Release Notes for version 3.0.3 (4089)
Integrations
2 New Integrations
- McAfee Active Response
-- Connect to MAR using its DXL client - SentinelOne
-- Endpoint protection
5 Improved Integrations
- ArcSight ESM
-- Fix proxy parameter type - RSA Archer
-- Add parser to Group type fields - SplunkPy
-- Add capability to edit notable event in Splunk ES and create job in Splunk - VirusTotal
-- Added subdomains, whois lookup, and DNS IP addresses to response entry - CyberArkAIM
-- Fixed timeout issue when no existing connections
Reports
Improved Reports
- Investigation Summary
-- Added the ability to format queries for indicators and incidents
-- Added indicators table section with bad and suspicious indicators related to investigation
Scripts
2 New Scripts
- ContainsCreditCardInfo
-- Checks if a given argument contains a credit card info. Will return 'no' otherwise - StringReplace
-- Replaces regex match/es in string. Returns the string after replace was performed
6 Improved Scripts
- AssignAnalystToIncident
-- Added the ability to assign owner by email. Added the ability to assign randomly from all online analysts - CommonServer
-- Added pascalToSpace function and header formatting interface to createEntry - CommonServerPython
-- Fixed bug in sectionsToMarkdown - ConvertXmlToJson
-- Converting xml to json object (till now it was string) - EmailAskUser
-- Added replyTo to the send-mail command - SendEmail
-- Added replyTo option