Supported Cortex XSOAR versions: 6.0.0 and later.
QSS integration helps you to fetch Cases from Q-SCMP and add new cases automatically through XSOAR. This integration was integrated and tested with version 3.6 of Q-SCMP. Please contact your platform administrtor to enable Cortex XSOAR integration.
- Please contact your Q-SCMP platform administrtor to obtain Cortex API Key.
- Please contact your Q-SCMP platform administrtor to obtain Cortex Server URL.
Navigate to Settings > Integrations > Servers & Services.
Search for QSS.
Click Add instance to create and configure a new integration instance.
Parameter Required Server URL (e.g. https://<Q-SCMP_service_host>) True Fetch incidents False Incident type False Max fetch False API Key True Fetch cases with status (Open, Closed) False Minimum severity of cases to fetch False Flase positive cases to fetch False Back time duration of cases to fetch (Hours) True First fetch time False Trust any certificate (not secure) False Use system proxy settings False
Click Test to validate the URLs, token, and connection.
- Fetch SOC cases to Cortex SOAR based on the case severity.
- Fetch SOC cases to Cortex SOAR based on the case status.
- Fetch SOC cases to Cortex SOAR based on the case false positive flag.
- Case ID
- Case Creation Date
- Case Number
- Case Category
- Case Sub Category
- Case Severity
- Case Status
- Case Title
- Case Assignee
- Case False Positive
- Case Created By
- Case Last Update
- Case TLP
- Case Description
- Case Notes
- Case Tags
- Case Custom Attributes
- Case Assets
- Case IOCs