github demisto/content 18.5.4
Demisto Content Release Notes for version 18.5.4 (9454)
on GitHub

latest releases: 22.2.0, 22.1.0, 21.12.1...
6 years ago

Demisto Content Release Notes for version 18.5.4 (9454)

Published on 29 May 2018

Integrations

2 New Integrations

  • ReversingLabs A1000
    ReversingLabs A1000 Malware Analysis Platform.
  • ReversingLabs Titanium Cloud
    ReversingLabs Data provides malware status of the sample.

8 Improved Integrations

  • Carbon Black Enterprise Live Response
    Added an option to configure instances with Carbon Black Defense credentials.
  • FalconHost
    Added context output for cs-device-details command.
  • Cybereason
    Improved the query sent in query-connections, added outputs to is-probe-connected and removed login command.
  • Cylance Protect v2
    Added DBotScore support including file threshold to set malicious files.
  • EWS v2
    Added ews-move-between-mailboxes command. When fetching emails, email attachments will be saved in the war-room. ews-get-attachment on an attached email message (ItemAttachment) will now save it and all of it's attachments as downloadable files to the warroom.
  • QRadar
    Fixed upgrade issue for fetch incidents.
  • WildFire
    Added verification for MD5/SHA256 arguments.
  • Jira
    Added option to use proxy.

Scripts

3 New Scripts

  • DisplayHTML
    Displays HTML in the War Room.
  • QualysCreateIncidentFromReport
    Create incidents from a Qualys report (XML), based on the Qualys asset ID and vulnerability ID (QID).
  • SetDateField
    Sets a custom incident-field with current date.

Improved Scripts

  • EmailAskUser
    Added support for parallel execution of the script, with better error handling.

Playbooks

9 New Playbooks

  • CVE Enrichment - Generic
    Enrich CVE using one or more integrations.
  • Vulnerability Handling - Qualys
    Manage vulnerability remediation using Qualys data, and optionally enrich data with 3rd-party tools.
  • Vulnerability Handling - Qualys - Add custom fields to default layout
    Add information about the vulnerability and asset from the "Vulnerability Handling - Qualys" playbook data to the default "Vulnerability" layout.
  • Vulnerability Management - Qualys (Job)
    Use the latest Qualys report to manage vulnerabilities.

Improved Playbooks

  • Calculate Severity - Generic
    Added support for Qualys.
  • Domain Enrichment - Generic
    Enrich Domain using one or more integrations.
  • Email Address Enrichment - Generic
    Get email address reputation using one or more integrations.
  • File Enrichment - Generic
    Get file reputation using one or more integrations.
  • IP Enrichment - Generic
    Enrich IP using one or more integrations.
  • URL Enrichment - Generic
    Enrich URL using one or more integrations.

Added support for auto-extract for the following playbooks:

  • Domain Enrichment - Generic
  • Email Address Enrichment - Generic
  • File Enrichment - Generic
  • IP Enrichment - Generic
  • URL Enrichment - Generic

Incident Fields

Add default Vulnerability fields.

Incident Layouts

New Incident Layouts

  • Vulnerability - Summary and New/Edit default layouts

Reputations

Add Domain reputation type.

Check out latest releases or
releases around demisto/content 18.5.4

Don't miss a new content release

NewReleases is sending notifications on new releases.

Get notifications