Cyware Orchestrate

Analysts can now create reusable code snippets for repeating code patterns, such as loops or conditional statements, and utilize them to easily create custom nodes in playbooks. Code snippets can be attached to custom actions and custom condition nodes in playbooks.

Analysts can use the resource library to manage code snippets and code changes. This makes it simpler for analysts to alter the code in one place instead of updating multiple playbooks.

The following GIF illustrates the steps to use a code snippet in a custom node.

For more information, see Code Snippets.

Analysts can now create email templates with predefined content in rich text format and use them to send email notifications from playbooks. This eliminates the need to have the technical expertise to use a custom code editor to create emails and reduces the time required to compose emails from scratch.

The following GIF illustrates the steps to send email in rich text format using email templates.

For more information, see Email Templates.

Analysts can now assign priority levels to playbooks to prioritize their execution as required. The priority levels range from High, Medium, to Routine, with high-priority playbooks taking priority over medium-priority playbooks, and routine-priority playbooks having the least precedence.

For example, a playbook that automatically responds to reported phishing emails might have a higher priority than the one that generates hourly reports of the number of incidents onboarded for investigation.

For more information, see Playbook Overview.

Analysts can now enable email notifications to notify external users through email when a playbook goes on hold. To notify external users about on-hold playbooks, turn on the Notify external users when playbook is on hold toggle from the input nodes.

For more information, see Input Node.

Analysts can now terminate multiple playbooks simultaneously. This helps to free up the playbook execution queue and improves the experience of terminating playbooks.

The following GIF illustrates the process of bulk terminating playbooks that are in In-queue status.

For more information, see Bulk Terminate Playbook Runs.

While adding an app-action node to a playbook, analysts can now search for an action in two ways. They can either use the search box specific to Apps or the Actions. This enables analysts to locate the necessary app-action with precision, thereby enhancing the search experience.

For more information, see App Action Node.

Analysts can now conveniently access the run logs of sub-playbooks from the master playbook run logs. This allows analysts to retain the master playbook context while viewing the sub-playbook run logs, thereby saving time during troubleshooting.

The following GIF illustrates the steps to view in-context sub-playbook run logs.

For more information, see Run Logs.

The following Open API endpoints are enhanced in this release:

For more information, see Orchestrate API Reference.