Added misconfiguration_workflow and vulnerability_workflow to related integrations

packages/aws/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "4.1.0"
+  changes:
+    - description: Add `vulnerability_workflow` and `misconfiguration_workflow` sub category labels.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/15151
 - version: "4.0.0"
   changes:
     - description: |

packages/aws/manifest.yml

@@ -1,7 +1,7 @@
 format_version: 3.3.2
 name: aws
 title: AWS
-version: 4.0.0
+version: 4.1.0
 description: Collect logs and metrics from Amazon Web Services (AWS) with Elastic Agent.
 type: integration
 categories:
@@ -199,6 +199,7 @@ policy_templates:
     categories:
       - security
       - cloudsecurity_cdr
+      - misconfiguration_workflow
     inputs:
       - type: cel
         title: Collect AWS Config logs via API
@@ -777,6 +778,7 @@ policy_templates:
     categories:
       - security
       - cloudsecurity_cdr
+      - misconfiguration_workflow
     inputs:
       - type: httpjson
         title: Collect AWS Security Hub logs via API
@@ -811,6 +813,7 @@ policy_templates:
     categories:
       - security
       - cloudsecurity_cdr
+      - vulnerability_workflow
     inputs:
       - type: httpjson
         title: Collect Amazon Inspector logs via API

packages/cloud_security_posture/changelog.yml

@@ -16,6 +16,11 @@
 # 1.4.x - 8.9.x
 # 1.3.x - 8.8.x
 # 1.2.x - 8.7.x
+- version: "3.1.0-preview06"
+  changes:
+    - description: Add `vulnerability_workflow` and `misconfiguration_workflow` sub category labels.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/15151
 - version: "3.1.0-preview05"
   changes:
     - description: Adding the input type "cloud_connector_id" for Azure

packages/cloud_security_posture/manifest.yml

@@ -1,14 +1,16 @@
 format_version: 3.3.2
 name: cloud_security_posture
 title: "Security Posture Management"
-version: "3.1.0-preview05"
+version: "3.1.0-preview06"
 source:
   license: "Elastic-2.0"
 description: "Identify & remediate configuration risks in your Cloud infrastructure"
 type: integration
 categories:
   - security
   - cloudsecurity_cdr
+  - misconfiguration_workflow
+  - vulnerability_workflow
 conditions:
   kibana:
     version: "^9.2.0"
@@ -67,6 +69,7 @@ policy_templates:
       - kubernetes
       - security
       - aws
+      - misconfiguration_workflow
     icons:
       - src: /img/logo_kspm.svg
         title: KSPM logo
@@ -95,6 +98,7 @@ policy_templates:
       - cloud
       - aws
       - google_cloud
+      - misconfiguration_workflow
     icons:
       - src: /img/logo_cspm.svg
         title: CSPM logo
@@ -185,6 +189,7 @@ policy_templates:
     categories:
       - security
       - cloud
+      - vulnerability_workflow
     icons:
       - src: /img/logo_vuln_mgmt.svg
         title: Vulnerability Management logo

packages/google_scc/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.1.0"
+  changes:
+    - description: Add `vulnerability_workflow` and `misconfiguration_workflow` sub category label.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/15151
 - version: "2.0.0"
   changes:
     - description: | 

packages/google_scc/manifest.yml

@@ -1,13 +1,15 @@
 format_version: "3.2.3"
 name: google_scc
 title: Google Security Command Center
-version: "2.0.0"
+version: "2.1.0"
 description: Collect logs from Google Security Command Center with Elastic Agent.
 type: integration
 categories:
   - google_cloud
   - security
   - cloudsecurity_cdr
+  - vulnerability_workflow
+  - misconfiguration_workflow
 conditions:
   kibana:
     version: "^8.19.0 || ^9.1.0"

packages/m365_defender/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "4.1.0"
+  changes:
+    - description: Add `vulnerability_workflow` sub category labels.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/15151
 - version: "4.0.2"
   changes:
     - description: Ensure large `$skip` API parameter values are correctly formatted in `vulnerability` data stream.

