diff --git a/plugins/rapid7_insightidr/.CHECKSUM b/plugins/rapid7_insightidr/.CHECKSUM
index 8bfed556a4..23b35d73f9 100644
--- a/plugins/rapid7_insightidr/.CHECKSUM
+++ b/plugins/rapid7_insightidr/.CHECKSUM
@@ -1,7 +1,7 @@
 {
-	"spec": "9078712b26639af9a1088755d4d0314b",
-	"manifest": "0c4bdaf85d40ddac33afeffcecdd8fda",
-	"setup": "fe63b2dcde42de314858ed48326a19f5",
+	"spec": "ef55d0eaab88354037eb0e7a0c1d5ca0",
+	"manifest": "a9dc8b0c15952a931013e92670cdf86b",
+	"setup": "8b4da6c79f36dd56dfc82e26d0009a8b",
 	"schemas": [
 		{
 			"identifier": "add_indicators_to_a_threat/schema.py",
@@ -109,7 +109,7 @@
 		},
 		{
 			"identifier": "list_investigations/schema.py",
-			"hash": "9b2cd9c5194b580b8de5221588c5bb49"
+			"hash": "cde4df172845f8378c8fa7243e60fe23"
 		},
 		{
 			"identifier": "query/schema.py",
diff --git a/plugins/rapid7_insightidr/Dockerfile b/plugins/rapid7_insightidr/Dockerfile
index 029a0720ec..41aa03232f 100755
--- a/plugins/rapid7_insightidr/Dockerfile
+++ b/plugins/rapid7_insightidr/Dockerfile
@@ -1,4 +1,4 @@
-FROM --platform=linux/amd64 rapid7/insightconnect-python-3-plugin:6.2.0
+FROM --platform=linux/amd64 rapid7/insightconnect-python-3-plugin:6.2.2
 
 LABEL organization=rapid7
 LABEL sdk=python
diff --git a/plugins/rapid7_insightidr/bin/komand_rapid7_insightidr b/plugins/rapid7_insightidr/bin/komand_rapid7_insightidr
index 2e2678493d..49786697c9 100755
--- a/plugins/rapid7_insightidr/bin/komand_rapid7_insightidr
+++ b/plugins/rapid7_insightidr/bin/komand_rapid7_insightidr
@@ -6,7 +6,7 @@ from sys import argv
 
 Name = "Rapid7 InsightIDR"
 Vendor = "rapid7"
-Version = "10.3.3"
+Version = "10.3.4"
 Description = "This plugin allows you to add indicators to a threat and see the status of investigations"
 
 
diff --git a/plugins/rapid7_insightidr/help.md b/plugins/rapid7_insightidr/help.md
index ed1ea775b9..feef85fbaa 100644
--- a/plugins/rapid7_insightidr/help.md
+++ b/plugins/rapid7_insightidr/help.md
@@ -3,8 +3,15 @@
 This plugin allows you to add indicators to a threat and see the status of investigations
 
 # Key Features
-  
-*This plugin does not contain any key features.*
+
+* System Information and Event Management
+* Endpoint Detection and Response
+* Network Traffic Analysis
+* User and Entity Behaviour Analytics
+* Cloud and Integrations
+* Embedded Threat Intelligence
+* Deception Technology
+* Incident Response and Investigations
 
 # Requirements
   
@@ -1844,20 +1851,22 @@ Example output:
 
 #### List Investigations
 
-This action is used to retrieve a page of investigations matching the given request parameters
+This action is used to retrieve a page of investigations matching the given request parameters. If there is no 
+'start_time' and 'end_time' provided, 'start_time' will  default to 28 days prior, and 'end_time' will default to the 
+current time
 
