add zscaler and insecure and f5

Workbooks/Images/Logos/zscaler_logo.svg

@@ -0,0 +1,3 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" width="52" height="32" viewBox="0 0 52 32">
+<path fill="#009cda" d="M51.511 16.284c0.838 5.118-3.604 8.001-8.11 8.334-2.868 5.892-12.975 9.87-21.728 5.581-3.748 0.569-5.8-0.368-7.384-2.163 3.202-4.12 12.899-11.534 24.745-7.709 6.322 2.050 7.965-2.751 6.38-4.544-5.966-6.776-19.44-0.676-19.92-0.169 5.287-8.099 24.212-10.372 26.017 0.669zM33.371 6.989c0.033-0.012-4.302-1.543-10.361 1.076-0.293-0.107-0.531-0.211-0.761-0.327l0.040 0.018c5.833-3.88 10.944-5.525 15.315-4.884-2.648-3.046-15.361-5.284-22.646 2.018-9.005-1.776-15.302 5.848-14.943 12.821s7.964 11.307 12.292 10.132c0.047-0.006 0.101-0.010 0.156-0.010s0.109 0.004 0.163 0.010l-0.006-0.001c0.967-4.605 4.879-15.32 20.752-20.854z"></path>
+</svg>

Workbooks/WorkbooksMetadata.json

@@ -2,11 +2,11 @@
   {
     "workbookKey": "AzureActivityWorkbook",
     "logoFileName": "azureactivity_logo.svg",
-    "description": "Gain extensive insight into your organization's Azure Activity by analyzing, and correlating all user operations and events.\nYou can learn about all user operations, trends, and anomalous changes over time.nThis dashboard gives you the ability to drill down into caller activities and summarize detected failure and warning events.",
+    "description": "Gain extensive insight into your organization's Azure Activity by analyzing, and correlating all user operations and events.\nYou can learn about all user operations, trends, and anomalous changes over time.\nThis workbook gives you the ability to drill down into caller activities and summarize detected failure and warning events.",
     "dataTypesDependencies": [ "AzureActivity" ],
     "datasourceCardKeysDependencies": [ "AzureActivity" ],
     "previewImagesFileNames": [ "AzureActivityWhite1.png", "AzureActivityBlack1.png" ],
-    "version": "1.1",
+    "version": "1.2",
     "title": "Azure Activity",
     "templateRelativePath": "AzureActivity.json",
     "subtitle": "",
@@ -14,12 +14,12 @@
   },
   {
     "workbookKey": "IdentityAndAccessWorkbook",
-    "logoFileName": "",
-    "description": "Gain insights into Identity and access operations by collecting and analyzing security logs, using the audit and sign-in logs to gather insights into use of Microsoft products.\nYou can view anomalies and trends across login events from all users and machines. This dashboard also identifies suspicious entities from login and access events.",
+    "logoFileName": "Microsoft_logo.svg",
+    "description": "Gain insights into Identity and access operations by collecting and analyzing security logs, using the audit and sign-in logs to gather insights into use of Microsoft products.\nYou can view anomalies and trends across login events from all users and machines. This workbook also identifies suspicious entities from login and access events.",
     "dataTypesDependencies": [ "SecurityEvent" ],
     "datasourceCardKeysDependencies": [ "SecurityEvent" ],
     "previewImagesFileNames": [ "IdentityAndAccessWhite.png", "IdentityAndAccessBlack.png" ],
-    "version": "1.0",
+    "version": "1.1",
     "title": "Identity & Access",
     "templateRelativePath": "IdentityAndAccess.json",
     "subtitle": "",
@@ -41,12 +41,12 @@
   {
     "workbookKey": "CiscoWorkbook",
     "logoFileName": "cisco_logo.svg",
-    "description": "Gain insight into your Cisco ASA firewalls by analyzing traffic, events, and firewall operations.\nThis workbook analyzes Cisco ASA threat events and identifies suspicious ports, users, protocols and IP addresses.\nYou can learn about trends across user and data traffic directions, and drill down into the Cisco filter results.\nEasily detect attacks on your organization by monitoring management operations, such as configuration and logins.",
