Cortex XSOAR

Cortex XSOAR

Cortex XSOAR by Palo Alto Networks enables SOC analysts to manage alerts across all sources, standardize processes with Cortex XSOAR playbooks, take action on threat intel, and automate response for any security use case.

Welcome to the Cortex XSOAR community page for Palo Alto Networks! Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

On this page, you can engage in Cortex XSOAR discussions, find helpful resources, gain Community Edition support, and discover events dedicated to Cortex XSOAR.

Discussions

Need answers? Register or Sign-in to Engage, Share, and Learn.

Global
Community Edition

Author	Topic	Views	Replies
DanielBenistiPel 11-09-2021	Demisto Siem integration Hi, I want to add Demsito to our soc and integrate it with Qradar. i saw that Demisto supports this integration, but i didn't find documentation on su... — Read more posted in Cortex XSOAR Discussions	10887	6
ELaufer 12-06-2020	Domain checker playbook Has anyone written a playbook that would check the age of a domain, say via it's Whois creation date, and then do a task?* *Originally contributed to ... — Read more 1 posted in Cortex XSOAR Discussions	8104	3

Author	Topic	Views	Replies
ELaufer 05-07-2024	Cortex XSOAR - Community Edition Support Post here for all of your Community Edition support questions and one of our product experts will get back to you soon! 2 posted in Cortex XSOAR Discussions	21723	35

Articles

Cortex XSOAR Newsletter July 2024

07-12-2024 — July 2024 UPCOMING EVENTS Customer Success Webinar: On-Prem v6 Migration to v8 SaaS Join us on July 24th to learn everything you need about the on-prem migration to the XSOAR 8 SaaS. >>Register here CS Webinar Topics Suggestion Survey We value your input! Help shape our next webinars by sharing t... — Read more

Labels: Cortex XSOAR CS Newsletter
74 published by rtsedaka in Cortex XSOAR Articles
07-12-2024 edited by rtsedaka

Cortex XSOAR New Content Pack Release - June 2024

07-01-2024 — New Content Packs Release For more info on use cases, integrations, and related documentation, click on the Pack title: GoogleThreatIntelligenceAnalyze suspicious hashes, URLs, domains, and IP addresses. GitHub FeedA feed to ingest indicators of compromise from Github repositories. The feed... — Read more

Labels: Content pack release Cortex XSOAR
334 published by rtsedaka in Cortex XSOAR Articles
07-01-2024 edited by rtsedaka

Cortex XSOAR CS Newsletter June 2024

06-13-2024 — June 2024 UPCOMING EVENTS Customer Success Webinar Series: Proactive Threat Hunting Part 2 The event concluded on June 12, 2024. Visit our events page later this month to learn about our next event. CS Webinar Topics Suggestion Survey We value your input! Help shape our next webinars by sharing t... — Read more

Labels: Cortex XSOAR XSOAR Newsletter
336 published by rtsedaka in Cortex XSOAR Articles
06-13-2024 edited by rtsedaka

Cortex XSOAR New Content Pack Release - May 2024

06-03-2024 — New Content Packs Release For more info on use cases, integrations, and related documentation, click on the Pack title: Suspicious Domain Hunting This pack provides all the necessary tools for the Suspicious Domain Hunting use case. It uses the CertStream integration to ingest new SSL certific... — Read more

Labels: Content pack release Cortex XSOAR
787 published by rtsedaka in Cortex XSOAR Articles
06-03-2024 edited by rtsedaka

Cortex XSOAR CS Newsletter May 2024

05-09-2024 — May 2024 UPCOMING EVENTS Customer Success Webinar Series: Proactive Threat Hunting Join us on May 22nd for the first session of the next webinar series, Proactive Threat Hunting! Register the series below: Part 1 | Part 2 Symphony 2024: AI and Automation In case you missed it, catch the recordin... — Read more

Labels: Cortex XSOAR CS Newsletter
694 published by rtsedaka in Cortex XSOAR Articles
05-09-2024 edited by rtsedaka

