04-11-2025 06:58 AM
Hello @K.Ganiyev
Are you looking for a way to ingest Check Point Threat Emulation alerts in XDR? If so this case be achieved either using XDR APIs or using a syslog collector. Cortex XDR stitches the external alerts together with relevant endpoint data and displays alerts from external sources in relevant incidents and alerts tables. You can also see external alerts and related artifacts and assets in Causality views.
Please click Accept as Solution to acknowledge that the answer to your question has been provided.
04-11-2025 07:01 AM
Hi dear Nsinghvirk ,i want to use threat emulator integration for cheking files , like as sandbox.
04-15-2025 10:33 PM
Hello @K.Ganiyev ,
Integrating Check Point Threat Emulation (SandBlast) directly with Cortex XDR is not natively supported. However, you can achieve interoperability by leveraging Cortex XSOAR as an intermediary platform. Here's how you can set up this integration:
https://xsoar.pan.dev/docs/reference/integrations/check-point-sand-blast
If you feel this has answered your query, please let us know by clicking like and on "mark this as a Solution". Thank you.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