+    "description": "Gain insights into your Cisco ASA firewalls by analyzing traffic, events, and firewall operations.\nThis workbook analyzes Cisco ASA threat events and identifies suspicious ports, users, protocols and IP addresses.\nYou can learn about trends across user and data traffic directions, and drill down into the Cisco filter results.\nEasily detect attacks on your organization by monitoring management operations, such as configuration and logins.",
     "dataTypesDependencies": [ "CommonSecurityLog" ],
     "datasourceCardKeysDependencies": [ "Cisco" ],
     "previewImagesFileNames": [ "CiscoWhite.png", "CiscoBlack.png" ],
-    "version": "1.0",
-    "title": "Cisco",
+    "version": "1.1",
+    "title": "Cisco - ASA",
     "templateRelativePath": "Cisco.json",
     "subtitle": "",
     "provider": "Microsoft"
@@ -54,11 +54,11 @@
   {
     "workbookKey": "ExchangeOnlineWorkbook",
     "logoFileName": "office365_logo.svg",
-    "description": "Gain insights into Microsoft Exchange online by tracing and analyzing all Exchange operations and user activities.\nThis dashboard let you monitor user activities, including logins, account operations, permission changes, and mailbox creations to discover suspicious trends among them.",
+    "description": "Gain insights into Microsoft Exchange online by tracing and analyzing all Exchange operations and user activities.\nThis workbook let you monitor user activities, including logins, account operations, permission changes, and mailbox creations to discover suspicious trends among them.",
     "dataTypesDependencies": [ "OfficeActivity" ],
     "datasourceCardKeysDependencies": [ "Office365" ],
     "previewImagesFileNames": [ "ExchangeOnlineWhite.png", "ExchangeOnlineBlack.png" ],
-    "version": "1.0",
+    "version": "1.1",
     "title": "Exchange Online",
     "templateRelativePath": "ExchangeOnline.json",
     "subtitle": "",
@@ -67,20 +67,20 @@
   {
     "workbookKey": "PaloAltoOverviewWorkbook",
     "logoFileName": "paloalto_logo.svg",
-    "description": "Gain insight and comprehensive monitoring into Palo Alto firewalls by analyzing traffic and activities.\nThis workbook correlates all Palo Alto data with threat events to identify suspicious entities and relationships.\nYou can learn about trends across user and data traffic, and drill down into Palo Alto Wildfire and filter results.",
+    "description": "Gain insights and comprehensive monitoring into Palo Alto firewalls by analyzing traffic and activities.\nThis workbook correlates all Palo Alto data with threat events to identify suspicious entities and relationships.\nYou can learn about trends across user and data traffic, and drill down into Palo Alto Wildfire and filter results.",
     "dataTypesDependencies": [ "CommonSecurityLog" ],
     "datasourceCardKeysDependencies": [ "PaloAlto" ],
     "previewImagesFileNames": [ "PaloAltoOverviewWhite1.png", "PaloAltoOverviewBlack1.png", "PaloAltoOverviewWhite2.png", "PaloAltoOverviewBlack2.png", "PaloAltoOverviewWhite3.png", "PaloAltoOverviewBlack3.png" ],
-    "version": "1.0",
+    "version": "1.1",
     "title": "Palo Alto overview",
     "templateRelativePath": "PaloAltoOverview.json",
     "subtitle": "",
-    "provider": "Palo Alto Networks"
+    "provider": "Microsoft"
   },
   {
     "workbookKey": "PaloAltoNetworkThreatWorkbook",
     "logoFileName": "paloalto_logo.svg",
-    "description": "Gain insight into Palo Alto network activities by analyzing threat events.\nYou can extract meaningful security information by correlating data between threats, applications, and time.\nThis workbook makes it easy to track malware, vulnerability, and virus log events.",
+    "description": "Gain insights into Palo Alto network activities by analyzing threat events.\nYou can extract meaningful security information by correlating data between threats, applications, and time.\nThis workbook makes it easy to track malware, vulnerability, and virus log events.",
     "dataTypesDependencies": [ "CommonSecurityLog" ],
     "datasourceCardKeysDependencies": [ "PaloAlto" ],
     "previewImagesFileNames": [ "PaloAltoNetworkThreatWhite1.png", "PaloAltoNetworkThreatBlack1.png", "PaloAltoNetworkThreatWhite2.png", "PaloAltoNetworkThreatBlack2.png" ],
