Skip to content

Demisto Content Release Notes for version 18.7.2 (10920)
Compare
Choose a tag to compare
@Itay4 Itay4 released this 24 Jul 16:19
18.7.2
d1b448e

Demisto Content Release Notes for version 18.7.2 (10920)

Published on 24 July 2018

Integrations

2 New Integrations

  • RTIR
    Request Tracker for Incident Response (RTIR) is a ticketing system that provides pre-configured queues and workflows designed for incident response teams. For more information, see the RTIR documentation.
  • Zoom
    Cloud-based enterprise video and audio conferencing. For more information, see the Zoom documentation.

11 Improved Integrations

  • ArcSight ESM
    Improved the as-add-entries command to support passing entries' array from context.
  • EWS v2
    The integration now handles unnamed attachments.
  • Passive Total
    Several integration improvements.
    • Added support for proxy connections and insecure connections.
    • Added support for id and domain.
    • The url command score is now based on pt-enrichment, according to tags or classification.
  • Proofpoint TAP
    You can now specify which event types to fetch.
  • SentinelOne
    Updated the default API to v2.0.
  • SplunkPy
    Fixed a SplunkPy proxy issue.
  • Twilio
    When you test the integration instance, only credentials are checked.
  • FireEye (AX Series)
    Added functionality to submit URLs to FireEye and retrieve their status.
    • fe-submit-url
    • fe-submit-url-status
  • RSA NetWitness Security Analytics
    Added 50 incident maximum per fetch from Netwitness.
  • Rasterize
    Added base64 output to the rasterize-email command.
  • AlienVault OTX
    Removed DBot Score outputs.

Scripts

2 New Scripts

  • FilterByList
    Checks whether a specified item is in a list. The default list is the Demisto Indicators Whitelist.
  • RepopulateFiles
    After running DeleteContext, this script can repopulate all of the file entries in the ${File} context key.

2 Improved Scripts

  • CrowdStrikeUrlParse
    ID is detected using a build number, which consists of digits (0-9) and has no length limitation.
  • ParseEmailFiles
    • Added support for SMTP mail text and ASCII text files.
    • Fixed a bug in email address parsing.

1 Deprecated Script

  • CheckWhitelist
    Use the FilterByWhitelist script.

Playbooks

2 Improved Playbooks

  • Vulnerability Management - Nexpose (Job)
    • Removed built-in hostname.
    • Added a task that closes the investigation when the job completes.
  • Process Email - Generic
    Upload HTML-rendered image to the Summary page.

Widgets

2 Improved Widgets

  • Server CPU Usage % (last 24h)
    Added support for data from the previous 24 hours.
  • Server Memory Usage % (last 24h)
    Added support for data from the previous 24 hours.

Incident Fields

1 New Incident Field

  • Added HTML Image field.

Incident Layouts

1 Improved Incident Layout

  • Phishing - Summary
    Added HTML Image field.
Assets 4
Loading