Skip to main content
Skip table of contents


Incident Workspace Enhancements

Incident Overview: Quick Access Pane


To improve user experience, we are introducing the quick access pane - a faster way of traversing the dashboard located on the right side of the dashboard. You can leap to different sections within the Overview such as Event Summary, Your Pending Tasks, and Tactics & Techniques.

Incident Form Editor

Due to the changes in the quick access panel UI, the Incident Form Editor has also been modified when editing the incident overview.

Playbook Enhancements

Playbook Tasks: Auto Retry on Error Setting

The new "Auto-Retry on Error" function within playbook tasks ensures continued playbook operations by automatically retrying failed tasks. This minimizes the need for manual re-runs and keeps your security workflows moving smoothly. After enabling auto-run, you have the following options to configure for the auto-retry on the error option:

  • Automatic Retries: Set the playbook to retry a task up to 5 times if it fails.

  • Customizable Delays: Define specific intervals between retries, with options for seconds, minutes, or hours.

Reporting Dashboard Enhancements

New Widget: Table

With our latest update, the Table Widget has been introduced to enrich your reporting dashboard capabilities. This widget allows for the data to be displayed in a structured table format, offering you the flexibility to customize your view by adding or removing columns according to the fields queried. Due to access control limitations, the Table Widget is not compatible with the email scheduler feature for sharing purposes.

Data Ingestion Enhancements

Data Reacquire Option to Prevent Missed Ingestion Data

The Data Reacquire option automatically schedules a task to re-fetch data after a scheduled task finishes, to be executed at a future time (e.g., 30 or 120 minutes later), ensuring data completeness. It can be enabled through a checkbox on the schedule configuration page. This option, doubling the request count, is recommended for system integrations to capture data not collected by the REST API within the first minute after creation.

Utility Command Enhancements

New Commands

The following utility commands have been added to this release of D3 SOAR.



Create a PDF File from Input HTML

Creates a PDF file from an HTML text input.

Create Incident With Conditions

Improves event data processing by allowing concurrent task execution and reducing ingestion job times. Configured as the last task in an event playbook, it handles incident creation and escalation sequentially and atomically after the playbook runs, preventing duplicate incidents. This command streamlines the event-to-incident process efficiently.

Test Search Conditions for Creating Incidents

Find incidents that match the specified search criteria and organize the results by the date and time each incident was created, listing them from earliest to latest. Use this command to verify that the input search conditions are correct for the Create Incident With Conditions command.


Marketplace Home Page

We are excited to launch the first stage of our Integration Marketplace—the new cards UI. The redesigned integrations page provides a clear and concise overview of your integrations with immediate insights into their connection status and available actions. It's the first milestone in our roadmap towards a fully-featured Integration Marketplace, with many enhancements planned for the near future. Stay tuned for more updates as we continue to expand and refine your integration management experience.

New Integrations

The following integrations have been added to this release of D3 SOAR.

Integration Name


HYAS Insight

HYAS Insight is a comprehensive threat intelligence and attribution tool that aids organizations in identifying and understanding cyber threats. It provides detailed insights into the infrastructure and methods used by attackers, enabling faster and more accurate threat detection and response. The platform stands out for its ability to trace and attribute attacks back to their source, offering a critical edge in combating cybercrime.

HYAS Protect

HYAS Protect is a cybersecurity solution designed to offer proactive defense against digital threats. It utilizes advanced intelligence gathering and analysis techniques to identify and block malicious activities, safeguarding networks and data from cyber attacks. This system is known for its capability to detect threats before they cause harm, ensuring a high level of security for its users.

Updated Integrations

The following integrations have been updated in this release of D3 SOAR.

Integration Name


Microsoft Entra ID

The Reset Password command's email notification modified with the following changes:

  • Updating the email subtitle to "Microsoft Entra ID (formerly Azure Active Directory) Account - {userId} Password Reset."

  • Enriching the email body with additional details in addition to the new password

VirusTotal v3

New command: Retrieve Widget HTML Content

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.