Security Operations
Post questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Cortex XDR, XSOAR, and Xpanse discussions.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Security Operations
Post questions, provide answers, share best practices, and connect with peers and experts in this area dedicated to Cortex XDR, XSOAR, and Xpanse discussions.

Browse the Community

Cortex XDR Discussions

Cortex XDR allows you to rapidly detect and respond to threats across your networks, endpoints, and clouds. It assists SOC analysts by allowing them to view ALL the alerts from all PANW products in one place, telling the full story of what actually happened in seconds and allows seamless response.

1897 Posts

Cortex XSOAR Discussions

Cortex XSOAR enables SOC analysts to manage alerts across all sources, standardize processes with playbooks, take action on threat intel, and automate response for any security use case.

1013 Posts

Cortex Xpanse Discussions

Cortex Xpanse builds a system of record that is the authoritative source for an organization’s global Internet assets; it knows your attack surface so you can own it before someone else.

6 Posts

Cortex XSIAM Discussions

Cortex XSIAM, the autonomous security platform powering the Modern SOC, operates across cloud and enterprise security operations, providing true end-to-end management of threats wherever they originate.

21 Posts

Activity in Security Operations

Resolved! browsers extensions Alert

Hello dear community, 

 

I would like to see more rules which are containing everything about browser extensions. Like in chrome, "browser extension was created".

 

I know to manage chrome via GPO, but there are not always Active Directories and I wo

...

RFeyertag by L4 Transporter
  • 2373 Views
  • 3 replies
  • 0 Likes

Directory Sync usage

Hello everyone,

Just curious who uses the Directory Sync tool out there? If you use it would you mind sharing a quick like/dislike about it? I really want to incorporate it into our environment but not entirely sold on it... yet. Any feedback about it

...

CraigV123 by L3 Networker
  • 7047 Views
  • 10 replies
  • 1 Likes

Get Incident List from Microsoft 365 Defender

Hi Team,

I want to get the events between the dates I give from Microsoft 356 Defender. In the ‘microsoft-365-defender-incidents-list’ command, the limit is set to maximum 100. What should I do to make the limit unlimited?


The command:

test_data ={’...

XSOAR File Issue

Hi All,

I tried to send an attachment using the attachment ID in Exchange Web Services (EWS) for Office 365, and I was also able to see the entry ID of the file in context object. However, the structure of the entry ID is different from the standard

...

Syedhkt by L2 Linker
  • 85 Views
  • 0 replies
  • 0 Likes

ZIP a file XSOAR

Hi Team,

 

I'm trying to zip a file using ZipFile Automation as a task in the playbook and after it has been zipped use the ZIP file EntryID to be sent attached in an email, I'm getting this error:

 

'Unable to read file with id b4841215-d627-4c36-9c

...