Demisto Content Release Notes for version 20.3.2 (43553)

Published on 11 March 2020

Integrations

New Integrations

  • CVE Search v2 Searches for CVE information using circl.lu.

7 Improved Integrations

  • Anomali ThreatStream v2 Fixed an issue where inactive indicators were taken into account.
  • Atlassian Jira v2 Fixed an issue in the jira-create-issue and jira-edit-issue commands where the due date was not set correctly.
  • CyberArk AIM Improved display of integration parameters.
  • CVE Search Added batch support to the cve-search command.
  • Rasterize
    • Fixed the setting Use system proxy settings, so proxies are ignored when not enabled.
    • Fixed an issue with the rasterize command in which child processes were defunct when using a proxy server.
  • AbuseIPDB
    • Improved parsing in the ip command.
  • SplunkPy
    • Fixed an issue where fetch-incidents did not work as intended.
    • Fixed an issue where splunk-parse-raw command cut the last character of parsed fields.

Scripts

New Scripts

  • DBotPredictOutOfTheBox Predicts phishing incidents using the out-of-the-box pretrained model.

Playbooks

New Playbook

  • Kenna - Search and Handle Asset Vulnerabilities This playbook accepts an asset, then searches for vulnerabilities on that asset using the Kenna integration. If a vulnerability exists, it looks for relevant patches, lets the analyst deploy them and then generates an investigation summary report.

Improved Playbook

  • QRadar Indicator Hunting V2 Fixed missing task links.

XSOAR 5.5 Beta Release

Feeds

2 Improved Feeds in 5.5.0

  • Recorded Future RiskList Feed Fixed an issue with the integration's indicator field mapping.
  • TAXII Feed Fetches indicators from a TAXII server as the indicators are published to the feed.

Incident Fields in 5.5.0

Added the Add as optional graph option to the incident field Device Name.


Assets