🗞️ A recap of new intakes and new automations added to our Integration catalog and some improvements on HarfangLab.

New Intakes

• Pradeo MTD (read more)
• Google Cloud Load Balancing (read more)
• 1Password EPM (read more)
• Clavister NGFW (read more)
• OCSF (read more)
• Gatewatcher AionIQ V103 (read more)

New Automations

• New SentinelOne EDR actions (initiate scan, Update Threat Incident, Create Threat Note and Create Iocs)
• New WithSecure EDR actions (kill thread, kill process and enumerate processes)
• New Sophos EDR actions (isolate endpoint, deisolate endpoint and scan)
• Improvement of the trigger Alert Comment Created. The trigger now returns: comment uuid, comment content, comment date and comment author uuid)

HarfangLab

New fields parsed in HarfangLab events:

• action.properties.CertIssuerName
• action.properties.CertSerialNumber
• action.properties.CertThumbprint
• action.properties.PreAuthType
• action.properties.ServiceName
• action.properties.ServiceSid
• action.properties.TicketEncryptionType
• action.properties.TicketOptions