Google SecOps Marketplace

Protectwise: Version 6.0 • Refactored the code for the following action: Get Pcap

Service Desk Plus: Version 9.0 • Refactored the code for the following action: Create Alert Request

AlienVault USM Appliance: Version 27.0 • Refactored the code for the following action: Get PCAP Files For Events

Google Chronicle: Version 83.0 • Added support for filtering alerts by rule type to the following connector: Google Chronicle - Chronicle Alerts Connector

ServiceNow: Version 66.0 • Updated the code for the following action: Update Incident: Added support for updating reference fields.

Tanium: Version 20.0 • Integration: Added a partner header to all API requests.

MITRE ATT&CK: Version 19.0 • Integration: Updated TIPCommon to 2.3.8.

Azure Active Directory: Version 28.0 • Integration: Updated TIPCommon to 2.3.8.

ConnectWise: Version 22.0 • Refactored the code for the following action: Create Alerts Ticket

Jira: Version 57.0 • Refactored the code for the following action: Create Alert Issue

Google Chronicle: Version 82.0 • Integration: Improved memory efficiency to prevent OOM crashes when querying large timeframes for Lookup Similar Alerts. • Updated the code for the following…

ServiceNow: Version 65.0 • Refactored the code for the following action: Create Alert Incident

EmailV2: Version 41.0 • Integration: Updated TIPCommon to 2.3.8 and migrated EnvironmentCommon imports to TIPCommon.envcommon.

Azure Active Directory: Version 27.0 • Updated enrichment logic to ensure id is fetched when Include Last Sign In Details is enabled in the following action: Enrich User

SiemplifyUtilities: Version 30.0 • Added support for backticks to the following action: Query Joiner

Palo Alto Next Gen Firewall: Version 29.0 • Integration: Updated Manager to reuse the API token instead of generating a new one.

Tenable.io: Version 18.0 • Improved the handling of concurrent requests and API rate limits in the following action: Enrich Entities

Siemplify: Version 107.0 • Integration: Updated TIPCommon dependency.

Zerofox: Version 4.0 • Integration: Updated documentation link.

MISP: Version 39.0 • Updated tag retrieval logic in the following actions: Add Tag to an Attribute • Add Tag to an Event • Remove Tag from an Attribute • Remove Tag from an Event

UrlScan.io: Version 30.0 • Added is_risky handling to the following action: Url Check

Anomali ThreatStream: Version 16.0 • Added is_risky handling to the following action: Enrich Entities

Source code is now publicly available on <a href="https://github.com/chronicle/content-hub">GitHub</a> for the following integrations: • Cisco Orbital: Version 9.0 • F5 Big IQ: Version 8.0 • FireEye…

Microsoft Graph Mail: Version 41.0 • Updated MSG attachments processing logic in the following connector: Microsoft Graph Mail Connector

Palo Alto Cortex XDR: Version 28.0 • Added the ability to ignore specific artifact types to the following connector: Palo Alto Cortex XDR Connector

Netskope: Version 17.0 • Added a new Use V2 API parameter to the following actions: List Clients • List Quarantined Files Integration: Added support for V2 API endpoints and OAuth…

McAfee Mvision EDR: Version 12.0 • Integration: Added support for configuring the Login API Root as a customizable parameter.

Netskope: Version 17.0 • The following new actions have been added: Add Entities to URL List • Deploy URL List Changes

SCC Enterprise: Version 21.0 • Updated ticket synchronization logic in the following job: Sync SCC Jira Tickets

Qualys VM: Version 26.0 • Integration: Migrated to the latest Qualys API endpoints.

