New Features and Enhancements

Support added for Internationalization on the FortiSOAR platform

Release 7.5.0 brings 'Internationalization' capability to the FortiSOAR platform, allowing FortiSOAR to adapt to the language, cultural, and other requirements of a particular locale.

API key based authentication support

Release 7.5.0 adds support of using API keys for authentication, i.e., for managing automation scenarios and using FortiSOAR APIs. Automation can now utilize an API key or HMAC authentication. API key authentication is also beneficial in outbound Threat Intelligence Management feed distributions, particularly for clients such as firewalls that only support basic authentication.

Upgrade of the Operating System used for FortiSOAR

In release 7.5.0, the operating system (OS) used for FortiSOAR is upgraded to Rocky Linux/RHEL 9.3 from Rocky Linux/RHEL 8.8/8.7 to ensure that FortiSOAR is running on a stable and secure OS. Rocky Linux/RHEL 9.3 offers several improvements over Rocky Linux/RHEL 8.8/8.7, including enhanced security, improved kernel and updated packages; details can be found in the Release Notes For Rocky Linux 9.3 and Upgrading from RHEL 8 to RHEL 9 articles. For details, see the Deployment and Upgrade guides.

Upgrade Framework

Release 7.5.0 introduces an "Upgrade Framework" to enhance the flexibility, usability, and efficiency of the FortiSOAR upgrade process. This framework improves the upgrade experience by offering users the ability to customize the pre- or post-upgrade phases.

Support for Pre and Post Processing Rules for records being ingested into FortiSOAR

FortiSOAR includes a rule-based pre-processing feature that is activated before incoming records are stored in the database, providing the flexibility to make decisions such as dropping records based on predefined criteria. Additionally, the implementation of a post-processing rule improves record management by linking similar records based on specified similarity criteria. This post-processing rule enables intelligent linking of records, reduces reliance on resource-intensive playbooks and optimizes system performance. In summary, these rule-based pre- and post-processing features enhance the control and efficiency of the SOAR platform.

API Enhancements

Added validation for picklist values and their attributes configured in the module when passed using an API.

Support for GPT disk partitioning

To support disk sizes larger than 2 TB, FortiSOAR OVAs starting with the 7.5.0 release come pre-configured with a GPT-based disk layout. Previously, FortiSOAR OVAs were shipped with an MBR-based disk layout, which limited disk management to a size of 2TB. If you already have a FortiSOAR instance and need a partition larger than 2 TB, we recommend creating a new FortiSOAR VM on release 7.5.0 or later and utilizing the Export and Import wizards to migrate your data from the old instance to the new one. This is required as FortiSOAR does not support a combination of MBR and GPT partitions.

Widget customizations

Added support for the following widget customizations:
- Non-modal, to allow the widget to be accessed across the FortiSOAR application. Alternatively, you can specify the pages in FortiSOAR where the widget will appear as a drawer.
- Interactive background, enabling users to perform tasks in the current context.
- Assign a name to the widget.
- Draggable.

Performance Improvements

Release 7.5.0 includes several performance improvements, such as limiting the number of many-to-many relation records fetched when sending response. This helps improve performance and prevent out-of-memory exceptions.

Documentations Updates

Added the "Widget Development" guide that contains step-to-step information on developing widgets, right from creating a repository to submitting the widget on the FortiSOAR Content Hub.
Added the Widget Development guide aimed at helping new or experienced administrators configure the system optimally using best practices. It intends to familiarize you with the application and start exploring some of the core capabilities offered by FortiSOAR.

Built-in connectors, connectors, solution packs, and widget enhancements

Updated multiple built-in connectors such as the Utilities connector, Report Engine connector, and Utilities connector etc. For more information on FortiSOAR Built-in connectors, see the "FortiSOAR™ Built-in connectors" article.
Added multiple connectors such as SecurityTrails, Keeper Secret Manager, Splunk (and its associated application) and Cymulate ASM. Updated multiple connectors such as Palo Alto Enterprise DLP, Tenable Security Center, Fortinet FortiGuard Threat Intelligence, and Qualys.
Added multiple solution packs such as ConnectWise ScreenConnect Attack, Outbreak Response Lazarus Rat Attack, and Androxgh0st Malware Attack. Updated multiple solution packs such as FortiManager ZTP Flow, OT Vulnerability Management, and SOAR Framework Solution Pack.
Added multiple widgets such as AI Assistant, SOC Overview Sankey, and Outbreak Framework Configuration. Updated multiple widgets such as Fields of Interest widget and Record Distribution widget.

