Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Cortex XSOAR tool integrations methods

Hi,

 

As per below link the integrations can be executed REST API, webhooks, and other techniques. So I'd like to know about what are the other methods available in XSOAR platform.

 

https://xsoar.pan.dev/docs/concepts/concepts#:~:text=Product%20inte

...

DP696 by L2 Linker
  • 1848 Views
  • 3 replies
  • 0 Likes

Resolved! OS Requirement for Cortex XSOAR engine deployment

Hi,

 

In one of the XSOAR documentation its mentioned "For all Linux deployments except RHEL 7.x (for example Ubuntu, CentOS, etc.). Automatically installs Docker, downloads Docker images, enables remote engine upgrade, and allows installation of mul

...

DP696 by L2 Linker
  • 2039 Views
  • 2 replies
  • 0 Likes

Resolved! Body email

Hi,

 

In a playbook I'm using the automation 'send e-mail (EWSO365)'.

 

In the body of the email I'm adding a list that the playbook has generated as following:

 

Get
inputs.BreachData
Override input
Where
No filters applied
Transformers
JsonT
...

SteveB by L0 Member
  • 1914 Views
  • 2 replies
  • 0 Likes

Endpoint Antivirus Exclusion list

Dears,

 

Kindly need your support for the following:

• we need to install the below as security controls on our XSOAR server (RHEL8):

o McAfee Endpoint security (latest version) for Linux.

o Cyber Reason EDR.

kindly provide what is the Antivirus exclus

...

Resolved! Linked incident offense close

Hi,

 

A pre-process rule tests some condition and "link-close" incident into a previous one, and this works great. But i need to close related offense in qradar as well as the xsoar itself, with a sole preprocess rule deployed incident is closed in xso

...

accepting custom cert -failed

Have followed this kb however under instance, it is still unable to test successfully when unchecking the trust all certification options under the integrated instance.

 

https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-1/cortex-xsoar-admin/d

...

Aneo_0-1657771048980.png

Create a PDF file from context

Hi,

I am trying to create playbook where IOCs are extracted and enriched and then values are send as a PDF file via email.

I reached the part where the IOCs are parsed and enriched, but I am stuck at creating the PDF file.

 

Is it possible to create a PD

...

  • 895 Posts
  • 30 Subscriptions