Sumo Logic Cloud SOAR Release Notes https://help.sumologic.com/release-notes-csoar/ New and enhanced Cloud SOAR features, bug fixes, changes to the application, and more. Fri, 03 Jan 2025 00:00:00 GMT https://validator.w3.org/feed/docs/rss2.html https://github.com/jpmonette/feed en Copyright © 2025 Sumo Logic <![CDATA[January 03, 2025 - Application Update]]> https://help.sumologic.com/release-notes-csoar/2025/01/03/application-update/ https://help.sumologic.com/release-notes-csoar/2025/01/03/application-update/ Fri, 03 Jan 2025 00:00:00 GMT icon

Changes and Enhancements

Platform

  • Playbooks:
    • Performance optimisations on Incidents page.
    • Faster onboarding and provisioning for new Cloud SOAR and Automation service customers.
    • Display Integration Name and Cartesian product in node details popup.

Bug Fixes

  • Playbooks:
    • Added validations for required fields in playbook nodes.
    • Updated error messages for required fields.
  • Integrations:
    • Fixed an issue with API authorization in the Sumo Logic Log Analytics integration.
    • Fixed the issue of action details not persisting on failure while testing an action.
  • Incidents:
    • Fixed an issue where the Incident Owner field appeared empty in the incident close audit log.
]]> <![CDATA[January 03, 2025 - Content Release]]> https://help.sumologic.com/release-notes-csoar/2025/01/03/content/ https://help.sumologic.com/release-notes-csoar/2025/01/03/content/ Fri, 03 Jan 2025 00:00:00 GMT icon

This release introduces new integrations, new playbooks, and several updates.

Integrations

]]> <![CDATA[2024 Archive]]> https://help.sumologic.com/release-notes-csoar/2024/12/31/ https://help.sumologic.com/release-notes-csoar/2024/12/31/ Tue, 31 Dec 2024 00:00:00 GMT icon

This is an archive of 2024 Cloud SOAR release notes. To view the full archive, click here.

December 31, 2024 - Application Update

Sumo Logic On-Premises SOAR Solution End-of-Life

Effective today, December 31, 2024, Sumo Logic’s on-premises SOAR solution has reached end-of-life and is obsolete. Beginning today, it no longer receives applicable support entitled by active support contracts or by applicable warranty terms and conditions.

We previously announced that as of November 15, 2023, Sumo Logic's on-premises SOAR solution no longer received updates, and Sumo Logic Engineering no longer developed, repaired, maintained, or tested the software as of that date.

To upgrade to Sumo Logic’s Cloud SOAR offering, reach out to your Sumo Logic representative.

November 20, 2024 - Content Release

This release introduces new integrations, new playbooks, and several updates.

Integrations

November 15, 2024 - Application Update

Changes and Enhancements

Platform
  • Playbooks
    • Improvement - Disabled Cartesian Product flag on all new nodes by default.
Automation Bridge

We are happy to announce a beta version of the Automation Bridge that includes the following:

  • Support for new CentOS version
    • The CentOS docker image version has been upgraded from CentOS 7 to CentOS 8.
  • Security fixes

Bug Fixes

  • Playbooks
    • Fixed Playbook nodes rendering issue on Safari browser.
    • Fixed issue related to use of underscore within playbooks input fields.
    • Fixed issue with using authorizer value from playbook input variables in user choice node.
  • Integrations
    • Resolved an issue where the 'Close Insight' trigger action was not functioning as expected.
  • Incidents
    • Improved Incident templates page load time.
    • Fixed issues while trying to update Incident templates.

July 17, 2024 - Application Update

Changes and Enhancements

  • Automation Audit: Logs now contain information about action and section detail (for playbooks, rules, observables, triage, incidents, and so on).
  • Playbooks: Added option “Split By” for Filter node.
Cloud SOAR
  • Playbooks:
    • Added option to hide trigger action modal.
    • Added option to remove additional information from the Slack message in User Choice node.

