Demisto Content Release Notes for version 19.6.0 (24157)
Published on 11 June 2019
Integrations
6 New Integrations
- BeyondTrust Password Safe
Unified password and session management for seamless accountability and control over privileged accounts. - CheckPhish
Check any URL to detect suspicious behavior. - GitHub
Use the GitHub integration to utilize the GitHub API. - Ipstack
One of the leading IP to geolocation APIs and global IP database services. - Looker
Use the Looker integration to query an explore, save queries as looks, run looks, and fetch look results as incidents. - Palo Alto Networks PAN-OS EDL Management
Use the Palo Alto Networks PAN-OS EDL Management integration to manage and edit files located on a remote web server via SSH using integration context as single source of truth.
8 Improved Integrations
- Fidelis Elevate Network
Logout errors are now ignored. - Palo Alto Networks WildFire v2
Fixed an issue with evidence data in reports. - VMRay
Improved overall implementation of the integration. - AlienVault OTX
Fixed the url command to extract the base URL, and return a readable error in case of failure. - Attivo Botsink
- Fixed a duplication issue in the fetch-incidents command.
- Improved error handling.
- FortiGate
Improved the fortigate-update-policy command, which now retains existing data. - LogRhythm
- Added several new commands.
- lr-execute-query
- lr-get-hosts-by-entity
- lr-add-host
- Added the LastHour option to the time_frame argument.
- Added several new commands.
- Rasterize
- By default, the Return errors parameter is set to false.
- Improved error messages.
Deprecated Integration
- Cymon
Cymon was discontinued as of April 30, 2019.
Scripts
New Script
- FormattedDateToEpoch
Converts a custom-formatted timestamp to UNIX epoch time. Use the script to convert custom time stamps to a Demisto date field. The script uses the Python strptime format. For more information, see the Python documentation.
2 Improved Scripts
- ReadPDFFileV2
- Added additional fields and field descriptions to the script output.
- Improved several output names, for example, PDF version was changed to PDFVersion.
- IncidentAddSystem
Added a new engine argument.
Playbooks
New Playbook
- Extract Indicators From File - Generic v2
Extracts images and text from PDF files. Images are extracted using the Image OCR integration.
3 Improved Playbooks
- WildFire - Detonate file
Added supported for the WildFire and WildFire-v2 integrations. - Extract Indicators From File - Generic
Improved identification of Excel files. - Detonate File - VMRay
Added the vmray-get-iocs and vmray-get-threat-indicators commands to the playbook.