Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Installation of cortex SOAR offline

Dear All,

i was trying to install COrtext SOAR in an Airgap (offline)Enviorment with no internet where i was refering cortex offline installation guide, and i i could not complte the installation and stuck in uploading docker dependaci file  to which

...

Why is the severity became "unknown"?

Hello All,

 

I have a question, i have mapped an incident from qradar with the playbook i've created.

At first it's worked, the incident severity was "high". but later until now, the severity become "unknown".

What is the main cause of this issue?

Tha

...

awarman by L0 Member
  • 734 Views
  • 2 replies
  • 0 Likes

Getting data from multiple incident contexts?

Hi!

 

I want to extract specific key data from context of multiple incidents. The context key I'm looking for is not under "incident". Specifically, I have many incidents of type "Phishing" and want to output the contents of "Recipient Selection.Answ

...

Antanas by L2 Linker
  • 704 Views
  • 1 replies
  • 0 Likes

Resolved! XSOAR 8 API - Attachment upload with entryID

The code below, creates an incident with attachment uploaded but in the incident itself, when I see the context, I dont see any file. 

Since there is no entryID for the file, I cannot read the attachment and also cannot run the playbooks. 

 

 

Any ch

...

Cortex XSOAR

Morning everyone,

 

I hope that you are doing well

 

I have a little problem. We have implemented the XSOAR in our customer environment and configure th EWS O365 content pack for phishing attacks but since we do not have a case, we cannot show to the

...

Ingest Taxii feed into XSOAR 6.12

Hi,

 

I am trying to ingest our taxii feed into XSOAR 6.12 with following steps:

  • installed XSOAR 6.12 on ubuntu 22.0.4 LTS
  • launched the web portal, and installed TAXII Feed (1.x) pack from marketplace
  • Ingest feed using "Integration Instance Settings"
    • T
...

TonyZhu by L2 Linker
  • 2701 Views
  • 16 replies
  • 0 Likes
  • 992 Posts
  • 31 Subscriptions
This widget could not be displayed.