Demisto Content Release Notes for version 20.3.2 (43553)
Published on 11 March 2020
Integrations
New Integrations
- CVE Search v2
Searches for CVE information using circl.lu.
7 Improved Integrations
- Anomali ThreatStream v2
Fixed an issue where inactive indicators were taken into account. - Atlassian Jira v2
Fixed an issue in the jira-create-issue and jira-edit-issue commands where the due date was not set correctly. - CyberArk AIM
Improved display of integration parameters. - CVE Search
Added batch support to the cve-search command. - Rasterize
- Fixed the setting Use system proxy settings, so proxies are ignored when not enabled.
- Fixed an issue with the rasterize command in which child processes were defunct when using a proxy server.
- AbuseIPDB
- Improved parsing in the ip command.
- SplunkPy
- Fixed an issue where fetch-incidents did not work as intended.
- Fixed an issue where splunk-parse-raw command cut the last character of parsed fields.
Scripts
New Scripts
- DBotPredictOutOfTheBox
Predicts phishing incidents using the out-of-the-box pretrained model.
Playbooks
New Playbook
- Kenna - Search and Handle Asset Vulnerabilities
This playbook accepts an asset, then searches for vulnerabilities on that asset using the Kenna integration. If a vulnerability exists, it looks for relevant patches, lets the analyst deploy them and then generates an investigation summary report.
Improved Playbook
- QRadar Indicator Hunting V2
Fixed missing task links.
XSOAR 5.5 Beta Release
Feeds
2 Improved Feeds in 5.5.0
- Recorded Future RiskList Feed
Fixed an issue with the integration's indicator field mapping. - TAXII Feed
Fetches indicators from a TAXII server as the indicators are published to the feed.
Incident Fields in 5.5.0
Added the Add as optional graph option to the incident field Device Name.