Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Resolved! Dynamic Section using Context

I was wondering how we can add splunk results into Incident layout. Possibly a CSV file or markdown.

 

We use splunk to search our email logs to see other recipients who got phishing email. Wanted to display that in the Incident layout.

 

Any advise

...

Getting null in output

Hi,

 

I am using a splunk search automation and passing a query in input and I am getting appropriate result without any null value. So I have added a new task after that to convert the output in csv, I am using Exporttocsv automation, but here the i

...

Himangi_1-1698821557749.png
Himangi_0-1698821510351.png
Himangi by L2 Linker
  • 486 Views
  • 2 replies
  • 0 Likes

Qradar Integration

Hi , 
Is there a way to make the the system pull incidents more often , 
now it takes about 3 min since the offense first appears in the Qradar until it appears in the Demisto.

urlscan.io alternatives?

Hi all,

 

I'm looking for urlscan.io alternatives that are available in the marketplace. Ideally, something that'll allow "browsing" from a different location, like GeoPeeker.

 

Thanks!

Upgrade XSOAR Offline

Our environment cannot connect to the internet.

We have installed XSOAR 6.11 offline before, and now we want to upgrade to version 6.12.

So I would like to ask, can I upgrade offline?

I have read the official documentation of XSOAR and there is no me

...

Resolved! AzureAD/MS Graph User Expire Password

Anyone familiar with MS Graph User integration and using it to expire a password for a user, much like Active Directory Query V2 "!ad-expire-password"?

 

It appears the method with PowerShell is using Connect-AzureAD and updating the passwordProfile

...

Resolved! xsoar change incident owner

Hi , 
is there a way to put a listener on every incident , and every time an incident owner is changing - it will run a playbook or a script.
The incident owner can be changed at any time during the playbook of the incident is running.

  • 895 Posts
  • 30 Subscriptions