Bug fixes

  • Playbooks:
    • Fixed send mail action error with Unicode characters.
    • Fixed export.

June 5, 2024 - Content Release

This release introduces new integrations, new playbooks, and several updates.

Integrations

Playbooks

  • [New] 541 - Management of AWS EKS Insights
  • [New] 542 - Resolution of AWS EKS Insights
  • [New] 543 - Alert and Vulnerability detection with Sysdig Secure
  • [New] 544 - Vulnerability Alert processing with Sysdig Secure
  • [New] 545 - Resolution of Sysdig Alerts
  • [New] 546 - Resolution of Sysdig Alerts - AWS EKS and AWS Nodes

June 5, 2024 - Application Update

Changes and Enhancements

Cloud SOAR
  • Incident list: Restored all bulk operations for select all option.

Bug fixes

  • Playbooks:
    • Fixed start node configuration issue.
    • Fixed Input values not displayed correctly in Condition node.
    • Fixed issue related to send email action when cc field is not populated.
    • Fixed issue related to "Playbooks suddenly failing because of missing parameters".
    • Fixed issue with unsupported special characters.
  • Integrations:
    • Fixed issue related to Internal Integration and output edit.
    • Fixed issue related to Join and unique operator.
  • Entities: Fixed table loading issue.
  • Fixed issue related to trigger action, when APIs are involved.
Cloud SOAR
  • SecOps: Fixed issue when filtering cards with large number of Incidents or Triage events.
  • Incidents:
    • Fixed closing note permission.
    • Fixed issue with old SOAR Incidents not loading.
    • Fixed issue related to mandatory Incident closing note.
  • Fixed issue with Trigger action Incident Close.

April 23, 2024 - Application Update

Changes and Enhancements

  • Integrations: Basic Tools added CC in Send Mail Action.

Bug fixes

  • Integrations:
    • Fixed resource testing.
    • Fixed internal integration update process.
    • Fixed output fields containing a value of numerical "0" logged blanks instead of the actual number.
  • Playbooks:
    • Fixed playbook condition logic with AND, OR operators.
    • Fixed textarea and regex parsing when HTML tags are enabled.
    • Fixed issue related to multiple playbook revisions and user choice execution.
Cloud SOAR
  • Incident: Fixed issue with war room large content loading.
  • API documentation updated.

April 18, 2024 - Content Release

This release introduces two new integrations and several updates to integrations and related playbooks.

Integrations

Playbooks

  • [Updated] 501 - Send Insight AWS SNS Notification
  • [Updated] 502 - Send Insight Email Notification
  • [Updated] 503 - Enrich Entity with CrowdStrike Falcon Intelligence
  • [Updated] 504 - Enrich Entity with DomainTools
  • [Updated] 505 - Enrich IP with Geolocation from MaxMind
  • [Updated] 506 - Recommend Insight Response
  • [Updated] 507 - Create PagerDuty Incident for Insight
  • [Updated] 508 - Enrich Entity with PowerShell GreyNoise
  • [Updated] 509 - Enrich Entity with PowerShell SentinelOne
  • [Updated] 510 - Enrich Entity with PowerShell User Query
  • [Updated] 511 - Enrich Entity with PowerShell CrowdStrike
  • [Updated] 512 - Enrich Entity with PowerShell CarbonBlack
  • [Updated] 513 - Enrich Entity with PowerShell Whois
  • [Updated] 514 - Enrich Entity with PowerShell nslookup
  • [Updated] 515 - Enrich Entity with Recorded Future
  • [Updated] 516 - Enrich Hash with SentinelOne
  • [Updated] 517 - Create ServiceNow Ticket for Insight
  • [Updated] 518 - Update ServiceNow Ticket for Insight
  • [Updated] 519 - Send Insight Slack Notification
  • [Updated] 520 - Enrich Entity with Log Search
  • [Updated] 521 - Update Match List
  • [Updated] 522 - Create Jira Issue for Insight
  • [Updated] 523 - Update Jira Issue for Insight
  • [Updated] 524 - Enrich IP Address with GreyNoise
  • [Updated] 525 - Enrich Entity with Jamf
  • [Updated] 526 - Send Insight Teams Notification
  • [Updated] 527 - Enrich Entity with VirusTotal
  • [Updated] 528 - Create ZenDesk Ticket for Insight
  • [Updated] 529 - Update ZenDesk Ticket for Insight
  • [Updated] 530 - Get Mitre Mitigations for Insight
  • [Updated] 531 - Example Insight full Enrichment
  • [Updated] 532 - Example Entity full Enrichment
  • [Updated] 533 - Example Involved Entities full Enrichment
  • [Updated] 534 - Enrich Entity with AlienVault OTX
  • [Updated] 535 - Application Latency Playbook
  • [Updated] 536 - Unresolved Alert Notification
  • [Updated] 537 - Amazon GuardDuty BruteForce finding
  • [Updated] 538 - Admin Privileges Granted
  • [Updated] 539 - Amazon GuardDuty InstanceCredentialExfiltration finding
  • [Updated] 540 - EC2 instance accessed from malicious IP

