Demisto Content Release Notes for version 18.4.2 (8476)
Published on 12 April 2018
Integrations
4 New Integrations
- Carbon Black Enterprise Live Response
-- Collect information and take action on remote endpoints in real time - RSA NetWitness v11.1
-- Systems logs, network and endpoint visibility for real-time collection, detection and automated response - Symantec Messaging Gateway
-- Protect against spam, malware, targeted attacks and provide advanced content filtering, data loss prevention and email encryption - TruSTAR
-- Threat intelligence platform that enriches every stage of security operations workflows from the trusted and relevant data sources
6 Improved Integrations
- SplunkPy
-- Fetch notable events by index time (instead of event time) - Cybereason
-- Added isolate and un-isolate machines commands - Cylance Protect v2
-- Added fetch incidents support and fixed Cylance score translation - EWS v2
-- Fixed ews-search-mailboxes command - Salesforce
-- Added outputs and improved war-room results for all commands - Zscaler
-- Added commands - lookup, whitelist, undo-whitelist, undo-blacklist for URLs and IP addresses
Scripts
New Scripts
- JoinIfSingleElementOnly
-- A transformer that returns a single element in case the array has only one element in it, otherwise return the whole array
Improved Scripts
- ParseEmailFiles
-- Better handling of non-UTF characters
Reports
2 Improved Reports
- Daily incidents
-- Removed open duration as it is not set for open incident - Investigation Summary
-- Added linked incidents section
Utilities
- JavaScript
-- Added 'fixUrl', 'endsWith' and 'startsWith' functions to string type - Python
-- escaped special characters used in 'tableToMarkdown'