Skip to main content
Skip table of contents


What’s new in v14.0.582

New: Multitenancy

The new multi-tenancy feature allows you to share different content types from a single master source to multiple tenant destinations. This feature is perfect for MSSPs to manage clients from different regions and manage content sharing from a single master instance. There are nine types of content you can share:

  1. Event Playbooks

  2. Incident Playbooks

  3. Integration

  4. Utility Commands

  5. Connections

  6. Global List

  7. Event Automation Rules

  8. Incident Forms

  9. Users / Group / Roles

On top of that, there are new system built-in commands to help you manage your tenants.

New: Event Playbooks

With D3’s incident playbooks, you were able to create complex incident workflows with our codeless playbook engine. In the newest version of D3 SOAR, D3’s powerful playbook engine has been improved to support event playbooks. You can now create multiple standardized workflows for ingested events from different integrations and select which playbook to run for each scheduled event ingestion.

General Improvements

Webhook Redesign

The webhook ingestion method allows the Integration to send event or incident data (in JSON format) to be investigated in the system. This allows real-time, controlled event or incident data ingestion for SOC teams, and offers greater flexibility. In this version, we redesigned the UI to make it easier for you to create and manage webhook keys.

Investigation Dashboard Enhancements

The Investigation Dashboard is one of the essential modules every analyst employs during an investigation. We understand the significance of this dashboard and have made big improvements in this version to make it simpler to use.

Dashboard Advanced Filters

You can now apply advanced filters to incidents within the Incidents tab to help you better search for the relevant incidents: Data Within, Incident Type, Status, Severity, Owner, Tactic, and Technique.

Add Custom Columns in Dashboard

You can now add custom columns to the event and incident dashboard in the Application Settings.

Site List Enhancement

The new site dropdown list allows you to search and bookmark important sites that are important to you.

Bulk Action on Events and Incidents

You can now multi-select and perform bulk actions on multiple events/incidents.

New Dashboard Items

Artifacts and Playbook Errors have been added to the investigation dashboard list.

Custom Artifacts

In addition to the built-in artifact types offered by D3, you now have the power to create custom artifact types to fit your needs as well. Custom Artifact Types will have user-defined identities, additional fields and relationships, allowing SOC teams to have greater flexibility in artifact detection and organization.

View/Clone Built-In Commands

You can now view the implementation of our built-in commands and clone them if you want to customize the commands.

Playbook Local Shared Data

The local shared data allows you to store data in JSON format for tasks to reuse in a playbook. This storage area is local – data stored here is only accessible by this playbook and this playbook only. This feature may be helpful in situations where there are data (e.g. URL reputations) you want to be accessible by any tasks regardless of their playbook path.

Other Enhancements
  1. Manage email domain whitelist for users' emails

  2. Configure “Shared to Internal Sites” recipient site within connections

  3. Use dynamic placeholders for incident title/description

  4. Ability to dynamically select a dropdown input in a playbook

  5. Improved path picker usability within data formatter

  6. Added new incident metadata fields in a playbook

  7. Revamped user manual site

Integration Enhancements

We are constantly improving our 300+ out-of-the-box integrations to help you build your workflow easier. In this version, we have updated/added 14 of the integrations:


  • AWS GuardDuty

  • Google Kubernetes Engine

  • F5 Load Balancer

  • Stellar Cyber

  • Fresh Service

  • D3 Integration


  • Docker

  • Microsoft Sentinel

  • Zendesk

  • AWS EC2

  • Azure Active Directory

  • Datto Autotask PSA

  • TheHive

  • FortiAnalyzer

  • Qualys

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.