Randy Uhrlaub, Cortex XSOAR Customer Success Architect Table Of Content IntroductionRetrieval Augmented GenerationText Search Augmented GenerationAnything LLM XSOAR Content PackCustomer InfrastructureHostedCloud HostedCustomer InfrastructureSetupAnything LLM and XSOARIntegration Instance ConfigurationUse Case DevelopmentWorkspace and Docume...
By Brad Semma, Cortex XSOAR Customer Success Architect When to customize and when not to customize Cortex XSOAR customers love to customize their instances. If a customer decides to customize an integration, they may find the assigned docker image is not configured to handle the additional actions. In events such as these, you may need to ...
By Randy Uhrlaub, Customer Success Architect Table Of Content Review DataSettings and InfoGuardrailsSystem DiagnosticsIntegrationsDashboardsIncidentsDashboardsAutomation Performance AnalysisDashboardsPlaybook Performance AnalysisResources Review Data XSOAR has several areas in the console that provide insight into performance of the conf...
July 2024 UPCOMING EVENTS Customer Success Webinar: On-Prem v6 Migration to v8 SaaS Join us on July 24th to learn everything you need about the on-prem migration to the XSOAR 8 SaaS. >>Register here CS Webinar Topics Suggestion Survey We value your input! Help shape our next webinars by sharing the topic you'd like to learn more abo...
New Content Packs Release For more info on use cases, integrations, and related documentation, click on the Pack title: GoogleThreatIntelligenceAnalyze suspicious hashes, URLs, domains, and IP addresses. GitHub FeedA feed to ingest indicators of compromise from Github repositories. The feed supports general extraction of IOCs, extracting fro...
Threat Hunting Methodologies with Cortex XDR This session introduces Threat Hunting, its benefits, and how to put it to use. We cover the different Threat Hunting methodologies and available add-ons for XDR as Host Insights. You may review the queries we use in the video below. (view in My Videos) Sample queries: Process Execution Huntin...
June 2024 UPCOMING EVENTS Customer Success Webinar Series: Proactive Threat Hunting Part 2 The event concluded on June 12, 2024. Visit our events page later this month to learn about our next event. CS Webinar Topics Suggestion Survey We value your input! Help shape our next webinars by sharing the topic you'd like to learn more about. ...
June 2024 UPCOMING EVENTS Threat Hunting with XDR Calling all incident responders and forensic investigators to join us on June 26th for a Customer Success webinar and learn about Threat Hunting! >>Register here Investigation and Threat Hunting Virtual Workshop Calling all customers to join our 3-hour virtual workshop designed to ...
New Content Packs Release For more info on use cases, integrations, and related documentation, click on the Pack title: Suspicious Domain Hunting This pack provides all the necessary tools for the Suspicious Domain Hunting use case. It uses the CertStream integration to ingest new SSL certificates and alert for type-squatting. NVD Feed 2...
Alert Tuning Part 2 Watch the second session in our Customer Success webinar series, which covers real-world use cases. (view in My Videos) Additional read and references: Legacy Exception Rules (Pro) Legacy Exception Rules (Prevent) Alert Exclusion Alert Tuning Cheat Sheet Examination Flow Have a question? Post it on our Discussio...
May 2024 UPCOMING EVENTS Customer Success Webinar Series: Proactive Threat Hunting Join us on May 22nd for the first session of the next webinar series, Proactive Threat Hunting! Register the series below: Part 1 | Part 2 Symphony 2024: AI and Automation In case you missed it, catch the recording of Symphony 2024 below >&...
May 2024 UPCOMING EVENTS Alert Tuning Webinar Series Join us on May 29th for Part 2 of our Customer Success webinar series, and learn about real-world use cases of Alert Tuning! Register below: Part 2 Symphony 2024: AI and Automation In case you missed it, catch the recording of Symphony 2024 below >> Watch now Investigation an...
New Content Packs Release For more info on use cases, integrations, and related documentation, click on the Pack title: AWS - EKSThe AWS EKS integration allows for the management and operation of Amazon Elastic Kubernetes Service (EKS) clusters. Palo Alto Networks AIOpsBest Practice Assessment (BPA) analyzes NGFW and Panorama configurations. ...
Alert Tuning Fundamentals Watch this Customer Success webinar, where we introduce the Alert Tuning concept and share ample knowledge and best practices. We invite you to register for the second part of this series, where we will demonstrate real-world use cases to help you better understand the Alert Tuning process. You can review the second par...
April 2024 UPCOMING EVENTS Alert Tuning Webinar Series Join us for a Customer Success webinar series, Alert Tuning, starting on April 24! You may register below for the series in advance. Register here: Part 1 | Part 2 Symphony 2024: AI and Automation Come see where security operations are headed next! Join us on April 17-18 for a virtual ...