@@ -93,11 +93,11 @@
   {
     "workbookKey": "FortigateWorkbook",
     "logoFileName": "fortinet_logo.svg",
-    "description": "Gain insights into Fortigate firewalls by analyzing traffic and activities.\nThis dashboard finds correlations in Fortigate threat events and identifies suspicious ports, users, protocols and IP addresses.\nYou can learn about trends across user and data traffic, and drill down into the Fortigate filter results.\nEasily detect attacks on your organization by monitoring management operations such as configuration and logins.",
+    "description": "Gain insights into Fortigate firewalls by analyzing traffic and activities.\nThis workbook finds correlations in Fortigate threat events and identifies suspicious ports, users, protocols and IP addresses.\nYou can learn about trends across user and data traffic, and drill down into the Fortigate filter results.\nEasily detect attacks on your organization by monitoring management operations such as configuration and logins.",
     "dataTypesDependencies": [ "CommonSecurityLog" ],
     "datasourceCardKeysDependencies": [ "Fortinet" ],
     "previewImagesFileNames": [ "FortigateWhite.png", "FortigateBlack.png" ],
-    "version": "1.0",
+    "version": "1.1",
     "title": "FortiGate",
     "templateRelativePath": "Fortigate.json",
     "subtitle": "",
@@ -106,11 +106,11 @@
   {
     "workbookKey": "DnsWorkbook",
     "logoFileName": "dns_logo.svg",
-    "description": "Gain extensive insight into your organization's DNS by analyzing, collecting and correlating all DNS events.\nThis dashboard exposes a variety of information about suspicious queries, malicious IP addresses and domain operations.",
+    "description": "Gain extensive insight into your organization's DNS by analyzing, collecting and correlating all DNS events.\nThis workbook exposes a variety of information about suspicious queries, malicious IP addresses and domain operations.",
     "dataTypesDependencies": [ "DnsInventory", "DnsEvents" ],
     "datasourceCardKeysDependencies": [ "DNS" ],
     "previewImagesFileNames": [ "DnsWhite.png", "DnsBlack.png" ],
-    "version": "1.0",
+    "version": "1.1",
     "title": "DNS",
     "templateRelativePath": "Dns.json",
     "subtitle": "",
@@ -119,11 +119,11 @@
   {
     "workbookKey": "Office365Workbook",
     "logoFileName": "office365_logo.svg",
-    "description": "Gain insights into Office 365 by tracing and analyzing all operations and activities. You can drill down into your SharePoint, OneDrive, and Exchange.\nThis dashboard lets you find usage trends across users, files, folders, and mailboxes, making it easier to identify anomalies in your network.",
+    "description": "Gain insights into Office 365 by tracing and analyzing all operations and activities. You can drill down into your SharePoint, OneDrive, and Exchange.\nThis workbook lets you find usage trends across users, files, folders, and mailboxes, making it easier to identify anomalies in your network.",
     "dataTypesDependencies": [ "OfficeActivity" ],
     "datasourceCardKeysDependencies": [ "Office365" ],
     "previewImagesFileNames": [ "Office365White1.png", "Office365Black1.png", "Office365White2.png", "Office365Black2.png", "Office365White3.png", "Office365Black3.png" ],
-    "version": "1.1",
+    "version": "1.2",
     "title": "Office 365",
     "templateRelativePath": "Office365.json",
     "subtitle": "",
@@ -136,7 +136,7 @@
     "dataTypesDependencies": [ "OfficeActivity" ],
     "datasourceCardKeysDependencies": [ "Office365" ],
     "previewImagesFileNames": [ "SharePointAndOneDriveBlack1.png", "SharePointAndOneDriveBlack2.png", "SharePointAndOneDriveWhite1.png", "SharePointAndOneDriveWhite2.png" ],
-    "version": "1.0",
+    "version": "1.1",
     "title": "SharePoint & OneDrive",
     "templateRelativePath": "SharePointAndOneDrive.json",
     "subtitle": "",
@@ -162,7 +162,7 @@
     "dataTypesDependencies": [ "VMConnection", "ServiceMapComputer_CL", "ServiceMapProcess_CL" ],
     "datasourceCardKeysDependencies": [],
