Cortex XSOAR for Developers (Formerly Demisto)

Demisto Content Release Notes for version 20.3.2 (43553)

Published on 11 March 2020

Integrations

New Integrations

  • CVE Search v2 Searches for CVE information using circl.lu.

7 Improved Integrations

  • Anomali ThreatStream v2 Fixed an issue where inactive indicators were taken into account.
  • Atlassian Jira v2 Fixed an issue in the jira-create-issue and jira-edit-issue commands where the due date was not set correctly.
  • CyberArk AIM Improved display of integration parameters.
  • CVE Search Added batch support to the cve-search command.
  • Rasterize
    • Fixed the setting Use system proxy settings, so proxies are ignored when not enabled.
    • Fixed an issue with the rasterize command in which child processes were defunct when using a proxy server.
  • AbuseIPDB
    • Improved parsing in the ip command.
  • SplunkPy
    • Fixed an issue where fetch-incidents did not work as intended.
    • Fixed an issue where splunk-parse-raw command cut the last character of parsed fields.

Scripts

New Scripts

  • DBotPredictOutOfTheBox Predicts phishing incidents using the out-of-the-box pretrained model.

Playbooks

New Playbook

  • Kenna - Search and Handle Asset Vulnerabilities This playbook accepts an asset, then searches for vulnerabilities on that asset using the Kenna integration. If a vulnerability exists, it looks for relevant patches, lets the analyst deploy them and then generates an investigation summary report.

Improved Playbook

  • QRadar Indicator Hunting V2 Fixed missing task links.

XSOAR 5.5 Beta Release

Feeds

2 Improved Feeds in 5.5.0

  • Recorded Future RiskList Feed Fixed an issue with the integration's indicator field mapping.
  • TAXII Feed Fetches indicators from a TAXII server as the indicators are published to the feed.

Incident Fields in 5.5.0

Added the Add as optional graph option to the incident field Device Name.

Assets

Edit this page
Report an Issue