 ##### Input
 
 |Name|Type|Default|Required|Description|Enum|Example|Placeholder|Tooltip|
 | :--- | :--- | :--- | :--- | :--- | :--- | :--- | :--- | :--- |
 |email|string|None|False|A user's email address, where only investigations assigned to that user will be included|None|user@example.com|None|None|
-|end_time|date|None|False|An optional-ISO formatted timestamp, where only investigations whose createTime is before this date will be returned|None|2020-06-01T12:11:13+05:30|None|None|
+|end_time|date|None|False|An optional-ISO formatted timestamp, where only investigations whose createTime is before this date will be returned. If there is no value provided, this will default to the current time|None|2020-06-01T12:11:13+05:30|None|None|
 |index|integer|0|True|Zero-based index of the page to retrieve, where value must be greater than or equal to 0|None|1|None|None|
 |priorities|[]string|None|False|A comma-separated list of investigation priorities to include in the result, where possible values are LOW, MEDIUM, HIGH, CRITICAL|None|["LOW", "MEDIUM", "HIGH", "CRITICAL"]|None|None|
 |size|integer|100|True|Amount of data for a page to retrieve, where its value must be greater than 0 and less than or equal to 100|None|100|None|None|
 |sort|string|None|False|A field for investigations to be sorted|["", "Created time Ascending", "Created time Descending", "Priority Ascending", "Priority Descending", "RRN Ascending", "RRN Descending", "Alerts most recent created time Ascending", "Alerts most recent created time Descending", "Alerts most recent detection created time Ascending", "Alerts most recent detection created time Descending", "Responsibility Ascending", "Responsibility Descending"]|Created time Ascending|None|None|
 |sources|[]string|None|False|A comma-separated list of investigation sources to include in the result, where possible values are USER, ALERT, HUNT, AUTOMATION|None|["USER","ALERT"]|None|None|
-|start_time|date|None|False|An optional ISO-formatted timestamp, where only investigations whose createTime is after this date will be returned|None|2020-06-01T12:11:13+05:30|None|None|
+|start_time|date|None|False|An optional ISO-formatted timestamp, where only investigations whose createTime is after this date will be returned. If there is no value provided this will default to 28 days prior|None|2020-06-01T12:11:13+05:30|None|None|
 |statuses|[]string|None|False|Comma-separated list of investigation statuses to include in the result. Possible values are OPEN, CLOSED, INVESTIGATING, WAITING|None|["CLOSED"]|None|None|
   
 Example input:
@@ -3392,6 +3401,7 @@ Example output:
 
 # Version History
 
+* 10.3.4 - Bumping requirements.txt | SDK bump to 6.2.2
 * 10.3.3 - Bumping requirements.txt | SDK bump to 6.2.0
 * 10.3.2 - Initial updates for fedramp compliance | Updated SDK to the latest version
 * 10.3.1 - `Advanced Query On Log / Log Set` - Fixed issue where results >500 returned none | Update SDK
diff --git a/plugins/rapid7_insightidr/komand_rapid7_insightidr/actions/list_investigations/schema.py b/plugins/rapid7_insightidr/komand_rapid7_insightidr/actions/list_investigations/schema.py
index 56ef4b39e0..171441c707 100755
--- a/plugins/rapid7_insightidr/komand_rapid7_insightidr/actions/list_investigations/schema.py
+++ b/plugins/rapid7_insightidr/komand_rapid7_insightidr/actions/list_investigations/schema.py
@@ -4,7 +4,7 @@
 
 
 class Component:
-    DESCRIPTION = "Retrieve a page of investigations matching the given request parameters"
+    DESCRIPTION = "Retrieve a page of investigations matching the given request parameters. If there is no 'start_time' and 'end_time' provided, 'start_time' will  default to 28 days prior, and 'end_time' will default to the current time"
 
