No beta iam

_shared_content/operations_center/detection/generated/attack_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.json

@@ -1 +1 @@
-{"name": "SEKOIA.IO x Duo Security [BETA]", "versions": {"attack": "13", "layer": "4.4", "navigator": "4.8.2"}, "domain": "enterprise-attack", "techniques": [{"techniqueID": "T1486", "score": 100, "comment": "Rules: RYUK Ransomeware - martinstevens Username"}, {"techniqueID": "T1041", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1071", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed, Nimbo-C2 User Agent, Potential Bazar Loader User-Agents, Potential Lemon Duck User-Agent"}, {"techniqueID": "T1566", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1071.001", "score": 100, "comment": "Rules: Nimbo-C2 User Agent, Potential Bazar Loader User-Agents, Potential Lemon Duck User-Agent"}]}
+{"name": "SEKOIA.IO x Cisco Duo Security [BETA]", "versions": {"attack": "13", "layer": "4.4", "navigator": "4.8.2"}, "domain": "enterprise-attack", "techniques": [{"techniqueID": "T1486", "score": 100, "comment": "Rules: RYUK Ransomeware - martinstevens Username"}, {"techniqueID": "T1041", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1071", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed, Nimbo-C2 User Agent, Potential Bazar Loader User-Agents, Potential Lemon Duck User-Agent"}, {"techniqueID": "T1566", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1071.001", "score": 100, "comment": "Rules: Nimbo-C2 User Agent, Potential Bazar Loader User-Agents, Potential Lemon Duck User-Agent"}]}

_shared_content/operations_center/detection/generated/attack_8a9894f8-d7bc-4c06-b96a-8808b3c6cade_do_not_edit_manually.json

@@ -1 +1 @@
-{"name": "SEKOIA.IO x Cisco ISE [BETA]", "versions": {"attack": "13", "layer": "4.4", "navigator": "4.8.2"}, "domain": "enterprise-attack", "techniques": [{"techniqueID": "T1486", "score": 100, "comment": "Rules: RYUK Ransomeware - martinstevens Username"}, {"techniqueID": "T1041", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1071", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1566", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}]}
+{"name": "SEKOIA.IO x Cisco Identity Services Engine (ISE) [BETA]", "versions": {"attack": "13", "layer": "4.4", "navigator": "4.8.2"}, "domain": "enterprise-attack", "techniques": [{"techniqueID": "T1486", "score": 100, "comment": "Rules: RYUK Ransomeware - martinstevens Username"}, {"techniqueID": "T1041", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1071", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}, {"techniqueID": "T1566", "score": 100, "comment": "Rules: SEKOIA.IO Intelligence Feed"}]}

_shared_content/operations_center/detection/generated/suggested_rules_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.md

@@ -1,8 +1,8 @@
 ## Related Built-in Rules
 
-Benefit from SEKOIA.IO built-in rules and upgrade **Duo Security [BETA]** with the following detection capabilities out-of-the-box.
+Benefit from SEKOIA.IO built-in rules and upgrade **Cisco Duo Security [BETA]** with the following detection capabilities out-of-the-box.
 
-[SEKOIA.IO x Duo Security [BETA] on ATT&CK Navigator](https://mitre-attack.github.io/attack-navigator/#layerURL=https%3A%2F%2Fraw.githubusercontent.com%2FSEKOIA-IO%2Fdocumentation%2Fmain%2F_shared_content%2Foperations_center%2Fdetection%2Fgenerated%2Fattack_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.json){ .md-button }
+[SEKOIA.IO x Cisco Duo Security [BETA] on ATT&CK Navigator](https://mitre-attack.github.io/attack-navigator/#layerURL=https%3A%2F%2Fraw.githubusercontent.com%2FSEKOIA-IO%2Fdocumentation%2Fmain%2F_shared_content%2Foperations_center%2Fdetection%2Fgenerated%2Fattack_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.json){ .md-button }
 ??? abstract "Nimbo-C2 User Agent"
 
     Nimbo-C2 Uses an unusual User-Agent format in its implants.