Blogs

Threat Brief: CVE-2024-6387 OpenSSH RegreSSHion Vulnerability

07-15-2024 — On July 1, 2024, a critical signal handler race condition vulnerability was disclosed in OpenSSH servers (sshd) on glibc-based Linux systems. This vulnerability, called RegreSSHion and tracked as CVE-2024-6387, can result in unauthenticated remote... — Read more

Labels: Cortex XDR Cortex Xpanse Cortex XSIAM Cortex XSOAR CVE-2024-6387 OpenSSH RegreSSHion Remote Code Execution SSH threat brief
93 by rtsedaka in Community Blogs

What’s Next in Cortex - New Wave of Innovations in Cortex (June 2024 Release)

07-03-2024 — ith the ever evolving threat landscape, security operations teams require a new level of efficiency to protect their organizations. The latest release across Cortex products aims to solve a diverse set of challenges in security operations, all whi... — Read more

Labels: Cortex XDR Cortex Xpanse Cortex XSIAM Cortex XSOAR XDR Xpanse XSIAM XSOAR
579 by GonenFink in Community Blogs

Migrating Historical Data into XSOAR from 3rd Party Products

05-29-2024 — Migrating historical data into Cortex XSOAR involves a multi-phase process designed to ensure a smooth transition while maintaining functionality across both the old and new systems. The migration process can be customized based on specific requir... — Read more

Labels: Cortex XSOAR XSOAR
1897 1 by jfernandes1 in Community Blogs

Release Announcements

New Version of Cortex XSOAR 8 (8.7) Cloud is now GA

07-08-2024 — A new version of Cortex XSOAR 8 (8.7) Cloud is now GA. Here are some highlights of this release: XSOAR 6 On-prem To SaaS Migration: Seamlessly migrate all your data, configurations, and settings including indicators and incidents from Cortex XSOAR 6.13 On-prem to Cortex XSOAR 8 Cloud using a bui... — Read more

263 2 published by RBluestone in Cortex XSOAR Release Announcements
07-08-2024 edited by RBluestone

New Version of Cortex XSOAR 8 (8.6) Cloud is now GA

04-15-2024 — A new version of Cortex XSOAR 8 (8.6) Cloud is now GA. Here are some highlights of this release: Create API keys with multiple roles to improve operational efficiency and allow dynamic RBAC management of API keys.Restrict access to specific dashboards for designated users through role assignment... — Read more

866 1 published by RBluestone in Cortex XSOAR Release Announcements
04-15-2024 edited by RBluestone

Cortex XSOAR 8 On-prem is now GA

04-02-2024 — Cortex XSOAR 8 On-prem is now GA. While based on XSOAR 6, Cortex XSOAR 8 is redesigned to deliver improved performance and reliability, and is highly scalable, based on revamped architecture.Cortex XSOAR 8 On-prem includes the following features: Integration into the Cortex platform: Unified lo... — Read more

1909 1 published by RBluestone in Cortex XSOAR Release Announcements
04-02-2024 edited by RBluestone

Cortex XSOAR 6.12.0 (Build No. 857430) is now available

03-06-2024 — The latest version of Cortex XSOAR 6 is now available. Check out the latest Cortex XSOAR Release Notes for more details. — Read more

1000 published by RBluestone in Cortex XSOAR Release Announcements
03-06-2024 edited by RBluestone

New Version of Cortex XSOAR 8 (8.5) is now GA

02-11-2024 — A new version of Cortex XSOAR 8 (8.5) is now GA. Here are some highlights of this release: (Multi-tenant/MSSP) Enable communication between SOC analystsKeep retained incidentsAssign incident retention licenses for multi-tenant deploymentsContent repository improvementsCustomize system emailsUse ... — Read more

1734 2 3 published by RBluestone in Cortex XSOAR Release Announcements
02-11-2024 edited by RBluestone