github demisto/content 18.7.0
Demisto Content Release Notes for version 18.7.0 (10573)
on GitHub

latest releases: 22.2.0, 22.1.0, 21.12.1...
6 years ago

Demisto Content Release Notes for version 18.7.0 (10573)

Published on 10 July 2018

Integrations

4 New Integrations

  • Mail Sender (New)
    Send Python-implemented emails with support for embedded images. For more information, see the Mail Sender (New) documentation.
  • RedLock
    Cloud threat defense. For more information, see the RedLock documentation.
  • Rapid7 Nexpose
    Rapid7's on-premise vulnerability management solution. For more information, see the Nexpose documentation.
  • Recorded Future
    Unique threat intelligence technology that automatically serves up relevant insights in real time. For more information, see the Recorded Future documentation.

12 Improved Integrations

  • CrowdStrike Falcon Sandbox
    Added support for single-server setup.
  • Cylance Protect v2
    In context, device data outputs are now under path Endpoint.
  • Farsight DNSDB
    • Improved error handling for 400 and 404 responses.
    • Improved human readable output.
  • EWS v2
    Fixed handling of attachments with empty name or content.
  • ipinfo
    Added support to use API token for paid plans.
  • PostgreSQL
    Fixed the no rows returned error.
  • Tanium
    Fixed Tanium timeout on errors.
  • VMware
    Fixed VMware timeout on errors.
  • CrowdStrike Falcon Intel
    Added support for v2 indicator API. For more information, see the CrowdStrike Falcon Intelligence v2 documentation.
  • TruSTAR
    Added priority level and deep links to the related-indicators command.
  • AWS - EC2
    Added 6 new commands:
    - aws-ec2-copy-image
    - aws-ec2-copy-snapshot
    - aws-ec2-describe-reserved-instances
    - aws-ec2-monitor-instances
    - aws-ec2-unmonitor-instances
    - aws-ec2-reboot-instances.
  • Palo Alto WildFire
    Handled missing report exception at wildfire-report command.

Scripts

2 New Scripts

  • IPToHost
    Get the hostname correlated with the input IP.
  • NexposeCreateIncidentsFromAssets
    Create incidents based on the Nexpose asset ID and vulnerability ID.

2 Improved Scripts

  • EmailAskUser
    Added cc and bcc arguments.
  • ExtractDomainFromUrlAndEmail
    Avoid error in domain format script.

Playbooks

4 New Playbooks

  • Access Investigation - Generic
    Investigate an access incident by gathering user and IP information.
  • Access Investigation - QRadar
    Use the QRadar integration to investigate an access incident by gathering user and IP information.
  • Vulnerability Handling - Nexpose
    Manage vulnerability remediation using Nexpose data, and optionally enrich data with 3rd-party tools.
  • Vulnerability Management - Nexpose (Job)
    Manage assets' vulnerabilities using Nexpose.

5 Improved Playbooks

  • Calculate Severity - 3rd-party integrations
    Added support for Nexpose severity.
  • Calculate Severity - Generic
    Added support for Nexpose severity.
  • IP Enrichment - Generic
    Added ip to host capability.
  • Process Email - Generic
    This is now a generic playbook, and supports all relevant integrations (not only EWS).
  • Tanium Demo Playbook
    Removed the deploy action command at the end of the playbook.
Check out latest releases or
releases around demisto/content 18.7.0

Don't miss a new content release

NewReleases is sending notifications on new releases.

Get notifications