Demisto Content Release Notes for version 19.2.0 (18017)

Published on 05 February 2019


2 New Integrations

  • Freshdesk Manage tickets, agents, and contacts.
  • Kafka V2 The Open source distributed streaming platform.

17 Improved Integrations

  • AbuseIPDB The 'Unverified HTTPS request is being made' warning is ignored when the Trust any certificate checkbox is selected.
  • ArcSight ESM Improved proxy usage in the as-get-security-events command.
  • RSA Archer Added a caching mechanism that improves command execution performance.
  • Cisco Umbrella Investigate DBotScore now displays even when there is no rank.
  • CrowdStrike Falcon Sandbox Improved error handling of the crowdstrike-submit-sample command.
  • CrowdStrike Falcon Intel Added the threshold parameter to identify and label malicious indicators.
  • Cylance Protect v2 Improved error handling for the cylance-protect-get-device command when no device is found.
  • EWS v2
    • Added the ews-expand-group.
    • Fixed an issue with 2010-2016 mixed environments.
  • Gmail Fixed an issue with the gmail-revoke-user-role command.
  • Joe Security Added support in the joe-analysis-submit-sample command for EML files when there are no files attachments to analyze.
  • McAfee Advanced Threat Defense The url argument in the _atd-upload-file command does not require a protocol prefix.
  • Palo Alto Firewall and Panorama
    • Improved error messages.
    • Added support for Service and Service groups objects.
  • PhishMe Intelligence Improved argument and command descriptions.
  • Recorded Future Added: Commands for retrieving threats by a specified order; Retrieving risk lists as csv files (with additional scripts to create indicators using them); Retrieving and fetching alerts.
  • Check Point Sandblast Cloud Services Made improvements to Context and DBot score.
  • ServiceNow
    • Fixed severity mapping.
    • Improved parameter descriptions.
    • Fixed human readable headers.
    • Added the Opened At argument to ticket creation.
    • Added a command to get ticket notes using sys_journal_field table.
  • SplunkPy Improved human readable output for the splunk-search command.


3 New Scripts

  • HighlightWords Highlight words inside a given text.
  • SendEmailOnSLABreach Sends an email informing the user assigned to an incident of an SLA breach.
  • Cut Cut a string by delimiter and return specific fields.

3 Improved Scripts

  • CommonServerPython Added the is_error and get_error helper functions to remove errors from demisto.executeCommand() result.
  • UnEscapeURLs Added support for ProofPoint encrypted URLs.
  • ParseEmailFiles Improved implementation and fixed several issues.

2 Deprecated Scripts

  • SplunkPySearch Use the splunk-search command instead.
  • StringContains Use the StringContainsArray filter instead.


1 Improved Playbook

  • PanoramaCommitConfiguration Filters JobIDs and executes the GenericPolling task only for those JobIDs.


Added reputation value and context path for SHA256. Auto-Extract should now work properly for SHA256.