Develop

Packs/soc-crowdstrike-falcon/pack_metadata.json

@@ -3,7 +3,7 @@
   "id": "soc-crowdstrike-falcon",
   "description": "This contains the content for XSIAM CrowdStrike Falcon.  This includes layouts, playbooks and incident fields",
   "support": "xsoar",
-  "currentVersion": "1.0.36",
+  "currentVersion": "1.0.37",
   "author": "Cortex XSOAR",
   "url": "https://www.paloaltonetworks.com/cortex",
   "email": "",

Packs/soc-crowdstrike-falcon/xsoar_config.json

@@ -2,7 +2,7 @@
   "custom_packs": [
     {
       "id": "soc-crowdstrike-falcon.zip",
-      "url": "https://github.com/Palo-Cortex/secops-framework/releases/download/soc-crowdstrike-falcon-v1.0.36/soc-crowdstrike-falcon-v1.0.36.zip",
+      "url": "https://github.com/Palo-Cortex/secops-framework/releases/download/soc-crowdstrike-falcon-v1.0.37/soc-crowdstrike-falcon-v1.0.37.zip",
       "system": "yes"
     }
   ],

Packs/soc-optimization-unified/README.md

@@ -11,13 +11,13 @@ This repository outlines a scalable SOC optimization approach tailored for Palo
 ---
 
 ## 1. Enable Auto Triage
-1. Read 👉 [Auto-Triage Usage](../../Documentation/Auto_Triage.md) To Understand How it Closes Cases
+1. Read 👉 [Auto-Triage Usage](https://github.com/Palo-Cortex/soc-optimization/blob/main/Documentation/Documentation/Auto_Triage.md) To Understand How it Closes Cases
 2. Investigation & Response → Automation → Jobs
 3. Check Auto Triage
 4. Click Enable Button
 
 
-![Auto_Triage_Enable.png](../../docs/soc-optimization/Auto_Triage_Enable.png)
+![Auto_Triage_Enable.png](https://github.com/Palo-Cortex/soc-optimization/tree/main/images/Auto_Triage_Enable.png)
 ---
 
 ## 2. Configure Automation Rules
@@ -26,7 +26,7 @@ This repository outlines a scalable SOC optimization approach tailored for Palo
 
    👉 [Learn more about Entry Point playbooks](https://github.com/Palo-Cortex/soc-optimization/blob/main/Documentation/EntryPoints.md)
 
-![Default_Automation_Rules.png](../../docs/soc-optimization/Default_Automation_Rules.png)
+![Default_Automation_Rules.png](https://github.com/Palo-Cortex/soc-optimization/tree/main/images/Default_Automation_Rules.png)
   - **EP_IR_NIST(800-61)** is the *Incident Response Catch-All*.
   - You can create more specific rules above this (e.g., Phishing based on MITRE Technique T1566).
 
@@ -39,13 +39,13 @@ This repository outlines a scalable SOC optimization approach tailored for Palo
   - `Severity >= Medium`
   - `Has MITRE Tactic`
 
-![Starring_NIST_IR.png](../../docs/soc-optimization/Starring_NIST_IR.png)
+![Starring_NIST_IR.png](https://github.com/Palo-Cortex/soc-optimization/tree/main/images/Starring_NIST_IR.png)
 
 ## 4. XSIAM SOC Value Metric Dashboard
 ** Real-time metrics from PoV into production **
 1. Dashboards & Reports → Dashboard → XSIAM SOC Value Metrics
 2. Select 7 Days (More realistic for SOC reporting)
-![Value_Metrics.png](../../docs/soc-optimization/Value_Metrics.png)
+![Value_Metrics.png](https://github.com/Palo-Cortex/soc-optimization/tree/main/images/Value_Metrics.png)
 
 *Tips:* 
 - Alerts must fire playbooks and playbook tasks must run before this dash works. 
@@ -61,7 +61,7 @@ This repository outlines a scalable SOC optimization approach tailored for Palo
 - Incidents that are not marked with a star are automatically triaged using `JOB_-_Triage_Incidents.yml`.
 - Ensures that high-volume, low-risk alerts are handled without manual intervention.
 
-👉 [Auto-Triage Usage](../../docs/soc-optimization/Auto_Triage.md) — Automatically closes non-priority incidents to reduce alert fatigue.
+👉 [Auto-Triage Usage](https://github.com/Palo-Cortex/soc-optimization/tree/main/images/Auto_Triage.md) — Automatically closes non-priority incidents to reduce alert fatigue.
 
 ### 2. **Modular Playbooking with the `Upon Trigger`**
 - The `Upon Trigger` playbook is the engine of modular decision-making.

Packs/soc-optimization-unified/pack_metadata.json

@@ -3,7 +3,7 @@
   "id": "soc-optimization-unified",
   "description": "This contents the content used to leverage processes that the Palo SOC uses including: Playbooks, integrations, layouts, etc.",
   "support": "xsoar",
-  "currentVersion": "3.0.20",
+  "currentVersion": "3.0.21",
   "author": "Cortex XSOAR",
   "url": "https://www.paloaltonetworks.com/cortex",
   "email": "",

Packs/soc-optimization-unified/xsoar_config.json

@@ -8,12 +8,12 @@
   "custom_packs": [
     {
       "id": "soc-optimization-unified.zip",
-      "url": "https://github.com/Palo-Cortex/secops-framework/releases/download/soc-optimization-unified-v3.0.20/soc-optimization-unified-v3.0.20.zip",
+      "url": "https://github.com/Palo-Cortex/secops-framework/releases/download/soc-optimization-unified-v3.0.21/soc-optimization-unified-v3.0.21.zip",
       "system": "yes"
     },
     {
       "id": "soc-common-playbooks-unified.zip",
-      "url": "https://github.com/Palo-Cortex/secops-framework/releases/download/soc-common-playbooks-unified-v2.7.53/soc-common-playbooks-unified-v2.7.5",
+      "url": "https://github.com/Palo-Cortex/secops-framework/releases/download/soc-common-playbooks-unified-v2.7.53/soc-common-playbooks-unified-v2.7.53.zip",
       "system": "yes"
     }
   ],

pack_catalog.json

@@ -19,7 +19,7 @@
     {
       "id": "soc-crowdstrike-falcon",
       "display_name": "SOC CrowdStrike Falcon Integration Enhancement for Cortex XSIAM",
-      "version": "1.0.36",
+      "version": "1.0.37",
       "path": "Packs/soc-crowdstrike-falcon",
       "visible": true,
       "xsoar_config": "https://raw.githubusercontent.com/Palo-Cortex/secops-framework/refs/heads/main/Packs/soc-crowdstrike-falcon/xsoar_config.json"
@@ -59,7 +59,7 @@
     {
       "id": "soc-optimization-unified",
       "display_name": "SOC Framework Unified",
-      "version": "3.0.20",
+      "version": "3.0.21",
       "path": "Packs/soc-optimization-unified",
       "visible": true,
       "xsoar_config": "https://raw.githubusercontent.com/Palo-Cortex/secops-framework/refs/heads/main/Packs/soc-optimization-unified/xsoar_config.json"