demisto
diff --git a/‎Packs/APIVoid/Integrations/APIVoid/README.md
+524-523 b/‎Packs/APIVoid/Integrations/APIVoid/README.md
+524-523
diff --git a/‎Packs/AzureDataExplorer/Integrations/AzureDataExplorer/README.md
+152-138 b/‎Packs/AzureDataExplorer/Integrations/AzureDataExplorer/README.md
+152-138
diff --git a/‎Packs/AzureDataExplorer/README.md
+2-1 b/‎Packs/AzureDataExplorer/README.md
+2-1
diff --git a/‎Packs/BitDam/Integrations/BitDam/README.md
+1-1 b/‎Packs/BitDam/Integrations/BitDam/README.md
+1-1
diff --git a/‎Packs/CVE_2022_3786_and_CVE_2022_3602_-_OpenSSL_X.509_Buffer_Overflows/README.md
+10-8 b/‎Packs/CVE_2022_3786_and_CVE_2022_3602_-_OpenSSL_X.509_Buffer_Overflows/README.md
+10-8
diff --git a/‎Packs/Cyberwatch/Integrations/Cyberwatch/README.md
+154-99 b/‎Packs/Cyberwatch/Integrations/Cyberwatch/README.md
+154-99
diff --git a/‎Packs/Envoy/Integrations/EnvoyIAM/README.md
+60-68 b/‎Packs/Envoy/Integrations/EnvoyIAM/README.md
+60-68
diff --git a/‎Packs/FeedBlocklist_de/Integrations/FeedBlocklist_de/README.md
+7-7 b/‎Packs/FeedBlocklist_de/Integrations/FeedBlocklist_de/README.md
+7-7
diff --git a/‎Packs/FeedBlocklist_de/README.md
+1-2 b/‎Packs/FeedBlocklist_de/README.md
+1-2
diff --git a/‎Packs/FeedFastly/Integrations/FeedFastly/README.md
+6-5 b/‎Packs/FeedFastly/Integrations/FeedFastly/README.md
+6-5
@@ -1,13 +1,14 @@
 # Azure Data Explorer Pack
+
 Use the Azure Data Explorer pack to collect and analyze data inside Azure Data Explorer clusters, and to manage search queries.<br>
 
 ## What does this pack do?
+
 - Execute a Kusto Query Language (KQL) query against the given database inside a cluster.
 - List search queries that have reached a final state in the given database.
 - List currently executing search queries in the given database.
 - Start a best-effort attempt to cancel a specific running search query in the specified database.
 - Start, complete, or rerun the authorization process.
 - Rest the connectivity to Azure Data Explorer.
 
-
 This pack contains an integration, which was integrated and tested with version V1 of AzureDataExplorer.<br>
@@ -182,4 +182,4 @@
 <h5>Context Example</h5>
 <p>root:{} 4 items<br>BitDam:{} 2 items<br>Analysis:{} 3 items<br>ID:68f009dc92a405d1015026e8e30e6d1598047124<br>Status:DONE<br>Verdict:CLEAN<br>FileScan:{} 1 item<br>SHA1:68f009dc92a405d1015026e8e30e6d1598047124<br>DBotScore:{} 4 items<br>Indicator:68f009dc92a405d1015026e8e30e6d1598047124<br>Score:1<br>Type:File<br>Vendor:BitDam</p>
 <h5>Human Readable Output</h5>
-<p><a href="../../doc_files/47355146-4473a400-d6c9-11e8-8ded-a3f99e31ddb7.png" target="_blank" rel="noopener noreferrer"><img src="../../doc_files/47355146-4473a400-d6c9-11e8-8ded-a3f99e31ddb7.png" alt="image" width="752" height="258"></a></p>
+<p><a href="../../doc_files/47355146-4473a400-d6c9-11e8-8ded-a3f99e31ddb7.png" target="_blank" rel="noopener noreferrer"><img src="../../doc_files/47355146-4473a400-d6c9-11e8-8ded-a3f99e31ddb7.png" alt="image" width="752" height="258"></a></p>
@@ -4,22 +4,24 @@ On November 1, OpenSSL released a [security advisory](https://www.openssl.org/ne
 
 The vulnerability described in CVE-2022-3602 allows an attacker to obtain a 4-byte overflow on the stack by crafting a malicious email address within the attacker-controlled certificate. The overflow will result in a crash (most likely scenario) or potentially remote code execution (much less likely). In CVE-2022-3786, an attacker can achieve a stack overflow of arbitrary length by crafting a malicious email address within the attacker-controlled certificate.
 
-Both vulnerabilities are “triggered through X.509 certificate verification, specifically, name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer.” 
+Both vulnerabilities are “triggered through X.509 certificate verification, specifically, name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer.”
 
