Update FeedCyjax to 1.1.0

Packs/FeedCyjax/CONTRIBUTORS.json

@@ -0,0 +1,3 @@
+[
+    "Jakub Orzol"
+]

Packs/FeedCyjax/Integrations/FeedCyjax/FeedCyjax.py

@@ -89,7 +89,7 @@ def fetch_indicators(self, since=None, until=None, indicator_type=None, source_t
         :param indicator_type:  The indicator type. If not specified all indicators are returned
 
         :type source_type: ``str``
-        :param source_type:  The indicators source type. Allowed values are incidnet-report, my-report
+        :param source_type:  The indicators source type. Allowed values are incident-report, my-report
 
         :type source_id: ``int``
         :param source_id:  The indicators source ID
@@ -349,10 +349,10 @@ def fetch_indicators_command(
     # Add one second from last_fetch_timestamp to avoid fetching the same indicators
     since = last_fetch_date + timedelta(seconds=1)
 
-    indicators = []  # type:List
-    cyjax_indicators = client.fetch_indicators(since=since.isoformat())  # type:List
+    indicators: list[dict[str, Any]] = []
+    cyjax_indicators: list[Any] = client.fetch_indicators(since=since.isoformat())
 
-    indicators_score = map_reputation_to_score(reputation)  # type: int
+    indicators_score: int = map_reputation_to_score(reputation)
 
     for cyjax_indicator in cyjax_indicators:
         indicator_date = dateparser.parse(cyjax_indicator.get("discovered_at"))
@@ -402,7 +402,7 @@ def get_indicators_command(client: Client, args: dict[str, Any]) -> dict[str, An
         since=since, until=until, indicator_type=indicator_type, source_type=source_type, source_id=source_id, limit=limit
     )
 
-    indicators = [convert_cyjax_indicator(indicator) for indicator in cyjax_indicators]  # type:List
+    indicators: list[dict[str, Any]] = [convert_cyjax_indicator(indicator) for indicator in cyjax_indicators]
 
     # Format indicators for human readable table output
     human_readable_indicators = []
@@ -523,7 +523,7 @@ def main() -> None:
             return_results(test_module(client))
 
         elif demisto.command() == "fetch-indicators":
-            last_fetch_date = get_indicators_last_fetch_date()  # type:datetime
+            last_fetch_date: datetime = get_indicators_last_fetch_date()
             next_run, indicators = fetch_indicators_command(client, last_fetch_date, reputation, tlp_to_use, tags)
 
             if indicators:

Packs/FeedCyjax/Integrations/FeedCyjax/FeedCyjax.yml

@@ -1,20 +1,20 @@
 category: Data Enrichment & Threat Intelligence
-provider: Cyjax
+provider: CYJAX
 display: Cyjax Feed
 name: Cyjax Feed
 description: 'The feed allows customers to pull indicators of compromise from cyber incidents (IP addresses, URLs, domains, CVE and file hashes).'
 commonfields:
   id: Cyjax Feed
   version: -1
 configuration:
-- defaultvalue: https://api.cyberportal.co
-  additionalinfo: Url to Cyjax API.
+- defaultvalue: https://api.cymon.co/v2
+  additionalinfo: Url to CYJAX API.
   display: Cyjax API URL
   name: url
   required: true
   type: 0
 - display: API Key
-  additionalinfo: Cyjax API key obtained from Cyjax portal.
+  additionalinfo: CYJAX API key obtained from CYJAX portal.
   name: apikey
   required: true
   type: 4
@@ -68,7 +68,7 @@ configuration:
   required: false
 - name: use_cyjax_tlp
   display: Use Cyjax feed TLP
-  additionalinfo: Whether to use TLP set by Cyjax. Will override TLP set above.
+  additionalinfo: Whether to use TLP set by CYJAX. Will override TLP set above.
   defaultvalue: 'true'
   type: 8
   required: false
@@ -125,7 +125,7 @@ script:
     - name: type
       description: 'The indicator type. If not specified all indicators are returned. Allowed values are IPv4, IPv6, Domain, Hostname, Email, FileHash-SHA1, FileHash-SHA256, FileHash-MD5, FileHash-SSDEEP.'
     - name: source_type
-      description: The indicators source type. Allowed values are incidnet-report, my-report.
+      description: The indicators source type. Allowed values are incident-report, my-report.
     - name: source_id
       description: The indicators source ID.
     - name: limit
@@ -140,7 +140,7 @@ script:
     name: cyjax-indicator-sighting
     description: Get sighting of a indicator.
   - name: cyjax-unset-indicators-last-fetch-date
-    description: 'Unset the indicators feed last fetch date. Should only be used if user needs to use `re-fetch` button and wants to fetch old indicators from Cyjax. Next feed will use date set in first_fetch (default is last 3 days).'
+    description: 'Unset the indicators feed last fetch date. Should only be used if user needs to use `re-fetch` button and wants to fetch old indicators from CYJAX. Next feed will use date set in first_fetch (default is last 3 days).'
   feed: true
   script: '-'
   type: python

