by Contributed | Jan 25, 2021 | Technology
This article is contributed. See the original author and article here.
With the proliferation of cyberattacks continuing to grow every day, it’s essential to stay ahead of the challenges and mitigate risk. It is important for security teams to research trends, so that they can protect their environment from the persistent and ever-growing threats, phishing campaigns and other forms of cyberattacks.
DocuSign allows organizations to manage electronic agreements. As part of the DocuSign Agreement Cloud, DocuSign offers eSignature, a way to sign documents electronically on different devices. As your DocuSign use cases continue to grow, the DocuSign Monitor API can be a powerful tool to bolster the integrity of your systems, reinforce company policies and help assure your customers that their sensitive data is in good hands.
In this blog, we will cover the process to integrate Azure Sentinel with critical DocuSign security events to stay on top of signs of intrusion or suspicious activity. The steps below will demonstrate the process to collect for Azure Sentinel which uses an Azure Function to pull DocuSign security events using the DocuSign Monitor API and ingests them into an Azure Log Analytics workspace.
Collecting events from the DocuSign Monitor API
This section explains how to get the activity tracking information for your organization by calling the DocuSign Monitor API endpoint.
You can get the activity tracking information for your organization by calling the DocuSign Monitor API endpoint:
https://<<ORG>>.docusign.net/api/v2.0/datasets/monitor/stream?cursor=={{cursorValue}}&limit={{queryLimit}}
Ex:
https://lens.docusign.net/api/v2.0/datasets/monitor/stream?cursor==&limit=1000
Name
|
Description
|
cursor
|
A string query parameter that specifies the place in your monitoring data from which the request will begin gathering records. Your app can use cursor to keep its place while sifting through monitoring records in a way like how you might use a bookmark to keep your place while reading chapters of a book.
Whenever you successfully call the monitor API endpoint, the response will include an endCursor value which you can use to create the cursor for your next request, enabling you to chunk your downloads as you examine large numbers of event and alert records.
Calls that do not specify a cursor will begin retrieving records from the first event recorded.
Not required. Defaults to 0.
|
limit
|
An Int32 query parameter that specifies the maximum number of records (up to 2000) to be returned in the response.
Not required. Defaults to 1000.
|
When you call the above endpoint, you can supply two parameters, cursorValue and queryLimit, that determine the subset of the monitoring data that will be returned in response JSON.
After a successful call, a set of JSON event and alert records is returned, including an endCursor metadata property.
API response example:
{
"endCursor": "aa_637383858077494473_637383857323373872_1",
"data": [
{
"timestamp": "2020-10-15T19:08:52.3373872Z",
"eventId": "8a977c98-xxxx-xxxx-xxxx-44b8149a905d",
"site": "DEMO",
"accountId": "692934c6-xxxx-xxxx-xxxx-5b0741b5dd7f",
"organizationId": "",
"userId": "524faa2d-xxxx-xxxx-xxxx-072d88c7effc",
"integratorKey": "QTES-f79957b2-xxxx-xxxx-xxxx-80e57adfbb8e",
"userAgent": "Faraday v0.15.3",
"userAgentClientInfo": {
"browser": {
"family": "Other",
"version": {}
},
"device": {
"family": "Other",
"brand": "",
"model": ""
},
"os": {
"family": "Other",
"version": {}
}
},
"ipAddress": "162.xxx.xx.1",
"ipAddressLocation": {
"latitude": xx.74,
"longitude": -xx.99,
"country": "US",
"state": "Colorado",
"city": "Denver"
},
"object": "Account",
"action": "Updated",
"property": "SecurityPolicy",
"field": "RecipientAuthenticationSettings",
"result": "Optional",
"data": {}
}
]
}
Name
|
Description
|
endCursor
|
A string value that specifies the place in your monitoring data from which your next request can begin to continue getting records data from the place this request ended.
Use the value of endCursor to begin your next query from this spot in your records.
|
Deploying the DocuSign connector
This section explains how to use the ARM template to deploy the data connector to ingest DocuSign security events into Azure Log Analytics Workspace
To access the ARM template, navigate to https://github.com/Azure/Azure-Sentinel/tree/master/DataConnectors/DocuSign-SecurityEvents
- Click the Deploy to Azure Button
- Enter values for the following parameters
- “DocuSignOAuthAccessToken”: This is the DocuSign OAuth Token
- “Workspace Id”: Azure Log Analytics Workspace Id
- “Workspace Key”: Azure Log Analytics Workspace Key
- “CustomLogTableName”: Azure Log Analytics Custom Log Table Name
- “Function Schedule”: The `TimerTrigger` makes it incredibly easy to have your functions executed on a schedule. The default **Time Interval** is set to pull the last ten (10) minutes of data.