 **The playbook includes the following tasks:**
+
 * Hunting for active processes running OpenSSL vulnerable versions using:
-    * Cortex XDR
-    * Splunk
-    * Azure Sentinel
-    * Cortex Xpanse
-    * Prisma
-    * PANOS
+  * Cortex XDR
+  * Splunk
+  * Azure Sentinel
+  * Cortex Xpanse
+  * Prisma
+  * PANOS
 
 **Mitigations:**
+
 * OpenSSL official patch
 
 More information:
 
 [Unit42 Threat Brief: CVE-2022-3786 and CVE-2022-3602: OpenSSL X.509 Buffer Overflows](https://unit42.paloaltonetworks.com/openssl-vulnerabilities/)
 
-[NCSC-NL - OpenSSL overview Scanning software](https://github.com/NCSC-NL/OpenSSL-2022/tree/main/scanning)
+[NCSC-NL - OpenSSL overview Scanning software](https://github.com/NCSC-NL/OpenSSL-2022/tree/main/scanning)
@@ -3,7 +3,6 @@ This integration was integrated and tested with version v2 of Envoy SCIM API.
 
 ## Configure Envoy IAM in Cortex
 
-
 | **Parameter** | **Description** | **Required** |
 | --- | --- | --- |
 | Base URL |  | True |
@@ -19,159 +18,152 @@ This integration was integrated and tested with version v2 of Envoy SCIM API.
 | Outgoing Mapper |  | True |
 
 ## Commands
+
 You can execute these commands from the CLI, as part of an automation, or in a playbook.
 After you successfully execute a command, a DBot message appears in the War Room with the command details.
+
 ### iam-create-user
+
 ***
 Creates a user.
 
-
 #### Base Command
 
 `iam-create-user`
+
 #### Input
 
 | **Argument Name** | **Description** | **Required** |
 | --- | --- | --- |
-| user-profile | User Profile indicator details. | Required | 
-| allow-enable | When set to true, after the command execution the status of the user in the 3rd-party integration will be active. Possible values are: true, false. Default is true. | Optional | 
-
+| user-profile | User Profile indicator details. | Required |
+| allow-enable | When set to true, after the command execution the status of the user in the 3rd-party integration will be active. Possible values are: true, false. Default is true. | Optional |
 
 #### Context Output
 
 | **Path** | **Type** | **Description** |
 | --- | --- | --- |
-| IAM.Vendor.active | Boolean | When true, indicates that the employee's status is active in the 3rd-party integration. | 
-| IAM.Vendor.brand | String | Name of the integration. | 
-| IAM.Vendor.details | string | Provides the raw data from the 3rd-party integration. | 
-| IAM.Vendor.email | String | The employee's email address. | 
-| IAM.Vendor.errorCode | Number | HTTP error response code. | 
-| IAM.Vendor.errorMessage | String | Reason why the API failed. | 
-| IAM.Vendor.id | String | The employee's user ID in the app. | 
-| IAM.Vendor.instanceName | string | Name of the integration instance. | 
-| IAM.Vendor.success | Boolean | When true, indicates that the command was executed successfully. | 
-| IAM.Vendor.username | String | The employee's username in the app. | 
-
+| IAM.Vendor.active | Boolean | When true, indicates that the employee's status is active in the 3rd-party integration. |
+| IAM.Vendor.brand | String | Name of the integration. |
+| IAM.Vendor.details | string | Provides the raw data from the 3rd-party integration. |
+| IAM.Vendor.email | String | The employee's email address. |
+| IAM.Vendor.errorCode | Number | HTTP error response code. |
+| IAM.Vendor.errorMessage | String | Reason why the API failed. |
+| IAM.Vendor.id | String | The employee's user ID in the app. |
+| IAM.Vendor.instanceName | string | Name of the integration instance. |
+| IAM.Vendor.success | Boolean | When true, indicates that the command was executed successfully. |
+| IAM.Vendor.username | String | The employee's username in the app. |
 
