AWS Feed

Details
Content
Dependencies
Version History

Indicators feed from AWS

Classifiers

Name	Description
AWS Feed - Classifier	Classifies AWS IOCs.
AWS Feed - Incoming Mapper	Maps incoming AWS indicator fields.

Integrations

Name	Description
AWS Feed	Use the AWS feed integration to fetch indicators from the feed.

Playbooks

Name	Description
TIM - Process AWS indicators	This playbook handles the tagging of AWS indicators. Specify the tag to apply to these indicators in the playbook inputs. An example tag will be approved_allow. If no inputs are specified, the indicators will be tagged for manual review. The user can specify whether a manual review incident is required.

Classifiers

Name	Description
AWS Feed - Classifier	Classifies AWS IOCs.
AWS Feed - Incoming Mapper	Maps incoming AWS indicator fields.

Integrations

Name	Description
AWS Feed	Use the AWS feed integration to fetch indicators from the feed.

Playbooks

Name	Description
TIM - Process AWS indicators	This playbook handles the tagging of AWS indicators. Specify the tag to apply to these indicators in the playbook inputs. An example tag will be approved_allow. If no inputs are specified, the indicators will be tagged for manual review. The user can specify whether a manual review alert is required.

Pack Name	Pack By
Base	By: Cortex XSOAR

Pack Name	Pack By
Common Types	By: Cortex XSOAR

Pack Name	Pack By
Base	By: Cortex XSOAR

1.1.54 - 1619437 (November 10, 2024)

Integrations

Updated the Docker image to: demisto/py3-tools:1.0.0.114656.

Related pull requests:
- 37059
- 37052
- 37051

Download

1.1.53 - 1431233 (September 25, 2024)

Playbooks

TIM - Process AWS indicators

Updated the terminology from "whitelist" to "allowlist".

Related pull requests:
- 36376
- 36473

Download

1.1.52 - 1332174 (September 1, 2024)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.108682.

Related pull requests:
- 36004

Download

1.1.51 - 1139196 (July 1, 2024)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.99035.

Related pull requests:
- 35022

Download

1.1.50 - 925751 (April 1, 2024)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.91603.

Related pull requests:
- 33671

Download

1.1.49 - R828628 (February 14, 2024)

Integrations

AWS Feed

Improved handling of IPv4 indicators with ports.

Related pull requests:
- 32223

Download

1.1.48 - 798475 (February 1, 2024)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.86691.

Related pull requests:
- 32576

Download

1.1.47 - 762016 (January 14, 2024)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.84811.

Related pull requests:
- 32179

Download

1.1.46 - 722180 (December 28, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.83976.

Related pull requests:
- 31825

Download

1.1.45 - 7122577 (December 10, 2023)

Integrations

AWS Feed

Fixed an issue where indicators were expiring due to prolonged periods of inactivity in the data source by implementing a solution that enforces a bi-daily update for existing indicators, even if the corresponding resource hasn't been updated.

Related pull requests:
- 31123

Download

1.1.44 - 6960791 (November 22, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.80944.

Related pull requests:
- 31052

Download

1.1.43 - 6617721 (October 16, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.77497.

Related pull requests:
- 30199

Download

1.1.42 - 6437102 (September 27, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.75615.

Related pull requests:
- 29865

Download

1.1.41 - 6299513 (September 12, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.73956.

Related pull requests:
- 29596

Download

1.1.40 - 6166488 (August 27, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.72003.

Related pull requests:
- 29239

Download

1.1.39 - 6010750 (August 10, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.68970.

Related pull requests:
- 28875

Download

1.1.38 - 5872601 (July 26, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.66616.

Related pull requests:
- 28511

Download

1.1.37 - R5866730 (July 25, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.64758.

Related pull requests:
- 28053

Download

1.1.36 - R5692327 (July 5, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.64131.

Related pull requests:
- 27706

Download

1.1.35 - 5498982 (June 11, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.63020.
Added support for fetching IPv6 indicators from the feed.
Enhanced the JSONFeedApiModule to support fetching multiple indicator types from the feed.
Updated the default value of the services integration parameter to All.

Related pull requests:
- 27141

Download

1.1.34 - R5450895 (June 5, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.61931.

Related pull requests:
- 27146

Download

1.1.33 - 5297274 (May 18, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.59406.

Related pull requests:
- 26610

Download

1.1.32 - R5208997 (May 7, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.56465.

Related pull requests:
- 26166

Download

1.1.31 - 5013524 (April 11, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.54695.

Related pull requests:
- 25803

Download

1.1.30 - R4954430 (April 2, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.51296.

Related pull requests:
- 25523

Download

1.1.29 - 4776751 (March 9, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.49703.

Related pull requests:
- 25163

Download

1.1.28 - R4718798 (March 1, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.48698.