April 9, 2024 - Application Update

Changes and Enhancements

  • Text area editor: HTML mode is disabled by default.
  • Automation: In playbook list view now results are loaded after the user opens each action card.

Bug fixes

  • App Central: Now when an integration is updated, user custom YAML output is automatically handled by the system and merged during the update process.
  • Automation: Users can now contact Sumo support asking from which public IPs automations will be generated.
  • Playbooks:
    • Fixed playbook saving action that caused playbooks to be empty.
    • Fixed issue related to multiple manual action execution in the same playbook.
    • Fixed import issue.
Cloud SOAR
  • Entities: Fixed issue when creating new entity of type FILE.
  • Rules: Now it is not possible to create two rules with the same name.
  • Incidents: Fixed issue related to incident privileges.

March 26, 2024 - Application Update

Bug fixes

  • Playbooks:
    • Fixed execution with cartesian product disabled.
    • Fixed condition node not working as expected when evaluating value 0 == any string.
  • Fixed date-time format settings.
Cloud SOAR
  • Triage: Fixed playbook graph view errors.
  • Incidents:
    • Fixed incidents navigation button disabled when inside an incident.
    • Fixed modal to add user as investigator that returned an error.
    • Fixed fields with '0' value displayed as empty in GUI.
    • Fixed issue related to 'Prohibit duplicate naming' that was not enforced properly in case of incidents created from automation rule.
    • Fixed duplicate incidents issue when created from webhooks (LAP scheduled search).
    • Fixed incidents list with empty rows.

March 21, 2024 - Content Release

This release introduces three new integrations, as well as several updates.

Integrations

* These integrations have been migrated and are now available in this release.

March 12, 2024 - Content Release

Our Cloud SOAR application update features an important upgrade to Python 3.12 for our Lambda functions. This enhancement is part of our ongoing commitment to security, performance, and the latest technological standards.

The Python upgrade impacts a total of 38 integrations. These integrations will require updates to ensure compatibility with the new Python version.

Please be aware that with this update, the output from certain actions may no longer be displayed as expected if they were customized in your current setup. This is an important consideration for your workflows, and we recommend reviewing any customizations you have in place.

To facilitate a smooth transition, we have prepared a straightforward guide to assist you in updating your integrations. This guide outlines the steps you need to take to ensure your integrations work seamlessly with Python 3.12. Click here for the "Updating App Central Integrations" guide.

Below is the full list of integrations that will be affected by the Python upgrade. Please review this list to determine which integrations in your environment will require attention.