 #### Command Example
+
 ``` !iam-create-user user-profile=`{"email": "john.doe@example.com", "givenname": "test", "surname": "test"}` ```
 
 #### Human Readable Output
 
-
-
 ### iam-update-user
+
 ***
 Updates an existing user with the data passed in the user-profile argument.
 
-
 #### Base Command
 
 `iam-update-user`
+
 #### Input
 
 | **Argument Name** | **Description** | **Required** |
 | --- | --- | --- |
-| user-profile | A User Profile indicator. | Required | 
-| allow-enable | When set to true, after the command execution the status of the user in the 3rd-party integration will be active. Possible values are: true, false. Default is true. | Optional | 
-
+| user-profile | A User Profile indicator. | Required |
+| allow-enable | When set to true, after the command execution the status of the user in the 3rd-party integration will be active. Possible values are: true, false. Default is true. | Optional |
 
 #### Context Output
 
 | **Path** | **Type** | **Description** |
 | --- | --- | --- |
-| IAM.Vendor.active | Boolean | When true, indicates that the employee's status is active in the 3rd-party integration. | 
-| IAM.Vendor.brand | String | Name of the integration. | 
-| IAM.Vendor.details | string | Provides the raw data from the 3rd-party integration. | 
-| IAM.Vendor.email | String | The employee's email address. | 
-| IAM.Vendor.errorCode | Number | HTTP error response code. | 
-| IAM.Vendor.errorMessage | String | Reason why the API failed. | 
-| IAM.Vendor.id | String | The employee's user ID in the app. | 
-| IAM.Vendor.instanceName | string | Name of the integration instance. | 
-| IAM.Vendor.success | Boolean | When true, indicates that the command was executed successfully. | 
-| IAM.Vendor.username | String | The employee's username in the app. | 
-
+| IAM.Vendor.active | Boolean | When true, indicates that the employee's status is active in the 3rd-party integration. |
+| IAM.Vendor.brand | String | Name of the integration. |
+| IAM.Vendor.details | string | Provides the raw data from the 3rd-party integration. |
+| IAM.Vendor.email | String | The employee's email address. |
+| IAM.Vendor.errorCode | Number | HTTP error response code. |
+| IAM.Vendor.errorMessage | String | Reason why the API failed. |
+| IAM.Vendor.id | String | The employee's user ID in the app. |
+| IAM.Vendor.instanceName | string | Name of the integration instance. |
+| IAM.Vendor.success | Boolean | When true, indicates that the command was executed successfully. |
+| IAM.Vendor.username | String | The employee's username in the app. |
 
 #### Command Example
+
 ``` !iam-update-user user-profile=`{"email": "john.doe@example.com", "givenname": "John"}` ```
 
 #### Human Readable Output
 
-
-
 ### iam-get-user
+
 ***
 Retrieves a single user resource.
 
-
 #### Base Command
 
 `iam-get-user`
+
 #### Input
 
 | **Argument Name** | **Description** | **Required** |
 | --- | --- | --- |
-| user-profile | A User Profile indicator. | Required | 
-
+| user-profile | A User Profile indicator. | Required |
 
 #### Context Output
 
 | **Path** | **Type** | **Description** |
 | --- | --- | --- |
-| IAM.Vendor.active | Boolean | When true, indicates that the employee's status is active in the 3rd-party integration. | 
-| IAM.Vendor.brand | String | Name of the integration. | 
-| IAM.Vendor.details | string | Provides the raw data from the 3rd-party integration. | 
-| IAM.Vendor.email | String | The employee's email address. | 
-| IAM.Vendor.errorCode | Number | HTTP error response code. | 
-| IAM.Vendor.errorMessage | String | Reason why the API failed. | 
-| IAM.Vendor.id | String | The employee's user ID in the app. | 
-| IAM.Vendor.instanceName | string | Name of the integration instance. | 
-| IAM.Vendor.success | Boolean | When true, indicates that the command was executed successfully. | 
-| IAM.Vendor.username | String | The employee's username in the app. | 
-
+| IAM.Vendor.active | Boolean | When true, indicates that the employee's status is active in the 3rd-party integration. |
+| IAM.Vendor.brand | String | Name of the integration. |
+| IAM.Vendor.details | string | Provides the raw data from the 3rd-party integration. |
+| IAM.Vendor.email | String | The employee's email address. |
+| IAM.Vendor.errorCode | Number | HTTP error response code. |
+| IAM.Vendor.errorMessage | String | Reason why the API failed. |
+| IAM.Vendor.id | String | The employee's user ID in the app. |
+| IAM.Vendor.instanceName | string | Name of the integration instance. |
+| IAM.Vendor.success | Boolean | When true, indicates that the command was executed successfully. |
+| IAM.Vendor.username | String | The employee's username in the app. |
 