_shared_content/operations_center/detection/generated/suggested_rules_8a9894f8-d7bc-4c06-b96a-8808b3c6cade_do_not_edit_manually.md

@@ -1,8 +1,8 @@
 ## Related Built-in Rules
 
-Benefit from SEKOIA.IO built-in rules and upgrade **Cisco ISE [BETA]** with the following detection capabilities out-of-the-box.
+Benefit from SEKOIA.IO built-in rules and upgrade **Cisco Identity Services Engine (ISE) [BETA]** with the following detection capabilities out-of-the-box.
 
-[SEKOIA.IO x Cisco ISE [BETA] on ATT&CK Navigator](https://mitre-attack.github.io/attack-navigator/#layerURL=https%3A%2F%2Fraw.githubusercontent.com%2FSEKOIA-IO%2Fdocumentation%2Fmain%2F_shared_content%2Foperations_center%2Fdetection%2Fgenerated%2Fattack_8a9894f8-d7bc-4c06-b96a-8808b3c6cade_do_not_edit_manually.json){ .md-button }
+[SEKOIA.IO x Cisco Identity Services Engine (ISE) [BETA] on ATT&CK Navigator](https://mitre-attack.github.io/attack-navigator/#layerURL=https%3A%2F%2Fraw.githubusercontent.com%2FSEKOIA-IO%2Fdocumentation%2Fmain%2F_shared_content%2Foperations_center%2Fdetection%2Fgenerated%2Fattack_8a9894f8-d7bc-4c06-b96a-8808b3c6cade_do_not_edit_manually.json){ .md-button }
 ??? abstract "RYUK Ransomeware - martinstevens Username"
 
     Detects user name "martinstevens". Wizard Spider is used to add the user name "martinstevens" to the AD of its victims. It was observed in several campaigns; in 2019 and 2020.

_shared_content/operations_center/integrations/generated/547234b3-82ea-4507-b28f-3ee3cd5b9a8e.md

@@ -6,7 +6,7 @@ The following table lists the data source offered by this integration.
 
 | Data Source | Description                          |
 | ----------- | ------------------------------------ |
-| `Authentication logs` | Duo Security provides audit logs about authentication sessions |
+| `Authentication logs` | Cisco Duo Security provides audit logs about authentication sessions |
 
 
 
@@ -48,7 +48,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         "@timestamp": "2020-01-23T16:18:58Z",
         "observer": {
             "vendor": "Duo",
-            "product": "Duo Security"
+            "product": "Cisco Duo Security"
         }
     }
 
@@ -75,7 +75,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         "@timestamp": "2020-01-24T15:09:42Z",
         "observer": {
             "vendor": "Duo",
-            "product": "Duo Security"
+            "product": "Cisco Duo Security"
         },
         "user": {
             "name": "admin"
@@ -114,7 +114,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         "@timestamp": "2020-02-13T18:56:20.351346Z",
         "observer": {
             "vendor": "Duo",
-            "product": "Duo Security"
+            "product": "Cisco Duo Security"
         },
         "user": {
             "email": "[email protected]",
@@ -173,7 +173,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         "@timestamp": "2019-08-30T16:10:05Z",
         "observer": {
             "vendor": "Duo",
-            "product": "Duo Security"
+            "product": "Cisco Duo Security"
         },
         "duo": {
             "security": {
@@ -226,7 +226,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         },
         "observer": {
             "vendor": "Duo",
-            "product": "Duo Security"
+            "product": "Cisco Duo Security"
         },
         "duo": {
             "security": {
@@ -260,7 +260,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         },
         "observer": {
             "vendor": "Duo",
-            "product": "Duo Security"
+            "product": "Cisco Duo Security"
         },
         "duo": {
             "security": {
@@ -294,7 +294,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         },
         "observer": {
             "vendor": "Duo",
-            "product": "Duo Security"
+            "product": "Cisco Duo Security"
         },
         "duo": {
             "security": {

_shared_content/operations_center/integrations/generated/8a9894f8-d7bc-4c06-b96a-8808b3c6cade.md