CrowdStrike Falcon: Version 76.0 • The following new job has been added: Sync Alerts

SentinelOneV2: Version 50.0 • The following new job has been added: Sync Threats

Mandiant Threat Intelligence: Version 17.0 • Optimized execution performance and entity processing logic in the following action: Enrich Entities

ServiceNow: Version 64.0 • Added support for disabling overflow settings and updated ticket processing and environment mapping logic in the following connector: ServiceNow Connector

Zscaler: Version 14.0 • Added the ability to provide IOCs using input parameters to the following actions: Add To Blacklist • Add To Whitelist • Remove From Blacklist • Remove From…

RSA NetWitness Platform: Version 17.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Endpoint • Enrich File • Query NetWitness For Events Around Host •…

RSA NetWitness EDR: Version 9.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Endpoint • Get IOC Details

CiscoUmbrella: Version 19.0 • Introduced light theme support for predefined widgets of the following actions: Get Domain Security Info • Get Domain Status • Get Whois • Is Domain In Cisco…

AlienVault USM Appliance: Version 26.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Assets • Enrich Vulnerabilities

SymantecESCC: Version 9.0 • Introduced light theme support for the predefined widget of the following action: Enrich Entities

Qualys VM: Version 25.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Host • List Endpoint Detections

Axonius: Version 7.0 • Introduced light theme support for predefined widgets of the following actions: Add Note • Enrich Entities

ServiceNow: Version 63.0 • Introduced light theme support for the predefined widget of the following action: List Records Related To User

JoeSandbox: Version 11.0 • Introduced light theme support for predefined widgets of the following actions: Search Hash • Search Url

PhishingInitiative: Version 12.0 • Introduced light theme support for the predefined widget of the following action: Get Url Status

DeepSight: Version 11.0 • Introduced light theme support for predefined widgets of the following actions: Scan Domain • Scan Email • Scan File Name • Scan Hash • Scan IP • Scan URL

HaveIBeenPwned: Version 10.0 • Introduced light theme support for the predefined widget of the following action: Check Account

Microsoft Teams: Version 37.0 • Introduced light theme support for predefined widgets of the following actions: Create Chat • Send User Message

Symantec Endpoint Protection 14: Version 21.0 • Introduced light theme support for the predefined widget of the following action: GetSystemInfo

Lastline: Version 9.0 • Introduced light theme support for the predefined widget of the following action: Get Analysis Results

APIVoid: Version 14.0 • Introduced light theme support for predefined widgets of the following actions: Get domain reputation • Get Ip Reputation • Get Screenshot • Get URL Reputation • Verify Email

CSV: Version 41.0 • Introduced light theme support for predefined widgets of the following actions: CSV Search by Entity • CSV Search by String

FortinetFortiSIEM: Version 10.0 • Introduced light theme support for the predefined widget of the following action: Enrich Entities

MalShare: Version 11.0 • Introduced light theme support for the predefined widget of the following action: Enrich Hash

Google Threat Intelligence: Version 14.0 • Migrated the following connector to new API endpoints: Note: Duplicate notifications may occur temporarily during the transition. Google Threat…

ThreatConnect: Version 17.0 • Introduced light theme support for the predefined widget of the following action: Enrich Entities

VMware Carbon Black Enterprise EDR: Version 10.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Hash • Get Events Associated With Process by Process…

VSphere: Version 12.0 • Introduced light theme support for the predefined widget of the following action: Get Vm By Ip

Slack: Version 30.0 • Introduced light theme support for predefined widgets of the following actions: Send Advanced Message • Send Message

Microsoft Defender ATP: Version 31.0 • Added Graph API V2 version support to the following actions: Get User Related Alerts • List Alerts • Ping • Update Alert Deprecated the following actions: •…

McAfee TIEDXL: Version 9.0 • Introduced light theme support for the predefined widget of the following action: Get File Reputation

IPVoid: Version 12.0 • Introduced light theme support for the predefined widget of the following action: Get Ip Reputation

Illusive Networks: Version 7.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Entities • Run Forensic Scan

Cybereason: Version 25.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Entities • Get Sensor Details • Is Probe Connected

Palo Alto Cortex XDR: Version 27.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Entities • Scan Endpoint

Google Cloud IAM: Version 19.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Entities • Get Service Account IAM Policy • Rotate Service Account Keys • Set…

TruSTAR: Version 9.0 • Introduced light theme support for the predefined widget of the following action: Enrich Entities