Integrations

  • [Updated] AWS Security Hub
  • [Updated] AlienVault USM Anywhere
  • [Updated] Arbor
  • [Updated] Arcsight ESM
  • [Updated] Chronicle
  • [Updated] Coralogix - Send Logs
  • [Updated] Cortex XDR
  • [Updated] CrowdStrike Falcon
  • [Updated] CrowdStrike Falcon Intelligence
  • [Updated] CylanceProtect
  • [Updated] DarkOwl
  • [Updated] Darktrace
  • [Updated] Devo
  • [Updated] Elastic Security
  • [Updated] FortiAnalyzer
  • [Updated] IMAP
  • [Updated] Incident Tools
  • [Updated] KnowBe4 PhishER
  • [Updated] LogRhythm
  • [Updated] MISP
  • [Updated] Microsoft 365 Defender
  • [Updated] Microsoft EWS
  • [Updated] Microsoft EWS Daemon
  • [Updated] Microsoft Teams
  • [Updated] Mimecast
  • [Updated] Netskope
  • [Updated] ProtectOnce
  • [Updated] RSA NetWitness
  • [Updated] Recorded Future
  • [Updated] SentinelOne
  • [Updated] Sophos Central V3
  • [Updated] Sumo Logic
  • [Updated] Sumo Logic CSE
  • [Updated] Sumo Logic Notifications
  • [Updated] VMware Carbon Black Cloud Endpoint Standard V2
  • [Updated] VMware Carbon Black Cloud Platform
  • [Updated] VirusTotal
  • [Updated] WithSecure Elements

We strongly encourage all users to review the provided documentation and prepare for the upcoming changes. Our support team is available to assist with any questions or concerns regarding this release.

March 12, 2024 - Application Update

Changes and Enhancements

Cloud SOAR
  • Playbooks: Test feature now permits you to use internal Incident ID.

Bug fixes

  • Playbooks:
    • Fixed test playbook broken functionality.
    • Fixed scheduled actions issue.
  • Integrations: Fixed Docker Image build issue that resulted in an internal error.
Cloud SOAR
  • Incidents: Fixed column reordering causing the table to disappear.
  • Triage: Fixed possibility to execute the same playbook more than two times.

February 27, 2024 - Content Release

This release contains several updates, including the introduction of new actions and the resolution of some issues.

Integrations

  • [Updated] Lacework
    • New actions
      • Get Alert Details
      • Search Alerts
    • Fixed endpoint in Close Alert action
  • [Updated] Darktrace
    • Resolved bug related to integration resource
  • [Updated] IP Quality Score
    • New actions
      • Email Reputation
      • URL Reputation
    • Renamed action from "Get Credit Usage API" to "Get Credit Usage"
    • Refined labels and hints
    • Extended output mapping with examples
  • [Updated] OneTrust
    • New action: Create Organization
  • [Updated] Sumo Logic CSE
    • Fixed issue in the "Add Comment To Insight" action where line breaks in the "Insight Comment" field were removed upon submission
  • [Updated] AWS IAM
    • New action: Get Access Key Last Used
    • Fixed bug in some actions
  • [Updated] Incident Tools
    • Fixed Typo
  • [Updated] Atlassian Jira
    • Enhanced "Create Issue" and "Update Issue" actions to support Jira custom fields
  • [Updated] Screenshot Machine
    • Screenshot Webpage Action: Updated with new Cloud SOAR API
  • [Updated] Chronicle
    • New actions:
      • Get Event
      • Get Events
      • Get Log
      • List Alerts
      • UDM Search
    • Fixed a bug related to the PageSize field in the List Alerts action
    • Updated Alerts Daemon Chronicle
      • Fixed a bug related to Last execution time
      • Updated Output mappings
  • [Updated] Zscaler
    • Fixed an issue that prevented some actions from being executed
  • [Updated] Mail Tools
    • Updated Analyze MSG EML action with new Cloud SOAR API
  • [Updated] Recorded Future
    • Refactored Recorded Future Alerts Daemon
    • Refactored Vulnerability Search Daemon
    • Enabled Incident Artifacts feature flag for Get Alert Details action
  • [Updated] GreyNoise
    • New action: Context IP Lookup Community
    • Other minor fixes

February 19, 2024 - Application Update

Changes and Enhancements

  • Playbooks:
    • Enabled playbook testing. With this improvement it is now possible to test a playbook configuration before publishing it, using Insight, Incident or custom JSON as input.
    • Action configuration: Integration fields configuration now suggests default values, if present.
    • UserChoice, answer by Email: Fixed Authorizer usage from previous nodes.
  • AppCentral: Within the Integrations section, each integration card now contains a hyperlink to the related public documentation page Integrations in App Central.
  • Integrations: It is now possible to send custom commands when an integration docker image is created. This feature is available for Not Certified integration only.
Cloud SOAR
  • Enabled a new reporting feature for case management and dashboards.

