Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution][Bidirectional Integrations Banner][Crowdstrike][SentinelOne] Banner for bidirectional integrations #200625

Merged
merged 8 commits into from
Nov 19, 2024
Merged

[Security Solution][Bidirectional Integrations Banner][Crowdstrike][SentinelOne] Banner for bidirectional integrations #200625

merged 8 commits into from
Nov 19, 2024

Conversation

parkiino
Copy link
Contributor

@parkiino parkiino commented Nov 18, 2024
edited by kibanamachine
Loading

Summary

  • Callouts for bidirectional integrations capabilities on Sentinel One and Crowdstrike integrations.
  • Unit tests

Screenshots

image image

DARK MODE
image

bid

@parkiino parkiino added release_note:skip Skip the PR/issue when compiling release notes backport:skip This commit does not require backporting Team:Defend Workflows “EDR Workflows” sub-team of Security Solution v8.17.0 labels Nov 18, 2024
@parkiino parkiino marked this pull request as ready for review November 18, 2024 17:57
@parkiino parkiino requested review from a team as code owners November 18, 2024 17:57
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-defend-workflows (Team:Defend Workflows)

@botelastic botelastic bot added the Team:Fleet Team label for Observability Data Collection Fleet team label Nov 18, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/fleet (Team:Fleet)

paul-tavares
paul-tavares requested changes Nov 18, 2024
View reviewed changes
Copy link
Contributor

@paul-tavares paul-tavares left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There a few issues that I left feedback for.

...s/integrations/sections/epm/screens/detail/components/bidirectional_integrations_callout.tsx Show resolved Hide resolved
...ins/fleet/public/applications/integrations/sections/epm/screens/detail/overview/overview.tsx Outdated
@@ -172,6 +175,8 @@ export const OverviewPage: React.FC<Props> = memo(
const isUnverified = isPackageUnverified(packageInfo, packageVerificationKeyId);
const isPrerelease = isPackagePrerelease(packageInfo.version);
const isElasticDefend = packageInfo.name === 'endpoint';
const isSentinelOneCloudFunnel = packageInfo.name === 'sentinel_one_cloud_funnel';
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't understand why SentinelOne Cloud Funnel is getting this callout. We have not tested or have claimed to support it for response actions. We only currently support the "normal" SentinelOne integration not this one.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@caitlinbetz should we actually be showing this banner for the regular SentinelOne integration instead of the Cloud Funnel one?

...ins/fleet/public/applications/integrations/sections/epm/screens/detail/overview/overview.tsx Outdated
@@ -296,11 +301,19 @@ export const OverviewPage: React.FC<Props> = memo(
const [showAVCBanner, setShowAVCBanner] = useState(
storage.get('securitySolution.showAvcBanner') ?? true
);
const onBannerDismiss = useCallback(() => {
const [showBidIntBanner, setShowBidIntBanner] = useState(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(Optional) I found the name of these variables confusing "..BidInt...". Maybe consider rename it to showResponseSupportBanner

...ins/fleet/public/applications/integrations/sections/epm/screens/detail/overview/overview.tsx Outdated
Comment on lines 312 to 316
const onBidIntBannerDismiss = useCallback(() => {
setShowBidIntBanner(false);
storage.set('securitySolution.showBidIntBanner', false);
}, [storage]);

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This does not seem like its implemented correctly. So if the banner is "dismissed" for SentinelOne, a user will never see it for Crowdstrike? Shouldn't the dismissal be for each type of integration?

nchaulet
nchaulet approved these changes Nov 18, 2024
View reviewed changes
Copy link
Member

@nchaulet nchaulet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fleet changes LGTM 🚀

paul-tavares
paul-tavares approved these changes Nov 18, 2024
View reviewed changes
Copy link
Contributor

@paul-tavares paul-tavares left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@elasticmachine
Copy link
Contributor

💛 Build succeeded, but was flaky

Failed CI Steps

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
fleet 1239 1240 +1

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
aiAssistantManagementSelection 92.5KB 92.5KB +57.0B
fleet 1.7MB 1.7MB +1.8KB
lists 144.9KB 145.0KB +57.0B
total +1.9KB

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
core 453.9KB 453.9KB +57.0B

History

@parkiino parkiino merged commit 3c32748 into elastic:main Nov 19, 2024
26 checks passed
@parkiino parkiino deleted the task/bidirectional-banner branch November 19, 2024 04:46
@kibanamachine kibanamachine mentioned this pull request Nov 19, 2024
Merged
2 tasks
@parkiino parkiino removed the backport:skip This commit does not require backporting label Nov 19, 2024
@parkiino parkiino added the backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) label Nov 19, 2024
@kibanamachine
Copy link
Contributor

Starting backport for target branches: 8.x

https://github.com/elastic/kibana/actions/runs/11916894410

kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Nov 19, 2024
@parkiino
[Security Solution][Bidirectional Integrations Banner][Crowdstrike][S…
fc3481b 
…entinelOne] Banner for bidirectional integrations (elastic#200625)

## Summary

- [x] Callouts for bidirectional integrations capabilities on Sentinel
One and Crowdstrike integrations.
- [x] Unit tests

# Screenshots
<img width="1685" alt="image"
src="https://github.com/user-attachments/assets/f360c391-6046-49a8-b9d4-56a598dc2b99">
<img width="1132" alt="image"
src="https://github.com/user-attachments/assets/9a15dc52-172a-4ee9-8e39-831a524e5d0b">

DARK MODE
<img width="1127" alt="image"
src="https://github.com/user-attachments/assets/9ab39df4-960b-4a56-b9bf-8c2077304039">

![bid](https://github.com/user-attachments/assets/7f3730f8-7eed-4ca0-a67d-7658fe98d308)

