The FortiSOAR Incident Response Content Pack (fsr-ir-content-pack) 7.0.1 Release splits the content pack into various use cases, which will enable users in the future to take only the use cases they require. Important release highlights include enhancing the enrichment playbooks, updating use cases and scenarios, and enhancing the Pause SLA functionality.
Split the Content Pack
The content of the Content Pack has been split as follows:
Future releases of CP will use the split content files to provide users with only the content that they require for their use case.
Added the QRadar Threat Hunt workflow
Added the 'QRadar Threat Hunt' workflow to the "Investigate Malicious Indicators" playbook in the '04-Use Cases' collection.
Enhanced the 'Enrichment' Playbook collection
Updated the Suspicious Email Use Case
Updated the Suspicious Email Use Case by adding logic that introduces uses to the concept of a 'Drive By Download' attack. A Drive By Download (DBD) attack refers to the unintentional download of malicious code to your computer or mobile device leaving you open to a cyberattack.
Enhanced 'Pause SLA' functionality
The Pause SLA functionality has been enhanced as follows: