Plugins
Updates
| Name | Version | Details |
|---|---|---|
| Zscaler | 1.1.2 | Support both domains and URL inputs in the Blacklist URL and Lookup URL actions |
| Darktrace | 2.0.0 | Fix input 0 for parameters DID, PBID, Min Score and PID in trigger Get Alerts |
| Cisco Adaptive Security Appliance | 1.4.1 | Fix None check in actions Add Address to Group and Create Address Object |
| Microsoft Intune | 1.2.1 | Improve e-mail search in Search Devices action by performing an extended all device search for emailAddress and userPrincipalName when email is not found |
| Grep | 1.0.4 | Security fix for potential arbitrary code execution |
| Recorded Future | 3.0.0 | Add input fields to Search Domains, Search Hashes, Search IP Addresses, Search Vulnerabilities, Search Malware and Lookup Malware actions |
| Rapid7 InsightVM | 4.4.3 | Update to error handling and documentation around console URL in connection |
| ServiceNow | 4.1.0 | Add trigger Incident Created |
| Dig | 1.0.7 | Fix bug in safe_parse function |
| SentinelOne | 4.0.0 | Update ID input for Fetch Threats File action to a string |
| Active Directory LDAP | 4.0.1 | Fix issue were logging of connection info did not display hostname correctly |
| VirusTotal | 6.0.4 | Fix issue in IP Address Report action where ASN output is sometimes a string |
| CrowdStrike Falcon | 2.2.0 | Add new action Quarantine |
| Microsoft Office 365 Email | 5.0.0 | Update Send Email action to allow multiple attachments and recipient |
Workflows
New Releases
| Name | Version | Details |
|---|---|---|
| Enrich CVE with Recorded Future from Slack | 1.0.0 | Initial workflow |
| Enrich CVE with Recorded Future from Microsoft Teams | 1.0.0 | Initial workflow |
Updates
| Name | Version | Details |
|---|---|---|
| Disable Domain User with Active Directory from InsightIDR UBA Alert | 1.0.1 | Update Active Directory LDAP to version 4.0.1 |
| Enrich InsightIDR Alerts with Threat Intelligence from VirusTotal | 1.0.2 | Update workflow to use VirusTotal 6.0.4 plugin which fixes an issue returning ASNs |
| Check Host Block Status with Fortinet Firewall from Slack | 2.0.0 | Update workflow to fix issue where addresses were not being correctly parsed |
| Disable User in Active Directory from Microsoft Teams | 1.0.3 | Update Active Directory LDAP to version 4.0.1 |
| Force Password Reset in Active Directory from Microsoft Teams | 1.0.3 | Update Active Directory LDAP to version 4.0.1 |
| Force Password Reset in Active Directory from Slack | 1.0.4 | Update Active Directory LDAP to version 4.0.1 |