This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Cortex XSIAM
Resources for Cortex XSIAM, Palo Alto Networks’ autonomous security platform powering the Modern SOC.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Cortex XSIAM

Welcome to the Cortex XSIAM resources page. Cortex XSIAM, the autonomous security platform powering the Modern SOC, operates across both cloud and enterprise security operations, providing true end-to-end-management of threats wherever they originate. This page provides information and resources to make your Palo Alto Networks journey as simple as possible. Ask your questions, find answers, connect with peers, and get access to troubleshooting resources all in one place.

Discussions

Need answers? Register or Sign-in to Engage, Share, and Learn.
Author Topic Views Replies
IngridS
IngridS
03-07-2025

How to group related alerts in XSIAM and create a unique incident

Hi dear community :): I have a question Several alerts are forwarding in my Cortex XSIAM system coming from Microsoft Defender, these alerts have dif... — Read more

posted in Cortex XSIAM Discussions

107 0
rathilaramesh13
rathilaramesh13
02-28-2025

Context polling playbook

In XSIAM playbook,I’m trying to fetch the incident status. When the incident status is changed to for eg under_investigation I want to my playbook to ... — Read more

posted in Cortex XSIAM Discussions

74 0
T.Sode
T.Sode
02-25-2025

Forcepoint proxy integration with XSIAM

Hi Palo Team, I am trying to onboard Forcepoint proxy logs into XSIAM, but i couldn't found any marketplace app/supporting datamodel.Could someone hel... — Read more

posted in Cortex XSIAM Discussions

148 0
Hisashi_Abe
Hisashi_Abe
02-15-2025

How to write a data model to map to an authentication story

We are creating a data model and have questions like: ============================================== We are aware that the method of mapping to an... — Read more

posted in Cortex XSIAM Discussions

299 0
CBode
CBode
02-07-2025

Incident catagories (manual vs automated)

The XSIAM dashboard view splits incidents based on whether they are manual or automated. What field(s) does the dashboard use to determine an inciden... — Read more

posted in Cortex XSIAM Discussions

175 0
Join now

Blogs

Threat Brief: CVE-2024-6387 OpenSSH RegreSSHion Vulnerability

07-15-2024 — On July 1, 2024, a critical signal handler race condition vulnerability was disclosed in OpenSSH servers (sshd) on glibc-based Linux systems. This vulnerability, called RegreSSHion and tracked as CVE-2024-6387, can result in unauthenticated remote... — Read more

Labels: Cortex XDR Cortex Xpanse Cortex XSIAM Cortex XSOAR CVE-2024-6387 OpenSSH RegreSSHion Remote Code Execution SSH threat brief
15528 by in Community Blogs

Harnessing the Power of Cortex XSIAM for Enhanced File Management and Data Privacy

07-15-2024 — In an era where cybersecurity threats are evolving at a breakneck pace, Extended Detection and Response (XDR) solutions have emerged as the vanguard of defense for organizations. But what if we could extend the capabilities of the Cortex XSIAM sol... — Read more

Labels: Cortex XSIAM Endpoint Security
1958 4 by in Community Blogs

What’s Next in Cortex - New Wave of Innovations in Cortex (June 2024 Release)

07-03-2024 — ith the ever evolving threat landscape, security operations teams require a new level of efficiency to protect their organizations. The latest release across Cortex products aims to solve a diverse set of challenges in security operations, all whi... — Read more

Labels: Cortex XDR Cortex Xpanse Cortex XSIAM Cortex XSOAR XDR Xpanse XSIAM XSOAR
5043 by in Community Blogs

SmartGrouping - Precision AI™-Driven Investigation

06-05-2024 — SmartGrouping is a crucial aspect of security operations, allowing to connect disparate alerts and paint a comprehensive picture of an attack. It's like piecing together a puzzle, where each alert represents a piece, and the complete picture revea... — Read more

Labels: Cortex XDR Cortex XSIAM XDR XSIAM
1952 by in Community Blogs

Securing Kubernetes Clusters: The Cortex XDR and XSIAM Approach

05-16-2024 — Kubernetes has revolutionized the way we deploy and manage applications, but its complexity and dynamic nature also introduce a new set of security challenges. Attackers are constantly looking for ways to exploit vulnerabilities in Kubernetes clus... — Read more

Labels: Cortex XDR Cortex XSIAM Kubernetes
4530 by in Community Blogs

View All
Cortex-XSIAM-Release-Notes

Videos

Digital Learning Courses

Visit Palo Alto Networks' learning platform, Beacon, for free technical knowledge and educational resources related to all of our products.

Please note: You need to be logged into SSO in order to view this content.

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2025 - Palo Alto Networks