Note: DocuSignOAuthAccessToken and Workspace Key values will be placed as “Secrets” in the docusignkv<<uniqueid>> Azure KeyVault
For complete instructions, please refer to README.md
Security events that can be collected from DocuSign Monitor API
Once it has been deployed, the data connector will be able to collect the following events from your DocuSign organization:
Ex:
- Account administrator added.
- Account password rules updated.
- Account user deleted.
The complete list of all events that can be collected from DocuSign can be found here
Example analytics rules using DocuSign event data
Once DocuSign security events are ingested into your Azure Sentinel Workspace, you can create a custom analytics rule with a scheduled query to help you discover threats and anomalous behaviors that may be present in your organization.
Below are some examples of analytics rules you could run against your ingested DocuSign data:
Rule #1:
Description: User fails six or more login attempts in an hour
DocuSignSecurityEvents_CL
| where TimeGenerated > ago(1h)
| where object_s == 'User'
| where action_s == 'Login'
| where field_s == 'Status'
| where result_s == 'Failed'
| summarize Attempts = count() by userId_s, accountId_g
| where Attempts >= 6
Rule #2:
Description: Admin initiates a bulk account export
DocuSignSecurityEvents_CL
| where TimeGenerated > ago(1h)
| where object_s == 'Organization'
| where action_s == 'Initiated'
| where property_s == 'BulkAccountsExport'
Rule #3:
Description: When a bulk user settings export is initiated
DocuSignSecurityEvents_CL
| where TimeGenerated > ago(1h)
| where object_s == 'Organization'
| where action_s == 'Initiated'
| where property_s == 'BulkUsersExport'
Summary
This post outline the key components that are necessary to ingest DocuSign security events to Azure Log Analytics using DocuSign Monitor API. The DocuSign security events data connector helps to protect your organization’s electronic agreements with round-the-clock activity tracking and provides near real-time visibility across your DocuSign organization operations which helps security teams to detect potential threats, investigate incidents and respond decisively. Try it out, and let us know what you think!
We will be continuing to develop and add custom analytics rules and hunting queries for DocuSign security event data over time so make sure you keep an eye on Azure Sentinel GitHub repo. As always if you have your own ideas for queries or detections please feel free to contribute to the Azure Sentinel community.
With thanks to @Sarah_Young, @Cristhofer Munoz and @Chi_Nguyen for their input into this blog post.
by Contributed | Jan 25, 2021 | Technology
This article is contributed. See the original author and article here.
Join us Monday, 12 noon EST, for MidDay Café where Microsoft’s Gregory Lisiak will be covering the Microsoft COVID Vaccine Health Bot to assist organizations in implementing, and leveraging, the bot. Additionally, Microsoft’s Samantha Brown, Mark Litwin, Pete Anello, and Patrick Miller, will be joining me to bring you the latest in Microsoft News, Events, and more.
Mid-Day Café is a new, weekly, fast paced, live web series by the HLS Group. Join us each Monday at 12 noon eastern.
February 1st Lineup:
- Welcome and Introductions.
- Mid-Day Café News in 2!
- Upcoming HLS Events in 1!
- COVID Vaccine Health Bot featuring Gregory Lisiak.
- Open Q&A
- Wrap Up
How to join:
Thanks for visiting – Michael Gannotti LinkedIn | Twitter
Michael Gannotti
by Contributed | Jan 25, 2021 | Technology
This article is contributed. See the original author and article here.
Today, we are pleased to share an update on the roll out status of the Windows 10 Team 2020 Update. Our last update that was shared in December can be found here.
With the start of a new year, we continue to hear from our customers that they are navigating hybrid work environments. While some companies around the world have begun their returns to the office, many are still working from home and other remote locations. From higher education to manufacturing, customers are relying on Surface Hub more than ever to stay connected and maintain business continuity. We feel a deep sense of responsibility to support our customers in this time, by providing a quality experience and ongoing transparency.
In this time of increased reliance on Surface Hub we have been laser focused on providing a high-quality rollout of the Windows 10 Team 2020 Update. We are continuously working with customers and partners and actively monitoring the deployment of the Windows 10 Team 2020 update globally.
As we look at the data, combined with the continuous efforts of our engineering teams to resolve known issues, we plan to continue the deployment of Windows 10 Team 2020 as detailed below:
Surface Hub 2S
- Windows Update will be available for the remaining throttled regions in late February 2021.
- Windows Update for Business is currently available globally and will remain available.
