demisto/content 19.6.0

Demisto Content Release version 19.6.0 (24157)

on GitHub

Demisto Content Release Notes for version 19.6.0 (24157)

Published on 11 June 2019

Integrations

6 New Integrations

• BeyondTrust Password Safe
  Unified password and session management for seamless accountability and control over privileged accounts.
• CheckPhish
  Check any URL to detect suspicious behavior.
• GitHub
  Use the GitHub integration to utilize the GitHub API.
• Ipstack
  One of the leading IP to geolocation APIs and global IP database services.
• Looker
  Use the Looker integration to query an explore, save queries as looks, run looks, and fetch look results as incidents.
• Palo Alto Networks PAN-OS EDL Management
  Use the Palo Alto Networks PAN-OS EDL Management integration to manage and edit files located on a remote web server via SSH using integration context as single source of truth.

8 Improved Integrations

• Fidelis Elevate Network
  Logout errors are now ignored.
• Palo Alto Networks WildFire v2
  Fixed an issue with evidence data in reports.
• VMRay
  Improved overall implementation of the integration.
• AlienVault OTX
  Fixed the url command to extract the base URL, and return a readable error in case of failure.
• Attivo Botsink
  • Fixed a duplication issue in the fetch-incidents command.
  • Improved error handling.
• FortiGate
  Improved the fortigate-update-policy command, which now retains existing data.
• LogRhythm
  • Added several new commands.
    • lr-execute-query
    • lr-get-hosts-by-entity
    • lr-add-host
  • Added the LastHour option to the time_frame argument.
• Rasterize
  • By default, the Return errors parameter is set to false.
  • Improved error messages.

Deprecated Integration

• Cymon
  Cymon was discontinued as of April 30, 2019.

Scripts

New Script

• FormattedDateToEpoch
  Converts a custom-formatted timestamp to UNIX epoch time. Use the script to convert custom time stamps to a Demisto date field. The script uses the Python strptime format. For more information, see the Python documentation.

2 Improved Scripts

• ReadPDFFileV2
  • Added additional fields and field descriptions to the script output.
  • Improved several output names, for example, PDF version was changed to PDFVersion.
• IncidentAddSystem
  Added a new engine argument.

Playbooks

New Playbook

• Extract Indicators From File - Generic v2
  Extracts images and text from PDF files. Images are extracted using the Image OCR integration.

3 Improved Playbooks

• WildFire - Detonate file
  Added supported for the WildFire and WildFire-v2 integrations.
• Extract Indicators From File - Generic
  Improved identification of Excel files.
• Detonate File - VMRay
  Added the vmray-get-iocs and vmray-get-threat-indicators commands to the playbook.