github demisto/content 18.9.1
Demisto Content Release Notes for version 18.9.1 (12565)

latest releases: 22.2.0, 22.1.0, 21.12.1...
6 years ago

Demisto Content Release Notes for version 18.9.1 (12565)

Published on 06 September 2018

Integrations

3 New Integrations

20 Improved Integrations

  • RSA Archer
    Passwords now support special characters.
  • Carbon Black Defense
    Improved outputs in the cbd-get-alerts-details command. For more information, see the Carbon Black Defense documentation.
  • CrowdStrike Falcon Host
    Improved outputs for the cs-device-search command. For more information, see the CrowdStrike Falcon Host documentation.
  • Cybereason
    For more information, see the Cybereason documentation.
    • Added the following commands.
      • cybereason-add-comment
      • cybereason-query-malops
      • cybereason-update-malop-status
      • cybereason-malop-processes
    • Added malops fetch.
    • Added client-certificate authentication.
  • McAfee ESM v10
    Added the following commands.
    • esm-get-alarm-event-details
    • esm-list-alarm-events
  • GRR Rapid Response
    Improved property identifier to username. For more information, see the GRR Rapid Response documentation.
  • MISP
    Fix proxy parameter issue.
  • McAfee Advanced Threat Defense
    Deprecated several commands. You should use the relevant detonate playbook. For more information, see the McAfee Advanced Threat Defense documentation.
    • deprecate detonate-file
    • detonate-url commands
  • McAfee NSM
    Added proxy support.
  • Okta
    Added the following commands. For more information, see the Okta documentation.
    • okta-suspend-user
    • okta-unsuspend-user
  • RSA NetWitness v11.1
    There are separate checkboxes to fetch incident data and to fetch alert data. If you want to fetch alert data, you need to select both checkboxes. For more information, see the NetWitness v11 documentation.
  • Rapid7 Nexpose
    Added the nexpose-create-site command. For more information, see the Rapid7 Nexpose documentation.
  • Salesforce
    Added the salesforce-delete-case command. For more information, see the Salesforce documentation.
  • SplunkPy
    Fixed an encoding issue in the splunk-submit-event command.
  • Cisco Threat Grid
    Added the playbook parameter.
  • Tanium
    • Added the following commands.
      • tn-ask-manual-question
      • tn-get-sensor
      • tn-get-action
    • Modified the tn-deploy-package command.
      • Added sensor variables as an argument.
      • Added action details to the outputs.
      • Improved raw response.
    • Modified the tn-get-package command.
      • Added sensor variable to outputs.
  • urlscan.io
    Fixed the display for empty ASN.
  • VirusTotal
    ScanID will appear now in the context data instead of in the command war-room output.
  • CyberArk AIM
    Added the cyber-ark-aim-query command.
  • Atlassian Jira
    Improved the jira-edit-issue command. For more information, see the Jira documentation.

Scripts

1 New Script

  • EncodeToAscii
    Input text data to encode as ASCII. (Ignores any chars that are not interpreted as ASCII).

13 Improved Scripts

  • D2O365ComplianceSearch
    Fixed the file argument not found error.
  • D2O365SearchAndDelete
    Fixed the file argument not found error.
  • DeleteContext
    • Changed user from limited user to DBot.
    • Added support to keep keys from nested objects and auto-trim for context path.
  • DomainReputation
    Domain argument marked as default, so script can be executed as ehnancement on Domain indicators.
  • IsEmailAddressInternal
    Handled context to prevent duplicates.
  • IsValueInArray
    Improved support for manual execution (parse string array).
  • MatchRegex
    Added the option to return all matches.
  • PagerDutyAlertOnIncident
    Updated to match PagerDuty API v2.
  • PagerDutyAssignOnCallUser
    Updated to match PagerDuty API v2.
  • PanoramaBlockIP
    Fixed the output types.
  • ParseEmailFiles
    Fixed header parsing.
  • ParseCSV
    • Added the entryID argument to get the file entry by ID.
    • The file argument is deprecated.
  • IsIPInRanges
    Improved handling of spaces and new lines in provided IP ranges string.

Incident Fields

Added the In-Reply-To field to the incident details.


Classification & Mapping

New Classification & Mapping

  • Aella Starlight

2 Improved Classification & Mapping

  • EWS v2
    Removed default mapping of html-body to prevent the rendering of malicious links.
  • Gmail
    Gmail classifier.

Demisto v4.0

This content will be available with the official release of Demisto v4.0.

Integrations

1 Improved Integration

  • Palo Alto WildFire
    • Deprecated the detonate-file-remote and detonate-file commands.
      Use the WildFire Detonate playbook instead.
    • Added the wildfire-upload-file-remote command.
    • Improved outputs.
    • Added support for multiple inputs for the wildfire-report command.

Scripts

1 New Script

  • FailedInstances
    Executes a test for all available integration instances, and returns a detailed table that displays information about failed integration instances.

Playbooks

2 Improved Playbooks

  • Nexpose Scan Assets
    Fixed playbook inputs.
  • Nexpose Scan Site
    Added validations.

Don't miss a new content release

NewReleases is sending notifications on new releases.