(cherry picked from commit 3c32748)
@kibanamachine kibanamachine mentioned this pull request Nov 19, 2024
Merged
@kibanamachine
Copy link
Contributor

💚 All backports created successfully

Status Branch Result
8.x

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation

kibanamachine added a commit that referenced this pull request Nov 19, 2024
@kibanamachine @parkiino
[8.x] [Security Solution][Bidirectional Integrations Banner][Crowdstr…
e942bb0 
…ike][SentinelOne] Banner for bidirectional integrations (#200625) (#200768)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security Solution][Bidirectional Integrations
Banner][Crowdstrike][SentinelOne] Banner for bidirectional integrations
(#200625)](#200625)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Candace
Park","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-19T04:46:25Z","message":"[Security
Solution][Bidirectional Integrations Banner][Crowdstrike][SentinelOne]
Banner for bidirectional integrations (#200625)\n\n## Summary\r\n\r\n-
[x] Callouts for bidirectional integrations capabilities on
Sentinel\r\nOne and Crowdstrike integrations.\r\n- [x] Unit
tests\r\n\r\n# Screenshots\r\n<img width=\"1685\"
alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/f360c391-6046-49a8-b9d4-56a598dc2b99\">\r\n<img
width=\"1132\"
alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/9a15dc52-172a-4ee9-8e39-831a524e5d0b\">\r\n\r\nDARK
MODE\r\n<img width=\"1127\"
alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/9ab39df4-960b-4a56-b9bf-8c2077304039\">\r\n\r\n\r\n\r\n![bid](https://github.com/user-attachments/assets/7f3730f8-7eed-4ca0-a67d-7658fe98d308)","sha":"3c3274829bdcb950ab4aff9abf1d106482de6267","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Fleet","v9.0.0","Team:Defend
Workflows","backport:prev-minor","v8.17.0"],"title":"[Security
Solution][Bidirectional Integrations Banner][Crowdstrike][SentinelOne]
Banner for bidirectional
integrations","number":200625,"url":"https://github.com/elastic/kibana/pull/200625","mergeCommit":{"message":"[Security
Solution][Bidirectional Integrations Banner][Crowdstrike][SentinelOne]
Banner for bidirectional integrations (#200625)\n\n## Summary\r\n\r\n-
[x] Callouts for bidirectional integrations capabilities on
Sentinel\r\nOne and Crowdstrike integrations.\r\n- [x] Unit
tests\r\n\r\n# Screenshots\r\n<img width=\"1685\"
alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/f360c391-6046-49a8-b9d4-56a598dc2b99\">\r\n<img
width=\"1132\"
alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/9a15dc52-172a-4ee9-8e39-831a524e5d0b\">\r\n\r\nDARK
MODE\r\n<img width=\"1127\"
alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/9ab39df4-960b-4a56-b9bf-8c2077304039\">\r\n\r\n\r\n\r\n![bid](https://github.com/user-attachments/assets/7f3730f8-7eed-4ca0-a67d-7658fe98d308)","sha":"3c3274829bdcb950ab4aff9abf1d106482de6267"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/200625","number":200625,"mergeCommit":{"message":"[Security
Solution][Bidirectional Integrations Banner][Crowdstrike][SentinelOne]
Banner for bidirectional integrations (#200625)\n\n## Summary\r\n\r\n-
[x] Callouts for bidirectional integrations capabilities on
Sentinel\r\nOne and Crowdstrike integrations.\r\n- [x] Unit
tests\r\n\r\n# Screenshots\r\n<img width=\"1685\"
alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/f360c391-6046-49a8-b9d4-56a598dc2b99\">\r\n<img
width=\"1132\"
alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/9a15dc52-172a-4ee9-8e39-831a524e5d0b\">\r\n\r\nDARK
MODE\r\n<img width=\"1127\"
alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/9ab39df4-960b-4a56-b9bf-8c2077304039\">\r\n\r\n\r\n\r\n![bid](https://github.com/user-attachments/assets/7f3730f8-7eed-4ca0-a67d-7658fe98d308)","sha":"3c3274829bdcb950ab4aff9abf1d106482de6267"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Candace Park <[email protected]>
CAWilson94 pushed a commit to CAWilson94/kibana that referenced this pull request Dec 12, 2024
@parkiino @CAWilson94
[Security Solution][Bidirectional Integrations Banner][Crowdstrike][S…
ff91404 
…entinelOne] Banner for bidirectional integrations (elastic#200625)

## Summary

- [x] Callouts for bidirectional integrations capabilities on Sentinel
One and Crowdstrike integrations.
- [x] Unit tests

# Screenshots
<img width="1685" alt="image"
src="https://github.com/user-attachments/assets/f360c391-6046-49a8-b9d4-56a598dc2b99">
<img width="1132" alt="image"
src="https://github.com/user-attachments/assets/9a15dc52-172a-4ee9-8e39-831a524e5d0b">

DARK MODE
<img width="1127" alt="image"
src="https://github.com/user-attachments/assets/9ab39df4-960b-4a56-b9bf-8c2077304039">



![bid](https://github.com/user-attachments/assets/7f3730f8-7eed-4ca0-a67d-7658fe98d308)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jmikell821 jmikell821 jmikell821 approved these changes

@paul-tavares paul-tavares paul-tavares approved these changes

@nchaulet nchaulet nchaulet approved these changes

Assignees
No one assigned
Labels
backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) release_note:skip Skip the PR/issue when compiling release notes Team:Defend Workflows “EDR Workflows” sub-team of Security Solution Team:Fleet Team label for Observability Data Collection Fleet team v8.17.0 v9.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@parkiino @elasticmachine @kibanamachine @nchaulet @paul-tavares @jmikell821