Articles

In this section you can find useful Articles about Cortex XSOAR Content.

NameDescription
Add Indicators to SIEMThis article walks you through setting up a playbook to take indicators from a threat intel feed, enrich the indicators, and push them to your SIEM.
AWS Integrations - AuthenticationOverview of authentication methods for AWS Integrations in Cortex XSOAR.
Demisto ClassAPI reference documentation for 'Demisto Class'.
Deprecated IntegrationsSupport dates and End of Life notices for Deprecated Integrations.
Email CommunicationCommunication across and between departments is a vital component of collecting information, and managing and remediating security events. The Email Communication content pack enables security teams to automate and streamline the communication and notification process with users across your organization via email.
Export Indicators to a 3rd-partyWalk through of the configuration of the Export Indicators Service to export indicators with a bad or suspicious reputation coming from a specific Threat Intel Management (TIM) feed to Splunk.
Identity Lifecycle Management (ILM)This Identity Lifecycle Management (ILM) pack enables 2 flows. It enables you to provision users from Workday into Active Directory and/or Okta by performing management operations like creating, updating and deleting users. It also enables you to sync users to applications.
Ingesting IncidentsTakes you through a flow of setting up a SIEM to ingest multiple event types from a single source.
Integrations and Incidents Health CheckThe Health Check for Integrations and Incidents content pack uses out-of-the-box playbooks, scheduled as a job, to check for, return, and display information about failed integrations and incidents with errors. As part of the playbook run, users will be sent an email notification when failed incidents and/or integrations are discovered.
Invoking Long Running HTTP Integrations via Server's HTTPS endpointExplains how to set up long running integrations which expose an HTTP endpoint so they can be accessed via the Cortex XSOAR's HTTPS endpoint.
Managing CredentialsCredentials simplify and compartmentalize admin tasks, and enable you to save credentials without exposing usernames, passwords, or certificates.
Microsoft Integrations - AuthenticationAuthentication method for Microsoft Graph and Azure integrations in Cortex XSOAR.
Migrating MineMeld to Cortex XSOARHow to implement the functionality of MineMeld nodes in Cortex XSOAR using a series of integrations.
MITRE ATT&CK - Courses of Action
OProxyService for OAuth2 authentication with 3rd party vendors.
Shift ManagementThis pack's purpose is to provide a single interface for all those essential elements of Shift management and handover in one place.
Troubleshooting GuideCommon troubleshooting steps for automations and integrations.