We have strict firewall policy regarding which url QRadar console can connect to. After installing some apps, we noticed connection attempts from console to “www.python.org” and some other urls. My guess is, that it dynamically loads some packages from the net.
Is this normal and acceptable behavior for an app? Does the App validation assess the outside connections the app requires? Could required connections be documented on release notes of the app.