Randy Uhrlaub, Cortex XSOAR Customer Success Architect Table Of Content IntroductionRetrieval Augmented GenerationText Search Augmented GenerationAnything LLM XSOAR Content PackCustomer InfrastructureHostedCloud HostedCustomer InfrastructureSetupAnything LLM and XSOARIntegration Instance ConfigurationUse Case DevelopmentWorkspace and Docume...
What is Postman? Postman is the collaboration platform for API development. Postman simplifies each step of building an API and streamlines collaboration so you can create better APIs faster, you can download the postman community edition now. Why use Postman? Postman is an API client that makes it easy for developers to create, share, test ...
By Brad Semma, Cortex XSOAR Customer Success Architect When to customize and when not to customize Cortex XSOAR customers love to customize their instances. If a customer decides to customize an integration, they may find the assigned docker image is not configured to handle the additional actions. In events such as these, you may need to ...
Alert Tuning Fundamentals Watch this Customer Success webinar, where we introduce the Alert Tuning concept and share ample knowledge and best practices. We invite you to register for the second part of this series, where we will demonstrate real-world use cases to help you better understand the Alert Tuning process. You can review the second par...
By Randy Uhrlaub, Customer Success Architect Table Of Content Review DataSettings and InfoGuardrailsSystem DiagnosticsIntegrationsDashboardsIncidentsDashboardsAutomation Performance AnalysisDashboardsPlaybook Performance AnalysisResources Review Data XSOAR has several areas in the console that provide insight into performance of the conf...
The Operational Status of your XDR Agents is a crucial aspect to monitor to ensure your environment stays protected. The Operational Status indicates whether the agent is providing protection according to its predefined security policies and profiles. By observing the operational status on the endpoint, you can identify when the agent may suffer...
Starting to Plan for XSOAR 8 Migration? It's time to take a deep dive into our Cortex XSOAR 8 Migration Guide! Our team crafted this comprehensive guide to ensure that you're well-prepared for the migration journey ahead. By reviewing the XSOAR 8 migration guide, you'll gain invaluable insights into migration prerequisites, features informa...
Endpoint Administration Webinar Part 1 This webinar covers the Cortex XDR agent-related administrative tasks from installations, architecture, common issues, and our pro tips! Watch the video and use the resources that were shared during the webinar, listed below: Resources: Adding proxy list during the installation: msiexec /i c:\instal...
July 2024 UPCOMING EVENTS Customer Success Webinar: On-Prem v6 Migration to v8 SaaS Join us on July 24th to learn everything you need about the on-prem migration to the XSOAR 8 SaaS. >>Register here CS Webinar Topics Suggestion Survey We value your input! Help shape our next webinars by sharing the topic you'd like to learn more abo...
New Content Packs Release For more info on use cases, integrations, and related documentation, click on the Pack title: GoogleThreatIntelligenceAnalyze suspicious hashes, URLs, domains, and IP addresses. GitHub FeedA feed to ingest indicators of compromise from Github repositories. The feed supports general extraction of IOCs, extracting fro...
Threat Hunting Methodologies with Cortex XDR This session introduces Threat Hunting, its benefits, and how to put it to use. We cover the different Threat Hunting methodologies and available add-ons for XDR as Host Insights. You may review the queries we use in the video below. (view in My Videos) Sample queries: Process Execution Huntin...
June 2024 UPCOMING EVENTS Customer Success Webinar Series: Proactive Threat Hunting Part 2 The event concluded on June 12, 2024. Visit our events page later this month to learn about our next event. CS Webinar Topics Suggestion Survey We value your input! Help shape our next webinars by sharing the topic you'd like to learn more about. ...
June 2024 UPCOMING EVENTS Threat Hunting with XDR Calling all incident responders and forensic investigators to join us on June 26th for a Customer Success webinar and learn about Threat Hunting! >>Register here Investigation and Threat Hunting Virtual Workshop Calling all customers to join our 3-hour virtual workshop designed to ...
New Content Packs Release For more info on use cases, integrations, and related documentation, click on the Pack title: Suspicious Domain Hunting This pack provides all the necessary tools for the Suspicious Domain Hunting use case. It uses the CertStream integration to ingest new SSL certificates and alert for type-squatting. NVD Feed 2...
Alert Tuning Part 2 Watch the second session in our Customer Success webinar series, which covers real-world use cases. (view in My Videos) Additional read and references: Legacy Exception Rules (Pro) Legacy Exception Rules (Prevent) Alert Exclusion Alert Tuning Cheat Sheet Examination Flow Have a question? Post it on our Discussio...
