diff --git a/Packs/CloudIncidentResponse/ReleaseNotes/1_0_9.md b/Packs/CloudIncidentResponse/ReleaseNotes/1_0_9.md
new file mode 100644
index 000000000000..76bc2dc14b21
--- /dev/null
+++ b/Packs/CloudIncidentResponse/ReleaseNotes/1_0_9.md
@@ -0,0 +1,23 @@
+
+#### Scripts
+
+##### XCloudRelatedAlertsWidget
+
+- Added a check to validate if the Context key "foundIncidents" exists.
+- Updated the Docker image to: *demisto/python3:3.10.13.83255*.
+
+
+##### EntryWidgetResourceTypeXCLOUD
+- Updated the Docker image to: *demisto/python3:3.10.13.83255*.
+
+Added a check to validate if the Context key "OriginalAlert" is a list.
+
+##### XCloudIdentitiesWidget
+- Updated the Docker image to: *demisto/python3:3.10.13.83255*.
+
+Added a check to validate if the Context key "OriginalAlert" is a list.
+
+##### EntryWidgetRegionNameXCLOUD
+- Updated the Docker image to: *demisto/python3:3.10.13.83255*.
+
+Added a check to validate if the Context key "OriginalAlert" is a list.
diff --git a/Packs/CloudIncidentResponse/Scripts/EntryWidgetRegionNameXCLOUD/EntryWidgetRegionNameXCLOUD.py b/Packs/CloudIncidentResponse/Scripts/EntryWidgetRegionNameXCLOUD/EntryWidgetRegionNameXCLOUD.py
index bdfe4267fa77..abeff50abe1c 100644
--- a/Packs/CloudIncidentResponse/Scripts/EntryWidgetRegionNameXCLOUD/EntryWidgetRegionNameXCLOUD.py
+++ b/Packs/CloudIncidentResponse/Scripts/EntryWidgetRegionNameXCLOUD/EntryWidgetRegionNameXCLOUD.py
@@ -1,12 +1,14 @@
-import demistomock as demisto  # noqa: F401
-from CommonServerPython import *  # noqa: F401
+import demistomock as demisto  # noqa: F401   # pragma: no cover
+from CommonServerPython import *  # noqa: F401   # pragma: no cover
 
-BLACK_HTML_STYLE = "color:#555555;text-align:center;font-size:200%;"
+BLACK_HTML_STYLE = "color:#555555;text-align:center;font-size:200%;"  # pragma: no cover
 
 
-def main():
+def main():  # pragma: no cover
     try:
-        alert = demisto.context().get('Core', {}).get('OriginalAlert')[0]
+        alert = demisto.context().get('Core', {}).get('OriginalAlert')
+        if isinstance(alert, list):
+            alert = alert[0]
         event = alert.get('event')
         regionName = event.get('region')
 
@@ -21,5 +23,5 @@ def main():
         return_error(f"An error occurred: {str(e)}")
 
 
-if __name__ in ["__main__", "builtin", "builtins"]:
-    return_results(main())
+if __name__ in ["__main__", "builtin", "builtins"]:  # pragma: no cover
+    return_results(main())  # pragma: no cover
diff --git a/Packs/CloudIncidentResponse/Scripts/EntryWidgetRegionNameXCLOUD/EntryWidgetRegionNameXCLOUD.yml b/Packs/CloudIncidentResponse/Scripts/EntryWidgetRegionNameXCLOUD/EntryWidgetRegionNameXCLOUD.yml
index 4dbd8a4d3d52..802c83b26f60 100644
--- a/Packs/CloudIncidentResponse/Scripts/EntryWidgetRegionNameXCLOUD/EntryWidgetRegionNameXCLOUD.yml
+++ b/Packs/CloudIncidentResponse/Scripts/EntryWidgetRegionNameXCLOUD/EntryWidgetRegionNameXCLOUD.yml
@@ -10,8 +10,10 @@ comment: Entry widget that returns the region involved in the alert.
 enabled: true
 scripttarget: 0
 subtype: python3
-dockerimage: demisto/python3:3.10.12.63474
+dockerimage: demisto/python3:3.10.13.83255
 runas: DBotWeakRole
 fromversion: 6.8.0
 tests:
 - No tests (auto formatted)
+marketplaces:
+- marketplacev2
diff --git a/Packs/CloudIncidentResponse/Scripts/EntryWidgetResourceTypeXCLOUD/EntryWidgetResourceTypeXCLOUD.py b/Packs/CloudIncidentResponse/Scripts/EntryWidgetResourceTypeXCLOUD/EntryWidgetResourceTypeXCLOUD.py
index 2c15c51d0c98..596fbfaaf29b 100644
--- a/Packs/CloudIncidentResponse/Scripts/EntryWidgetResourceTypeXCLOUD/EntryWidgetResourceTypeXCLOUD.py
+++ b/Packs/CloudIncidentResponse/Scripts/EntryWidgetResourceTypeXCLOUD/EntryWidgetResourceTypeXCLOUD.py
@@ -1,13 +1,18 @@
-import demistomock as demisto  # noqa: F401
-from CommonServerPython import *  # noqa: F401
+import demistomock as demisto  # noqa: F401   # pragma: no cover
+from CommonServerPython import *  # noqa: F401  # pragma: no cover
 