@@ -8,7 +8,7 @@ The following table lists the data source offered by this integration.
 | ----------- | ------------------------------------ |
 | `Authentication logs` | There's an authentification audit, control and diagnostic |
 | `Network device configuration` | Changing conf of devices usually by the admin |
-| `Web logs` | Cisco ISE logs provide information about the connected client and the requested resource |
+| `Web logs` | Cisco Identity Services Engine (ISE) logs provide information about the connected client and the requested resource |
 
 
 
@@ -47,7 +47,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         },
         "observer": {
             "vendor": "Cisco",
-            "product": "Cisco ISE"
+            "product": "Cisco Identity Services Engine (ISE)"
         },
         "user": {
             "name": "john.doe"
@@ -86,7 +86,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         },
         "observer": {
             "vendor": "Cisco",
-            "product": "Cisco ISE"
+            "product": "Cisco Identity Services Engine (ISE)"
         }
     }
 
@@ -111,7 +111,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         },
         "observer": {
             "vendor": "Cisco",
-            "product": "Cisco ISE"
+            "product": "Cisco Identity Services Engine (ISE)"
         },
         "cisco": {
             "ise": {
@@ -143,7 +143,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         },
         "observer": {
             "vendor": "Cisco",
-            "product": "Cisco ISE"
+            "product": "Cisco Identity Services Engine (ISE)"
         }
     }
 
@@ -167,7 +167,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         },
         "observer": {
             "vendor": "Cisco",
-            "product": "Cisco ISE"
+            "product": "Cisco Identity Services Engine (ISE)"
         },
         "source": {
             "domain": "servername",
@@ -205,7 +205,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         },
         "observer": {
             "vendor": "Cisco",
-            "product": "Cisco ISE"
+            "product": "Cisco Identity Services Engine (ISE)"
         },
         "source": {
             "domain": "servername",
@@ -249,7 +249,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         },
         "observer": {
             "vendor": "Cisco",
-            "product": "Cisco ISE"
+            "product": "Cisco Identity Services Engine (ISE)"
         },
         "cisco": {
             "ise": {
@@ -293,7 +293,7 @@ Find below few samples of events and how they are normalized by Sekoia.io.
         },
         "observer": {
             "vendor": "Cisco",
-            "product": "Cisco ISE"
+            "product": "Cisco Identity Services Engine (ISE)"
         },
         "user": {
             "name": "admin"

docs/xdr/features/collect/integrations/application/rsa_securid.md

@@ -6,10 +6,6 @@ type: intake
 
 SecurID is a token system, or authenticator, produced by RSA Security and intended to offer strong authentication to its user in the context of access to an information system.
 
-!!! warning
-    This format is in beta.
-
-
 {!_shared_content/operations_center/detection/generated/suggested_rules_20876735-c423-4bbc-9d19-67edc91fb063_do_not_edit_manually.md!}
 
 {!_shared_content/operations_center/integrations/generated/20876735-c423-4bbc-9d19-67edc91fb063.md!}

docs/xdr/features/collect/integrations/cloud_and_saas/aws/aws_guardduty.md

@@ -6,7 +6,7 @@ type: intake
 AWS GuardDuty is a service that detects potential security issues within your network.
 
 !!! warning
-    This format is in beta.
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
 {!_shared_content/operations_center/detection/generated/suggested_rules_3e060900-4004-4754-a597-d2944a601930_do_not_edit_manually.md!}
 

docs/xdr/features/collect/integrations/cloud_and_saas/cato_sase.md

@@ -7,7 +7,7 @@ type: intake
 Cato Networks is a software company providing solutions to protect cloud applications. Cato SASE Cloud provides zero trust network access to on-premises and cloud applications.
 