Tenable.io: Version 17.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Entities • List Endpoint Vulnerabilities

Sophos: Version 21.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Entities • Get Events Log • Get Services Status

Cynet: Version 13.0 • New predefined widgets have been added to the following actions: Delete Hash In Hosts • Kill Hash In Hosts • Quarantine Hash In Hosts

Trend Micro Apex Central: Version 7.0 • Introduced light theme support for predefined widgets of the following actions: Create Entity UDSO • Create File UDSO • Enrich Entities

Siemplify ThreatFuse: Version 19.0 • Introduced light theme support for the predefined widget of the following action: Enrich Entities

Anomali ThreatStream: Version 15.0 • Introduced light theme support for the predefined widget of the following action: Enrich Entities

CiscoUmbrella: Version 19.0 • A new predefined widget has been added to the following action: Get Associated Domains

XForce: Version 19.0 • Introduced light theme support for predefined widgets of the following actions: Get Hash Info • Get IP Info • Get IP malware • Get Url Info

Microsoft Graph Mail: Version 40.0 • A new predefined widget has been added to the following action: Get Mailbox Account Out Of Facility Settings

MISP: Version 38.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Entities • Get Event Details • Get Related Events

Cofense Triage: Version 21.0 • Introduced light theme support for predefined widgets of the following actions: EnrichURL • Get Domain Details • Get Threat Indicator Details

AWS Identity and Access Management (IAM): Version 10.0 • A new predefined widget has been added to the following action: Disable User Access

Cisco Vulnerability Management: Version 3.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Entities • List Asset Vulnerabilities

Check Point SandBlast: Version 8.0 • Introduced light theme support for predefined widgets of the following actions: Query • Upload File

SSL Labs: Version 11.0 • Introduced light theme support for the predefined widget of the following action: Analyse Entity

Azure Active Directory: Version 26.0 • A new predefined widget has been added to the following action: Is User In a Group

Carbon Black Protection: Version 13.0 • A new predefined widget has been added to the following action: Get Computers By File

MX ToolBox: Version 14.0 • Introduced light theme support for predefined widgets of the following actions: A Record Lookup • Blacklist Check • MX Record Lookup • Reverse DNS Lookup

Exchange: Version 123.0 • Introduced light theme support for predefined widgets of the following actions: Get Account Out Of Facility Settings • Send Email And Wait

VMRay: Version 19.0 • Introduced light theme support for predefined widgets of the following actions: Scan Hash • Scan URL

Google Cloud Policy Intelligence: Version 7.0 • Introduced light theme support for the predefined widget of the following action: Search Service Account Activity

Google Rapid Response (GRR): Version 11.0 • Introduced light theme support for predefined widgets of the following actions: Get Client Details • List Clients • List Launched Flows

Any.Run: Version 12.0 • Introduced light theme support for the predefined widget of the following action: Get Report

McAfee Mvision EPO: Version 11.0 • Introduced light theme support for the predefined widget of the following action: Enrich Endpoint

Symantec Blue Coat ProxySG: Version 7.0 • Introduced light theme support for predefined widgets of the following actions: Block Entities • Enrich Entities

Splash: Version 7.0 • Introduced light theme support for the predefined widget of the following action: Enrich Entities

Tenable Security Center: Version 22.0 • Introduced light theme support for predefined widgets of the following actions: Enrich IP • Get Related Assets • Get Vulnerabilities for IP

Google Chronicle: Version 81.0 • Added support for CIDR matching to the following action: Is Value In Reference List

Microsoft Intune: Version 8.0 • Introduced light theme support for the predefined widget of the following action: Get Managed Device

Web Risk: Version 4.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Entities • Submit Entities

Cylance: Version 19.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Entities • Get Threat • Get Threat Devices • Get Threat Download Link

Vectra: Version 13.0 • Introduced light theme support for the predefined widget of the following action: Enrich Endpoint

Endgame: Version 15.0 • Introduced light theme support for predefined widgets of the following actions: Enrich Entities • Network Survey • System Survey