Cortex XSIAM
Resources for Cortex XSIAM, Palo Alto Networks’ autonomous security platform powering the Modern SOC.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Cortex XSIAM

Welcome to the Cortex XSIAM resources page. Cortex XSIAM, the autonomous security platform powering the Modern SOC, operates across both cloud and enterprise security operations, providing true end-to-end-management of threats wherever they originate. This page provides information and resources to make your Palo Alto Networks journey as simple as possible. Ask your questions, find answers, connect with peers, and get access to troubleshooting resources all in one place.


Author Topic Views Replies

Unified Inventory

Hello, I have come across references to 'Unified Inventory' in the documentation for XSIAM, Xpanse, and Prisma Cloud. Could anyone please clarify if t... — Read more

posted in Cortex XSIAM Discussions

519 3

Unified/Assets Inventory and XQL

Do we have the ability to call Unified Inventory or Assets Inventory via XQL Query? I have many interesting examples and potential use cases for how t... — Read more

posted in Cortex XSIAM Discussions

302 1

XSIAM Cloud or Onprem?

Hi All, I'd like to enquire whether Cortex XSIAM offers on-premises solutions exclusively, or if it provides a combination of both on-premises and c... — Read more

posted in Cortex XSIAM Discussions

564 1

Custom Alert in XSIAM for Azure AD User Group Changes

Hello, I was wondering if someone could help point me in the right direction for setting up a custom alert in XSIAM when a user is removed from Azur... — Read more

posted in Cortex XSIAM Discussions

935 2

How to retrieve all XQL Correlations

Hi guys, i need a little help. Is there any dataset that contain all the correlations rules created?Or can I retrieve all correlations rules via XQL... — Read more

posted in Cortex XSIAM Discussions

965 3


SmartGrouping - Precision AI™-Driven Investigation

06-05-2024 — SmartGrouping is a crucial aspect of security operations, allowing to connect disparate alerts and paint a comprehensive picture of an attack. It's like piecing together a puzzle, where each alert represents a piece, and the complete picture revea... — Read more

Labels: Cortex XDR Cortex XSIAM XDR XSIAM
511 by in Community Blogs

Securing Kubernetes Clusters: The Cortex XDR and XSIAM Approach

05-16-2024 — Kubernetes has revolutionized the way we deploy and manage applications, but its complexity and dynamic nature also introduce a new set of security challenges. Attackers are constantly looking for ways to exploit vulnerabilities in Kubernetes clus... — Read more

Labels: Cortex XDR Cortex XSIAM Kubernetes
1549 by in Community Blogs

Cortex Copilot: In SecOps, You Should Secure Smarter, Not Harder

05-14-2024 — In security operations, analysts need every advantage to remain one step ahead of the attacker. This is why we created Cortex Copilot. — Read more

Labels: AI Automation Cortex XSIAM SOC Threat hunting
1687 1 by in Community Blogs

Leading with a Prevention-First Approach for Cloud Detection and Response

04-25-2024 — As cloud computing continues to evolve and becomes the ad-hoc standard for many of the world’s largest enterprises, we also see attack surfaces growing and the escalation of cyberthreats targeting the cloud and traditional enterprise assets. These... — Read more

Labels: CDR Cloud Cortex XDR Cortex XSIAM detection and response XDR XSIAM
1601 by in Community Blogs

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400

04-24-2024 — This threat brief is frequently updated as new threat intelligence is available for us to share. The full update log is at the end of this post and offers the fullest account of all changes made. — Read more

Labels: Cortex Cortex XDR Cortex Xpanse Cortex XSIAM threat brief Threat Briefs and Assessments Unit 42 unit42
2321 by in Community Blogs



Digital Learning Courses

Visit Palo Alto Networks' learning platform, Beacon, for free technical knowledge and educational resources related to all of our products.

Please note: You need to be logged into SSO in order to view this content.