 !!! warning
-    This format is in beta.
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
 {!_shared_content/operations_center/detection/generated/suggested_rules_469bd3ae-61c9-4c39-9703-7452882e70da_do_not_edit_manually.md!}
 

docs/xdr/features/collect/integrations/cloud_and_saas/duo_security.md → docs/xdr/features/collect/integrations/cloud_and_saas/cisco_duo_security.md

@@ -1,14 +1,11 @@
 uuid: 547234b3-82ea-4507-b28f-3ee3cd5b9a8e
-name: Duo Security
+name: Cisco Duo Security
 type: intake
 
 
 ## Overview
 
-Duo Security offers solutions for strong authentication.
-
-!!! warning
-    This format is in beta.
+Cisco Duo Security offers solutions for strong authentication.
 
 {!_shared_content/operations_center/detection/generated/suggested_rules_547234b3-82ea-4507-b28f-3ee3cd5b9a8e_do_not_edit_manually.md!}
 
@@ -28,7 +25,7 @@ More details in [Duo documentation](https://duo.com/docs/adminapi#first-steps)
 
 ### Create the intake in Sekoia.io
 
-Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a new intake from the format `Duo Security`. Copy the intake key.
+Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a new intake from the format `Cisco Duo Security`. Copy the intake key.
 
 ### Pull events
 

docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-access-requests.md

@@ -8,9 +8,6 @@ Cloudflare is a global network designed to make everything you connect to the In
 
 In this documentation, you will learn how to collect and send Cloudflare Access Request logs to Sekoia.io.
 
-!!! warning
-    This format is in beta.
-
 {!_shared_content/operations_center/detection/generated/suggested_rules_588a448b-c08d-4139-a746-b2b9f366e34b_do_not_edit_manually.md!}
 
 {!_shared_content/operations_center/integrations/generated/588a448b-c08d-4139-a746-b2b9f366e34b.md!}

docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-audit-logs.md

@@ -9,7 +9,7 @@ Cloudflare is a global network designed to make everything you connect to the In
 In this documentation, you will learn how to collect and send Cloudflare Audit logs to Sekoia.io.
 
 !!! warning
-    This format is in beta.
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
 {!_shared_content/operations_center/detection/generated/suggested_rules_76d767ed-5431-4db1-b893-a48b6903d871_do_not_edit_manually.md!}
 

docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-gateway-dns.md

@@ -9,7 +9,7 @@ Cloudflare is a global network designed to make everything you connect to the In
 In this documentation, you will learn how to collect and send Cloudflare Gateway DNS logs to Sekoia.io.
 
 !!! warning
-    This format is in beta.
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
 {!_shared_content/operations_center/detection/generated/suggested_rules_7b1317ec-3f87-4b53-9b6d-3f79045f28fa_do_not_edit_manually.md!}
 

docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-gateway-http.md

@@ -9,7 +9,7 @@ Cloudflare is a global network designed to make everything you connect to the In
 In this documentation, you will learn how to collect and send Cloudflare Gateway HTTP logs to Sekoia.io.
 
 !!! warning
-    This format is in beta.
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
 {!_shared_content/operations_center/detection/generated/suggested_rules_f570dd30-854b-4a22-9c2d-e2cfa46bf0e5_do_not_edit_manually.md!}
 

docs/xdr/features/collect/integrations/cloud_and_saas/cloudflare/cloudflare-gateway-network.md

@@ -9,7 +9,7 @@ Cloudflare is a global network designed to make everything you connect to the In
 In this documentation, you will learn how to collect and send Gateway Network logs to Sekoia.io.
 
 !!! warning
-    This format is in beta.
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
 {!_shared_content/operations_center/detection/generated/suggested_rules_d14567dd-56b1-42f8-aa64-fb65d4b0a4cf_do_not_edit_manually.md!}
 

docs/xdr/features/collect/integrations/cloud_and_saas/github_audit_logs.md

@@ -8,7 +8,7 @@ Github audit logs represents activities on your Github organization.
 This setup guide describes how to forward audit logs from Github to Sekoia.io.
 
