Articles
In this section you can find useful Articles about Cortex XSOAR Content.
| Name | Description |
|---|---|
| Add Indicators to SIEM | This article walks you through setting up a playbook to take indicators from a threat intel feed, enrich the indicators, and push them to your SIEM. |
| AWS Integrations - Authentication | Overview of authentication methods for AWS Integrations in Cortex XSOAR. |
| Configure Server and Integrations to Trust Custom Certificates | Setup the Server and JS/Native Integrations to Trust Custom Certificates. |
| Creating Custom SlackAsk Blocks | Slack Blocks require some additional details to work properly with SlackAsk. |
| Demisto Add-on for Splunk | Splunk add-on for Cortex XSOAR. This add-on enables you to push incidents from Splunk into Cortex XSOAR, according to configurable trigger parameters. |
| Deprecated Content Items | Support dates and End of Life notices for Deprecated content items (Integrations, Scripts, Playbooks). |
| Deprecating content items/packs and hide packs processes | Review content items/packs deprecation and hidden packs processes. |
| Digital Forensics Content Roundup | Article listing all Cortex XSOAR content that is currently available to support digital forensic analysis and investigations. |
| Download Content Packs and Docker Images Offline | The download_packs_and_docker_images script enables you to download content packs and Docker images to your computer when working offline. |
| EWS V2 Troubleshooting | The following provides EWS V2 troubleshooting steps to perform before contacting Cortex XSOAR customer support for help. |
| Export Indicators to a 3rd-party | Walk through of the configuration of the Export Indicators Service to export indicators with a bad or suspicious reputation coming from a specific Threat Intel Management (TIM) feed to Splunk. |
| Identity Lifecycle Management (ILM) | This Identity Lifecycle Management (ILM) pack automates user provisioning by performing management operations like creating, updating, enabling or disabling users in applications used by the organization. |
| Invoking Long Running HTTP Integrations via Server's HTTPS endpoint | Explains how to set up long running integrations which expose an HTTP endpoint so they can be accessed via the Cortex XSOAR's HTTPS endpoint. |
| Managing Credentials | Credentials simplify and compartmentalize admin tasks, and enable you to save credentials without exposing usernames, passwords, or certificates. |
| Microsoft Azure and O365 Integrations Overview | The following maps all of Microsoft integrations and their use cases. it also emphasizes the differences between similar integrations. |
| Microsoft Integrations - Authentication | Authentication method for Microsoft Graph and Azure integrations in Cortex XSOAR. |
| Migrating MineMeld to Cortex XSOAR | How to implement the functionality of MineMeld nodes in Cortex XSOAR using a series of integrations. |
| OProxy | Service for OAuth2 authentication with 3rd party vendors. |
| Palo Alto Networks Integrations Overview | The following maps the Palo Alto Networks Integrations and their use cases. |
| Powershell Remoting - Configuration | Overview of how to configure your Windows environment and XSOAR for the PowerShell Remoting integration. |
| Processing Google Form Responses via a Webhook | Connecting Google Forms with Cortex XSOAR. |
| Processing Microsoft Form Responses via a Webhook | Connecting Microsoft Forms with Cortex XSOAR. |
| Set up Google Maps in Cortex XSOAR to use map automations | How to set up Google Maps in Cortex XSOAR to use map automations. |
| System Diagnostics and Health Check | The System Diagnostics and Health Check pack automatically reviews the current server and content for issues and best practices. The pack enables you to identify potential issues and remediate them before they escalate. |
| The Default Pack | Overview of the Default pack in Cortex XSOAR. |
| Troubleshooting Guide | Common troubleshooting steps for automations and integrations. |
| XSIAM Alert handling Playbooks | The XSIAM alerts handling playbooks included in this pack help you respond to Cortex XDR alerts in a timely manner. The playbooks are based on the MITRE ATT&CK tactics and techniques and the NIST framework Computer Security Incident Handling Guide. |