Resolved! A question from the Phishing V3 webinar: Investigation

It does within an isolated container. We use XSOAR to investigate all kinds of malicious content and it is designed for it - Can we get more information on this? Is it the hardening of Docker ? or others?

Note: This question was asked during our

Resolved! A question from the Phishing V3 webinar: O365 emails

How do you recommend enriching/investigating encrypted emails in O365 that are only viewable to the intended recipient?

Note: This question was asked during our Customer Success Webinar: Phishing V3

Resolved! Unable to retrieve output value while using extended context

Hello team,

I'm trying to use the extended context feature to keep only the data I'm interrested in and put them where I need them to be.

The automation I'm using is infoblox-get-ip from Infoblox integration.

Here is the output of the automation:

 I'm

Resolved! How to prevent IOCs and Incident Cases from being created when running playbooks

Hi,

I was making 2 playbooks.

In the first playbook, after creating the same I scheduled it as a job. Each time the job runs, it creates a incident case. How do I prevent the incident case from being created when the job runs?

In the second playbook,

Resolved! Playbook to search AD expired accounts and delete them

Hi,

I am trying to create a playbook that

1) Searches for expired accounts in AD

2) Retrieves the sAMAccountName, Display name and expired date

3) Delete the accounts 

4) Sent an email notification with the details of the accounts deleted.

I created the l

Resolved! How to make indicators part of a TAXII server collection?

Hi, I configured TAXII Server v1 on Cortex XSOAR. I am trying to get understand the idea of collections. I wish to create a multiple collections within XSOAR so that when a taxii client polls for the list of collections, it can see the list and selec

Resolved! Filenames with slashes not updating

Greetings,

So I have been pulling rasterized images with the names of the URLs attached into XSOAR and attempting to pipe them into some ServiceNow tickets, but character restrictions are giving the system issues on what files to call during the uploa

Resolved! Assign owner to "current user" in playbook tasks

Hi,

There is a playbook task at one of the early steps which asks analyst to start investigation or not. The below command let me change owner to command executer himself but i need this execution inside the playbook. When an analyst click "Yes" to p

Resolved! how to use demisto-api-download in a Automation

I am trying to use the built in demisto-api-download autmation to download a file from our hosted xsoar instance 

I am struggling to figure out how to format my command in the automation. From the documentation these are the inputs :
 

Arguments Descrip