Welcome to the Cortex XSOAR Developer Hub! You'll be able find a lot of information on how to create content in Cortex XSOAR. If you see something missing or have any comments, please let us know by using the Report an issue button at the bottom of each page. We value your contribution and we strive to give you a great developer experience.

About Cortex XSOAR

Cortex XSOAR's security orchestration and automation enables standardized, automated, and coordinated response across your security product stack. Playbooks powered by thousands of security actions make scalable, accelerated incident response a reality. On this site you will learn the ins and outs of Cortex XSOAR's development platform so you can begin to create content and integrations.

Developer Documentation

The Cortex XSOAR Developer Hub is organized in different sections to guide you through the process of creating a successful Cortex XSOAR contribution. Start with the Getting Started section to understand the Cortex XSOAR concepts, the Contribution process, and to set up a development environment.

On the left sidebar you'll find documentation for all the different things you can build: start with Content Packs that represent the backbone of every contribution then, depending on what you want to create, explore the other sections accordingly: Integrations & Scripts, Playbooks, Incidents, Fields & Layouts.


Tutorials are detailed articles that guide you through a specific task, end-to-end. If you're getting started, make sure you check out the one to set up your development environment here.


From the top bar, navigate to the Reference section to find detailed reference documentation about all the Cortex XSOAR components: Integrations, Scripts, Playbooks, Release Notes, Articles, etc. You can use the search bar on the top right to find anything on this site.


If you are a Palo Alto Networks Technology Partner, or wish to become a Partner, please check out our Partners section of the site.

Last updated on