AnsweredAssumed Answered

Content Bundles/Packs overlap

Question asked by Marinos Roussos on May 14, 2018

https://community.rsa.com/docs/DOC-66412

Is there any article that explains the potential overlap of some of the feeds/META that are used in these bundles?

Are there are any proper removal steps and what happens if some of the content is been use by multiple bundles?

 

I understand that some of the arguments could be that they are all useful and they would never need to be removed, which I’m not denying, but this would be from content team and not from the individual customer’s perspective.

 

A perfect example is what happened to the IR pack when is was "replaced" by hunting pack. We still have META artefacts on our GUI, even after performing all the removal steps from RSA, because these are stored in Mongo and were not included in the steps.

 

-Currently is very hard to identify these unless they are put in a table/excel.

 

-Without this bigger picture it is also challenging to know what would be broken “break” if we removed one of the bundles, I’m guessing manually since there are no removal steps.

Outcomes