Cortex XSOAR Release Announcements
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
New version of Cortex XSOAR 8 (8.8) Cloud is now GA. Here are some highlights from this release: Canvas -Multilayer indicator/incident relationship graph: SOC analysts can now create and share dynamic attack diagrams or static snapshots with incident response, forensics, and threat-hunting teams. The Guard Rails page: Cortex XSOAR 8 now includes the Guard Rails page, which shows performance-related errors and warnings that can be used as a guide to detect and prevent actions that may cause a decline in performance or instability. Exclude enrichment of indicators: Indicators can now be marked as Enrichment Excluded in Cortex XSOAR, ensuring they will not be enriched. This gives you better control over your Indicators and the ability to optimize system performance by managing the indicator enrichment process. Audit logs: Audit log coverage is expanded to capture detailed records of incident edits, including the modified fields. This improvement ensures a comprehensive record of all changes, significantly enhancing the ability to trace the incident's history and evolution.
View full article
The latest version of Cortex XSOAR On-prem is now available for GA. Here are some highlights from this release: Cortex XSOAR On-prem now supports installation on the following deployments Oracle Cloud Infrastructure (OCI) AWS Admin users can now log in to the Cortex XSOAR textual UI via SSH for easier access to deployment and maintenance. In the indicator timeline, view the most recent and initial indicator changes, ensuring that the SOC analyst can access the most up-to-date data. Cortex XSOAR supports teams working in different locations by selecting the relevant timezone when generating a report. Cortex XSOAR can now run more playbooks per hour for medium and large-scale deployments.
View full article
The latest version of Cortex XSOAR 6 is now available for GA. Here are some highlights from this release: Migration from Cortex XSOAR 6 On-prem to Cortex XSOAR 8 Cloud is now available. For more information about the migration process, see Cortex XSOAR Migration Guide. Cortex XSOAR 6.13 now supports: Oracle Linux versions 8.9 and 9.3 (for engine and server installation) RHEL versions 8.10 and 9.4 (for engine and server installation) Elasticsearch versions 8.11, 8.12 and 8.13 OpenSearch versions 2.10, 2.11, 2.12, and 2.14  
View full article
Check out the Cortex XSOAR 6.12 Release Notes for more details.
View full article
The latest version of Cortex XSOAR On-prem is now available for GA. Here are some highlights from this release: Cortex XSOAR Cluster High Availability: Cortex XSOAR On-prem cluster, with three or more nodes, includes high availability capabilities to improve reliability for critical security operations. Enhanced role-based access control for dashboards: The Administrator can now restrict access to specific dashboards for designated users through role assignment. Multi-role API keys: You can now create API keys with multiple roles to improve operational efficiency and allow dynamic RBAC management of API keys. New endpoint for managing API keys using the API: Cortex XSOAR now has an API endpoint for GET, CREATE, UPDATE, and DELETE for API keys. Customize the favicon color: You can now change the color of the favicon for each tenant. This allows you to identify which tenant is being used in each tab at a glance
View full article
A new version of Cortex XSOAR 8 (8.7) Cloud is now GA. Here are some highlights of this release: XSOAR 6 On-prem To SaaS Migration: Seamlessly migrate all your data, configurations, and settings including indicators and incidents from Cortex XSOAR 6.13 On-prem to Cortex XSOAR 8 Cloud using a built-in wizard that streamlines the migration process. Indicator timeline perseveration: To effectively investigate an incident and analyze associated indicators, the SOC analyst must have access to up-to-date data and a clear view of the most recent changes made to the relevant indicators, as well as the initial entries of indicator changes. Reports in the Timezone of Choice: When generating a report, you can choose the timezone to ensure accurate and localized reporting for users working in multiple geographical locations. Manage notification distribution: Admin users can manage notification distribution by adding or removing tenant’s stakeholders' email addresses on the Server Settings page, without the need to add them first on the tenant. This feature streamlines communication and simplifies administration.
View full article