Related pull requests:
- 24787

Download

1.1.27 - R4646022 (February 19, 2023)

Integrations

AWS Feed

Fixed an issue where in some cases the integration did not fetch any indicator due to memory leaks.
Updated the Docker image to: demisto/py3-tools:1.0.0.47376.
Updated the Docker image to: demisto/py3-tools:1.0.0.47433.

Related pull requests:
- 24410

Download

1.1.25 - 4497697 (January 30, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.45904.

Related pull requests:
- 24139

Download

1.1.24 - 4384217 (January 12, 2023)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.43697.

Related pull requests:
- 23730

Download

1.1.23 - 4265201 (December 22, 2022)

Integrations

AWS Feed

Fixed an issue where an indicator did not have a tag.

Related pull requests:
- 23113

Download

1.1.22 - 4183367 (December 9, 2022)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.40638.

Related pull requests:
- 22844

Download

1.1.21 - 4092720 (November 23, 2022)

Integrations

AWS Feed

Fixed an issue where indicators with the same value but different tags were merged and the tags from only one indicator were retained.

Related pull requests:
- 22362

Download

1.1.20 - 4013107 (November 11, 2022)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.37249.

Related pull requests:
- 22141

Download

1.1.19 - R3994332 (November 8, 2022)

Integrations

AWS Feed

Added support for additional services in the Services parameter.
Updated the Docker image to: demisto/py3-tools:1.0.0.36436.

Related pull requests:
- 21576

Download

1.1.18 - 3824820 (October 12, 2022)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.35208.

Related pull requests:
- 21672

Download

1.1.17 - 3649843 (September 13, 2022)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.33659.

Related pull requests:
- 21043

Download

1.1.16 - 3504083 (August 21, 2022)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.32758.

Related pull requests:
- 20644

Download

1.1.15 - 3204921 (July 5, 2022)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:1.0.0.31193.

Related pull requests:
- 19889

Download

1.1.14 - 3096681 (June 15, 2022)

Integrations

AWS Feed

Updated the Docker image to: demisto/py3-tools:0.0.1.30715 as demisto/jmespat image is deprecated.

Related pull requests:
- 19561

Download

1.1.13 - 3021476 (June 2, 2022)

Integrations

AWS Feed

Updated the Docker image to: demisto/jmespath:1.0.0.30255.

Related pull requests:
- 19351

Download

1.1.12 - 2198753 (January 3, 2022)

Integrations

AWS Feed

Reverted changes made in 1.1.11.
Fixed an issue where adding the headers If-None-Match and If-Modified-Since to requests was not compatible with Cortex XSOAR with a version below 6.5.0.

Download

1.1.11 - R2146019 (December 21, 2021)

Integrations

AWS Feed

Changed the feed to be Incremental Feed.

Download

1.1.10 - 1938694 (November 12, 2021)

Integrations

AWS Feed

Fixed an issue where configuring the integration to fetch multiple Services would only fetch the first service.

Download

1.1.9 - 1882648 (November 2, 2021)

Integrations

AWS Feed

Enhanced noUpdate flagging when fetching indicators using ETAG and Last-Modified headers.

Download

1.1.8 - 7681620 (September 19, 2021)

Integrations

AWS Feed

Updated the Docker image to: demisto/jmespath:1.0.0.23980.

Download

1.1.7 - 415742 (August 24, 2021)

Integrations

AWS Feed

Fixed an issue where fetching indicators in Cortex XSOAR with a version below 6.5.0 would fail.

Download

1.1.6 - 411893 (August 16, 2021)

Integrations

AWS Feed

Read ETAG and Last-Modified headers from feed response to support noUpdate signaling when creating indicators.

Download

1.1.5 - 411157 (August 13, 2021)

Integrations

AWS Feed

Added more regions to the Regions parameter.

Download

1.1.4 - 382285 (June 9, 2021)

Integrations

AWS Feed

Internal infrastructure improvements.

Download

1.1.3 - 346806 (May 5, 2021)

Integrations

AWS Feed

Internal code improvements.

Download

1.1.2 - 334630 (April 24, 2021)

Integrations

AWS Feed

Internal code improvements.
Updated Docker image to demisto/jmespath:1.0.0.19143.

Download

1.1.1 - R264879 (January 27, 2021)

Integrations

AWS Feed

Internal code improvements.

Download

1.1.0 - R261222 (January 25, 2021)

Integrations

##### AWS Feed
- Internal code improvements.

Download

1.0.6 - R180529 (November 9, 2020)

Classifiers

AWS Feed - Classifier

Fixed an issue where the classifier's id was incorrect.

AWS Feed - Incoming Mapper

Fixed an issue where the mapper's id was incorrect.

Integration

AWS Feed

Upgraded the Docker image to demisto/jmespath:1.0.0.12410.

Download

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	July 26, 2020
Last Release	November 10, 2024

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.