- Bare Metal Recovery (BMR) image is currently available for download and will remain available.
Surface Hub (first-generation)
- Windows Update will become available based on throttle regions for both 55” and 84” devices in late February 2021.
- Windows Update for Business will be available globally for both 55” and 84” devices beginning late February 2021.
- Surface Hub Recovery Tool (SHRT) with the Windows 10 Team 2020 image is currently available for download and will remain available.
Quality updates and fixes for known issues are expected to land for all devices during the same timeframe. Windows 10 Team, version 1703 (RS2) will remain supported through March 16, 2021. Please make sure to read the known issues list before updating your devices to Windows 10 Team 2020.
by Contributed | Jan 25, 2021 | Technology
This article is contributed. See the original author and article here.
With an uncompromised goal to provide our customers with the ideal, fast, and smooth user experience, we’re excited to announce the latest significant performance improvements in Excel for the web.
We have addressed and improved several scenarios, including opening workbooks, navigating within a workbook, and other interactions. Check out all the improvements we’ve made below:
Loading – We’ve significantly reduced the time it takes to load a workbook, making it faster for you to start working in Excel for the web.
Scrolling – Scrolling is a fundamental part of working in Excel. Now, even in incredibly complex sheets, scrolling is smooth and fast.
Scrolling in Excel for the Web
Selection – Even more fundamental than scrolling, is the need to interact with content in your workbook. We have optimized the speed of cell selection, so you’ll experience less lag and a more fluid experience when working in the grid.
Selection in Excel for the Web
Navigating – We optimized several navigation actions: find/search, Go-To, page-up and page-down are all now faster.
Modifying – We developed faster cell editing and formatting experiences.
Our team is always working on performance improvements and we’re dedicated to improve the user experience for Excel for the web. Your input is vital to help us ensure that we continue to address the areas of improvement that customers like you have communicated through Send us a Smile or Frown. Want to be more involved in the process? Stay connected with us and other Excel enthusiasts in the Excel Tech Community, read and comment on our Excel blog posts, and send us your ideas and suggestions for the next version of Excel through UserVoice. Don’t forget to follow Excel on Facebook and Twitter!
Want to learn more on Excel for the web? Stay informed on recent changes by regularly visiting What’s New in Excel for the web.
Thanks for reading, and for your interest in Excel!
Danielle Rifinski Fainman
Dror Yashar
-Microsoft Excel Team
by Contributed | Jan 25, 2021 | Technology
This article is contributed. See the original author and article here.
By Anusha Ammaluru
This time we bring you a blog article about Cucumber, Selenium and Integration with Azure DevOps, let’s get started and welcome to the journey to learn Cucumber.
The blog post will cover the following topics:
- Cucumber Introduction
- Setup Cucumber with Selenium in Eclipse
- Cucumber Basics
- Eclipse Integration with Azure DevOps
Cucumber Introduction
Cucumber is a tool that supports Behaviour-Driven Development(BDD). It lets us define application behavior in plain meaningful English text using a simple grammar defined by a language called Gherkin. Cucumber itself is written in Ruby, but it can be used to “test” code written in Ruby or other languages.
Cucumber is one of the most powerful tools. It offers us the real communication layer on top of a robust testing framework. The tool can help run automation tests on wide-ranging testing needs from the backend to the frontend. Moreover, Cucumber creates deep connections among members of the testing team, which we hardly found in other testing frameworks.
What is Gherkin? It is a simple, lightweight, and structured language, which uses regular spoken language to describe user requirements and scenarios. Examples of regular spoken language are English, French, and around 30 more languages. Gherkin contains a set of syntax/keywords
Feature: Defines the feature (generally a user story)
Given: Specifies the pre-condition of the test
And: Defines additional conditions of the test
Then: States the post-condition/expected result of the test
Key points to note:
- The test is written in plain English, which is common to all the domains of your project team.
- This test is structured that makes it capable of being read in an automated way. Thereby creating automation tests at the same time while describing the scenario.
Setup Cucumber with Selenium in Eclipse
- Setup java
- Download the latest version of Java from https://www.oracle.com/technetwork/java/javase/downloads/index.html
Download .exe file
- Install Java by double-clicking on the .exe file and proceed with default options
- Set up Java Environment Path
- Type Env in the windows search and click on the ‘Environment Variables’ option
- Click on Path in the System variables and click the ‘Edit’ button
- Add folder path where the JDK is installed and click the ‘OK’ button
- Go to Command Prompt and type java -version If you see a screen like below, Java is installed
- Setup Eclipse
- Download Eclipse Photon from https://www.eclipse.org/downloads/packages/release/photon/rc3, if you are going to maintain the repo in Azure DevOps, I had faced issues earlier with other bundles.
