Feature Enhancements - Cortex AgentiX

New AI Prompt library

Manage and reuse your AI automations more efficiently with a centralized library that helps you create, search, and edit prompts. This provides a dedicated space for organizing prompts across playbooks and actions.

Register AI Prompts as Actions

Extend your agents' capabilities with meticulously crafted prompts, ensuring consistent, high-quality results.

Specific instructions for Agents

Tune agents to your organizational needs by providing detailed Specific Instructions for agents that can include a wide range of directives, from describing the agent's role and preferred terminology to step-by-step processes and structure of the output.

Optimize AI Prompts

Get more precise and customized responses by optimizing your AI prompts. Create a draft of your prompt and click Optimize to receive an improved prompt based on predefined system guidelines.

Enable web search in AI Prompts

Receive comprehensive, up-to-date responses by enabling web search for AI Prompts to combine your system’s internal knowledge with real-time real-world context. 

New Advanced Settings for AI Prompts

Fine-tune AI Prompts and manage response format using Advanced Settings: Temperature allows you to customize for pinpoint accuracy or diverse outputs, while Max Output Tokens ensures responses adhere to specific length constraints.

Search Marketplace for AI Actions

Get improved visibility into available AI actions in content packs. In Marketplace, select Content pack includes and Actions to view all content packs containing actions.

Test AI Prompts

Improve your AI prompts by testing them against manual input, giving you immediate feedback and the ability to refine results to produce precise results.

Unique task logos

Boost clarity, quickly distinguish between integration commands, custom scripts, and system actions with playbooks that display unique logos and content pack indicators.

Streamlined playbook development with drag-and-drop functionality

Streamline your playbook development using drag-and-drop to build automation flows. This enhancement enables creating and organizing your playbooks faster by simply dragging tasks from the side panel directly onto the canvas.

Test Scripts

Generate higher-quality automation scripts and validate their behavior with a new built-in testing panel. The testing panel enables iterating and testing scripts before saving, ensuring accuracy and speeding up development.

Dismiss alerts for non-configured playbook components

When setting up playbooks, you can now dismiss alerts for components you don't need, such as specific scripts, and commands, in addition to sub-playbooks. This allows you to reduce visual noise and makes it easier to focus on the tasks that require configuration. Alerts can be dismissed in both system and custom playbooks, and you do not need to edit or duplicate a system playbook to dismiss an alert.

Choose integration instance for Quick Actions

When running a Quick Action on demand or as part of an automation rule, you can now select a specific integration instance to use, enabling a more efficient and targeted response.

Automation Exclusion Center enhancements

The automation exclusion center now allows for more dynamic and flexible policies:

• Hard user remediation and soft user remediation automation exclusion policies can now reference asset groups. User accounts are automatically categorized into asset groups, eliminating the need for manual list updates and ensuring that automation exclusion policies remain up-to-date.

• Reference multiple lists and asset groups in the same policy, providing maximum flexibility.

• New role permissions enable you to allow non-admin users the ability to view or edit policies in the Automation Exclusion Center. This allows admins to delegate policy management to non-admin users without granting full admin-level system access, and provides admins more time to focus on other critical responsibilities.

• Automation Exclusion policy overrides provide greater control and responsiveness. You can now permit policy overrides on specific automation exclusion policies, enabling analysts to manually run commands on critical assets as needed. You can also configure policies without overrides, providing a balance of security and operational flexibility.

• With RBAC for lists, you can now define one or more roles that can view or edit a list, mitigating the risk of unauthorized or accidental changes to lists of critical assets.

• New condition-based policies offer more versatility and precision for enforcing automation exclusions. You can now use lists with dynamic matching operators, such as starts with, ends with, and doesn’t include. Dynamic matching operators allow you to apply automation exclusion policies to entire naming patterns, such as regional endpoints or internal domains, simplifying management and improving coverage.

Lookup datasets enhancement

Cortex AgentiX has implemented a fix to improve lookup dataset queries and provide better flexibility with managing your data. Now, when you create or add data to a lookup dataset using the target stage, the _time field won't be included by default unless you explicitly add it with the fields stage.

Unified integration error notifications

Instead of being inundated with multiple notifications, all data collector errors are now grouped into a single notification. This new, non-dismissible notification alerts all users to data source integration errors.

Cortex MCP Server

The Cortex MCP Server enables seamless integration between Cortex AgentiX and your preferred Large Language Model (LLM) applications. Built on the Model Context Protocol (MCP), a new standard for connecting AI models with external tools,  it allows you to leverage Cortex AgentiX’s powerful capabilities directly through natural language. Use the built-in tools to manage cases, handle issues, and conduct investigations, with the flexibility to create, customize, and fine-tune tools to fit specific use cases and workflows.