 #### Command Example
+
 ``` !iam-get-user user-profile=`{"email": "john.doe@example.com"}` ```
 
 #### Human Readable Output
 
-
-
 ### iam-disable-user
+
 ***
 Disable an active user.
 
-
 #### Base Command
 
 `iam-disable-user`
+
 #### Input
 
 | **Argument Name** | **Description** | **Required** |
 | --- | --- | --- |
-| user-profile | A User Profile indicator. | Required | 
-
+| user-profile | A User Profile indicator. | Required |
 
 #### Context Output
 
 | **Path** | **Type** | **Description** |
 | --- | --- | --- |
-| IAM.Vendor.active | Boolean | When true, indicates that the employee's status is active in the 3rd-party integration. | 
-| IAM.Vendor.brand | String | Name of the integration. | 
-| IAM.Vendor.details | string | Provides the raw data from the 3rd-party integration. | 
-| IAM.Vendor.email | String | The employee's email address. | 
-| IAM.Vendor.errorCode | Number | HTTP error response code. | 
-| IAM.Vendor.errorMessage | String | Reason why the API failed. | 
-| IAM.Vendor.id | String | The employee's user ID in the app. | 
-| IAM.Vendor.instanceName | string | Name of the integration instance. | 
-| IAM.Vendor.success | Boolean | When true, indicates that the command was executed successfully. | 
-| IAM.Vendor.username | String | The employee's username in the app. | 
-
+| IAM.Vendor.active | Boolean | When true, indicates that the employee's status is active in the 3rd-party integration. |
+| IAM.Vendor.brand | String | Name of the integration. |
+| IAM.Vendor.details | string | Provides the raw data from the 3rd-party integration. |
+| IAM.Vendor.email | String | The employee's email address. |
+| IAM.Vendor.errorCode | Number | HTTP error response code. |
+| IAM.Vendor.errorMessage | String | Reason why the API failed. |
+| IAM.Vendor.id | String | The employee's user ID in the app. |
+| IAM.Vendor.instanceName | string | Name of the integration instance. |
+| IAM.Vendor.success | Boolean | When true, indicates that the command was executed successfully. |
+| IAM.Vendor.username | String | The employee's username in the app. |
 
 #### Command Example
+
 ``` !iam-disable-user user-profile=`{"email": "john.doe@example.com", "givenname": "John"}` ```
 
 #### Human Readable Output
-
-
-
@@ -2,7 +2,6 @@ Use the Blocklist.de feed integration to fetch indicators from the feed.
 
 ## Configure Blocklist.de Feed in Cortex
 
-
 | **Parameter** | **Description** | **Required** |
 | --- | --- | --- |
 | Fetch indicators |  | False |
@@ -20,29 +19,30 @@ Use the Blocklist.de feed integration to fetch indicators from the feed.
 | Tags | Supports CSV values. | False |
 
 ## Commands
+
 You can execute these commands from the CLI, as part of an automation, or in a playbook.
 After you successfully execute a command, a DBot message appears in the War Room with the command details.
+
 ### blocklist_de-get-indicators
+
 ***
 Gets the feed indicators.
 
-
 #### Base Command
 
 `blocklist_de-get-indicators`
+
 #### Input
 
 | **Argument Name** | **Description** | **Required** |
 | --- | --- | --- |
-| limit | The maximum number of results to return. The default value is 50. Default is 50. | Optional | 
-| indicator_type | The indicator type. | Optional | 
-
+| limit | The maximum number of results to return. The default value is 50. Default is 50. | Optional |
+| indicator_type | The indicator type. | Optional |
 
 #### Context Output
 
 There is no context output for this command.
 
-
 #### Human Readable Output
 
 ### Indicators
@@ -51,4 +51,4 @@ There is no context output for this command.
 >|---|---|---|
 >| 1.1.1.1 | IP | value: 1.1.1.1<br>type: IP<br>tags: null |
 >| 2.2.2.2 | IP | value: 2.2.2.2<br>type: IP<br>tags: null |
->| 3.3.3.3 | IP | value: 3.3.3.3<br>type: IP<br>tags: null |
+>| 3.3.3.3 | IP | value: 3.3.3.3<br>type: IP<br>tags: null |
@@ -1,7 +1,6 @@
-Use the Blocklist.de feed integration to fetch indicators from the daily Threat Feed and Custom feeds. 
+Use the Blocklist.de feed integration to fetch indicators from the daily Threat Feed and Custom feeds.
 When you configure your servers, you can use this information to reject a connection because of the indicators received from the Blocklist.de feed.
 
-
 ## Custom Feeds
 
 You can connect to a custom Blocklist.de feed by specifying the services from which to process indicators.
 
@@ -2,7 +2,6 @@ Use Fastly Feed to get assigned CIDRs and add them to your firewall's allow-list
 
 ## Configure Fastly Feed in Cortex
 
-
 | **Parameter** | **Description** | **Required** |
 | --- | --- | --- |
 | Fetch indicators |  | False |
@@ -19,23 +18,25 @@ Use Fastly Feed to get assigned CIDRs and add them to your firewall's allow-list
 | Use system proxy settings |  | False |
 
 ## Commands
+
 You can execute these commands from the CLI, as part of an automation, or in a playbook.
 After you successfully execute a command, a DBot message appears in the War Room with the command details.
+
 ### fastly-get-indicators
+
 ***
 Fetches indicators from the feed.
 
-
 #### Base Command
 
 `fastly-get-indicators`
+
 #### Input
 
 | **Argument Name** | **Description** | **Required** |
 | --- | --- | --- |
-| limit | limits the number of context indicators to output. Default is 50. | Optional | 
-
+| limit | limits the number of context indicators to output. Default is 50. | Optional |
 
 #### Context Output
 
-There is no context output for this command.
+There is no context output for this command.