You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Demisto Content Release Notes for version 18.1.0 (5638)
Published at 07 January 2018
Playbooks
4 New Playbooks
Calculate Severity - Generic
-- Calculate incident severity by indicator reputation and user/endpoint membership in critical groups
Get File Sample From Hash - Generic
-- Returns to the war-room a file sample that corresponds to the hash, using one or more products/services
Get File Sample From Hash - Carbon Black Enterprise Response
-- Returns to the war-room a file sample that corresponds to an MD5 hash, using Carbon Black Enterprise Response integration
Get File Sample From Hash - Cylance Protect
-- Returns to the war-room a file sample that corresponds to a SHA256 hash, using Cylance Protect integration
Integrations
3 New Integrations
Kenna
-- Kenna is a Risk Intelligence & Vulnerability platform that enables InfoSec teams to prioritize and re-mediate vulnerabilities
Joe Security
-- Cloud-based sandbox service
Check Point Sandblast Appliance
-- Query, upload and download data using Check Point Sandblast
4 Improved Integrations
Remedy On-Demand
-- Added option to add custom fields to incident creation and perform insecure login
ArcSight Logger
-- ArcSight events logger
IntSights
-- Integration can now fetch incidents
Zendesk
-- Added zendesk-add-user for adding end users. Added zendesk-get-article to get help center article
Scripts
7 New Scripts
ActiveUsersD2
-- Get active users from a D2 agent and parse them into context
CrowdStrikeStreamingPreProcessing
-- Pre processing script for CrowdStrike Streaming
D2ActiveUsers
-- Show local accounts
D2ExecuteCommand
-- Run a D2 built-in command on a D2 agent
FetchFileD2
-- Get a file from endpoint using a D2 agent
ParseWordDoc
-- Takes docx file (entryID) as an input and saves a text file (file entry) with the original file's contents
UserEnrichAD
-- Enhancement automation for user type indicator, to enrich the user name from Active Directory data
5 Improved Scripts
ADGetComputer
-- Automation will now create hostname indicator. default argument is now 'name'
ADGetUser
-- Automation will now create user indicator
ParseCSV
-- ParseCSV by default will parse the whole csv
ParseEmailHeaders
-- Support multi values headers (e.g. Received header)
Set (Set context)
-- If object passed as string, Set will parse the value to JSON then set to context
Reputations
Add new user type reputation to use for manual indicator and in automations
