Download content packs in Marketplace for your use case.
Content packs are created by Palo Alto Networks, technology partners, consulting companies, MSSPs, customers, and individual contributors. Content packs may include a variety of different components, such as integrations, scripts, playbooks, and widgets, grouped together to address a specific use case. Content packs are free and can be used by all customers.
You can view Marketplace content packs from within Cortex XSIAM (go to → → ) or at Cortex Developer Docs Marketplace.
Pre-installed content packs
Cortex XSIAM comes with a number of pre-installed content packs that cover many common uses cases. Pre-installed content packs include, but are not limited to:
Common Scripts, Common Widgets, Common Playbooks, Common Types, Common Reports, Common Dashboards
These content packs provide important tools and building blocks you can use to customize your playbooks and workflows in Cortex XSIAM. The Common Scripts content pack, for example, includes scripts that convert file formats, fetch indicators from a file, export context data, send emails, and more.
Provides integration with the popular Virus Total service to analyze suspicious files, domains, IPs and URLs to detect malware and other security breaches.
Recommended content packs
In addition, we recommend reviewing if you require the following popular content packs:
Create and respond to phishing issues based on user reports.
Cortex XDR by Palo Alto Networks
Automate Cortex XDR incident response. Includes custom Cortex XDR incident views and layouts to aid analyst investigations.
Manage Jira tickets directly from Cortex XSIAM, enrich them with Cortex XSIAM data, and mirror information between Jira tickets and Cortex issues.
Manage ServiceNow tickets directly from the Cortex XSIAM and enrich them with Cortex XSIAM data, and mirror information between ServiceNow tickets and Cortex issues.
Manage Palo Alto Networks Firewall and Panorama, from Cortex XSIAM.
A collaboration integration, such as Microsoft Teams or Slack to send messages and notifications to your team.
Note
Cortex XSIAM includes a built-in default mail sender. You also have the option of installing a different mail sender content pack, such as Microsoft Exchange Online.