Demisto Content Release Notes for version 19.6.0 (24157)

Published on 11 June 2019

Integrations

6 New Integrations

  • BeyondTrust Password Safe Unified password and session management for seamless accountability and control over privileged accounts.
  • CheckPhish Check any URL to detect suspicious behavior.
  • GitHub Use the GitHub integration to utilize the GitHub API.
  • Ipstack One of the leading IP to geolocation APIs and global IP database services.
  • Looker Use the Looker integration to query an explore, save queries as looks, run looks, and fetch look results as incidents.
  • Palo Alto Networks PAN-OS EDL Management Use the Palo Alto Networks PAN-OS EDL Management integration to manage and edit files located on a remote web server via SSH using integration context as single source of truth.

8 Improved Integrations

  • Fidelis Elevate Network Logout errors are now ignored.
  • Palo Alto Networks WildFire v2 Fixed an issue with evidence data in reports.
  • VMRay Improved overall implementation of the integration.
  • AlienVault OTX Fixed the url command to extract the base URL, and return a readable error in case of failure.
  • Attivo Botsink
    • Fixed a duplication issue in the fetch-incidents command.
    • Improved error handling.
  • FortiGate Improved the fortigate-update-policy command, which now retains existing data.
  • LogRhythm
    • Added several new commands.
      • lr-execute-query
      • lr-get-hosts-by-entity
      • lr-add-host
    • Added the LastHour option to the time_frame argument.
  • Rasterize
    • By default, the Return errors parameter is set to false.
    • Improved error messages.

Deprecated Integration

  • Cymon Cymon was discontinued as of April 30, 2019.

Scripts

New Script

  • FormattedDateToEpoch Converts a custom-formatted timestamp to UNIX epoch time. Use the script to convert custom time stamps to a Demisto date field. The script uses the Python strptime format. For more information, see the Python documentation.

2 Improved Scripts

  • ReadPDFFileV2
    • Added additional fields and field descriptions to the script output.
    • Improved several output names, for example, PDF version was changed to PDFVersion.
  • IncidentAddSystem Added a new engine argument.

Playbooks

New Playbook

  • Extract Indicators From File - Generic v2 Extracts images and text from PDF files. Images are extracted using the Image OCR integration.

3 Improved Playbooks

  • WildFire - Detonate file Added supported for the WildFire and WildFire-v2 integrations.
  • Extract Indicators From File - Generic Improved identification of Excel files.
  • Detonate File - VMRay Added the vmray-get-iocs and vmray-get-threat-indicators commands to the playbook.

Assets