A new version of Cortex XSOAR 8 (8.6) Cloud is now GA. Here are some highlights of this release: Create API keys with multiple roles to improve operational efficiency and allow dynamic RBAC management of API keys. Restrict access to specific dashboards for designated users through role assignment. Cortex XSOAR has an API endpoint for GET, CREATE, UPDATE, and DELETE for API keys. Change the color of the favicon for each tenant, which allows you to identify which tenant is being used in each tab at a glance. New authentication control options, which provide additional security features to help prevent security breaches.
View full article
Cortex XSOAR 8 On-prem is now GA. While based on XSOAR 6, Cortex XSOAR 8 is redesigned to deliver improved performance and reliability, and is highly scalable, based on revamped architecture. Cortex XSOAR 8 On-prem includes the following features:   Integration into the Cortex platform: Unified look and feel Simplified deployment and onboarding Improved performance and reliability High scalability based on a revamped architecture  User-friendly installation with an easy-to-follow step-by-step TUI to install Cortex XSOAR and configure: Tenant network and IP settings Proxy settings Cluster settings Scale size
View full article
The latest version of Cortex XSOAR 6 is now available. Check out the latest Cortex XSOAR Release Notes for more details.
View full article
A new version of Cortex XSOAR 8 (8.5) is now GA. Here are some highlights of this release: (Multi-tenant/MSSP) Enable communication between SOC analysts Keep retained incidents Assign incident retention licenses for multi-tenant deployments Content repository improvements Customize system emails Use an authenticated docker image
View full article
A new version of Cortex XSOAR 8 (8.4) is now GA. Here are some highlights of this release: In-app documentation Private repository support in a dev/prod environment Export incidents to Excel Authenticated communication tasks Define credentials for long-running integrations SSO improvements  
View full article
The latest version of Cortex XSOAR 6 is now available. Check out the latest Cortex XSOAR Release Notes for more details.
View full article
The latest version of Cortex XSOAR is now available for GA. Here are some highlights from this release: Migration from Cortex XSOAR 6 to 8 is available for Hosted customers. Cortex XSOAR supports RHEL v8.8 and v9.0 Edit a list installed from a content pack by detaching it. The reputationCalcAsync argument is now available for the addEntries command. The list.<listName>.separator and the list.separator  server configurations now support tabs as list separators, using \t.
View full article
The latest version of Cortex XSOAR 6 is now available. Check out the latest Cortex XSOAR Release Notes for more details.
View full article
A new version of Cortex XSOAR 8 (8.3) is now GA. Here are some highlights of this release: Improved auditing Manage User Groups in the Cortex Gateway Manage RBAC settings in the Cortex Gateway Improved Navigation Improved Indicator Verdict Calculation
View full article
A new version of Cortex XSOAR 8 (8.2) was introduced. Here are some highlights from this release: XSOAR 8 now offers Cortex XSOAR Multi-Tenant, which is designed for managed security service providers and enterprises that require strict data segregation with the flexibility to share and manage critical security practices across tenant accounts. Role permissions have been updated to separate some administration permissions. You can now subscribe to content pack updates in Marketplace. Improved UI for Data Collection and Ask tasks in Playbooks and a simplified search for playbooks with free text search. Improvements to the Default Playbook.
View full article
The latest version of Cortex XSOAR is now available for GA. Here are some highlights from this release: Improved Upgrade Process for Multi-Tenant Deployments. After deleting a user, you can now clear the user's data from content, such as active incidents and investigations, automations, etc. Substantial improvements of playbook performance including context operations, indicator extraction and playbook execution. New Menu Navigation. Role Permissions have been updated for more granular control.
View full article
The latest version of Cortex XSOAR is now available. Check out the Cortex XSOAR Release Notes for more details.
View full article
The latest version of Cortex XSOAR is now available. Check out the Cortex XSOAR Release Notes for more details.
View full article
