demisto · dorschw · Dec 7, 2021 · Oct 29, 2021 · Nov 24, 2021 · Nov 24, 2021
diff --git a/Packs/Armorblox/.pack-ignore b/Packs/Armorblox/.pack-ignore
diff --git a/Packs/Armorblox/.secrets-ignore b/Packs/Armorblox/.secrets-ignore
@@ -0,0 +1,13 @@
+https://www.armorblox.com
+demo@armorblox.dev
+john_doe@patterson.com
+john_doe@armorblox.dev
+xyz@gmail.com
+drake_hammes@fake-donny.org
+melissa_dach@fake-bessie.com
+tiffany_koss@fake-joaquin.info
+SJ0PR02MB7743A165338D03112AB9CA76B6619@SJ0PR02MB7743.namprd02.prod.outlook.com
+COZgZQYlT8aQXL7GwjQ0Cg@ismtpd0050p1las1.sendgrid.net
+ZHOQs7h8SMax3bCxZ77btg@ismtpd0073p1las1.sendgrid.net
+WloRAaQbQtuv2hMKf5f2AQ@geopod-ismtpd-1-1
+IJWZC9WxS9GHKPNelKCPIA@geopod-ismtpd-4-1
diff --git a/Packs/Armorblox/Author_image.png b/Packs/Armorblox/Author_image.png
diff --git a/Packs/Armorblox/Classifiers/classifier-Armorblox_-_Classifier.json b/Packs/Armorblox/Classifiers/classifier-Armorblox_-_Classifier.json
@@ -0,0 +1,62 @@
+{
+    "defaultIncidentType": "Armorblox",
+    "description": "Classifies Armorblox Incidents.",
+    "feed": false,
+    "id": "e8ded555-9409-4d33-842c-45d29b6ab31c",
+    "keyTypeMap": {
+        "Abuse Report": "Armorblox Abuse Mailbox Report",
+        "Extortion": "Armorblox Inbound Threat",
+        "Graymail": "Armorblox Inbound Threat",
+        "Impersonation: Employee": "Armorblox Inbound Threat",
+        "Impersonation: VIP": "Armorblox Inbound Threat",
+        "Impersonation: VIP (Requesting Gift Card)": "Armorblox Inbound Threat",
+        "Impersonation:Employee": "Armorblox Inbound Threat",
+        "Impersonation:VIP": "Armorblox Inbound Threat",
+        "PCI Bank Account Number": "Armorblox Outbound Threat",
+        "PCI Credit Card Number": "Armorblox Outbound Threat",
+        "PCI IBAN": "Armorblox Outbound Threat",
+        "PCI Routing Number": "Armorblox Outbound Threat",
+        "PII Passport": "Armorblox Outbound Threat",
+        "PII Social Security Number": "Armorblox Outbound Threat",
+        "PII Tax Number": "Armorblox Outbound Threat",
+        "Passwords": "Armorblox Outbound Threat",
+        "Payment Fraud (External)": "Armorblox Inbound Threat",
+        "Payment Fraud (Internal)": "Armorblox Inbound Threat",
+        "Payroll Fraud": "Armorblox Inbound Threat",
+        "Phish URL (Attachment)": "Armorblox Inbound Threat",
+        "Phish URL (Mail Body)": "Armorblox Inbound Threat",
+        "Potential Account Compromise": "Armorblox Inbound Threat",
+        "Ransomware": "Armorblox Inbound Threat",
+        "Social Engineering": "Armorblox Inbound Threat"
+    },
+    "name": "Armorblox - Classifier",
+    "transformer": {
+        "complex": {
+            "accessor": "",
+            "filters": [],
+            "root": "policy_names",
+            "transformers": [
+                {
+                    "args": {
+                        "descending": {
+                            "isContext": false,
+                            "value": {
+                                "complex": null,
+                                "simple": "false"
+                            }
+                        }
+                    },
+                    "operator": "sort"
+                },
+                {
+                    "args": {},
+                    "operator": "FirstArrayElement"
+                }
+            ]
+        },
+        "simple": ""
+    },
+    "type": "classification",
+    "version": -1,
+    "fromVersion": "6.0.0"
+}