Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.
About Cortex XSOAR Discussions
Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

CrowdStrike Next-Gen SIEM

Hi all,

 

How can i fetch the alert generated by CrowdStrike Next-Gen SIEM to SOAR? Here, are the alerts generated by queries created or like Email, Cloud category.

 

#XSOAR #CrowdStrike #Next-GenSIEM

XSOAR - Manual Review Indicators

Hi, 
I have created a playbook that extracts IOC from a csv in a mail.
I want to ask the analyst if they want to manually review or auto block the IOCs.
If the analyst marks Manual review I want it to loop over every IOC and the analyst should mark to b

...

Bar_Magnezi_0-1721193781083.png

How does EmailAskUser flow work?

I configured my playbook to execute EmailAskUser script but I don't know what is happening in the background causing the completion of the next task. Can somebody explain this behavior to me? The script isn't well documented and I was wondering the d

...

lordstark_0-1723561389650.png

Get Incident List from Microsoft 365 Defender

Hi Team,

I want to get the events between the dates I give from Microsoft 356 Defender. In the ‘microsoft-365-defender-incidents-list’ command, the limit is set to maximum 100. What should I do to make the limit unlimited?


The command:

test_data ={’...

XSOAR File Issue

Hi All,

I tried to send an attachment using the attachment ID in Exchange Web Services (EWS) for Office 365, and I was also able to see the entry ID of the file in context object. However, the structure of the entry ID is different from the standard

...

Syedhkt by L2 Linker
  • 563 Views
  • 1 replies
  • 0 Likes

Evidence XSOAR

Hi everyone,

Does anyone know if it's possible to paste evidence (screenshots) into an Incident using CTRL+V? I've tested it and sometimes it works, but sometimes it doesn't...
Does anyone know if it's possible to create a button that allows uploading

...

tlmarques by L4 Transporter
  • 411 Views
  • 1 replies
  • 0 Likes
  • 1125 Posts
  • 36 Subscriptions
Top Solution Authors
Top Liked Authors