Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Resolved! Remove file types from the context data

We have been building a playbook to decrypt all encrypted attachments and detonate in a wildfire and Mimecast sanbox using their integrations. I am struggling currently to remove jpegs and pngs from the context data so they are not being sent to the

...

GoQR.me QR Code Reader misbehaving

I have an XSOAR 8.5 instance with a playbook which makes use of the GoQR.me QR Code Reader integration.

It had been working nicely in the playbook for months, but has begun to misbehave.

 

In the playbook, images are extracted from a phishing email a

...

mattem by L1 Bithead
  • 2690 Views
  • 4 replies
  • 0 Likes

Append Multiple Ips to input

Hello Live Comm,

We are working on a WebEx playbook where IPs need to be added to proxy profiles. However, we are encountering an issue where, if a user mentions multiple IPs, the playbook task fails to add those IPs. Could you please suggest changes

...

Parallel tasks in a playbook

I'm trying to find some useful learning resources on playbooks and I've watched the standard Youtube training videos, but I've seen some playbooks that do parallel task operations, like this

 

and I'm trying to understand what happens when those tas

...

bowesmana_0-1717660805872.png

Resolved! Using dynamic names in lists in playbooks

I have a sub-playbook that checks if a list exists and if not, fetches data from an external API and saves the result to that list, the next time the playbook runs it will load it from the list rather than fetching from the external API.

I want this

...

  • 1276 Posts
  • 43 Subscriptions
Top Liked Authors