Bug fixes

  • Integrations:
    • Fixed Resource test issue.
  • AppCentral: Fixed playbook preview when maximized view is used.
Cloud SOAR
  • Rules: Fixed scheduled execution.
  • Tasks: Fixed creation if a required field is dismissed.
  • Incidents: Fixed full screen view buttons for widgets.
  • Notes: Fixed CSV export.

February 6, 2024 - Application Update

New Documentation for the Cloud SOAR SaaS version​

We are excited to announce the following new documentation for features in our Cloud SOAR SaaS version:

  • Features:
  • Open Integration Framework:
    • Integration Builder allows you to build integrations without needing to provide code
    • Integrations, and related action execution, can be done in the cloud or through the Bridge. Only certified integrations can be executed in the cloud.
    • Certified integrations allow you to customize JSON and table output schema
    • Actions configuration during playbook design is rearranged for easier use
  • Architecture:
    • Fully-functional in the Cloud (the Bridge is only required for custom integrations)
    • User and profile management is in Sumo Logic core platform instead of Cloud SOAR
    • Automatic scalability based on server load
    • Cloud SOAR APIs are standardized to use the same infrastructure as APIs in the Sumo Logic core platform

January 30, 2024 - Application Update

Changes and Enhancements

  • Added public help document for supported integrations. See Integrations in App Central.
  • Integrations: Added possibility to rename an integration keeping original reference in YAML.
  • Playbooks:
    • List view set as default. View changes are saved in user preferences.
    • Deprecated Nested attribute.
    • Added possibility to dynamically reference a resource in actions.
  • Automation now tracks failed actions executions.
Cloud SOAR
  • Playbooks: Fixed insight execution for nested playbooks with more than 2 nesting levels.
  • Rules: Added ability to change the Daemon Name or Integration Resource within an existing automation rule.

Bug fixes

  • Email encoding a character to UTF8 for literal string fixed.
  • Playbooks:
    • Unable to use variable fields with quotes in text area fixed.
    • Fixed playbook inputs not visible in TextArea placeholder.
    • Resolved scheduled action execution issue with playbook status.
Cloud SOAR
  • Incidents:
    • Fixed war room export for updated tasks.
    • Fixed possibility to copy table contents in Notes description field.
    • Incident creation: Fixed infinite spinner in Automation tab.

January 25, 2024 - Content Release

This release introduces new integrations, as well as new Playbooks related to Cloud Infrastructure Security for AWS.

Integrations

  • [New] Axonius
  • [New] OneTrust
  • [New] AWS Network Firewall
  • [Updated] Azure AD
    • Added New Action: Get Member Groups
  • [Updated] AWS IAM
    • Added New Action: Update Access Key
  • [Updated] Slack
    • Updated action: Ask Question
  • [Updated] AWS EC2
    • Updated action: Stop Instance
  • [Updated] Atlassian Jira*
    • Several changes have been made. This update introduces BREAKING CHANGES: both the Output Mapping and Input fields have been revised and updated. This version is specific to Jira Server and Data Center.

* These integrations have been migrated and are now available in this release.

Playbooks

  • [New] 540 - EC2 instance accessed from malicious IP
  • [New] 539 - Amazon GuardDuty InstanceCredentialExfiltration finding
  • [New] 538 - Admin Privileges Granted
  • [New] 537 - Amazon GuardDuty BruteForce finding

January 8, 2024 - Content Release

This release introduces two new integrations, ipdata and Google Alert Center, as well as several updates.

