Added unit test

Packs/Cybereason/Integrations/Cybereason/Cybereason_test.py

@@ -299,6 +299,31 @@ def test_query_malop_management_command(mocker):
     assert command_output.outputs[0]['GUID'] == 'AAAA0w7GERjl3oae'
 
 
+def test_cybereason_process_attack_tree_command(mocker):
+    from Cybereason import cybereason_process_attack_tree_command, Client
+    HEADERS = {'Content-Type': 'application/json', 'Connection': 'close'}
+    client = Client(
+        base_url="https://test.server.com:8888",
+        verify=False,
+        headers=HEADERS,
+        proxy=True)
+    args = {
+        "processGuid": "HobXaEWU0CZ6S6LC"
+    }
+    url = "https://test.server.com:8888/#/processTree?guid=HobXaEWU0CZ6S6LC&viewedGuids=HobXaEWU0CZ6S6LC&rootType=Process"
+    test_reponse = [
+        {
+            'ProcessID': "HobXaEWU0CZ6S6LC",
+            'URL': url,
+        }
+    ]
+
+    mocker.patch('Cybereason.Client.cybereason_api_call', return_value=test_reponse)
+    mocker.patch('Cybereason.SERVER', new='https://test.server.com:8888')
+    command_output = cybereason_process_attack_tree_command(client, args)
+    assert command_output.outputs[0] == test_reponse[0]
+
+
 def test_update_malop_status_command(mocker):
     from Cybereason import update_malop_status_command
     from Cybereason import Client

Packs/Cybereason/Integrations/Cybereason/test_data/query_malop_management_raw_response.json

@@ -0,0 +1,76 @@
+{
+    "data": {
+        "pageSize": 100,
+        "pages": 0,
+        "offset": 0,
+        "totalHits": 1,
+        "token": "",
+        "data": [
+            {
+                "guid": "AAAA0w7GERjl3oae",
+                "displayName": "aasiapp.pdf.exe",
+                "creationTime": 1686720403740,
+                "lastUpdateTime": 1686720403743,
+                "metadataUpdateTime": 1686720403743,
+                "decisionStatuses": [],
+                "detectionEngines": [
+                    "EDR"
+                ],
+                "mitreTactics": [],
+                "mitreTechniques": [],
+                "mitreSubTechniques": [],
+                "rootCauseElementHashes": [
+                    "a541fb35b0b750501717df708f1ccade7c176e1d"
+                ],
+                "iocs": [
+                    "File"
+                ],
+                "detectionTypes": [
+                    "Malicious by Obscured Extension"
+                ],
+                "labels": [
+                    {
+                        "id": 108,
+                        "labelText": "IT-Closed",
+                        "count": 47,
+                        "empty": false
+                    }
+                ],
+                "investigationStatus": "Pending",
+                "closerName": "<email>",
+                "priority": "MEDIUM",
+                "status": "Active",
+                "severity": "High",
+                "detectionType": "EXTENSION_MANIPULATION",
+                "escalated": false,
+                "iconBase64": "",
+                "isEdr": true,
+                "groups": [
+                    "<group-ids>"
+                ],
+                "rootCauseElementType": "File",
+                "machines": [
+                    {
+                        "guid": "<machine-guid>",
+                        "displayName": "<machine-display-name>",
+                        "connected": false,
+                        "isolated": false,
+                        "osType": "WINDOWS",
+                        "lastConnected": 1698818040437,
+                        "pylumId": "<pylum-id>"
+                    }
+                ],
+                "users": [
+                    {
+                        "guid": "<user-guid>",
+                        "displayName": "<user-display-name>",
+                        "admin": true,
+                        "domainUser": false,
+                        "localSystem": false
+                    }
+                ]
+            }
+        ]
+    },
+    "status": "SUCCESS"
+}