Plugins
Updates
| Name | Version | Details |
|---|---|---|
| Zscaler | 1.3.0 | Add Get Blacklist URL action |
| Elasticsearch | 2.0.3 | Updated Search Documents action output schema |
| Proofpoint TAP | 1.0.8 | Fix finding e-mail in header_from for e-mails addresses with [.]
|
| Shodan | 1.1.0 | Add example inputs |
| WHOIS | 3.0.1 | Clean up help.md formatting |
| Jira | 6.0.4 | Update to v4 Python plugin runtime |
| AbuseIPDB | 5.0.4 | Update to v4 Python plugin runtime |
| Microsoft Office365 Email Security | 2.2.4 | Add example inputs in all actions |
| Type Converter | 1.7.0 | New action Array Diff |
Workflows
New Releases
| Name | Version | Details |
|---|---|---|
| Blacklist URLs with Zscaler from Microsoft Teams | 1.0.0 | Initial workflow |
| Apply Asset Tag with InsightVM from Slack | 1.0.0 | Initial workflow |
Updates
| Name | Version | Details |
|---|---|---|
| Alert on Presence of Zero Logon Vulnerability with Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
| Send Remediated Vulnerabilities Message in Microsoft Teams from InsightVM | 2.0.1 | Update Microsoft Teams to version 3.1.0 |
| Alert on New High Risk Vulnerability in InsightVM with Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
| Block Host with Cisco ASA Firewall from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
| Quarantine Endpoint with Carbon Black EDR from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
| Quarantine Endpoint with CrowdStrike Falcon from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
| Enrich CVE with Recorded Future from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
| Manage Watched Domains with Darktrace from Microsoft Teams | 1.0.2 | Update documentation |
| Manage Expiring Vulnerability Exceptions with InsightVM and Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
| Enrich Indicators with OSINT from Microsoft Teams | 2.0.1 | Update Microsoft Teams to version 3.1.0 |
| Delete Assets with InsightVM from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
| Quarantine Endpoint with Microsoft Defender ATP from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
| List All Inactive Assets with InsightVM from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
| Enrich URLs and Domains with VirusTotal from Microsoft Teams | 1.1.1 | Update Microsoft Teams to version 3.1.0 |
| Blacklist Hash with Sophos Central from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
| Blacklist Indicators with Microsoft Defender ATP from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
| Quarantine Endpoint with CylanceOPTICS from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
| Check Host Block Status with Cisco ASA from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
| Quarantine Endpoint with Rapid7 Insight Agent from Microsoft Teams | 1.0.1 | Update Microsoft Teams to version 3.1.0 |
| Quarantine Endpoint with SentinelOne from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Blacklist Hash with Broadcom Symantec Endpoint Protection from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Blacklist Indicators with Trend Micro Apex from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Quarantine Endpoint with Trend Micro Apex from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Blacklist Hash with SentinelOne from Microsoft Teams | 1.1.0 | Update to use latest SentinelOne and Microsoft Teams plugins |
| Blacklist Hash with CylancePROTECT from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Quarantine Endpoint with Broadcom Symantec Endpoint Protection from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Quarantine Endpoint with VMware Carbon Black Cloud from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Virtually Patch Vulnerabilities Found by InsightVM with Deep Security | 1.1.0 | Improve the job run time |
| Blacklist Hash with SentinelOne from Slack | 1.1.0 | Update to use latest SentinelOne plugin |
| Scan Asset with InsightVM from Microsoft Teams | 1.1.0 | Replace the Settings step with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Block Host with Check Point Firewall from Microsoft Teams | 1.0.4 | Update workflow to use version 3.1.0 of the Microsoft Teams plugin |
| Block Host with Fortinet Firewall from Microsoft Teams | 1.1.2 | Update Microsoft Teams to version 3.1.0 |
| Lookup InsightVM Host Info from Microsoft Teams | 1.1.0 | Replace the Settings step with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Lookup Vulnerability from Microsoft Teams | 1.1.0 | Replace the Settings step with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Lookup Exploit with AttackerKB from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Check Host Block Status with Check Point Firewall from Microsoft Teams | 1.2.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Check Host Block Status with Palo Alto Firewall from Microsoft Teams | 1.2.1 | Update Microsoft Teams to version 3.1.0 |
| Block Host with Palo Alto Firewall from Microsoft Teams | 1.2.1 | Update Microsoft Teams to version 3.1.0 |
| Deploy Patch with HCL BigFix from Microsoft Teams | 2.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Check Host Block Status with Fortinet Firewall from Microsoft Teams | 1.2.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Revoke User Session in Azure AD from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Enrich URL with Urlscan.io from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Post Exchange Phishing Alerts to Microsoft Teams | 1.0.3 | Update Microsoft Teams to version 3.1.0 |
| Post Office 365 Phishing Alerts to Microsoft Teams | 1.0.7 | Update Microsoft Teams to version 3.1.0 |
| Geolocate IP Address with IPStack from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Enrich File Hash with VirusTotal from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Force Password Reset in Active Directory from Microsoft Teams | 1.1.1 | Update documentation |
| Unshorten URL from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Block Sender in Office 365 from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Find and Delete Emails in Office 365 from Microsoft Teams | 1.1.0 | Replace the preset text of "change_me" with automatic team and channel name extraction in all Microsoft Teams steps except the first one |
| Office 365 Enrichment | 1.1.0 | Workflow improvements |