Demisto Content Release Notes for version 20.3.1 (42860)#

Published on 04 March 2020#

Integrations#

New Integrations#

  • CVE Search v2 Searches for CVE information using circl.lu.

7 Improved Integrations#

  • Anomali ThreatStream v2 Fixed an issue where inactive indicators were taken into account.
  • Atlassian Jira v2 Fixed an issue in the jira-create-issue and jira-edit-issue commands where the due date was not set correctly.
  • CyberArk AIM Improved display of integration parameters.
  • CVE Search Added batch support to the cve-search command.
  • Rasterize
    • Fixed the setting Use system proxy settings, so proxies are ignored when not enabled.
    • Fixed an issue with the rasterize command in which child processes were defunct when using a proxy server.
  • AbuseIPDB
    • Improved parsing in the ip command.
  • SplunkPy
    • Fixed an issue where fetch-incidents did not work as intended.
    • Fixed an issue where splunk-parse-raw command cut the last character of parsed fields.

Scripts#

New Scripts#

  • DBotPredictOutOfTheBox Predicts phishing incidents using the out-of-the-box pretrained model.

Playbooks#

New Playbook#

  • Kenna - Search and Handle Asset Vulnerabilities This playbook accepts an asset, then searches for vulnerabilities on that asset using the Kenna integration. If a vulnerability exists, it looks for relevant patches, lets the analyst deploy them and then generates an investigation summary report.

Improved Playbook#

  • QRadar Indicator Hunting V2 Fixed missing task links.

XSOAR 5.5 Beta release#

Feeds#

2 Improved Feeds in 5.5.0#

  • Recorded Future RiskList Feed Fixed an issue with the integration's indicator field mapping.
  • TAXII Feed Fetches indicators from a TAXII server as the indicators are published to the feed.

Incident Fields in 5.5.0#

Added the Add as optional graph option to the incident field Device Name.


Assets#