This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Cortex XSIAM

Resources for Cortex XSIAM, Palo Alto Networks’ autonomous security platform powering the Modern SOC.
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Cortex XSIAM

Welcome to the Cortex XSIAM LIVEcommunity! Explore how-to guides, best practices, and on-demand videos to help you get the most out of Cortex XSIAM. Have questions or insights to share? Join the conversation in our Discussions forums and connect with our Product Experts.

Stay in the loop—subscribe now to get the latest product updates delivered to you.

Articles

Cortex XSIAM Use Case Definition Template Contains a hyperlink

06-16-2023 — Use Case Definition (UCD) Template This template will help you understand and leverage the UCD to benefit implementation strategy, understand how your Incident Response (IR) process fits into XSIAM, and identify integrations for ingestion/enrichment needed. The XSIAM Use Case Definition Templa... — Read more

Labels: Cortex XSIAM
375 published by in Cortex XSIAM Customer Articles
06-16-2023 edited by

View All

Blogs

Guide to Onboard and Ingest logs from Firewalls  to Strata Logging Service and Cortex XSIAM Contains an image Contains a hyperlink

07-08-2025 — Guide to Onboard and Ingest logs from Firewalls to Strata Logging Service and Cortex XSIAM — Read more

Labels: Cortex XSIAM Log Forwarding Log Ingestion SCM SCM Pro SLS Strata Cloud Manager Strata Logging Service XSIAM
995 by in Community Blogs

SecOps Insider-April Edition Contains an image Contains a hyperlink

04-30-2025 — Discover key insights from Sam Rubin, SVP of Consulting and Threat Intelligence at Unit 42, on the critical importance of cyber resilience highlighted in the 2025 Global Incident Response Report. Get recommendations for enhancing incident response... — Read more

Labels: Cortex Cortex XDR Cortex Xpanse Cortex XSIAM Cortex XSOAR Cybersecurity Prisma Cloud SecOps Security Operations Unit 42 XDR Xpanse
695 by in Community Blogs

Threat Brief: CVE-2024-6387 OpenSSH RegreSSHion Vulnerability Contains an image Contains a hyperlink

07-15-2024 — On July 1, 2024, a critical signal handler race condition vulnerability was disclosed in OpenSSH servers (sshd) on glibc-based Linux systems. This vulnerability, called RegreSSHion and tracked as CVE-2024-6387, can result in unauthenticated remote... — Read more

Labels: Cortex XDR Cortex Xpanse Cortex XSIAM Cortex XSOAR CVE-2024-6387 incident response OpenSSH OpenSSH. RegreSSHion RegreSSHion Remote Code Execution security intelligence SOC SSH threat brief Threat Detection Vulnerability
17432 by in Community Blogs

Harnessing the Power of Cortex XSIAM for Enhanced File Management and Data Privacy Contains an image

07-15-2024 — In an era where cybersecurity threats are evolving at a breakneck pace, Extended Detection and Response (XDR) solutions have emerged as the vanguard of defense for organizations. But what if we could extend the capabilities of the Cortex XSIAM sol... — Read more

Labels: Cortex XSIAM Endpoint Security incident response security intelligence SOC Threat Detection
2460 4 by in Community Blogs

What’s Next in Cortex - New Wave of Innovations in Cortex (June 2024 Release) Contains an image Contains a hyperlink

07-03-2024 — ith the ever evolving threat landscape, security operations teams require a new level of efficiency to protect their organizations. The latest release across Cortex products aims to solve a diverse set of challenges in security operations, all whi... — Read more

Labels: Cortex Cortex XDR Cortex Xpanse Cortex XSIAM Cortex XSOAR Release Notes XDR Xpanse XSIAM XSOAR
5897 by in Community Blogs

View All

Discussions

Need answers? Register or Sign-in to Engage, Share, and Learn.
Author Topic Views Replies
I.JuvillaGonzalez
I.JuvillaGonzalez
07-23-2025

Guidance on Automating Alert Notifications in Cortex XSIAM Using Playbooks (Future SNOW Integration)

Hello everyone, I'm currently exploring Cortex XSIAM as part of my day-to-day responsibilities, and I’m working on automating alert notifications usin... — Read more

posted in Cortex XSIAM Discussions

131 0
BenjaminYabre
BenjaminYabre
07-31-2025

Collecting IIS Log

Hi, I have configured the filebeat to collect the IIS log, but I don't see any dataset related to the IIS log in the dataset table and also don't know... — Read more

posted in Cortex XSIAM Discussions

134 2
Bojan-Totic
Bojan-Totic
07-22-2025

xSIAM to xSOAR integration Contains a hyperlink

Hey, We’re currently looking at a potential xSIAM customer but haven’t been able to find any documentation confirming whether xSIAM can integrate with... — Read more

posted in Cortex XSIAM Discussions

109 0
Hisashi_Abe
Hisashi_Abe
07-31-2025

Inquiry About Third-Party VPN Logs and Analytics Alerts in XSIAM Contains a hyperlink

Hi All, ■BackgroundI would like to inquire about the Ivanti VPN logs ingested into XSIAM.I have installed the data model rules from the content pack. ... — Read more

posted in Cortex XSIAM Discussions

170 1
PA_nts
PA_nts
07-14-2025

API to get data from lookup dataset Contains a hyperlink

Hi All, in XQL - i can run a query and dump the data into a lookup dataset, this works, then i can run a local query against this lookup dataset and i... — Read more

posted in Cortex XSIAM Discussions

134 0
Join now

Digital Learning Courses

Access Palo Alto Networks learning platform to gain technical insights and educational materials across our full suite of products.

Please note: SSO login is necessary to access the content.

Videos

Your SOC's Efficiency & Automation Powerhouse | Cortex XSIAM

Published on Dec 17, 2022
16,797 views
125 likes

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks