topic Re: XSOAR to analyze PDF and Office files in Cortex XSOAR Discussions https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/xsoar-to-analyze-pdf-and-office-files/m-p/597380#M3605 <P>Hi,<BR />We have a playbook to perform the same.&nbsp;<BR /><A href="https://xsoar.pan.dev/docs/reference/playbooks/microsoft-office-file-enrichment---oletools" target="_blank">https://xsoar.pan.dev/docs/reference/playbooks/microsoft-office-file-enrichment---oletools</A><BR />Download the content pack from the marketplace -&nbsp;<A href="https://cortex.marketplace.pan.dev/marketplace/details/Oletools/" target="_blank">https://cortex.marketplace.pan.dev/marketplace/details/Oletools/</A><BR /><BR />Hope it helps!<BR /><BR /></P> Tue, 10 Sep 2024 05:35:36 GMT SPatil15 2024-09-10T05:35:36Z XSOAR to analyze PDF and Office files https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/xsoar-to-analyze-pdf-and-office-files/m-p/596656#M3596 <P>Hi everyone,<BR />Does anyone use XSOAR to analyze PDF and Office files?</P> <P><BR />My idea is for users to send emails to a specific account. <LI-PRODUCT title="Cortex XSOAR" id="Cortex_XSOAR"></LI-PRODUCT>&nbsp;would then receive these emails, extract the files, and analyze them using tools like OLETools. If any suspicious activity is detected, it would notify the IT team. If no suspicious activity is found, it would send an email back to the user saying, "File is okay.</P> <P><BR />Does it make sense?</P> <P><BR />I’m new to DFIR and XSOAR, so I’d appreciate any feedback or suggestions on this approach.</P> Tue, 03 Sep 2024 21:47:22 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/xsoar-to-analyze-pdf-and-office-files/m-p/596656#M3596 tlmarques 2024-09-03T21:47:22Z Re: XSOAR to analyze PDF and Office files https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/xsoar-to-analyze-pdf-and-office-files/m-p/597380#M3605 <P>Hi,<BR />We have a playbook to perform the same.&nbsp;<BR /><A href="https://xsoar.pan.dev/docs/reference/playbooks/microsoft-office-file-enrichment---oletools" target="_blank">https://xsoar.pan.dev/docs/reference/playbooks/microsoft-office-file-enrichment---oletools</A><BR />Download the content pack from the marketplace -&nbsp;<A href="https://cortex.marketplace.pan.dev/marketplace/details/Oletools/" target="_blank">https://cortex.marketplace.pan.dev/marketplace/details/Oletools/</A><BR /><BR />Hope it helps!<BR /><BR /></P> Tue, 10 Sep 2024 05:35:36 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/xsoar-to-analyze-pdf-and-office-files/m-p/597380#M3605 SPatil15 2024-09-10T05:35:36Z