Cortex XSOAR Discussions

Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

Discussions

Sorted by:

Start a conversation

A question from the Malware Pack v2 webinar: Malware pack playbooks optimization

Kudos for all the work on developing these playbooks. Are they optimized so the incidents don't get flagged under System Diagnostics (exceptionally big incidents, exceptionally big context, etc)?

Note: This question was asked as part of Cortex XSOA

...

A question from the Malware Pack v2 webinar: EDR alerts

How would you handle an EDR alert that involves more than one file? How does this playbook present this to the user?

Note: This question was asked as part of Cortex XSOAR Customer Success Webinar: Malware Investigation & Response V2