Integrations

  • [New] ipdata
  • [New] Google Alert Center
  • [Updated] PowerShell Tools
    • Updated the integration to address hostname resolution in Docker
  • [Updated] Panda EDR
    • Fixed Token Issue
  • [Updated] IPinfo
    • Enabled Incident Artifacts for IP Address field
  • [Updated] CSE Tools
    • Extended output mapping for Get Signal action
  • [Updated] Sumo Logic
    • Updated Search Sumo Logic Action
  • [Updated] Have I Been Pwned
    • Added new action: Get Latest Breach
  • [Updated] Sumo Logic CSE
    • Added new Action: Create Insight From Signals
    • Updated Add Enrichment Insight, Add Enrichment Entity, and Add Enrichment Signal actions
  • [Updated] Incident Tools
    • Added new action: Get Incident
  • [Updated] Lacework
    • Added new action: Close Alert
  • [Updated] Active Directory V2
    • Updated action: User Attributes
  • [Updated] Active Directory
    • Updated action: User Attributes V2

January 3, 2024 - Application Update

Changes and Enhancements

  • Playbooks: UserChoice nodes can be handled now from Slack workspace (see documentation).
Cloud SOAR
  • New privilege "Api Admin": Enabling this privilege in Log Analytics Platform will allow user to handle incident operations without being involved directly as investigator.

Bug fixes

  • Fixed black screen when opening a Cloud SOAR or Automation Service URL with invalid session.
  • Playbooks:
    • Fixed: Parameters not being passed to nested playbooks.
    • Fixed: Configuration loss after being installed from App Central.
    • Placeholder TextArea with < and > that were converted in "spaces" in HTML.
Cloud SOAR
  • Groups: Fixed member removal that could result in broken requests.
  • Playbooks:
    • TextArea fixed placeholder view for Artifacts fields.
    • Incident ID placeholder available in node configuration.
Automation Service
  • Playbooks: Start node parameters fixed by using a “.” or a "space" in parameter names that were converted into _.
]]> <![CDATA[2023 Archive]]> https://help.sumologic.com/release-notes-csoar/2023/12/31/ https://help.sumologic.com/release-notes-csoar/2023/12/31/ Sun, 31 Dec 2023 00:00:00 GMT icon

This is an archive of 2023 Cloud SOAR release notes. To view the full archive, click here.

December 04, 2023 - Application Update

Changes and Enhancements

  • Playbooks: Added ability to dynamically select an authorizer in UserChoice node.

Cloud SOAR

  • Contextual menu now contains Open link in new tab action if URL is highlighted.

Automation Service

  • The Automation Service now permits you to execute Containment and Scheduled actions. App Central has been updated accordingly.
  • Manual playbook interaction through user choice node and manual action.

Bug fixes

  • Selecting a timestamp while testing integrations no longer results in the wrong timestamp being used.
  • Boolean values are no longer processed as null in actions/playbooks.
  • There is no longer an issue using a playbooks placeholder in the textArea for Incident fields.
  • Editing a playbook and publishing no longer causes an empty playbook.

Cloud SOAR

  • In playbooks, Incident fields are now available in condition nodes (they are no longer "NULL").
  • The file type is now displayed for Entities files.

November 20, 2023 - Content Release

This release introduces several new integrations, including Prisma Cloud, alongside various integrations that have been migrated and are now accessible through App Central.

We've also improved multiple integrations and introduced new actions, implemented various general fixes and enhancements.

Integrations

  • [New] CylanceProtect*
  • [New] ESMTP*
  • [New] Elasticsearch V2*
  • [New] EnergyLogserver*
  • [New] FortiSIEM*
  • [New] Gmail*
  • [New] Javelin AD Protect*
  • [New] Lastline Analyst*
  • [New] POP3*
  • [New] Prisma Cloud
  • [New] Triage Tools*
  • [New] ZIP Tools*
  • [Updated] Basic Tools
    • Added new action: Payload Regex
  • [Updated] Sumo Logic
    • Following Actions Updated:
      • Updated Action: Aggregates Sumo Logic Daemon
      • Updated Action: Search Metrics
      • Updated Action: Search Sumo Logic Daemon
  • [Updated] VMware Carbon Black Cloud Platform
    • Updated with new Cloud SOAR API

* These integrations have been migrated and are now available in this release.

