Integrating Proofpoint TAP into XSIAM

Hi,

I would like some guidance on which data source I should use when integrating Proofpoint TAP into XSIAM.

In the content pack "Proofpoint TAP" on the marketplace,

There is a data source named "Proofpoint TAP".  This data source has the abili

Rule list

I would like to see a list of rules regarding the types of incidents I receive in XSIAM.

I am not talking about IOC/BIOC 

Can anyone help with the path ?

Urgent Help Needed: Where Can I Find Cortex XSIAM Deployment and Service Management Training Videos?

Hi Team,

I have a new client, one urgently transitioning from QRadar to Cortex XSIAM, and I'm completely unfamiliar with XSIAM. I urgently need instructor-led training on deploying and managing this solution, as I'm unsure how to proceed. Any help

Widget Library XQL Query

Hi All,

So in the xsiam portal under 'Dashboard and reports' there is a pre-defined list of Widgets in the library..

Within the 'system monitoring' library there is a widget called 'daily consumption' which is great to identify data sources ingestion

XSIAM Multi-Tenancy

How does multi-tenancy work for MSSPs in XSIAM? 
We are looking to use XSIAM as the core SecOps tooling to replace our current SIEM and we were wondering how does the multi-tenancy function work?  

Simple QXL Query help needed

Hi All,

withing query builder i have a very basic query as per below..

dataset = metrics_source
| fields _vendor , _product , total_size_bytes

which shows me the data sources and the amount of ingested data per source which is fine over a period

What is the difference between Market Place , Data source and XDR collectors in XSIAM

Same as the title. Could you please give examples of how Market Place, Data source, and XDR collectors are in XSIAM in terms of ingesting data?

Unified/Assets Inventory and XQL

Do we have the ability to call Unified Inventory or Assets Inventory via XQL Query? I have many interesting examples and potential use cases for how this data can be used. Also, some custom reports like 'new assets detected in last 24h' can be useful

XSIAM Cloud or Onprem?

Hi All,

I'd like to enquire whether Cortex XSIAM offers on-premises solutions exclusively, or if it provides a combination of both on-premises and cloud solutions? Additionally, how does the deployment model work? 

Custom Alert in XSIAM for Azure AD User Group Changes

Hello,

I was wondering if someone could help point me in the right direction for setting up a custom alert in XSIAM when a user is removed from Azure AD from a particular user group.

For example, let's say we have a user group that excludes MFA-M