From 584ff2e978fdbfabbb8c915664f50fcd1a02ecf0 Mon Sep 17 00:00:00 2001 From: smitapaloalto <156162707+smitapaloalto@users.noreply.github.com> Date: Thu, 7 Nov 2024 12:00:00 +0530 Subject: [PATCH 1/6] CWP-62010 changes --- .../runtime-security/waas/scan-api-definition.adoc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/en/enterprise-edition/content-collections/runtime-security/waas/scan-api-definition.adoc b/docs/en/enterprise-edition/content-collections/runtime-security/waas/scan-api-definition.adoc index ee4db9ff19..c39fc23f3a 100644 --- a/docs/en/enterprise-edition/content-collections/runtime-security/waas/scan-api-definition.adoc +++ b/docs/en/enterprise-edition/content-collections/runtime-security/waas/scan-api-definition.adoc @@ -59,6 +59,8 @@ image::runtime-security/api-def-scan-list.png[] + You can also filter the API definition files by using the scan date, import source, or file name. +Note: In case of any internal server errors, validate the API definition file for structural issues and upload it again. + [.task] === View API Definition Scan Report Details From 6102f9b8086a0712ad7ee5dd99218443bebdfc2e Mon Sep 17 00:00:00 2001 From: smitapaloalto <156162707+smitapaloalto@users.noreply.github.com> Date: Tue, 12 Nov 2024 11:12:44 +0530 Subject: [PATCH 2/6] Update runtime-audits.adoc --- .../runtime-security/runtime-defense/runtime-audits.adoc | 4 ---- 1 file changed, 4 deletions(-) diff --git a/docs/en/enterprise-edition/content-collections/runtime-security/runtime-defense/runtime-audits.adoc b/docs/en/enterprise-edition/content-collections/runtime-security/runtime-defense/runtime-audits.adoc index 3d34b26ee9..48eba17385 100644 --- a/docs/en/enterprise-edition/content-collections/runtime-security/runtime-defense/runtime-audits.adoc +++ b/docs/en/enterprise-edition/content-collections/runtime-security/runtime-defense/runtime-audits.adoc @@ -23,10 +23,6 @@ This document summarizes all the runtime audits (detections) that are available | |Containers -| launched and is identified as a process used for port scanning -|xref:incident-types/port-scanning.adoc[Port scanning] -|Containers - |Explicitly Denied Process |Indicates that a process listed in the *Denied & fallback* list was spawned. From 3a2ae0b0bae6eb1e45cb3bff0f4646047561c6a6 Mon Sep 17 00:00:00 2001 From: smitapaloalto <156162707+smitapaloalto@users.noreply.github.com> Date: Tue, 12 Nov 2024 12:42:58 +0530 Subject: [PATCH 3/6] CWP-61268 changes --- .../32/admin-guide/waas/waas-api-discovery.adoc | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/docs/en/compute-edition/32/admin-guide/waas/waas-api-discovery.adoc b/docs/en/compute-edition/32/admin-guide/waas/waas-api-discovery.adoc index fced900d66..83cff79894 100644 --- a/docs/en/compute-edition/32/admin-guide/waas/waas-api-discovery.adoc +++ b/docs/en/compute-edition/32/admin-guide/waas/waas-api-discovery.adoc @@ -75,6 +75,23 @@ Select *Export OpenAPI* next to the resource path to export all the API endpoint image::export-api-specifications.png[width=150] +[NOTE] +==== +The export of API endpoints in OpenAPI format does not support custom HTTP methods. The following HTTP methods specified in RFC-7231 section 4.3 are supported: + +* GET +* POST +* PUT +* DELETE +* OPTIONS +* HEAD +* PATCH +* TRACE +* CONNECT + +For more details, refer to the https://datatracker.ietf.org/doc/html/rfc7231#section-4.3[RFC-7231 documentation]. +==== + === Limitations * Click to Protect/Delete/Download openAPI actions apply to all paths in the app, and not possible to select individual paths. From ed244f44af713a091e26a2ce387c80f582680cb5 Mon Sep 17 00:00:00 2001 From: smitapaloalto <156162707+smitapaloalto@users.noreply.github.com> Date: Wed, 13 Nov 2024 12:22:31 +0530 Subject: [PATCH 4/6] Update runtime-audits.adoc --- .../runtime-security/runtime-defense/runtime-audits.adoc | 6 ------ 1 file changed, 6 deletions(-) diff --git a/docs/en/enterprise-edition/content-collections/runtime-security/runtime-defense/runtime-audits.adoc