 !!! warning
-    This format is in beta.
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
 {!_shared_content/operations_center/detection/generated/suggested_rules_80de6ccb-7246-40de-bcbb-bc830118c1f9_do_not_edit_manually.md!}
 

docs/xdr/features/collect/integrations/cloud_and_saas/google/google_reports.md

@@ -7,7 +7,7 @@ type: intake
 Google Reports is a data reporting and analysis platform offered by Google for Google Workspace services, designed to provide insights and metrics about user activities and interactions within various Google services. It allows organizations to track and visualize user engagement, application usage, and other relevant data points, enabling informed decision-making and optimization of digital experiences. 
 
 !!! warning
-    This format is in beta.
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
 ### Supported applications
 

docs/xdr/features/collect/integrations/cloud_and_saas/ogo_shield.md

@@ -9,7 +9,7 @@ OGO Shield Web Application Firewall provides protection and performance for your
 This setup guide describes how to forward security events from OGO to Sekoia.io.
 
 !!! warning
-    This format is in beta.
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
 
 {!_shared_content/operations_center/detection/generated/suggested_rules_cf5c916e-fa26-11ed-a844-f7f4d7348199_do_not_edit_manually.md!}

docs/xdr/features/collect/integrations/cloud_and_saas/salesforce.md

@@ -7,7 +7,7 @@ type: intake
 Salesforce provides customer relationship management software and applications focused on sales, customer service, marketing automation, e-commerce, analytics, and application development.
 
 !!! warning
-    This format is in beta.
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
 {!_shared_content/operations_center/detection/generated/suggested_rules_d2725f97-0c7b-4942-a847-983f38efb8ff_do_not_edit_manually.md!}
 

docs/xdr/features/collect/integrations/cloud_and_saas/sophos_threat_analysis_center.md

@@ -7,7 +7,7 @@ type: intake
 The Sophos Threat Analysis Center (STAC), is a dedicated tool for research and analysis of cybersecurity threats. so it can help continuously on monitoring the cyber threat landscape and analyze new forms of malware, attack techniques, and cybercrime trends. which has also the most important part which the _live Discover_ , with usage of queries you can have device informations from Sophos data lake.
 
 !!! warning
-    This format is in beta.
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
 {!\_shared_content/operations_center/detection/generated/suggested_rules_99da26fc-bf7b-4e5b-a76c-408472fcfebb_do_not_edit_manually.md!}
 

docs/xdr/features/collect/integrations/cloud_and_saas/ubika_waap.md

@@ -7,7 +7,7 @@ type: intake
 Ubika WAAP Gateway detect and prevent threats against your web applications and your APIs.
 
 !!! warning
-    This format is in beta.
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
 {!_shared_content/operations_center/detection/generated/suggested_rules_6dbdd199-77ae-4705-a5de-5c2722fa020e_do_not_edit_manually.md!}
 

docs/xdr/features/collect/integrations/email/cisco_esa.md

@@ -7,7 +7,7 @@ type: intake
 Cisco Email Security Appliance (ESA) is a email gateway appliance that provides protection against spam, malware, viruses, and other email threats.
 
 !!! warning
-    This format is in beta.
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
 {!_shared_content/operations_center/detection/generated/suggested_rules_2ee6048e-8322-4575-8e47-1574946412b6_do_not_edit_manually.md!}
 

docs/xdr/features/collect/integrations/endpoint/crowdstrike_telemetry.md

@@ -7,7 +7,7 @@ type: intake
 CrowdStrike provides cloud workload and endpoint security, threat intelligence, and cyberattack response services and products.
 
 !!! warning
-    This format is in beta.
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
 {!_shared_content/operations_center/detection/generated/suggested_rules_10999b99-9a8d-4b92-9fbd-01e3fac01cd5_do_not_edit_manually.md!}
 

docs/xdr/features/collect/integrations/endpoint/darktrace_threat_visualizer.md

@@ -9,7 +9,7 @@ Darktrace monitors all people and digital assets across your entire ecosystem.
 This setup guide describes how to forward logs from Darktrace Threat visualizer to Sekoia.io.
 
 !!! warning
-    This format is in beta.
+    Important note - This format is currently in beta. We highly value your feedback to improve its performance.
 
 {!_shared_content/operations_center/integrations/generated/98fa7079-41ae-4033-a93f-bbd70d114188.md!}