github demisto/content 18.12.1
Demisto Content Release Notes for version 18.12.1 (15710)
on GitHub

latest releases: 22.2.0, 22.1.0, 21.12.1...
5 years ago

Demisto Content Release Notes for version 18.12.1 (15710)

Published on 11 December 2018

Integrations

9 New Integrations

  • AWS - Security Hub
    Amazon Web Services Security Hub Service.
  • AWS SageMaker
    AWS SageMaker - Demisto Phishing Email Classifier.
  • Cymon
    Analyzes suspicious domains and IP addresses. For more information, see the Cymon documentation.
  • SNDBOX
    SNDBOX as a service. For more information, see the SNDBOX documentation.
  • Cisco Stealthwatch Cloud
    Protect your cloud assets and private network. For more information, see the Stealthwatch Cloud documentation.
  • Whois
    Provides data enrichment for domains and IP addresses. For more information, see the Whois documentation.
  • dnstwist
    Domain name permutation engine for detecting typo squatting, phishing and corporate espionage. For more information, see the dnstwist documentation.
  • InfoArmor VigilanteATI
    VigilanteATI redefines Advanced Threat Intelligence. InfoArmor's VigilanteATI platform and cyber threat services act as an extension of your IT security team. For more information, see the InfoArmore VigilanteATI documentation.
  • Awake Security
    Network Traffic Analysis. For more information, see the Awake Security documentation.

20 Improved Integrations

  • AWS - EC2
    • Added two commands:
      - aws-ec2-modify-instance-attribute.
      - aws-ec2-modify-network-interface-attribute.
    • Upgraded Boto3 version to v1.9.55.
  • AWS - IAM
    Added nine commands:
    • aws-iam-create-policy
    • aws-iam-delete-policy
    • aws-iam-create-policy-version
    • aws-iam-delete-policy-version
    • aws-iam-list-policy-versions
    • aws-iam-get-policy-version
    • aws-iam-set-default-policy-version
    • aws-iam-create-account-alias
    • aws-iam-delete-account-alias
  • AWS - S3
    You can now create a bucket in any region.
  • ArcSight ESM
    Added logout handling.
  • Box
    Added two command:
    • box_files_get
    • box_files_get_info
  • Lastline
    Improved quota error handling.
  • McAfee Advanced Threat Defense
    • Improved outputs for malicious files.
    • Added support to get reports of various types.
    • Fixed rounding long numbers of IDs.
  • McAfee NSM
    Added the sensor_id argument to the get-alert-details command.
  • Mimecast
    Added two commands:
    • mimecast-get-message.
    • mimecast-download-attachments.
  • okta
    Added three commands:
    • okta-get-user-factors
    • okta-verify-push-factor
    • okta-reset-factor
  • OpenPhish
    Added support to trust any certificate in HTTP requests.
  • PagerDuty v2
    Added two commands:
    • PagerDuty-acknowledge-event
    • PagerDuty-resolve-event commands
  • ServiceNow
    Added the servicenow-get-table-name command.
  • Tenable.io
    Improved integration outputs.
  • Tenable.sc
    Improved implementation of the tenable-sc-get-device command.
  • urlscan.io
    Improved integration outputs.
  • Venafi
    Improved integration implementation.
  • Zscaler
    URL validation for the zscaler-blacklist-url command matches the Zscaler GUI.
  • Cisco Meraki
    Updated the API login URL.
  • Atlassian Jira
    Improved authentication process.

Deprecated Integration

  • Mimecast Authentication Deprecated
    Use the Mimecast integration.

Scripts

4 New Scripts

  • DemistoUploadFileToIncident
    Upload a file to a specified incident using the EntryID.
  • JiraCreateIssue-example
    Use this script simplify the process of creating a new issue in Jira.
  • ServiceNowCreateIncident
    Use this script to wrap the generic create-record command in ServiceNow.
  • ServiceNowQueryIncident
    Use this script to wrap the generic query-table command in ServiceNow.
  • ServiceNowUpdateIncident
    Use this script to wrap the generic update-record command in ServiceNow.

6 Improved Scripts

  • ADGetUser
    Return multiple results when running the script with a custom query.
  • Base64ListToFile
    Support for compressed data (zipped).
  • CBFindHash
    Fixed an issue in which the script does not return results.
  • FindSimilarIncidents
    • Added support for the OR condition.
    • Added a custom query argument.
  • QRadarGetCorrelationLogs
    The start_time field can now be either epoch time or a date string.
  • QRadarGetOffenseCorrelations
    The start_time field can now be either epoch time or a date string.

Playbooks

New Playbook

  • Detonate File - SNDBOX
    Detonates a file using the SNDBOX integration.

4 Improved Playbooks

  • Detonate File - Generic
    Added support for the SNDBOX integration.
  • ATD - Detonate File
    Improved playbook outputs.
  • Detonate URL - McAfee ATD
    Improved playbook outputs.
  • CrowdStrike Endpoint Enrichment
    Improved playbook outputs.
Check out latest releases or
releases around demisto/content 18.12.1

Don't miss a new content release

NewReleases is sending notifications on new releases.

Get notifications