dadoford
commented
2 months ago Hello @mjimenezb01
Do you resolve this issue? We are having the same issue here
Open mjimenezb01 opened 10 months ago
dadoford
commented
2 months ago Hello @mjimenezb01
Do you resolve this issue? We are having the same issue here
Name of the app SentinelOne
Describe the bug That app does not work as advertised. When you block a hash with it, the documentation says the blocked hash is put in the global space. The current code does not put the blocked hash in the global space. What the app does is enumerate all the sites and puts the hash in every site. This is incorrect
Additional context Description: The SentinelOne SOAR app (ID 6056) block hash action is not working as intended.
The block hash action is blocking the hash at the site level.
The block hash action begins by enumerating all of the existing sites by their ID and then attempting to block tthe hash at the site level.
The block hash action will error out if it encounters a site that has been deleted.
The documentation states that the hash should be blocked at the global level which is not what the code is doing.