,16 @@
     "name": "Mandiant Advantage Feed",
     "description": "Cortex XSOAR integrates with Mandiant Advantage Threat Intelligence \n  to bring the power of Mandiant\u2019s front line intelligence into the XSOAR platform, \n  helping users quickly identify and remediate the most serious threats to their networks.",
     "support": "xsoar",
-    "currentVersion": "1.0.7",
+    "currentVersion": "1.0.8",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",
     "categories": [
         "Data Enrichment & Threat Intelligence"
     ],
-    "tags": ["Threat Intelligence Management"],
+    "tags": [
+        "Threat Intelligence Management"
+    ],
     "useCases": [],
     "keywords": [],
     "marketplaces": [