Malware Investigation and Response - Added specification for integrat…

…ion brand for the !endpoint command. (demisto#31399) * Specify dedicated integration brand for !endpoint command * RN
SEKOIA-IO · Dec 12, 2023 · 6144704 · 6144704
1 parent 799be86
commit 6144704
Show file tree

Hide file tree

Showing 6 changed files with 16 additions and 4 deletions.
diff --git a/...CrowdStrikeFalcon/Playbooks/playbook-CrowdStrike_Falcon_Malware_-_Incident_Enrichment.yml b/...CrowdStrikeFalcon/Playbooks/playbook-CrowdStrike_Falcon_Malware_-_Incident_Enrichment.yml
@@ -90,7 +90,7 @@ tasks:
       version: -1
       name: Enrich endpoint details
       description: Returns information about an endpoint.
-      script: '|||endpoint'
+      script: 'CrowdstrikeFalcon|||endpoint'
       type: regular
       iscommand: true
       brand: ''

diff --git a/Packs/CrowdStrikeFalcon/ReleaseNotes/1_12_7.md b/Packs/CrowdStrikeFalcon/ReleaseNotes/1_12_7.md
@@ -0,0 +1,6 @@
+
+#### Playbooks
+
+##### CrowdStrike Falcon Malware - Incident Enrichment
+
+Added a command brand specification for !endpoint.
diff --git a/Packs/CrowdStrikeFalcon/pack_metadata.json b/Packs/CrowdStrikeFalcon/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "CrowdStrike Falcon",
     "description": "The CrowdStrike Falcon OAuth 2 API (formerly the Falcon Firehose API), enables fetching and resolving detections, searching devices, getting behaviors by ID, containing hosts, and lifting host containment.",
     "support": "xsoar",
-    "currentVersion": "1.12.6",
+    "currentVersion": "1.12.7",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

diff --git a/...DefenderAdvancedThreatProtection/Playbooks/playbook-MDE_Malware_-_Incident_Enrichment.yml b/...DefenderAdvancedThreatProtection/Playbooks/playbook-MDE_Malware_-_Incident_Enrichment.yml
@@ -88,7 +88,7 @@ tasks:
       id: aaf8082e-fe44-455d-8ca0-f9243218db51
       iscommand: true
       name: Enrich endpoint details
-      script: '|||endpoint'
+      script: 'Microsoft Defender Advanced Threat Protection|||endpoint'
       type: regular
       version: -1
     taskid: aaf8082e-fe44-455d-8ca0-f9243218db51

diff --git a/Packs/MicrosoftDefenderAdvancedThreatProtection/ReleaseNotes/1_16_20.md b/Packs/MicrosoftDefenderAdvancedThreatProtection/ReleaseNotes/1_16_20.md
@@ -0,0 +1,6 @@
+
+#### Playbooks
+
+##### MDE Malware - Incident Enrichment
+
+Added a command brand specification for !endpoint.
diff --git a/Packs/MicrosoftDefenderAdvancedThreatProtection/pack_metadata.json b/Packs/MicrosoftDefenderAdvancedThreatProtection/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Microsoft Defender for Endpoint",
     "description": "Microsoft Defender for Endpoint (previously Microsoft Defender Advanced Threat Protection (ATP)) is a unified platform for preventative protection, post-breach detection, automated investigation, and response.",
     "support": "xsoar",
-    "currentVersion": "1.16.19",
+    "currentVersion": "1.16.20",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",