- Select Eclipse IDE for Java Developers and Install
- Launch the eclipse and select a workspace folder to save your repo
- Install Cucumber Plugin for Eclipse
- Launch the Eclipse IDE and from the Help menu, click “Install New Software”.
- You will see a dialog window, click the “Add” button.
- Enter the name “Cucumber” and location as “http://cucumber.github.com/cucumber-eclipse/update-site”. Click the ‘OK’ button.
- Check the ‘Cucumber Eclipse Plugin’ and click next to install
- You may or may not encounter a Security warning, but if you do just click the ‘OK’ button.
- Restart Eclipse for the changes to take effect
- Download Cucumber JARS from Maven Repo
- Go to https://search.maven.org.
- Search for cucumber-core in the Central Maven Repository.
- Download jar file
- Similarly, search for all the below libs in the Maven repo and download JAR’s
- Download Selenium
- Download WebDriver Java client from Selenium website
- Extract the files and save it in your local folder
- Configure Eclipse with Cucumber and Selenium WebDriver libs
- Go to Eclipse : File-> New -> Project -> Select Maven
- Click the ‘Next’ button
- Filter Cucumber and select cucumber-archetype
- Enter Group Id and Artifact Id and click the ‘Finish’ button
- Add Selenium Jars
- Right-click on Project ‘CucumberTest > Select Properties > Java build path. Then navigate to the Libraries tab and click Add External JARs.
- Browse to the local folder where the selenium jars are saved and select all the jars and add
- Go to the lib folder and add all the remaining Jars
- Click ok
- Add Cucumber Jars
- Right-click on Project ‘CucumberTest > Select Properties > Java build path. Then navigate to the Libraries tab and click Add External JARs.
- Browse to the local folder where the cucumber jars are saved and select all the jars and add
- Click the ‘Ok’ button
- Now we are all set :smiling_face_with_smiling_eyes:
Cucumber Basics
- Cucumber Feature File
- An entry point to the Cucumber tests. It contains a list of scenarios/test cases written in natural English language using Gherkin keywords
- Create a package in eclipse project -> name it as ‘Features’
- Right-click on the ‘Features’ package and create a file -> name it as ‘DemoTest.feature’
- Add a Feature: Name and description and a scenario underneath like the below example
- Step Definitions
- Add selenium java code in the step definition methods corresponding to feature files.
- Sample code:
@Given(“user is on home page“)
public void user_is_on_home_page() {
driver.get(“https://pul-ai-anu.azurewebsites.net/“);
driver.manage().timeouts().pageLoadTimeout(100, TimeUnit.SECONDS);
}
@When(“I click on login link“)
public void i_click_on_login_link() {
login = new LoginPage(driver);
login.lnk_Login.click();
driver.manage().timeouts().implicitlyWait(20, TimeUnit.SECONDS);
}
@When(“I enter username {string}“)
public void i_enter_username(String email) {
login = new LoginPage(driver);
login.txtbx_UserName.sendKeys(email);
driver.manage().timeouts().implicitlyWait(20, TimeUnit.SECONDS);
}
@@When(“I enter password {string}“
public void i_enter_password(String password) {
login = new LoginPage(driver);
login.txtbx_Password.sendKeys(password);
driver.manage().timeouts().implicitlyWait(20, TimeUnit.SECONDS);
}
@When(“I click on login button“)
public void i_click_on_login_button() {
login = new LoginPage(driver);
login.btn_Login.click();
driver.manage().timeouts().pageLoadTimeout(100, TimeUnit.SECONDS);
}
@Then(“I verify the login is successful“)
public void i_verify_the_login_is_successful() {
login = new LoginPage(driver);
assert(login.lnk_profile.isEnabled());
}
Junit Test Runner Class
package runner;
import io.cucumber.junit.Cucumber;
import io.cucumber.junit.CucumberOptions;
import org.junit.runner.RunWith;
@RunWith(Cucumber.class)
@CucumberOptions(plugin = {“pretty“},
features= “srctestresourcesfeatures” ,
glue= “stepDefinitions“)
public class RunCucumberTest {
}
Right-click on TestRunner class and Click Run As > JUnit Test Application
Test Run Report will be shown like this
Eclipse Integration with Azure DevOps
Conclusion
I have created a sample Java Maven project using the Selenium Page factory and Cucumber in GitHub https://github.com/anu-01/CucumberSelenliumPageFactory. This is a great place to get started with a Cucumber-based framework.
Recent Comments