Demisto Content Release Notes for version 18.5.3 (9191)
Published on 14 May 2018
Integrations
2 New Integrations
- Amazon SQS
Manage messages in your Amazon SQS environment. - SafeBreach
SafeBreach simulates attacks across the kill chain, to validate security policy, configuration, and effectiveness.
2 Improved Integrations
- CrowdStrike Falcon Sandbox
Upgraded to API v2 and added the following commands: get-screenshots, submit-url, file and detonate-url - FireEye HX
Add option to acquire files using the API.
You can now specify the threshold value for malicious indicators as an instance parameter.
- VirusTotal
- XFE
Playbooks
4 Improved Playbooks
- Malware Investigation - Generic
You can now investigate malware using one or more integrations. - Entity Enrichment - Generic
Added support for auto extract. - Malware Investigation - Generic
Added support for auto extract. - Phishing Investigation - Generic
Added support for auto extract. - Process Email - Generic
Added support for EWS and Phishing default mapping.
Scripts
New Scripts
- FindSimilarIncidentsByText
Find similar incidents by text comparison - the algorithm is based on TF-IDF method.
To read more about this method: https://en.wikipedia.org/wiki/Tf%E2%80%93idf
2 Improved Scripts
- CommonServerPython
Fixed tableToMarkdown escaping bug. - JIRAPrintIssue
Added dependency on the jira-get-issue command.