Packs/FeedCyjax/Integrations/FeedCyjax/FeedCyjax_description.md

@@ -1,15 +1,15 @@
-## Cyjax Feed Help
+## CYJAX Feed Help
 The feed allows customers to pull indicators of compromise from cyber incidents (IP addresses, URLs, domains, CVE and file hashes).
 
 ## Configuration
-1. Enter feed name eg. `Cyjax Feed`
-2. API URL `https://api.cyberportal.co`
-3. Enter Cyjax API token
+1. Enter feed name eg. `CYJAX Feed`
+2. API URL `https://api.cymon.co/v2`
+3. Enter CYJAX API token
 4. Set proxy if required by your installation
 5. Indicator reputation (the reputation set to the indicators fetched from this feed, default is Suspicious)
 6. Source reliability: A - Completely reliable
 7. Traffic Light Protocol Color - The Traffic Light Protocol (TLP) designation to apply to indicators fetched from the feed.
-8. Use Cyjax feed TLP (selected by default) - Whether to use TLP set by Cyjax. Will override TLP set above.
+8. Use CYJAX feed TLP (selected by default) - Whether to use TLP set by CYJAX. Will override TLP set above.
 9. Set feed tags. (optional, comma delimited, eg. MyTag, YourTag)
 10. Set Indicator Expiration Method (default is never)
 11. Set fetch interval (default is to fetch every 1 hour)

Packs/FeedCyjax/Integrations/FeedCyjax/README.md

@@ -1,11 +1,11 @@
-The feed allows customers to pull indicators of compromise from cyber incidents (IP addresses, URLs, domains, CVE, and file hashes).
+The feed allows customers to pull indicators of compromise from cyber incidents (IP addresses, URLs, domains, CVEs, and file hashes).
 
-## Cyjax API token
+## CYJAX API token
 
-1. Log in to [Cyjax threat intelligence portal](https://cymon.co).
-2. On the top navigation bar, hover the cursor over your user icon and go to **Developer settings**.
-3. Open the personal access token tab.
-4. Generate a new token
+1. Log in to [CYJAX threat intelligence portal](https://cymon.co).
+2. On the top navigation bar, hover the cursor over your user icon and go to **Profile Settings**.
+3. Open the API tokens tab.
+4. Generate a new token and enable the Indicators API scope.
 5. Record the API token, as it will not be accessible after the window is closed.
 
