Demisto Content Release Notes for version 19.8.2 (27827)
Published on 22 August 2019
4 New Integrations
- Have I Been Pwned? v2
- Replaces the now deprecated Have I Been Pwned? integration. This integration is not backward compatible. You need to delete all existing instances and replace with v2 instances.
- Added the API Key parameter to instance configuration.
- Written in Python.
- Slack v2 (Requires Demisto 5.0) * Use the Slack v2 integration to send messages and notifications to channels and in direct messages, and to mirror investigations between Demisto and Slack.
- Microsoft Teams (Requires Demisto 5.0) * Use the Microsft Teams integration to send messages and notifications to your team members, and to mirror investigations between Demisto and Teams.
- C2SEC (Requires Demisto 5.0) * Use the C2SEC integration to add new domains to a portfolio, initiate domain scans, retrieve the stats of a scan, query for domain issues, and retrieve information about leaked credentials, encryption, network and application related vulnerabilities.
16 Improved Integrations
- IBM QRadar
Fixed an issue in which users would receive an error message for missing SEC headers.
- Mail Sender (New)
Added the additionalHeader argument, which enables you to add custom headers to an email.
- Cisco AMP
- Improved integration documentation.
- Changed the name of the amp_get_computer_trajctory command to amp_get_computer_trajectory.
- Changed the name of the mp_get_computer_actvity command to mp_get_computer_activity.
- BlueCat Address Manager
- Added the bluecat-am-get-range-by-ip command.
- Improved handling of cases in which an error is returned from querying a non-existing IP address.
- Anomali ThreatStream
Improved implementation of the threatstream-email-reputation command, which now returns context, as expected.
- Palo Alto Networks PAN-OS
Improved error handling when refreshing an EDL object on a Panorama instance.
- Windows Defender Advanced Threat Protection
Improved error messages.
Changed the default encoding to UTF-8.
- Added outputs to the dnstwist-domain-variations command.
- Improved integration documentation.
- EWS Mail Sender
- Improved memory resource usage.
- Improved logging.
- SentinelOne V2
Added 5 commands.
- sentinelone-uninstall-agent Fixed the agentIds filter in the get-activities command.
- Palo Alto Networks AutoFocus V2
- Added tagGroups output to autofocus-samples-search-results command.
- Improved handling of cases in which unknown tags are retrieved from the autofocus-tag-details command.
Added the VirusTotal permanent link to the following commands.
Added 8 new commands.
- Atlassian Jira (v2)
Added support for remote application links.
- RSA NetWitness v11.1
Added the fetch_time parameter.
- Have I Been Pwned?
4 New Scripts
Sums the values of a list. For example, ["25", "10", "25"] => "60".
- IndicatorRelatedIncientBySeverity Displays a bar chart of the severity of the provided investigation IDs.
- NumberOfPhishingAttemptPerUser Displays a bar chart of the number of incidents in which the "To" and "From" email addresses appear.
- PositiveDetectionsVSDetectionEngine Displays a bar chart of the number of positive detections out of the overall detections.
6 Improved Scripts
- Added the CVE and Registry Key indicators.
- Fixed the wrong format ip field.
- Fixed an issue in error handling.
- Fixed csv delimiter behavior.
Added support for domain arrays as a parameter, including empty domains.
Fixed an issue in which parsing single-line CSV files returned a No entries message.
Added the return_warning command.
Fixed an issue in which special characters were missing from MSG emails.
- C2SEC-Domain Scan Initiates a C2SEC scan by domain name, and waits for the scan to finish by polling the scan status in predefined intervals.
- Email Address Enrichment - Generic v2.1
Fixed an issue in which a filter contained blank domains.
- Added support for non-English languages.
- Created the new File indicator type. This indicator consolidates all file hashes: MD5, SHA1, SHA256. (Available from Demisto 5.0 *)
- Added support for asterisk, pipeline, and different dashes in domain and URL indicators.
Added layouts for the following indicator types. (Available from Demisto 5.0 *)
* Starred content requires Demisto 5.0, which is available for private beta evaluation. For more information, send a message to firstname.lastname@example.org