Every month, the integrations team work on new and updated collectors for you, and I collect them all in this Catalog Update.   This post contains new and updated collector information as well as links to their respective pages in our Documentation portal.  Be advised that some pages in Documentation may not be available at the time of posting but will be added as soon as they are available. To request new collectors or an update to an existing collector, please open a support ticket through the Support Portal. You can also visit the new Resources Portal, a single page for all your customer resources!

Table of Contents

New Collector

Tencent Cloud v1.0.0

Link to Documentation

Updated Collectors

VMWare Carbon Black v1.5.0

Link to Documentation

Change Log

• Improvements 

  • Refactored collector to the latest DCSDK 1.13.1. 

  • Refactored code for the livequery, alerts and audit service in accordance with template1

  • Eliminated the use of while loops in the pull logic

  • Added Unit Tests for the livequery, alerts and audit services

• Bugs

  • Fixed the 400 API error received when collector was invoking the carbon black live query API

ServiceNow v1.6.0

Link to Documentation

Change Log

• Improvements 

  • Updated SDK to the latest version, 1.13.1. 

  • Remove vulnerabilities in libexpat1, expat

Cortex XDR v2.0.3

Link to Documentation

Change Log

• Improvements 

  • Refactored the puller logic to enhance code readability and optimize performance.

  • Introduce a new base puller to centralize shared functionality.

  • Expanded unit tests with additional scenarios to improve coverage and reliability.

  • Added validations for start_time, ensuring it is not set to a future date, preventing configuration errors.

• Bugs

  • Fixed an issue where puller variables were not resetting after encountering an error, which caused the collector to freeze and stop gathering data.

Trend Micro Vision One v1.3.0

Link to Documentation

Change Log

• New Features 

  • New endpoints for risk insights:

    • discovered_device

    • vulnerable_device

    • account_compromise_indicator

    • risk_event_definition

    • device_risk_profile

    • user_risk_profile 

CyberArk EPM v1.2.0

Link to Documentation

Change Log

• Improvements 

  • Refactor updating SDK to the latest version, 1.13.1. 

  • Several improvements on stability, quality and performance

• Bug fixing

  • Fixed the services names in example params.