Demisto Content Release Notes for version 18.2.0 (7001)
Published 05 February 2018
Playbooks
Improved Playbook
- WildFire - Detonate file
-- Detonating files using the 'detonate-file' command
Integrations
New Integration
- Zscaler
-- Zscaler is a cloud security solution built for performance and flexible scalability
2 Improved Integrations
- GRR
-- Handles CSRF retrieval functionality - WildFire
-- Added file and remote-file detonation commands
Scripts
New Script
- emailFieldTriggered
-- Sends an email to the incident owner when selected field is triggered
5 Improved Scripts
- AddEvidence
-- Adds evidence with occurred time and tags - AssignAnalystToIncident
-- Assigns current user as the incident owner - CheckWhitelist
-- Indicator white list is now the default white list - ExtractDomain
-- Ignore www. in domains extract and take into account emails for domain extraction - IsMaliciousIndicatorFound
-- Take into account indicators (from indicators DB) for IsMalicious
Files Reputation
-- Using ParseEmailFiles enhancement script on files