Cortex XSIAM

Resources for Cortex XSIAM, Palo Alto Networks’ autonomous security platform powering the Modern SOC.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Cortex XSIAM

Welcome to the Cortex XSIAM resources page. Cortex XSIAM, the autonomous security platform powering the Modern SOC, operates across both cloud and enterprise security operations, providing true end-to-end-management of threats wherever they originate. This page provides information and resources to make your Palo Alto Networks journey as simple as possible. Ask your questions, find answers, connect with peers, and get access to troubleshooting resources all in one place.

Discussions

Author Topic Views Replies
Janderson
03-28-2025

Create Dataset XSIAM

I want to create a dataset to send certain types of logs to this dataset. For example, I want to create a dataset linux_facility_1 for example. Then I... — Read more

posted in Cortex XSIAM Discussions

56 0
S.Christensen202106
03-28-2025

Output of prevalence commands Contains a hyperlink

Hi I have been searching around online, both on https://xsoar.pan.dev/ and looking at looking at the source code on github, for the Core - Investigati... — Read more

posted in Cortex XSIAM Discussions

46 0
IngridS
03-07-2025

How to group related alerts in XSIAM and create a unique incident

Hi dear community :): I have a question Several alerts are forwarding in my Cortex XSIAM system coming from Microsoft Defender, these alerts have dif... — Read more

posted in Cortex XSIAM Discussions

175 0
rathilaramesh13
02-28-2025

Context polling playbook

In XSIAM playbook,I’m trying to fetch the incident status. When the incident status is changed to for eg under_investigation I want to my playbook to ... — Read more

posted in Cortex XSIAM Discussions

102 0
T.Sode
02-25-2025

Forcepoint proxy integration with XSIAM

Hi Palo Team, I am trying to onboard Forcepoint proxy logs into XSIAM, but i couldn't found any marketplace app/supporting datamodel.Could someone hel... — Read more

posted in Cortex XSIAM Discussions

177 0

Blogs

Threat Brief: CVE-2024-6387 OpenSSH RegreSSHion Vulnerability Contains an image Contains a hyperlink

07-15-2024 — On July 1, 2024, a critical signal handler race condition vulnerability was disclosed in OpenSSH servers (sshd) on glibc-based Linux systems. This vulnerability, called RegreSSHion and tracked as CVE-2024-6387, can result in unauthenticated remote... — Read more

Labels: Cortex XDR Cortex Xpanse Cortex XSIAM Cortex XSOAR CVE-2024-6387 OpenSSH RegreSSHion Remote Code Execution SSH threat brief
15759 by in Community Blogs

Harnessing the Power of Cortex XSIAM for Enhanced File Management and Data Privacy Contains an image

07-15-2024 — In an era where cybersecurity threats are evolving at a breakneck pace, Extended Detection and Response (XDR) solutions have emerged as the vanguard of defense for organizations. But what if we could extend the capabilities of the Cortex XSIAM sol... — Read more

Labels: Cortex XSIAM Endpoint Security
2005 4 by in Community Blogs

What’s Next in Cortex - New Wave of Innovations in Cortex (June 2024 Release) Contains an image Contains a hyperlink

07-03-2024 — ith the ever evolving threat landscape, security operations teams require a new level of efficiency to protect their organizations. The latest release across Cortex products aims to solve a diverse set of challenges in security operations, all whi... — Read more

Labels: Cortex XDR Cortex Xpanse Cortex XSIAM Cortex XSOAR XDR Xpanse XSIAM XSOAR
5132 by in Community Blogs

SmartGrouping - Precision AI™-Driven Investigation Contains an image Contains a hyperlink

06-05-2024 — SmartGrouping is a crucial aspect of security operations, allowing to connect disparate alerts and paint a comprehensive picture of an attack. It's like piecing together a puzzle, where each alert represents a piece, and the complete picture revea... — Read more

Labels: Cortex XDR Cortex XSIAM XDR XSIAM
1993 by in Community Blogs

Securing Kubernetes Clusters: The Cortex XDR and XSIAM Approach Contains an image Contains a hyperlink

05-16-2024 — Kubernetes has revolutionized the way we deploy and manage applications, but its complexity and dynamic nature also introduce a new set of security challenges. Attackers are constantly looking for ways to exploit vulnerabilities in Kubernetes clus... — Read more

Labels: Cortex XDR Cortex XSIAM Kubernetes
4612 by in Community Blogs

Cortex-XSIAM-Release-Notes

Videos

Your SOC's Efficiency & Automation Powerhouse | Cortex XSIAM

Published on Dec 17, 2022
14,895 views
125 likes

Revolutionize Your SOC: Cyber Security Case Study | Cortex XSIAM

Published on Nov 18, 2022
3,253 views
17 likes

Digital Learning Courses

Visit Palo Alto Networks' learning platform, Beacon, for free technical knowledge and educational resources related to all of our products.

Please note: You need to be logged into SSO in order to view this content.