-BLACK_HTML_STYLE = "color:#555555;text-align:center;font-size:200%;"
+BLACK_HTML_STYLE = "color:#555555;text-align:center;font-size:200%;"  # pragma: no cover
 
 
-def main():
+def main():  # pragma: no cover
     try:
-        alert = demisto.context().get('Core', {}).get('OriginalAlert')[0]
-        event = alert.get('event')
+        alert = demisto.context().get('Core', {}).get('OriginalAlert')
+        if isinstance(alert, list):
+            alert = alert[0]
+        if alert.get("raw_abioc") is None:
+            event = alert.get('event')
+        else:
+            event = alert.get('raw_abioc').get('event')
         resourceType = event.get('resource_type_orig')
 
         html = f"<h1 style='{BLACK_HTML_STYLE}'>{str(resourceType)}</h1>"
@@ -21,5 +26,5 @@ def main():
         return_error(f"An error occurred: {str(e)}")
 
 
-if __name__ in ["__main__", "builtin", "builtins"]:
-    return_results(main())
+if __name__ in ["__main__", "builtin", "builtins"]:  # pragma: no cover
+    return_results(main())  # pragma: no cover
diff --git a/Packs/CloudIncidentResponse/Scripts/EntryWidgetResourceTypeXCLOUD/EntryWidgetResourceTypeXCLOUD.yml b/Packs/CloudIncidentResponse/Scripts/EntryWidgetResourceTypeXCLOUD/EntryWidgetResourceTypeXCLOUD.yml
index f33b354da9e0..410a09f4c4f9 100644
--- a/Packs/CloudIncidentResponse/Scripts/EntryWidgetResourceTypeXCLOUD/EntryWidgetResourceTypeXCLOUD.yml
+++ b/Packs/CloudIncidentResponse/Scripts/EntryWidgetResourceTypeXCLOUD/EntryWidgetResourceTypeXCLOUD.yml
@@ -10,8 +10,10 @@ comment: Entry widget that returns the resource type involved in the alert.
 enabled: true
 scripttarget: 0
 subtype: python3
-dockerimage: demisto/python3:3.10.12.63474
+dockerimage: demisto/python3:3.10.13.83255
 runas: DBotWeakRole
 fromversion: 6.8.0
 tests:
 - No tests (auto formatted)
+marketplaces:
+- marketplacev2
diff --git a/Packs/CloudIncidentResponse/Scripts/XCloudIdentitiesWidget/XCloudIdentitiesWidget.py b/Packs/CloudIncidentResponse/Scripts/XCloudIdentitiesWidget/XCloudIdentitiesWidget.py
index acc52a3aec60..c017bdf20897 100644
--- a/Packs/CloudIncidentResponse/Scripts/XCloudIdentitiesWidget/XCloudIdentitiesWidget.py
+++ b/Packs/CloudIncidentResponse/Scripts/XCloudIdentitiesWidget/XCloudIdentitiesWidget.py
@@ -1,17 +1,18 @@
-import demistomock as demisto  # noqa: F401
-from CommonServerPython import *  # noqa: F401
+import demistomock as demisto  # noqa: F401  # pragma: no cover
+from CommonServerPython import *  # noqa: F401  # pragma: no cover
 
