Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Playbook to upload IOCs to Cortex XDR

Hello,

We are working in an integration between XSOAR and XDR.
We want to upload IOCs from a given file to XDR, we have seen that Cortex XDR - IOC integration allows a synchronization of IOCs but what we want is a manual push of new IOCs to XDR, not to

...

Resolved! Filenames with slashes not updating

Greetings,


So I have been pulling rasterized images with the names of the URLs attached into XSOAR and attempting to pipe them into some ServiceNow tickets, but character restrictions are giving the system issues on what files to call during the uploa

...

MicrosoftTeams-image (3).png
MicrosoftTeams-image (4).png
MicrosoftTeams-image (5).png

Start playbook from API with own inputs

Hi all,

 

I have problem and I would like please you for help.

My target is, from API (via postman) run some playbook with own data. For example, call playbook, where I added into playbook Inputs property "Left".

 

How I tried set $Input.Left from my API,

...

Resolved! how to use demisto-api-download in a Automation

I am trying to use the built in demisto-api-download autmation to download a file from our hosted xsoar instance 

I am struggling to figure out how to format my command in the automation. From the documentation these are the inputs :
 

Arguments Descrip

...

kbratt by L1 Bithead
  • 2734 Views
  • 5 replies
  • 0 Likes

Auto-categorize Outlook Phishing Email

Hello guys,

I'm currently trying to create a Playbook that auto-categorize already analyzed phishing email, let me explain :

Here is the current process :

1. An analyst tags an email as Phishing using Outlook categories in the main Email box

2. Thanks to

...

benzer by L0 Member
  • 1552 Views
  • 3 replies
  • 0 Likes

Resolved! SLA best practices

Hi,

 I want to set sla times per severity type but it seems xsoar bind sla's to incident type, so i think i need to start each sla per severity in playbook by testing severity it is nearly clear for me. But i am confused what type of SLA should i crea

...

Resolved! Different response page server

Hi, 

 

In a multitenant deployment i want to place the response page somewhere else from the "Host-tenant" machine  lets say customer environment. And configure   "External Host Name" to this new server which is accessible from customer local area.

 

Reg

...