Demisto Content Release Notes for version 18.9.0 (12477)
Published on 04 September 2018
Integrations
3 New Integrations
- __PagerDuty v2__
Alert and notify users using PagerDuty. For more information, see the [PagerDuty documentation](https://support.demisto.com/hc/en-us/articles/360008517394-PagerDuty).
- __SCADAfence CNM__
Query and fetch data from SCADAfence CNM. For more information, see the [SCADAfence documentation](https://support.demisto.com/hc/en-us/articles/360008899633-SCADAfence-Continuous-Network-Monitor-CNM-).
- __Aella Starlight__
Pervasive breach detection system. For more information, see the [Aella Starlight documentation](https://support.demisto.com/hc/en-us/articles/360008872313-Aella-Starlight).
20 Improved Integrations
- __RSA Archer__
Passwords now support special characters.
- __Carbon Black Defense__
Improved outputs in the ___cbd-get-alerts-details___ command. For more information, see the [Carbon Black Defense documentation](https://support.demisto.com/hc/en-us/articles/360006171153-Carbon-Black-Defense).
- __CrowdStrike Falcon Host__
Improved outputs for the ___cs-device-search___ command. For more information, see the [CrowdStrike Falcon Host documentation](https://demisto.zendesk.com/hc/en-us/articles/360008475454).
- __Cybereason__
For more information, see the [Cybereason documentation](https://support.demisto.com/hc/en-us/articles/360007903594).
- Added the following commands.
- ___cybereason-add-comment___
- ___cybereason-query-malops___
- ___cybereason-update-malop-status___
- ___cybereason-malop-processes___
- Added malops fetch.
- Added client-certificate authentication.
- __McAfee ESM v10__
Added the following commands.
- ___esm-get-alarm-event-details___
- ___esm-list-alarm-events___
- __GRR Rapid Response__
Improved property identifier to username. For more information, see the [GRR Rapid Response documentation](https://support.demisto.com/hc/en-us/articles/360008866593-GRR-Rapid-Response).
- __MISP__
Fix proxy parameter issue.
- __McAfee Advanced Threat Defense__
Deprecated several commands. You should use the relevant detonate playbook. For more information, see the [McAfee Advanced Threat Defense documentation](https://support.demisto.com/hc/en-us/articles/360005343954-McAfee-Advanced-Threat-Defense-ATD-).
- ___deprecate detonate-file___
- ___detonate-url commands___
- __McAfee NSM__
Added proxy support.
- __Okta__
Added the following commands. For more information, see the [Okta documentation](https://support.demisto.com/hc/en-us/articles/360007824353-Okta).
- ___okta-suspend-user___
- ___okta-unsuspend-user___
- __RSA NetWitness v11.1__
There are separate checkboxes to fetch incident data and to fetch alert data. If you want to fetch alert data, you need to select both checkboxes. For more information, see the [NetWitness v11 documentation](https://demisto.zendesk.com/hc/en-us/articles/360006756714).
- __Rapid7 Nexpose__
Added the ___nexpose-create-site___ command. For more information, see the [Rapid7 Nexpose documentation](https://support.demisto.com/hc/en-us/articles/360006756333-Rapid7-Nexpose).
- __Salesforce__
Added the ___salesforce-delete-case___ command. For more information, see the [Salesforce documentation](https://support.demisto.com/hc/en-us/articles/360001848133-Salesforce).
- __SplunkPy__
Fixed an encoding issue in the ___splunk-submit-event___ command.
- __Cisco Threat Grid__
Added the playbook parameter.
- __Tanium__
- Added the following commands.
- ___tn-ask-manual-question___
- ___tn-get-sensor___
- ___tn-get-action___
- Modified the ___tn-deploy-package___ command.
- Added sensor variables as an argument.
- Added action details to the outputs.
- Improved raw response.
- Modified the tn-get-package command.
- Added sensor variable to outputs.
- __urlscan.io__
Fixed the display for empty ASN.
- __VirusTotal__
ScanID will appear now in the context data instead of in the command war-room output.
- __CyberArk AIM__
Added the ___cyber-ark-aim-query___ command.
- __Atlassian Jira__
Improved the ___jira-edit-issue___ command. For more information, see the [Jira documentation](https://support.demisto.com/hc/en-us/articles/236000927-Jira).
---
Scripts
1 New Script
- __EncodeToAscii__
Input text data to encode as ASCII. (Ignores any chars that are not interpreted as ASCII).
13 Improved Scripts
- __D2O365ComplianceSearch__
Fixed the ___file argument not found___ error.
- __D2O365SearchAndDelete__
Fixed the ___file argument not found___ error.
- __DeleteContext__
- Changed user from limited user to DBot.
- Added support to keep keys from nested objects and auto-trim for context path.
- __DomainReputation__
Domain argument marked as default, so script can be executed as ehnancement on Domain indicators.
- __IsEmailAddressInternal__
Handled context to prevent duplicates.
- __IsValueInArray__
Improved support for manual execution (parse string array).
- __MatchRegex__
Added the option to return all matches.
- __PagerDutyAlertOnIncident__
Updated to match PagerDuty API v2.
- __PagerDutyAssignOnCallUser__
Updated to match PagerDuty API v2.
- __PanoramaBlockIP__
Fixed the output types.
- __ParseEmailFiles__
Fixed header parsing.
- __ParseCSV__
- Added the __entryID__ argument to get the file entry by ID.
- The __file__ argument is deprecated.
- __IsIPInRanges__
Improved handling of spaces and new lines in provided IP ranges string.
---
Incident Fields
Added the __In-Reply-To__ field to the incident details.
---
Classification & Mapping
New Classification & Mapping
- __Aella Starlight__
2 Improved Classification & Mapping
- __EWS v2__
Removed default mapping of __html-body__ to prevent the rendering of malicious links.
- __Gmail__
Gmail classifier.