Skip to content

Content Release 17.11.1
Compare
Choose a tag to compare
@asafshen asafshen released this 26 Nov 14:15
17.11.1
f982718

Release Notes for version 17.11.1 (4833)

Playbooks

1 Improved Playbook

  • Tanium Demo Playbook
    -- Updated playbook with new commands

Integrations

2 New Integrations

  • Demisto REST API
    -- Use Demisto REST APIs both in local and external Demisto servers
  • Icebrg
    -- iceberg.io Streaming Network Forensics

15 Improved Integrations

  • Tanium
    -- Tanium integration was vastly improved and now provides more Tanium SDK options
  • McAfee Advanced Threat Defense
    -- Fixed get-reports command (permissions to download PDF and samples and types of files)
  • Anomali ThreatStream
    -- Added threshold argument to set if query is malicious
  • Carbon Black Defense
    -- Added proxy and skip certificate check options
  • Service Manager
    -- Added descriptions to commands
  • IntSights
    -- Print message body when json parsing fails
  • LightCyber Magna
    -- Added descriptions for some arguments
  • EWS
    -- Fixed fetch-incidents, when there is no "To:" in the e-mail
  • Phishme Intelligence
    -- Changed reputation of threats to be calculated by severity level
  • PhishTank
    -- Integration is now enabled by default
  • ProtectWise
    -- Added descriptions for outputs
  • QRadar
    -- Will print descriptive message in case of parsing error
  • Urlscan.io
    -- Integration is now enabled by default
  • Vmray
    -- Uses public docker image now
  • CyberArkAIM
    -- Support fetch for multiple credentials
    -- Added list-credentials command

Scripts

6 New Scripts

  • ContextGetPathForString
    -- Searches for string in context and returns context path
  • DemistoCreateList
    -- Creates a new Demisto list
  • DemistoDeleteIncident
    -- Deletes an incident from Demisto
  • DemistoLinkIncidents
    -- Links two or more incidents
  • DemistoSendInvite
    -- Sends invitation to join Demisto
  • JIRAPrintIssue
    -- Pretty print JIRA issue into the incident war room

1 Improved Script

  • http
    -- Added support for downloading a file to the war room

6 Deprecated Scripts

  • TaniumApprovePendingActions
    -- Deprecated. Use tn-approve-pending-action instead
  • TaniumAskQuestion
    -- Deprecated. Use tn-ask-question instead
  • TaniumAskQuestionComplex
    -- Deprecated. Use tn-ask-question instead
  • TaniumDeployAction
    -- Deprecated. Use tn-deploy-package instead
  • TaniumFindRunningProcesses
    -- Deprecated. Use tn-ask-question instead
  • TaniumShowPendingActions
    -- Deprecated. Use tn-get-all-pending-actions instead
Assets 3
Loading