b/docs/en/enterprise-edition/content-collections/runtime-security/runtime-defense/runtime-audits.adoc index 48eba17385..6f09d74bb3 100644 --- a/docs/en/enterprise-edition/content-collections/runtime-security/runtime-defense/runtime-audits.adoc +++ b/docs/en/enterprise-edition/content-collections/runtime-security/runtime-defense/runtime-audits.adoc @@ -253,12 +253,6 @@ Containers | Containers -|Port scanning -|Indicates a process was spawned, that is identified as being used for port scanning. - -* Enable and disable this detection through the *Port scanning* effects, under the Container runtime rule for Networking. -* Avoid audits on specific known and allowed processes, by adding process names to the runtime rule processes *Allowed* list. - |Explicitly Denied IP |Indicates that access to an IP address listed in the *Denied & fallback* list was detected. From ffb3e438463c84a3b535d5ebf7e34f2ad610ae9e Mon Sep 17 00:00:00 2001 From: smitapaloalto <156162707+smitapaloalto@users.noreply.github.com> Date: Fri, 15 Nov 2024 10:11:30 +0530 Subject: [PATCH 5/6] CWP-62376 chnages --- .../agentless-scanning/onboard-accounts/onboard-oci.adoc | 2 +- .../agentless-scanning/configure-accounts/onboard-oci.adoc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/en/compute-edition/33/admin-guide/agentless-scanning/onboard-accounts/onboard-oci.adoc b/docs/en/compute-edition/33/admin-guide/agentless-scanning/onboard-accounts/onboard-oci.adoc index e57aedfa21..d6732a7587 100644 --- a/docs/en/compute-edition/33/admin-guide/agentless-scanning/onboard-accounts/onboard-oci.adoc +++ b/docs/en/compute-edition/33/admin-guide/agentless-scanning/onboard-accounts/onboard-oci.adoc @@ -151,7 +151,7 @@ chmod +x pcc-apply-permissions.sh + [source] ---- -apply pcc-apply-permissions.sh +apply ./pcc-apply-permissions.sh ---- . Verify that the changed statements for the policy are correct and enter `y` to continue. diff --git a/docs/en/enterprise-edition/content-collections/runtime-security/agentless-scanning/configure-accounts/onboard-oci.adoc b/docs/en/enterprise-edition/content-collections/runtime-security/agentless-scanning/configure-accounts/onboard-oci.adoc index ce9ecc0e9f..79170c8326 100644 --- a/docs/en/enterprise-edition/content-collections/runtime-security/agentless-scanning/configure-accounts/onboard-oci.adoc +++ b/docs/en/enterprise-edition/content-collections/runtime-security/agentless-scanning/configure-accounts/onboard-oci.adoc @@ -142,7 +142,7 @@ chmod +x pcc-apply-permissions.sh + [source] ---- -apply pcc-apply-permissions.sh +apply ./pcc-apply-permissions.sh ---- . Verify that the changed statements for the policy are correct and enter `y` to continue. From 5332a8af02a23ad566a087d9227fa05f4eb721b9 Mon Sep 17 00:00:00 2001 From: smitapaloalto <156162707+smitapaloalto@users.noreply.github.com> Date: Fri, 22 Nov 2024 14:42:43 +0530 Subject: [PATCH 6/6] CWP-61776 changes --- docs/en/compute-edition/33/admin-guide/tools/twistcli.adoc | 2 +- .../content-collections/runtime-security/tools/twistcli.adoc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/en/compute-edition/33/admin-guide/tools/twistcli.adoc b/docs/en/compute-edition/33/admin-guide/tools/twistcli.adoc index 9c89c16f53..55da838523 100644 --- a/docs/en/compute-edition/33/admin-guide/tools/twistcli.adoc +++ b/docs/en/compute-edition/33/admin-guide/tools/twistcli.adoc @@ -201,7 +201,7 @@ The following table highlights where functions are disabled, or work differently |Yes |Yes -|`pcf` +|`tas` |`scan` |Yes |No diff --git a/docs/en/enterprise-edition/content-collections/runtime-security/tools/twistcli.adoc b/docs/en/enterprise-edition/content-collections/runtime-security/tools/twistcli.adoc index 64c2133a15..29e7d5bb9d 100644 --- a/docs/en/enterprise-edition/content-collections/runtime-security/tools/twistcli.adoc +++ b/docs/en/enterprise-edition/content-collections/runtime-security/tools/twistcli.adoc @@ -176,7 +176,7 @@ The following table highlights where functions are disabled, or work differently |Yes |Yes -|`pcf` +|`tas` |`scan` |Yes |No