New Features and Enhancements

Support added for Internationalization on the FortiSOAR platform

Release 7.5.0 brings 'Internationalization' capability to the FortiSOAR platform, allowing FortiSOAR to adapt to the language, cultural, and other requirements of a particular locale.

API key based authentication support

Release 7.5.0 adds support of using API keys for authentication, i.e., for managing automation scenarios and using FortiSOAR APIs. Automation can now utilize an API key or HMAC authentication. API key authentication is also beneficial in outbound Threat Intelligence Management feed distributions, particularly for clients such as firewalls that only support basic authentication.

Upgrade of the Operating System used for FortiSOAR

In release 7.5.0, the operating system (OS) used for FortiSOAR is upgraded to Rocky Linux/RHEL 9.3 from Rocky Linux/RHEL 8.8/8.7 to ensure that FortiSOAR is running on a stable and secure OS. Rocky Linux/RHEL 9.3 offers several improvements over Rocky Linux/RHEL 8.8/8.7, including enhanced security, improved kernel and updated packages; details can be found in the Release Notes For Rocky Linux 9.3 and Upgrading from RHEL 8 to RHEL 9 articles. For details, see the Deployment and Upgrade guides.

Upgrade Framework

Release 7.5.0 introduces an "Upgrade Framework" to enhance the flexibility, usability, and efficiency of the FortiSOAR upgrade process. This framework improves the upgrade experience by offering users the ability to customize the pre- or post-upgrade phases.

Support for Pre and Post Processing Rules for records being ingested into FortiSOAR

FortiSOAR includes a rule-based pre-processing feature that is activated before incoming records are stored in the database, providing the flexibility to make decisions such as dropping records based on predefined criteria. Additionally, the implementation of a post-processing rule improves record management by linking similar records based on specified similarity criteria. This post-processing rule enables intelligent linking of records, reduces reliance on resource-intensive playbooks and optimizes system performance. In summary, these rule-based pre- and post-processing features enhance the control and efficiency of the SOAR platform.

API Enhancements

Added validation for picklist values and their attributes configured in the module when passed using an API.

Support for GPT disk partitioning

To support disk sizes larger than 2 TB, FortiSOAR OVAs starting with the 7.5.0 release come pre-configured with a GPT-based disk layout. Previously, FortiSOAR OVAs were shipped with an MBR-based disk layout, which limited disk management to a size of 2TB. If you already have a FortiSOAR instance and need a partition larger than 2 TB, we recommend creating a new FortiSOAR VM on release 7.5.0 or later and utilizing the Export and Import wizards to migrate your data from the old instance to the new one. This is required as FortiSOAR does not support a combination of MBR and GPT partitions.

Widget customizations

Added support for the following widget customizations:
- Non-modal, to allow the widget to be accessed across the FortiSOAR application. Alternatively, you can specify the pages in FortiSOAR where the widget will appear as a drawer.
- Interactive background, enabling users to perform tasks in the current context.
- Assign a name to the widget.
- Draggable.

Performance Improvements

Release 7.5.0 includes several performance improvements, such as limiting the number of many-to-many relation records fetched when sending response. This helps improve performance and prevent out-of-memory exceptions.

Documentations Updates

Added the "Widget Development" guide that contains step-to-step information on developing widgets, right from creating a repository to submitting the widget on the FortiSOAR Content Hub.
Added the Widget Development guide aimed at helping new or experienced administrators configure the system optimally using best practices. It intends to familiarize you with the application and start exploring some of the core capabilities offered by FortiSOAR.

Built-in connectors, connectors, solution packs, and widget enhancements

Updated multiple built-in connectors such as the Utilities connector, Report Engine connector, and Utilities connector etc. For more information on FortiSOAR Built-in connectors, see the "FortiSOAR™ Built-in connectors" article.
Added multiple connectors such as SecurityTrails, Keeper Secret Manager, Splunk (and its associated application) and Cymulate ASM. Updated multiple connectors such as Palo Alto Enterprise DLP, Tenable Security Center, Fortinet FortiGuard Threat Intelligence, and Qualys.
Added multiple solution packs such as ConnectWise ScreenConnect Attack, Outbreak Response Lazarus Rat Attack, and Androxgh0st Malware Attack. Updated multiple solution packs such as FortiManager ZTP Flow, OT Vulnerability Management, and SOAR Framework Solution Pack.
Added multiple widgets such as AI Assistant, SOC Overview Sankey, and Outbreak Framework Configuration. Updated multiple widgets such as Fields of Interest widget and Record Distribution widget.