Demisto Content Release Notes for version 18.7.3 (11000)
Published on 26 July 2018
Integrations
2 New Integrations
- McAfee Advanced Threat Defense
Integrated advanced threat detection and enhancing protection from network edge to endpoint. - Palo Alto - Minemeld
Orchestrate threat intelligence and enforce new prevention-based controls.
6 Improved Integrations
- PassiveTotal
Improved handling of missing tag parameters. - Demisto Lock
Increased the default timeout to 600 seconds. - Demisto REST API
Added support for responses other than JSON. - Okta
Changed the proxy parameter from short text to boolean. - Symantec Managed Security Services
- Severities for fetching incidents are now a configurable parameter.
- Fixed the incident occurrence time.
- Cisco Threat Grid
Added two new commands.- threat-grid-detonate-file
- threat-grid-url-to-file commands
Scripts
2 New Scripts
- DocumentationAutomation
Automates integration documentation. - SSDeepReputation
Calculates ssdeep reputation based on similar files (ssdeep similarity) in the system.
4 Improved Scripts
- DeleteContext
Added the ability to specify which context keys to retain when deleting all context. - DisplayHTML
Fixed script execution when markAsNote was not defined. - ExportToCSV
Modified to support more inputs. - ExposeIncidentOwner
The script can now handle usernames that include a backslash.
Playbooks
New Playbooks
- ATD - Detonate File
Detonate a file using McAfee ATD.
2 Improved Playbooks
- DeDup incidents
Renamed the playbook. - Detonate File - Generic
Added the detonate-file command in McAfee ATD.
Reputations
2 New Reputations
- Extract the domain from URLs.
- Added ssdeep reputation.