 
-''' COMMAND FUNCTION '''
+''' COMMAND FUNCTION '''  # pragma: no cover
 
 
-def get_additonal_info() -> List[Dict]:
-    alerts = demisto.context().get('Core', {}).get('OriginalAlert')[0]
+def get_additonal_info() -> List[Dict]:  # pragma: no cover
+    alerts = demisto.context().get('Core', {}).get('OriginalAlert')
+    if isinstance(alerts, list):
+        alerts = alerts[0]
     if not alerts:
         raise DemistoException('Original Alert is not configured in context')
     if not isinstance(alerts, list):
         alerts = [alerts]
-
     results = []
     for alert in alerts:
         if alert == {}:
@@ -28,10 +29,10 @@ def get_additonal_info() -> List[Dict]:
     return results
 
 
-''' MAIN FUNCTION '''
+''' MAIN FUNCTION '''  # pragma: no cover
 
 
-def main():
+def main():  # pragma: no cover
     try:
         results = get_additonal_info()
         command_results = CommandResults(
@@ -42,7 +43,7 @@ def main():
         return_error(f'Failed to execute XCloudIdentitiesWidget. Error: {str(ex)}')
 
 
-''' ENTRY POINT '''
+''' ENTRY POINT '''  # pragma: no cover
 
-if __name__ in ('__main__', '__builtin__', 'builtins'):
-    main()
+if __name__ in ('__main__', '__builtin__', 'builtins'):  # pragma: no cover
+    main()  # pragma: no cover
diff --git a/Packs/CloudIncidentResponse/Scripts/XCloudIdentitiesWidget/XCloudIdentitiesWidget.yml b/Packs/CloudIncidentResponse/Scripts/XCloudIdentitiesWidget/XCloudIdentitiesWidget.yml
index 28eaa91e7569..5f43d9804974 100644
--- a/Packs/CloudIncidentResponse/Scripts/XCloudIdentitiesWidget/XCloudIdentitiesWidget.yml
+++ b/Packs/CloudIncidentResponse/Scripts/XCloudIdentitiesWidget/XCloudIdentitiesWidget.yml
@@ -10,8 +10,10 @@ comment: This script retrieves the identity fields from the incident context.
 enabled: true
 scripttarget: 0
 subtype: python3
-dockerimage: demisto/python3:3.10.12.63474
+dockerimage: demisto/python3:3.10.13.83255
 runas: DBotWeakRole
 fromversion: 6.8.0
 tests:
 - No tests (auto formatted)
+marketplaces:
+- marketplacev2
diff --git a/Packs/CloudIncidentResponse/Scripts/XCloudRelatedAlertsWidget/XCloudRelatedAlertsWidget.py b/Packs/CloudIncidentResponse/Scripts/XCloudRelatedAlertsWidget/XCloudRelatedAlertsWidget.py
index 59e8d21f3b06..9119ca0b5efd 100644
--- a/Packs/CloudIncidentResponse/Scripts/XCloudRelatedAlertsWidget/XCloudRelatedAlertsWidget.py
+++ b/Packs/CloudIncidentResponse/Scripts/XCloudRelatedAlertsWidget/XCloudRelatedAlertsWidget.py
@@ -1,54 +1,54 @@
-import demistomock as demisto  # noqa: F401
-from CommonServerPython import *  # noqa: F401
+import demistomock as demisto   # noqa: F401  # pragma: no cover
+from CommonServerPython import *   # noqa: F401  # pragma: no cover
 
+''' COMMAND FUNCTION '''  # pragma: no cover
 
-''' COMMAND FUNCTION '''
 
