- 07 Feb 2024
- 3 Minutes to read
- DarkLight
Content digest 7.2.24
- Updated on 07 Feb 2024
- 3 Minutes to read
- DarkLight
We’ve added the following new integrations, steps, improvements, and templates:
- New templates
- Google Sheets
- Hudu
- Jira On-Premise
- Nucleus
- Palo Alto Networks Cortex XDR
- Scripting
- Silent Push
- Splunk
- Splunk Cloud
New templates
Added the following template to the template library.
Google Sheets
A new step was added to the Google Sheets integration:
- Update Sheet Title: Updates the title (name) of a given sheet in a Google Sheets' worksheet.
Hudu
A new Hudu steps integration is now available on the Integrations page.
The following steps are available:
- List Companies: Gather a list of companies from the Hudu database.
- List Assets: Gather a list of assets from the Hudu database.
Jira On-Premise
The Assign Issue step has a new optional parameter:
- CLIENT_PRIVATE_KEY_PEM: The contents of a .pem file containing the client certificate's private key. Useful when a specific client certificate is needed.
The Add Attachment step has several new optional parameters:
- SKIP_SSL_VERIFICATION: If set, request will not verify SSL certificates. Where applicable, it might be better to provide a self-signed certificate using the
CUSTOM_CERTIFICATES_PEM
parameter. - CUSTOM_CERTIFICATES_PEM: The contents of a .pem file containing a self-signed certificate or certificate chain. Useful when connecting to local servers.
- SKIP_SSL_VERIFICATION: If set, request will not verify SSL certificates. Where applicable, it might be better to provide a self-signed certificate using the
The Delete Issue step has several new optional parameters:
- SKIP_SSL_VERIFICATION: If set, request will not verify SSL certificates. Where applicable, it might be better to provide a self-signed certificate using the
CUSTOM_CERTIFICATES_PEM
parameter. - MAX_RETRIES: The maximum number of times a step will be retried. By default (-1), the step will keep retrying for up to 50 seconds.
- CLIENT_PRIVATE_KEY_PEM: The contents of a .pem file containing the client certificate's private key. Useful when a specific client certificate is needed.
- SKIP_SSL_VERIFICATION: If set, request will not verify SSL certificates. Where applicable, it might be better to provide a self-signed certificate using the
The Get Issue by Key step has a new optional parameter:
- CLIENT_PRIVATE_KEY_PEM: The contents of a .pem file containing the client certificate's private key. Useful when a specific client certificate is needed.
Nucleus
A new Nucleus steps integration is now available on the Integrations page.
The following steps are available:
- Get Software Details: Returns details of software that has been enumerated.
- Get Logs: Returns the logs from the Nucleus platform.
- List Reports: Returns a list of reports for the specified project.
- Get Report: Returns the report file from a project.
- List Issues: Returns a list of issues for the specified project.
- Get Risk Score: Returns the risk score from the specified project.
- List Assets: Returns a list of assets for the specified project.
Palo Alto Networks Cortex XDR
A new step was added to the Palo Alto Networks Cortex XDR integration:
- Get Extra Incident Data: Get extra data fields of a specific incident including alerts and key artifacts.
Scripting
A new step was added to the Scripting integration:
- Run a Python data processing script: Run a Python script that processes data. Python's version is 3.11. It comes with the Python Standard Library, pyopenssl, crcmod and requests package, and the following packages:
- pandas
- numpy
- openpyxl
Silent Push
A new Silent Push steps integration is now available on the Integrations page.
The following steps are available:
- Enrich IPv6: Returns IPv6 enrichment information
- Enrich IPv4: Returns IPv4 enrichment information
- Enrich Domain: Returns domain enrichment information
- Get Feed: Returns Indicators of Future Attach Feed
- Forward PADNS Lookup: Forward lookup of Passive DNS data
- Reverse PADNS Lookup: Reverse lookup of Passive DNS data
Splunk
A new step was added to the Splunk integration:
- Get Authentication Tokens: View existing token(s), optionally by user or status.
Splunk Cloud
A new Splunk Cloud steps integration is now available on the Integrations page.
The following steps are available:
- Create Token: Create a new token
- Create a HEC token: Create a new HEC token
- View an access token: View a specific access token
- List HEC Tokens: List existing HEC tokens
- Delete an Access Token: Delete a token
- List Tokens: View existing JWT authentication tokens