This section describes the changes in content (integrations, playbooks, and indicators) from April 2024 to June 2024.
Content |
Description |
Change type |
|---|---|---|
Cortex XDR Malicious Pod Response Playbook |
This new playbook helps you quickly and effectively respond to malicious activity in pods. It includes a master playbook and a sub-playbook for agent and agentless environments. The playbook automates the creation of a Lambda function, handles container registry and image verification, and integrates threat intelligence and image scanning to provide comprehensive security measures. For more information, see Cortex XDR - Malicious Pod Response. |
New |
Zoom Mail integration |
The new Zoom Mail integration allows for email creation and deletion, user management, and streamlining message handling with attachment extraction. For more information, see Zoom Mail. |
New |
Rapid7 InsightVM integration |
The integration now supports creating, updating, deleting, and retrieving tags and their associations with assets and groups. It also includes commands for managing site targets and groups. For more information, see Rapid7 InsightVM Cloud. |
Update |
GitHub Feed |
A new feed was added, which fetches indicators from GitHub repositories. For more information, see Github Feed. |
New |
AWS EKS integration |
The new AWS EKS integration enables the management and operation of Amazon Elastic Kubernetes Service (EKS) clusters. For more information, see AWS-EKS. |
New |
Yara Rule indicator |
Added a new indicator type, which is part of the Yara content pack. For more information, see the Yara content pack. |
New |
Generic Webhook integration |
This integration has been enhanced to support the creation of multiple incidents in a single request. For more information, see Generic Webhook. |
Updated |