This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Start a conversation

Cortex XSOAR Deployment

I want to ask for the Cortex XSOAR installation which is a free trial, can it only be installed on premise or can it be done on a cloud basis? because after I requested a free trial for cortex XSOAR they directed it to install on premise


Resolved! Playbook Args

Hi all, 

I want to get an argument from user when playbook running. Actually, the first method I can think of is as below. But can you give a more user-friendly example?

Ekran görüntüsü 2023-08-10 163821.png

Resolved! XSOAR Shift Management and Incident Assignment

I've read a little about the Shift Management function.

Does this allow for intelligence to auto-assign incidents?

Example:
5 people on shift, based on threshold of SLA, auto-assign incident round robin style to the analyst that are in the queue?

Is ther

...

JoshBoyd by L2 Linker
  • 2843 Views
  • 2 replies
  • 0 Likes

Resolved! AWS describe-vpc-endpoints

I am not seeing the AWS command describe-vpc-endpoints in any of the integrations...I just want to confirm I'm not missing it somewhere before I submit a feature request.  Thanks.

Incident Layout dynamic section as input

Hello!
I would like to ask you how to implement a way to define the input values on the Incident Layout.

For example, I would need it in a case where I have a sub playbook and I want to give a value to one of its mandatory arguments without having to

...

szodinn by L0 Member
  • 1802 Views
  • 2 replies
  • 0 Likes

Resolved! SlackAskV2 automation

Hi all,


I'm trying out SlackAskV2 and my message is being sent to the channel successfully. I used 'Yes' and 'No' as options.

When I click the 'Yes' or 'No' buttons from the slack channel, nothing is returned to the War Room.

Now, where do I find the

...

Mapping fields to XSOAR IOCs

I'd appreicate guidance on how to update IOC fields with information extracted from an excuted playbook task. 

 

My use case centers around updating File Hash IOCs to include file signature metadata information to enable easier cleaning up of IOCs as

...

jemeche by L0 Member
  • 1761 Views
  • 3 replies
  • 0 Likes

Resolved! [Multi-Tenant] System configuration levels

in a multi tenant environment, should I forward all the system configurations to tenants or are some of them meant only for hosts?

CSP cases in particular, can be pretty confusing. CSP tells me to put a sys config on the main account and in another c

...

  • 1286 Posts
  • 44 Subscriptions
Top Solution Authors
View All
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks