github demisto/content 18.1.0
Demisto Content 18.1.0 release
on GitHub

latest releases: 22.2.0, 22.1.0, 21.12.1...
6 years ago

Demisto Content Release Notes for version 18.1.0 (5638)

Published at 07 January 2018

Playbooks

4 New Playbooks

  • Calculate Severity - Generic
    -- Calculate incident severity by indicator reputation and user/endpoint membership in critical groups
  • Get File Sample From Hash - Generic
    -- Returns to the war-room a file sample that corresponds to the hash, using one or more products/services
  • Get File Sample From Hash - Carbon Black Enterprise Response
    -- Returns to the war-room a file sample that corresponds to an MD5 hash, using Carbon Black Enterprise Response integration
  • Get File Sample From Hash - Cylance Protect
    -- Returns to the war-room a file sample that corresponds to a SHA256 hash, using Cylance Protect integration

Integrations

3 New Integrations

  • Kenna
    -- Kenna is a Risk Intelligence & Vulnerability platform that enables InfoSec teams to prioritize and re-mediate vulnerabilities
  • Joe Security
    -- Cloud-based sandbox service
  • Check Point Sandblast Appliance
    -- Query, upload and download data using Check Point Sandblast

4 Improved Integrations

  • Remedy On-Demand
    -- Added option to add custom fields to incident creation and perform insecure login
  • ArcSight Logger
    -- ArcSight events logger
  • IntSights
    -- Integration can now fetch incidents
  • Zendesk
    -- Added zendesk-add-user for adding end users. Added zendesk-get-article to get help center article

Scripts

7 New Scripts

  • ActiveUsersD2
    -- Get active users from a D2 agent and parse them into context
  • CrowdStrikeStreamingPreProcessing
    -- Pre processing script for CrowdStrike Streaming
  • D2ActiveUsers
    -- Show local accounts
  • D2ExecuteCommand
    -- Run a D2 built-in command on a D2 agent
  • FetchFileD2
    -- Get a file from endpoint using a D2 agent
  • ParseWordDoc
    -- Takes docx file (entryID) as an input and saves a text file (file entry) with the original file's contents
  • UserEnrichAD
    -- Enhancement automation for user type indicator, to enrich the user name from Active Directory data

5 Improved Scripts

  • ADGetComputer
    -- Automation will now create hostname indicator. default argument is now 'name'
  • ADGetUser
    -- Automation will now create user indicator
  • ParseCSV
    -- ParseCSV by default will parse the whole csv
  • ParseEmailHeaders
    -- Support multi values headers (e.g. Received header)
  • Set (Set context)
    -- If object passed as string, Set will parse the value to JSON then set to context

Reputations

  • Add new user type reputation to use for manual indicator and in automations
Check out latest releases or
releases around demisto/content 18.1.0

Don't miss a new content release

NewReleases is sending notifications on new releases.

Get notifications