 
 class Input:
@@ -41,7 +41,7 @@ class ListInvestigationsInput(insightconnect_plugin_runtime.Input):
       "format": "date-time",
       "displayType": "date",
       "title": "End Time",
-      "description": "An optional-ISO formatted timestamp, where only investigations whose createTime is before this date will be returned",
+      "description": "An optional-ISO formatted timestamp, where only investigations whose createTime is before this date will be returned. If there is no value provided, this will default to the current time",
       "order": 3
     },
     "index": {
@@ -102,7 +102,7 @@ class ListInvestigationsInput(insightconnect_plugin_runtime.Input):
       "format": "date-time",
       "displayType": "date",
       "title": "Start Time",
-      "description": "An optional ISO-formatted timestamp, where only investigations whose createTime is after this date will be returned",
+      "description": "An optional ISO-formatted timestamp, where only investigations whose createTime is after this date will be returned. If there is no value provided this will default to 28 days prior",
       "order": 2
     },
     "statuses": {
diff --git a/plugins/rapid7_insightidr/plugin.spec.yaml b/plugins/rapid7_insightidr/plugin.spec.yaml
index ec47b14d5c..293e2a8c4e 100644
--- a/plugins/rapid7_insightidr/plugin.spec.yaml
+++ b/plugins/rapid7_insightidr/plugin.spec.yaml
@@ -4,7 +4,7 @@ products: [insightconnect]
 name: rapid7_insightidr
 title: "Rapid7 InsightIDR"
 description: "This plugin allows you to add indicators to a threat and see the status of investigations"
-version: 10.3.3
+version: 10.3.4
 connection_version: 5
 supported_versions: ["Latest release successfully tested on 2024-09-10."]
 vendor: rapid7
@@ -22,11 +22,21 @@ hub_tags:
   use_cases: [threat_detection_and_response]
   keywords: [siem, rapid7, cloud_enabled]
   features: []
+key_features:
+  - "System Information and Event Management"
+  - "Endpoint Detection and Response"
+  - "Network Traffic Analysis"
+  - "User and Entity Behaviour Analytics"
+  - "Cloud and Integrations"
+  - "Embedded Threat Intelligence"
+  - "Deception Technology"
+  - "Incident Response and Investigations"
 sdk:
   type: full
-  version: 6.2.0
+  version: 6.2.2
   user: nobody
 version_history:
+  - "10.3.4 - Bumping requirements.txt | SDK bump to 6.2.2"
   - "10.3.3 - Bumping requirements.txt | SDK bump to 6.2.0"
   - "10.3.2 - Initial updates for fedramp compliance | Updated SDK to the latest version"
   - "10.3.1 - `Advanced Query On Log / Log Set` - Fixed issue where results >500 returned none | Update SDK"
@@ -1369,7 +1379,7 @@ actions:
         example: {"name": "bad-virus","note": "test","published": False,"indicator_count": 2}
   list_investigations:
     title: List Investigations
-    description: Retrieve a page of investigations matching the given request parameters
+    description: Retrieve a page of investigations matching the given request parameters. If there is no 'start_time' and 'end_time' provided, 'start_time' will  default to 28 days prior, and 'end_time' will default to the current time
     input:
       statuses:
         title: Statuses
@@ -1379,13 +1389,13 @@ actions:
         example: ["CLOSED"]
       start_time:
         title: Start Time
-        description: An optional ISO-formatted timestamp, where only investigations whose createTime is after this date will be returned
+        description: An optional ISO-formatted timestamp, where only investigations whose createTime is after this date will be returned. If there is no value provided this will default to 28 days prior
         type: date
         required: false
         example: "2020-06-01T12:11:13+05:30"
       end_time:
         title: End Time
-        description: An optional-ISO formatted timestamp, where only investigations whose createTime is before this date will be returned
+        description: An optional-ISO formatted timestamp, where only investigations whose createTime is before this date will be returned. If there is no value provided, this will default to the current time
         type: date
         required: false
         example: "2020-06-01T12:11:13+05:30"
diff --git a/plugins/rapid7_insightidr/requirements.txt b/plugins/rapid7_insightidr/requirements.txt
index df70baf475..2161297c9c 100644
--- a/plugins/rapid7_insightidr/requirements.txt
+++ b/plugins/rapid7_insightidr/requirements.txt
@@ -3,5 +3,5 @@
 # See: https://pip.pypa.io/en/stable/user_guide/#requirements-files
 python-dateutil==2.9.0
 validators==0.34.0
-aiohttp==3.11.6
+aiohttp==3.11.10
 parameterized==0.8.1
diff --git a/plugins/rapid7_insightidr/setup.py b/plugins/rapid7_insightidr/setup.py
index c009d03064..2077db7975 100755
--- a/plugins/rapid7_insightidr/setup.py
+++ b/plugins/rapid7_insightidr/setup.py
@@ -3,7 +3,7 @@
 
 
 setup(name="rapid7_insightidr-rapid7-plugin",
-      version="10.3.3",
+      version="10.3.4",
       description="This plugin allows you to add indicators to a threat and see the status of investigations",
       author="rapid7",
       author_email="",