Cortex XSOAR 8 is now available for GA. Here are some highlights from this release: Integration into the Cortex platform: Unified look and feel Uses the platform's storage engines Simplified deployment and onboarding Consistent user management Improved performance and reliability High scalability based on revamped architecture that utilizes cloud features Built-in Git Repository for sharing data between development and production instances This is a SaaS only release. For more information about XSOAR 8, see Cortex XSOAR 8 FAQs.
View full article
The newest version of Cortex XSOAR is now available for GA. Here are some highlights from this release: Communication task links in Context Data: When running an Ask or Data Collection task, links are generated to collect the recipients' responses and are now available in the incident's context data. Content Security Policy: You can now enable Content Security Policy (CSP), which adds a layer of security including detecting and mitigating certain types of attack. Quiet Mode for Manual Tasks: You can now turn quiet mode on or off for individual manual tasks in a playbook. Documentation Portal: Documentation for all Cortex products including Cortex XSOAR has moved to https://docs-cortex.paloaltonetworks.com/.
View full article
The latest version of Cortex XSOAR is now available. Check out the Cortex XSOAR Release Notes for more details.
View full article
The latest version of Cortex XSOAR is now available. Check out the Cortex XSOAR Release Notes for more details.
View full article
The newest version of Cortex XSOAR is now available for GA. Here are some highlights from this release: Deployment Wizard: When installing or updating content packs, the DEPLOYMENT WIZARD tab guides you step-by-step to adopt your use case (including Phishing and Malware), significantly reducing the setup time. SAML 2.0 Configuration: You can now let administrators manually enter certain user information fields when configuring SAML 2.0, which persist if those fields are not provided by SAML third party provider. Zoom level:  When switching between playbooks, the user's zoom level is now preserved (in = more detail, out = larger view). Add a warning message when viewing comments in incidents: (Multi-Tenant) Added a warning message, when handling bulk incidents to prevent customer information being unintentionally shared with other customers.
View full article
The latest version of Cortex XSOAR is now available. Check out the Cortex XSOAR Release Notes for more details.
View full article
The latest version of Cortex XSOAR is now available. Check out the Cortex XSOAR Release Notes for more details.
View full article
The latest version of Cortex XSOAR is now available. Check out the Cortex XSOAR Release Notes for more details.
View full article
The newest version of Cortex XSOAR is now available for GA. Here are some highlights from this release: Indicator field Trigger Scripts: Associate indicator fields with trigger automation scripts that check for field changes, and then take actions based on them. Dynamic layouts and fields: When customizing an indicator/indicator layout add a filter. Saved Query Sharing: Share saved queries with specific roles. Enhanced RBAC: More granularity to the RBAC roles page. Check out the Cortex XSOAR Release Notes for additional details.
View full article
The newest version of Cortex XSOAR is now available for GA. Here are some highlights from this release:   Use case adoption wizard: When installing or updating the Malware content pack, a new DEPLOYMENT WIZARD tab guides you step-by-step to quickly adopt the Malware use case. Error Handling in playbooks: When creating/editing a standard task that uses an automation or a conditional task that uses an automation, if the the task errors, the playbook continues on an error path. Exclude items from local changes in remote repositories: Exclude content items in your development environment from syncing with your production machine. HTTP,  HTTPS, and SSH are supported for remote repositories: Connect to a remote repository using HTTP,  HTTPS, or SSH. API keys creation: Select which roles have read and read/write permission when creating API keys.  
View full article
The latest version of Cortex XSOAR is now available.  Check out the Cortex XSOAR Release Notes for more details.
View full article
  • 57 Posts
  • 715 Subscriptions
Customer Advisories

Your security posture is important to us. If you’re a Palo Alto Networks customer, be sure to login to see the latest critical announcements and updates in our Customer Advisories area.

Learn how to subscribe to and receive email notifications here.

Listen to PANCast

PANCast is a Palo Alto Networks podcast that provides actionable insights to customers, helping you maximize your investment while improving your cybersecurity posture.

Top Contributors