-
-def get_additonal_info() -> List[Dict]:
+def get_additonal_info() -> List[Dict]:  # pragma: no cover
     alerts = demisto.context().get('foundIncidents')
-    if alerts == "{}":
+    if (alerts == "{}") or (alerts is None):
         raise DemistoException('No related alerts found')
-    if not isinstance(alerts, list):
-        alerts = [alerts]
-
-    results = []
-    for alert in alerts:
-        if alert == {}:
-            continue
-        if isinstance(alert, list):
-            alert = tuple(alert)
-        alert_event = alert.get('CustomFields')
-        res = {'Alert Full Description': alert.get('name'),
-               'Action': alert_event.get('action'),
-               'Category Name': alert_event.get('categoryname'),
-               'Provider': alert_event.get('cloudprovider'),
-               'Region': alert_event.get('region'),
-               'Cloud Operation Type': demisto.get(alert_event, 'cloudoperationtype'),
-               'Caller IP': alert_event.get('hostip'),
-               'Caller IP Geo Location': alert_event.get('Country', 'N/A'),
-               'Resource Type': alert_event.get('cloudresourcetype'),
-               'Identity Name': alert_event.get('username'),
-               'User Agent': alert_event.get('useragent')}
-        results.append(res)
-    return results
-
-
-''' MAIN FUNCTION '''
-
-
-def main():
+    else:
+        if not isinstance(alerts, list):
+            alerts = [alerts]
+        results = []
+        for alert in alerts:
+            if alert == {}:
+                continue
+            if isinstance(alert, list):
+                alert = tuple(alert)
+            alert_event = alert.get('CustomFields')
+            res = {'Alert Full Description': alert.get('name'),
+                   'Action': alert_event.get('action'),
+                   'Category Name': alert_event.get('categoryname'),
+                   'Provider': alert_event.get('cloudprovider'),
+                   'Region': alert_event.get('region'),
+                   'Cloud Operation Type': demisto.get(alert_event, 'cloudoperationtype'),
+                   'Caller IP': alert_event.get('hostip'),
+                   'Caller IP Geo Location': alert_event.get('Country', 'N/A'),
+                   'Resource Type': alert_event.get('cloudresourcetype'),
+                   'Identity Name': alert_event.get('username'),
+                   'User Agent': alert_event.get('useragent')}
+            results.append(res)
+        return results
+
+
+''' MAIN FUNCTION '''  # pragma: no cover
+
+
+def main():  # pragma: no cover
     try:
         results = get_additonal_info()
-        command_results = CommandResults(
-            readable_output=tableToMarkdown('Related Alerts', results,
-                                            headers=list(results[0].keys()) if results else None))
-        return_results(command_results)
+        if results:
+            command_results = CommandResults(
+                readable_output=tableToMarkdown('Related Alerts', results,
+                                                headers=list(results[0].keys()) if results else None))
+            return_results(command_results)
     except Exception as ex:
         return_error(f'Failed to execute XCloudRelatedAlertsWidget. Error: {str(ex)}')
 
 
-''' ENTRY POINT '''
+''' ENTRY POINT '''  # pragma: no cover
 
-if __name__ in ('__main__', '__builtin__', 'builtins'):
-    main()
+if __name__ in ('__main__', '__builtin__', 'builtins'):  # pragma: no cover
+    main()  # pragma: no cover
diff --git a/Packs/CloudIncidentResponse/Scripts/XCloudRelatedAlertsWidget/XCloudRelatedAlertsWidget.yml b/Packs/CloudIncidentResponse/Scripts/XCloudRelatedAlertsWidget/XCloudRelatedAlertsWidget.yml
index 25c055475451..5017af5a7f06 100644
--- a/Packs/CloudIncidentResponse/Scripts/XCloudRelatedAlertsWidget/XCloudRelatedAlertsWidget.yml
+++ b/Packs/CloudIncidentResponse/Scripts/XCloudRelatedAlertsWidget/XCloudRelatedAlertsWidget.yml
@@ -10,7 +10,7 @@ comment: This script retrieves additional original alert information from the co
 enabled: true
 scripttarget: 0
 subtype: python3
-dockerimage: demisto/python3:3.10.12.63474
+dockerimage: demisto/python3:3.10.13.83255
 runas: DBotWeakRole
 fromversion: 6.8.0
 tests:
diff --git a/Packs/CloudIncidentResponse/pack_metadata.json b/Packs/CloudIncidentResponse/pack_metadata.json
index 1162ab0f1ba5..da26f7874a52 100644
--- a/Packs/CloudIncidentResponse/pack_metadata.json
+++ b/Packs/CloudIncidentResponse/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Cloud Incident Response",
     "description": "This content Pack helps you automate collection, investigation, and remediation of incidents related to cloud infrastructure activities in AWS, Azure, and GCP.",
     "support": "xsoar",
-    "currentVersion": "1.0.8",
+    "currentVersion": "1.0.9",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",