Demisto Content Release Notes for version 18.4.2 (8476)

Demisto Content Release Notes for version 18.4.2 (8476)

Published on 12 April 2018

Integrations

4 New Integrations

• Carbon Black Enterprise Live Response
  -- Collect information and take action on remote endpoints in real time
• RSA NetWitness v11.1
  -- Systems logs, network and endpoint visibility for real-time collection, detection and automated response
• Symantec Messaging Gateway
  -- Protect against spam, malware, targeted attacks and provide advanced content filtering, data loss prevention and email encryption
• TruSTAR
  -- Threat intelligence platform that enriches every stage of security operations workflows from the trusted and relevant data sources

6 Improved Integrations

• SplunkPy
  -- Fetch notable events by index time (instead of event time)
• Cybereason
  -- Added isolate and un-isolate machines commands
• Cylance Protect v2
  -- Added fetch incidents support and fixed Cylance score translation
• EWS v2
  -- Fixed ews-search-mailboxes command
• Salesforce
  -- Added outputs and improved war-room results for all commands
• Zscaler
  -- Added commands - lookup, whitelist, undo-whitelist, undo-blacklist for URLs and IP addresses

Scripts

New Scripts

• JoinIfSingleElementOnly
  -- A transformer that returns a single element in case the array has only one element in it, otherwise return the whole array

Improved Scripts

• ParseEmailFiles
  -- Better handling of non-UTF characters

Reports

2 Improved Reports

• Daily incidents
  -- Removed open duration as it is not set for open incident
• Investigation Summary
  -- Added linked incidents section

Utilities

• JavaScript
  -- Added 'fixUrl', 'endsWith' and 'startsWith' functions to string type
• Python
  -- escaped special characters used in 'tableToMarkdown'