 ## Feed installation
@@ -16,17 +16,17 @@ The feed allows customers to pull indicators of compromise from cyber incidents
 
 ## Configuration
 
-1. Enter feed name eg. `Cyjax Feed`
-2. API URL `https://api.cyberportal.co`
-3. Enter Cyjax API token
-4. Set proxy if required by your installation
-5. Indicator reputation (the reputation set to the indicators fetched from this feed, default is Suspicious)
-6. Source reliability: A - Completely reliable
+1. Enter feed name, e.g., `CYJAX Feed`.
+2. API URL: `https://api.cymon.co/v2`.
+3. Enter CYJAX API token.
+4. Set proxy if required by your installation.
+5. Indicator reputation (the reputation assigned to the indicators fetched from this feed; the default is Suspicious).
+6. Source reliability: A - Completely reliable.
 7. Traffic Light Protocol Color - The Traffic Light Protocol (TLP) designation to apply to indicators fetched from the feed.
-8. Use Cyjax feed TLP (selected by default) - Whether to use TLP set by Cyjax. Will override TLP set above.
-9. Set feed tags. (optional, comma delimited, eg. MyTag, YourTag)
-10. Set Indicator Expiration Method (default is never)
-11. Set fetch interval (default is to fetch every 1 hour)
+8. Use CYJAX feed TLP (selected by default) - Whether to use the TLP set by CYJAX. This will override the TLP set above.
+9. Set feed tags (optional, comma-delimited, e.g., MyTag, YourTag).
+10. Set Indicator Expiration Method (default is never).
+11. Set fetch interval (default is to fetch every 1 hour).
 12. First fetch time. The time interval for the first fetch (retroactive). The default is 3 days.
 13. Test connection.
 14. Click done to save.
@@ -39,32 +39,32 @@ After you successfully execute a command, a DBot message appears in the War Room
 ### !cyjax-get-indicators
 
 ***
-Get indicators from Cyjax API
+Get indicators from the CYJAX API.
 
 | **Argument** | **Description** | **Required** |
 | --- | --- | --- |
 | since | The start date time in ISO 8601 format | Optional |
 | until | The end date time in ISO 8601 format | Optional |
 | type | The indicator type. If not specified all indicators are returned. Allowed values are IPv4, IPv6, Domain, Hostname, Email, FileHash-SHA1, FileHash-SHA256, FileHash-MD5, FileHash-SSDEEP | Optional |
-| source_type | The indicators source type. Allowed values are incidnet-report, my-report | Optional |
-| source_id | The indicators source ID | Optional |
+| source_type | The indicator source type. Allowed values are incident-report, my-report | Optional |
+| source_id | The indicator source ID | Optional |
 | limit | The maximum number of indicators to get. The default value is 50. | Optional |
 
-example: `!cyjax-get-indicators since=2020-10-23T00:00:00 type=IPv4`
+Example: `!cyjax-get-indicators since=2020-10-23T00:00:00 type=IPv4`
 
-### !cyjax-cyjax-indicator-sighting
+### !cyjax-indicator-sighting
 
 ***
-Get Cyjax sighting of a indicator
+Get the CYJAX sighting of an indicator.
 
 | **Argument** | **Description** | **Required** |
 | --- | --- | --- |
 | value | The indicator value | Required |
 
-example: `!cyjax-indicator-sighting value=176.117.5.126`
+Example: `!cyjax-indicator-sighting value=176.117.5.126`
 
 ### !cyjax-unset-indicators-last-fetch-date
 
 ***
-Unset the indicators feed last fetch date. Should only be used if user needs to use `re-fetch` button
-and wants to fetch old indicators from Cyjax. Next feed will use date set in first_fetch (default is last 3 days)
+Unset the indicators feed last fetch date. Should only be used if a user needs to use the `re-fetch` button
+and wants to fetch old indicators from CYJAX. The next feed will use the date set in first_fetch (default is the last 3 days).

Packs/FeedCyjax/ReleaseNotes/1_1_0.md

@@ -0,0 +1,5 @@
+#### Integrations
+##### Cyjax Feed
+- Updated README file
+- Updated CYJAX logo
+- Removed deprecated type comments

Packs/FeedCyjax/pack_metadata.json

@@ -1,9 +1,9 @@
 {
     "name": "Cyjax Feed",
-    "description": "This pack is used to pull indicators of compromise from the Cyjax Threat Intelligence Platform.",
+    "description": "This pack enables the retrieval of indicators of compromise from the CYJAX Threat Intelligence Platform.",
     "support": "partner",
-    "currentVersion": "1.0.32",
-    "author": "Cyjax",
+    "currentVersion": "1.1.0",
+    "author": "CYJAX",
     "url": "https://cyjax.com",
     "email": "devs@cyjax.com",
     "created": "2021-01-06T15:46:16Z",