packages/m365_defender/manifest.yml

@@ -1,11 +1,12 @@
 format_version: "3.4.0"
 name: m365_defender
 title: Microsoft Defender XDR
-version: "4.0.2"
+version: "4.1.0"
 description: Collect logs from Microsoft Defender XDR with Elastic Agent.
 categories:
   - "security"
   - "edr_xdr"
+  - "vulnerability_workflow"
 type: integration
 conditions:
   elastic:

packages/microsoft_defender_cloud/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "3.1.0"
+  changes:
+    - description: Add `vulnerability_workflow` and `misconfiguration_workflow` sub category label.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/15151
 - version: "3.0.0"
   changes:
     - description: |

packages/microsoft_defender_cloud/manifest.yml

@@ -1,12 +1,14 @@
 format_version: '3.3.2'
 name: microsoft_defender_cloud
 title: Microsoft Defender for Cloud
-version: '3.0.0'
+version: '3.1.0'
 description: Collect logs from Microsoft Defender for Cloud with Elastic Agent.
 type: integration
 categories:
   - security
   - cloudsecurity_cdr
+  - vulnerability_workflow
+  - misconfiguration_workflow
 conditions:
   kibana:
     version: '^8.19.4 || ^9.1.4'

packages/microsoft_defender_endpoint/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "3.1.0"
+  changes:
+    - description: Add `vulnerability_workflow` sub category label.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/15151
 - version: "3.0.1"
   changes:
     - description: Extract `process.name` from `process.command_line` in log data stream.

packages/microsoft_defender_endpoint/manifest.yml

@@ -1,13 +1,14 @@
 format_version: "3.4.0"
 name: microsoft_defender_endpoint
 title: Microsoft Defender for Endpoint
-version: "3.0.1"
+version: "3.1.0"
 description: Collect logs from Microsoft Defender for Endpoint with Elastic Agent.
 categories:
   - security
   - edr_xdr
   # Added siem category as Microsoft Defender for Endpoint provides security event data for monitoring and incident response
   - siem
+  - vulnerability_workflow
 type: integration
 conditions:
   kibana:

packages/qualys_vmdr/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "6.10.0"
+  changes:
+    - description: Add `vulnerability_workflow` sub category label.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/15151
 - version: "6.9.0"
   changes:
     - description: Implement X-RateLimit header handling.

packages/qualys_vmdr/manifest.yml

@@ -1,12 +1,13 @@
 format_version: "3.4.0"
 name: qualys_vmdr
 title: Qualys VMDR
-version: "6.9.0"
+version: "6.10.0"
 description: Collect data from Qualys VMDR platform with Elastic Agent.
 type: integration
 categories:
   - security
   - vulnerability_management
+  - vulnerability_workflow
 conditions:
   kibana:
     version: "^8.19.0 || ^9.1.0"

packages/rapid7_insightvm/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.3.0"
+  changes:
+    - description: Add `vulnerability_workflow` sub category label.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/15151
 - version: "2.2.0"
   changes:
     - description: Avoid updating fleet health status to degraded when HTTPJSON template value evaluation is empty.

packages/rapid7_insightvm/manifest.yml

@@ -1,14 +1,15 @@
 format_version: "3.4.0"
 name: rapid7_insightvm
 title: Rapid7 InsightVM
-version: "2.2.0"
+version: "2.3.0"
 source:
   license: "Elastic-2.0"
 description: Collect logs from Rapid7 InsightVM with Elastic Agent.
 type: integration
 categories:
   - security
   - vulnerability_management
+  - vulnerability_workflow
 conditions:
   kibana:
     version: "^8.19.0 || ^9.1.0"

packages/tenable_io/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "4.4.0"
+  changes:
+    - description: Add `vulnerability_workflow` sub category label.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/15151
 - version: "4.3.0"
   changes:
     - description: Add a filter to select the severity level of collected vulnerabilites.

packages/tenable_io/manifest.yml

@@ -1,12 +1,13 @@
 format_version: "3.4.0"
 name: tenable_io
 title: Tenable Vulnerability Management
-version: "4.3.0"
+version: "4.4.0"
 description: Collect logs from Tenable Vulnerability Management with Elastic Agent.
 type: integration
 categories:
   - security
   - vulnerability_management
+  - vulnerability_workflow
 conditions:
   kibana:
     version: "^8.19.0 || ^9.1.0"

packages/wiz/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "3.9.0"
+  changes:
+    - description: Add `vulnerability_workflow` and `misconfiguration_workflow` sub category labels.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/15151
 - version: "3.8.0"
   changes:
     - description: Add title to vulnerability mappings and ingest pipeline for better support in CDR.

packages/wiz/manifest.yml

@@ -1,12 +1,14 @@
 format_version: 3.4.0
 name: wiz
 title: Wiz
-version: "3.8.0"
+version: "3.9.0"
 description: Collect logs from Wiz with Elastic Agent.
 type: integration
 categories:
   - security
   - cloudsecurity_cdr
+  - vulnerability_workflow
+  - misconfiguration_workflow
   # Added cloud category as Wiz provides cloud security analysis and monitoring
   - cloud
   # Added siem category as Wiz provides security event data for monitoring and incident response