New features and enhancements
Ability to export threat feeds in the CSV or text format for consumption in other security products
- The Threat Intelligence Management Solution Pack has been enhanced to provide the list of threat intelligence feeds also in the CSV format. With this change, systems such as FortiGate can directly pull threat intelligence feeds using a FortiSOAR dataset.
Enhancements to the executed playbook log
- The executed playbook log displays information about who has triggered or terminated the playbook in the 'Executed by' field.
In the case of Manually-triggered playbooks, API playbooks that are triggered by a particular user's token, and playbooks executed by users from the playbook designer, irrespective of their trigger type, display the username of the user who has triggered or terminated the playbook in the 'Executed by' field. Playbooks that are triggered using the On Create, On Update, or On Delete triggers display 'Playbook' in the 'Executed by' field if the record creation, updation, or deletion is a result of an automated action using playbooks, for example, data ingestion, enriching indicators, etc.
Built-in Connector and Widget Enhancements
- Updated multiple built-in connectors such as the Report Engine Connector.
For more information on FortiSOAR Built-in connectors, see the "FortiSOAR™ Built-in connectors" article.
- Updated multiple widgets such as Feed Configuration Settings have been updated. The Feed Configuration Settings widget has been updated to provide the API endpoint information that supports export of threat feeds in the JSON format or the CSV format. You can use the exported threat feeds for consumption in other use cases.