     "previewImagesFileNames": [ "VMInsightBlack1.png", "VMInsightWhite1.png" ],
-    "version": "1.2",
+    "version": "1.3",
     "title": "VM insights",
     "templateRelativePath": "VirtualMachinesInsights.json",
     "subtitle": "",
@@ -175,7 +175,7 @@
     "dataTypesDependencies": [ "AuditLogs" ],
     "datasourceCardKeysDependencies": [ "AAD" ],
     "previewImagesFileNames": [ "AzureADAuditLogsBlack1.png", "AzureADAuditLogsWhite1.png" ],
-    "version": "1.0",
+    "version": "1.1",
     "title": "Azure AD Audit logs",
     "templateRelativePath": "AzureActiveDirectoryAuditLogs.json",
     "subtitle": "",
@@ -197,11 +197,11 @@
   {
     "workbookKey": "WebApplicationFirewallOverviewWorkbook",
     "logoFileName": "waf_logo.svg",
-    "description": "Gain insight into your organization's Azure web application firewall (WAF). You will get a general overview of your application gateway firewall and application gateway access events.",
+    "description": "Gain insights into your organization's Azure web application firewall (WAF). You will get a general overview of your application gateway firewall and application gateway access events.",
     "dataTypesDependencies": [ "AzureDiagnostics" ],
     "datasourceCardKeysDependencies": [ "WAF" ],
     "previewImagesFileNames": [ "WAFOverviewBlack.png", "WAFOverviewWhite.png" ],
-    "version": "1.0",
+    "version": "1.1",
     "title": "Microsoft Web Application Firewall (WAF) - overview",
     "templateRelativePath": "WebApplicationFirewallOverview.json",
     "subtitle": "",
@@ -210,11 +210,11 @@
   {
     "workbookKey": "WebApplicationFirewallFirewallEventsWorkbook",
     "logoFileName": "waf_logo.svg",
-    "description": "Gain insight into your organization's Azure web application firewall (WAF). You will get visibility in to your application gateway firewall. You can view anomalies and trends across all firewall event triggers, attack events, blocked URL addresses and more.",
+    "description": "Gain insights into your organization's Azure web application firewall (WAF). You will get visibility in to your application gateway firewall. You can view anomalies and trends across all firewall event triggers, attack events, blocked URL addresses and more.",
     "dataTypesDependencies": [ "AzureDiagnostics" ],
     "datasourceCardKeysDependencies": [ "WAF" ],
     "previewImagesFileNames": [ "WAFFirewallEventsBlack1.png", "WAFFirewallEventsBlack2.png", "WAFFirewallEventsWhite1.png", "WAFFirewallEventsWhite2.png" ],
-    "version": "1.0",
+    "version": "1.1",
     "title": "Microsoft Web Application Firewall (WAF) - firewall events",
     "templateRelativePath": "WebApplicationFirewallFirewallEvents.json",
     "subtitle": "",
@@ -223,11 +223,11 @@
   {
     "workbookKey": "WebApplicationFirewallGatewayAccessEventsWorkbook",
     "logoFileName": "waf_logo.svg",
-    "description": "Gain insight into your organization's Azure web application firewall (WAF). You will get visibility in to your application gateway access events. You can view anomalies and trends across received and sent data, client IP addresses, URL addresses and more, and drill down into details.",
+    "description": "Gain insights into your organization's Azure web application firewall (WAF). You will get visibility in to your application gateway access events. You can view anomalies and trends across received and sent data, client IP addresses, URL addresses and more, and drill down into details.",
     "dataTypesDependencies": [ "AzureDiagnostics" ],
     "datasourceCardKeysDependencies": [ "WAF" ],
     "previewImagesFileNames": [ "WAFGatewayAccessEventsBlack1.png", "WAFGatewayAccessEventsBlack2.png", "WAFGatewayAccessEventsWhite1.png", "WAFGatewayAccessEventsWhite2.png" ],
-    "version": "1.0",
+    "version": "1.1",
     "title": "Microsoft Web Application Firewall (WAF) - gateway access events",
     "templateRelativePath": "WebApplicationFirewallGatewayAccessEvents.json",
     "subtitle": "",
@@ -238,9 +238,9 @@
     "logoFileName": "azurevirtualmachine_logo.svg",
