Skip to main content


This Integration is part of the DeCYFIR Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.5.0 and later.

DeCYFIR API's provides External Threat Landscape Management insights. This integration was integrated and tested with version v2 of decyfir

Configure DeCYFIR on Cortex XSOAR#

  1. Navigate to Settings > Integrations > Servers & Services.

  2. Search for DeCYFIR.

  3. Click Add instance to create and configure a new integration instance.

    Incident typeFalse
    DeCYFIR Server URL (e.g.
    DeCYFIR API KeyTrue
    Fetch incidentsFalse
    Trust any certificate (not secure)False
    Use system proxy settingsFalse
    How much time before the first fetch to retrieve incidentsFalse
    Maximum number of incidents per fetchThe maximum number of incidents to fetch per sub-category.False
  4. Click Test to validate the URLs, token, and connection.


You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.