November 16, 2023 - Application Update

Changes and Enhancements

Bug fixes

  • Actions: Fixed run action causing page reload when response data is too large.
  • Playbooks: Removed Resource from inputs when selecting an Internal integration in add or edit node.
  • Playbooks actions: Fixed boolean values processed as null.

Cloud SOAR

  • Fixed API v3 change incident owner when using incorrect owner ID or with a Group ID.
  • Fixed "Incident Tools" action Add Note issue.
  • Fixed Playbooks "Run Test" against an Incident where modal remained with infinite loader.

November 1, 2023 - Application Update

Sumo Logic On-Premises SOAR Solution End-of-Life

As of November 15, 2023, Sumo Logic's on-premises SOAR solution no longer receives updates, and Sumo Logic Engineering no longer develops, repairs, maintains, or tests the software.

Effective December 31, 2024, Sumo Logic’s on-premises SOAR solution reaches end-of-life and becomes obsolete. Beginning on that date, it no longer receives applicable support entitled by active support contracts or by applicable warranty terms and conditions.

To upgrade to Sumo Logic’s Cloud SOAR offering, reach out to your Sumo Logic representative.

October 23, 2023 - Content Release

This release introduces several new integrations, including Atlassian Confluence and Google Drive, alongside various integrations that have been migrated and are now accessible through App Central.

We've also improved multiple integrations to leverage the new Cloud SOAR API, introduced new actions, and implemented various general fixes and enhancements.

Integrations

  • [New] Atlassian Confluence
  • [New] Google Drive
  • [New]* Cofense
  • [New]* Microsoft EWS
  • [New]* SMTP V3
  • [New]* Microsoft EWS Extension
  • [New]* AbuseIPDB
  • [New]* APIVoid
  • [New]* VMware Carbon Black Cloud Endpoint Standard
  • [New]* VMware Carbon Black Cloud Enterprise EDR
  • [New]* VMware Carbon Black Cloud Platform
  • [New]* Lacework
  • [New]* Sumo Logic
  • [New]* Sumo Logic Notifications
  • [Updated] CSE Tools
    • Added new action: Insight Output Mapping
  • [Updated] Microsoft EWS Daemon
    • Updated with new Cloud SOAR API
  • [Updated] Sumo Logic CSE
    • Updated Daemon: Sumo Logic Insights Daemon Extended
    • Updated Daemon: Sumo Logic Insights Daemon
  • [Updated] Mail Tools
    • Updated with new Cloud SOAR API
  • [Updated] IMAP
    • Updated with new Cloud SOAR API

* These integrations have been migrated and are now available in this release.

October 20, 2023 - Application Update

Changes and Enhancements

  • Automation Bridge: ECR docker images are now replicated in all AWS regions.
  • App Central: Introduced Tags attribute for playbooks.
  • Audit Logs: Enabled events forwarding to Log Analytics Platform.
  • Playbooks: Improved status field update and granularity.

Cloud SOAR

  • Incident closing note: It is now part of APIv3 response and available as Read Only field in Incident Overview page.

Bug fixes

Cloud SOAR
  • Playbooks: Fixed display in task result table view for Authorizer.
  • Rules: Fixed bug not displaying all Integrations using same daemon.
Automation Service
  • Playbooks: Fixed possibility to add new playbook type.
  • Playbooks: Fixed killing playbook update status.

June 8, 2023 - Introducing the new Release Notes section for Cloud SOAR

We welcome you to the new Release Notes section of Cloud SOAR. Here you will find all the latest news about CSOAR, from new features, bug fixes, and changes to the application.

]]>