     "description": "Gain insights into your workspaces' Linux machines by connecting Azure Sentinel and using the logs to gather insights around Linux events and errors.",
     "dataTypesDependencies": [ "Syslog" ],
-    "datasourceCardKeysDependencies": [],
+    "datasourceCardKeysDependencies": ["Syslog"],
     "previewImagesFileNames": [ "LinuxMachinesWhite.png", "LinuxMachinesBlack.png" ],
-    "version": "1.0",
+    "version": "1.1",
     "title": "Linux machines",
     "templateRelativePath": "LinuxMachines.json",
     "subtitle": "",
@@ -262,14 +262,118 @@
   {
     "workbookKey": "MicrosoftCloudAppSecurityWorkbook",
     "logoFileName": "Microsoft_logo.svg",
-    "description": "Using this dashboard, you can identify which cloud apps are being used in your organization, gain insights from usage trends and drill down to a specific user and application",
+    "description": "Using this workbook, you can identify which cloud apps are being used in your organization, gain insights from usage trends and drill down to a specific user and application",
     "dataTypesDependencies": [ "McasShadowItReporting" ],
     "datasourceCardKeysDependencies": [ "MCAS" ],
     "previewImagesFileNames": [ "McasDiscoveryBlack.png", "McasDiscoveryWhite.png" ],
-    "version": "1.0",
+    "version": "1.1",
     "title": "Microsoft Cloud App Security - discovery logs",
     "templateRelativePath": "MicrosoftCloudAppSecurity.json",
     "subtitle": "",
     "provider": "Microsoft"
+  },
+  {
+    "workbookKey": "F5NetworksWorkbook",
+    "logoFileName": "f5_logo.svg",
+    "description": "Gain insights into F5 BIG-IP Application Security Manager (ASM), by analyzing traffic and activities.\nThis workbook provides insight into F5's web application firewall events and identifies attack traffic patterns across multiple ASM instances as well as overall BIG-IP health.",
+    "dataTypesDependencies": [ "F5Telemetry_LTM_CL", "F5Telemetry_system_CL", "F5Telemetry_ASM_CL" ],
+    "datasourceCardKeysDependencies": [],
+    "previewImagesFileNames": [ "F5White.png", "F5Black.png" ],
+    "version": "1.0",
+    "title": "F5 BIG-IP ASM",
+    "templateRelativePath": "F5Networks.json",
+    "subtitle": "",
+    "provider": "F5 Networks"
+  },
+  {
+    "workbookKey": "AzureNetworkWatcherWorkbook",
+    "logoFileName": "networkwatcher_logo.svg",
+    "description": "Gain deeper understanding of your organization's Azure network traffic by analyzing, and correlating Network Security Group flow logs. \nYou can trace malicious traffic flows, and drill down into their protocols, source and destination IP addresses, machines, countries, and subnets. \nThis workbook also helps you protect your network by identifying weak NSG rules.",
+    "dataTypesDependencies": [ "AzureNetworkAnalytics_CL" ],
+    "datasourceCardKeysDependencies": [],
+    "previewImagesFileNames": [ "AzureNetworkWatcherWhite.png", "AzureNetworkWatcherBlack.png" ],
+    "version": "1.0",
+    "title": "Azure Network Watcher",
+    "templateRelativePath": "AzureNetworkWatcher.json",
+    "subtitle": "",
+    "provider": "Microsoft"
+  },
+  {
+    "workbookKey": "ZscalerFirewallWorkbook",
+    "logoFileName": "zscaler_logo.svg",
+    "description": "Gain insights into your ZIA cloud firewall logs by connecting to Azure Sentinel.\nThe Zscaler firewall overview workbook provides an overview and ability to drill down into all cloud firewall activity in your Zscaler instance including non-web related networking events, security events, firewall rules, and bandwidth consumption",
+    "dataTypesDependencies": [ "CommonSecurityLog" ],
+    "datasourceCardKeysDependencies": [],
+    "previewImagesFileNames": [ "ZscalerFirewallWhite1.png", "ZscalerFirewallBlack1.png", "ZscalerFirewallWhite2.png", "ZscalerFirewallBlack2.png" ],
+    "version": "1.0",
+    "title": "Zscaler Firewall",
+    "templateRelativePath": "ZscalerFirewall.json",
+    "subtitle": "",
+    "provider": "Zscaler"
+  },
+  {
+    "workbookKey": "ZscalerWebOverviewWorkbook",
