Demisto Content Release Notes for version 19.7.1 (25540)
Published on 11 July 2019
- Perception Point
Use the Perception Point integration to load incidents from Perception Point and release falsely quarantined emails.
12 Improved Integrations
- Mail Sender (New)
- Added support for internationalized headers.
- Fixed an issue with new lines in the message subject.
Added the Referer parameter (optional), which adds a referer header to the requests sent by the integration.
- Have I Been Pwned?
Fixed an issue in which the compromised email reason displays as domain instead of title.
Improved handling of the lr-get-alarm-events-by-id command when there are no events for the alarm.
- RSA NetWitness Packets and Logs
Improved error message handling.
- Palo Alto Networks PAN-OS EDL Management
- Improved error handling for non-existent files and lists.
- Fixed an issue when exporting the integration context list to a file.
- Palo Alto Networks AutoFocus V2
Improved command and argument descriptions.
- Palo Alto Networks PAN-OS
- Fixed an issue in which address groups and addresses failed to be listed when only one object was present.
- Added the following commands, which accomplish the use case of investigating traffic logs.
Added the ability to disable SSL verification.
- CrowdStrike Falcon Intel
- Fixed an issue with converting dates to epoch in the cs-reports command.
- Fixed an issue in which domain names were entered as values in the campaign_name argument for enrichment commands.
- Added support to not auto-enrich indicators for War Room entries.
- McAfee ESM v10 and v11
- Added support for version 11.1.
- Fixed an issue with error handling messages.
- Carbon Black Enterprise Response
Fixed an issue when using an MD5 hash to query in the get-processes command.
2 Improved Scripts
Added the trust_any_certificate and use_system_proxy options.
Fixed descriptions for the automation and arguments.
2 New Playbooks
Queries traffic logs in a Palo Alto Networks PAN-OS Panorama device or Firewall device.
- Detonate URL - WildFire-v2
Detonates a webpage or a remote file using the Palo Alto Networks WildFire integration. This playbook returns relevant reports to the War Room and file reputations to the context data.
4 Improved Playbooks
- Dedup - Generic
Improved argument descriptions.
Improved playbook task names.
Improved the tooltip for the dt argument.
- Endpoint Enrichment - Cylance Protect v2
Fixed an issue in which the playbook fails if there is not an instance of the Cylance Protect v2 integration enabled.
- Added the SSDeep Hash Indicator field.
- Updated the Indicator Associated File Names field.
- Added support for the equals sign (=) in the email indicator.
- Updated file reputations.