Demisto Content Release Notes for version 19.7.1 (25540)

Published on 11 July 2019

Integrations

New Integration

  • Perception Point Use the Perception Point integration to load incidents from Perception Point and release falsely quarantined emails.

12 Improved Integrations

  • Mail Sender (New)
    • Added support for internationalized headers.
    • Fixed an issue with new lines in the message subject.
  • RTIR
    Added the Referer parameter (optional), which adds a referer header to the requests sent by the integration.
  • Have I Been Pwned?
    Fixed an issue in which the compromised email reason displays as domain instead of title.
  • LogRhythm
    Improved handling of the lr-get-alarm-events-by-id command when there are no events for the alarm.
  • RSA NetWitness Packets and Logs
    Improved error message handling.
  • Palo Alto Networks PAN-OS EDL Management
    • Improved error handling for non-existent files and lists.
    • Fixed an issue when exporting the integration context list to a file.
  • Palo Alto Networks AutoFocus V2
    Improved command and argument descriptions.
  • Palo Alto Networks PAN-OS
    • Fixed an issue in which address groups and addresses failed to be listed when only one object was present.
    • Added the following commands, which accomplish the use case of investigating traffic logs.
      • panorama-query-traffic-logs
      • panorama-check-traffic-logs-status
      • panorama-get-traffic-logs
  • Gmail
    Added the ability to disable SSL verification.
  • CrowdStrike Falcon Intel
    • Fixed an issue with converting dates to epoch in the cs-reports command.
    • Fixed an issue in which domain names were entered as values in the campaign_name argument for enrichment commands.
    • Added support to not auto-enrich indicators for War Room entries.
  • McAfee ESM v10 and v11
    • Added support for version 11.1.
    • Fixed an issue with error handling messages.
  • Carbon Black Enterprise Response
    Fixed an issue when using an MD5 hash to query in the get-processes command.

Scripts

2 Improved Scripts

  • HTTPListRedirects
    Added the trust_any_certificate and use_system_proxy options.
  • StripChars
    Fixed descriptions for the automation and arguments.

Playbooks

2 New Playbooks

  • PanoramaQueryTrafficLogs
    Queries traffic logs in a Palo Alto Networks PAN-OS Panorama device or Firewall device.
  • Detonate URL - WildFire-v2
    Detonates a webpage or a remote file using the Palo Alto Networks WildFire integration. This playbook returns relevant reports to the War Room and file reputations to the context data.

4 Improved Playbooks

  • Dedup - Generic
    Improved argument descriptions.
  • PanoramaCommitConfiguration
    Improved playbook task names.
  • GenericPolling
    Improved the tooltip for the dt argument.
  • Endpoint Enrichment - Cylance Protect v2
    Fixed an issue in which the playbook fails if there is not an instance of the Cylance Protect v2 integration enabled.

Incident Fields

  • Added the SSDeep Hash Indicator field.
  • Updated the Indicator Associated File Names field.

Reputations

  • Added support for the equals sign (=) in the email indicator.
  • Updated file reputations.

Assets