Google Vision AI Use the Google Vision AI integration to perform image processing with the Google Vision API.
Amazon DynamoDB Amazon DynamoDB is a fully managed NoSQL database service that provides fast and predictable performance with seamless scalability.
RiskSense Use the RiskSense integration for vulnerability management and prioritization to measure and control cybersecurity risk.
Code42 Use the Code42 integration to identify potential data exfiltration from insider threats while speeding investigation and response by providing fast access to file events and metadata across physical and cloud environments.
(BETA) Trend Micro Apex
Trend Micro Apex central automation to manage agents and User-Defined Suspicious Objects.
(BETA) Proofpoint Server Protection
Proofpoint email security appliance.
Updated the Authorization header for the Events API to use the correct token.
Added a User-Agent header to assist with diagnostics/debugging.
Hybrid Analysis Added URL decoding for the hybrid-analysis-quick-scan-url command.
Pentera Fixed an issue with date parsing in the pentera-get-task-run-full-action-report command.
Qualys Added the REF field in context mapping.
Anomali ThreatStream v2 Fixed handling of reputation commands with array input in cases where no reputation was found for a specific indicator.
FireEye HX Fixed an issue with encoding passwords with special characters, for example: ✓.
C2sec irisk Fixed an issue where the irisk-get-domain-issues command failed on KeyError.
Carbon Black Enterprise Response Changed the search alerts API v1 call to the API v2 call.
AlienVault OTX v2
Fixed an issue where the IP indicator type was incorrect.
Fixed an issue where the URL indicator score was a string.
VirusTotal Fixed an issue where detections with no positive values were treated as malicious.
SplunkPy Fixed an issue in the test command, which caused an out of memory error.
RSA NetWitness v11.1 Fixed an issue with the get-incident command when the returned sources attribute is set to "[null]". Applicable to NetWitness 11.4.
Palo Alto Networks PAN-OS Improved handling of cases where a field value is None.
RSA NetWitness Packets and Logs Fixed query parsing in the netwitness-query command.
BPA Removed the PORT parameter from the configuration. This will not affect currently configured instances.
Whois Added the domain command to enable domain enrichment.
Elasticsearch v2 Added support for API Key authentication.
RSA Archer Fixed an issue where the following commands failed on numeric incident IDs.
VerifyJSON Verifies if the supplied JSON string is valid, and optionally verifies against a provided schema. The script utilizes Powershell's Test-JSON cmdlet.
Prisma Cloud Remediation - AWS IAM User Policy Misconfiguration Remediates the following Prisma Cloud AWS IAM User alerts.
Prisma Cloud policies remediated.
AWS IAM user has two active Access Keys.
Code42 Exfiltration Playbook The Code42 Exfiltration playbook acts on Code42 Security Alerts, retrieves file event data, and allows security teams to remediate file exfiltration events by revoking access rights to cloud files or containing endpoints.
Code42 File Search Searches for files via Code42 security events by either MD5 or SHA256 hash. The data is output to the Code42.SecurityData context.