+    "logoFileName": "zscaler_logo.svg",
+    "description": "Gain insights into your ZIA web logs by connecting to Azure Sentinel.\nThe Zscaler web overview workbook provides a bird's eye view and ability to drill down into all the security and networking events related to web transactions, types of devices, and bandwidth consumption.",
+    "dataTypesDependencies": [ "CommonSecurityLog" ],
+    "datasourceCardKeysDependencies": [],
+    "previewImagesFileNames": [ "ZscalerWebOverviewWhite.png", "ZscalerWebOverviewBlack.png" ],
+    "version": "1.0",
+    "title": "Zscaler Web Overview",
+    "templateRelativePath": "ZscalerWebOverview.json",
+    "subtitle": "",
+    "provider": "Zscaler"
+  },
+  {
+    "workbookKey": "ZscalerThreatsOverviewWorkbook",
+    "logoFileName": "zscaler_logo.svg",
+    "description": "Gain insights into threats blocked by Zscaler Internet access on your network.\nThe Zscaler threat overview workbook shows your entire threat landscape including blocked malware, IPS/AV rules, and blocked cloud apps. Threats are displayed by threat categories, filetypes, inbound vs outbound threats, usernames, user location, and more.",
+    "dataTypesDependencies": [ "CommonSecurityLog" ],
+    "datasourceCardKeysDependencies": [],
+    "previewImagesFileNames": [ "ZscalerThreatsWhite.png", "ZscalerThreatsBlack.png" ],
+    "version": "1.0",
+    "title": "Zscaler Threats",
+    "templateRelativePath": "ZscalerThreats.json",
+    "subtitle": "",
+    "provider": "Zscaler"
+  },
+  {
+    "workbookKey": "ZscalerOffice365AppsWorkbook",
+    "logoFileName": "zscaler_logo.svg",
+    "description": "Gain insights into Office 365 use on your network.\nThe Zscaler Office 365 overview workbook shows you the Microsoft apps running on your network and their individual bandwidth consumption. It also helps identify phishing attempts in which attackers disguised themselves as Microsoft services.",
+    "dataTypesDependencies": [ "CommonSecurityLog" ],
+    "datasourceCardKeysDependencies": [],
+    "previewImagesFileNames": [ "ZscalerOffice365White.png", "ZscalerOffice365Black.png" ],
+    "version": "1.0",
+    "title": "Zscaler Office365 Apps",
+    "templateRelativePath": "ZscalerOffice365Apps.json",
+    "subtitle": "",
+    "provider": "Zscaler"
+  },
+  {
+    "workbookKey": "InsecureProtocolsWorkbook",
+    "logoFileName": "Microsoft_logo.svg",
+    "description": "Gain insights into insecure protocol traffic by collecting and analyzing security events from Microsoft products.\nYou can view analytics and quickly identify use of weak authentication as well as sources of legacy protocol traffic, like NTLM and SMBv1.\nYou will also have the ability to monitor use of weak ciphers, allowing you to find weak spots in your organization's security.",
+    "dataTypesDependencies": [ "SecurityEvent", "Event", "SigninLogs" ],
+    "datasourceCardKeysDependencies": [ "SecurityEvent", "AAD" ],
+    "previewImagesFileNames": [ "InsecureProtocolsWhite1.png", "InsecureProtocolsBlack1.png", "InsecureProtocolsWhite2.png", "InsecureProtocolsBlack2.png" ],
+    "version": "1.0",
+    "title": "Insecure Protocols",
+    "templateRelativePath": "InsecureProtocols.json",
+    "subtitle": "",
+    "provider": "Microsoft"
+  },
+  {
+    "workbookKey": "AzureInformationProtectionWorkbook",
+    "logoFileName": "informationProtection.svg",
+    "description": "The Azure Information Protection Usage report workbook provides information on the volume of labeled and protected documents and emails over time, label distribution of files by label type, along with where the label was applied.",
+    "dataTypesDependencies": [ "InformationProtectionLogs_CL" ],
+    "datasourceCardKeysDependencies": [ "AIP" ],
+    "previewImagesFileNames": [ "AzureInformationProtectionWhite.png", "AzureInformationProtectionBlack.png" ],
+    "version": "1.0",
+    "title": "Azure Information Protecton - Usage Report",
+    "templateRelativePath": "AzureInformationProtection.json",
+    "subtitle": "",
+    "provider": "Microsoft"
   }
 ]