Download content packs in Marketplace for your use case.
Cortex XSIAM content in Marketplace is organized in packs. Content packs are created by Palo Alto Networks, technology partners, consulting companies, MSSPs, customers, and individual contributors. Content packs may include a variety of different components, such as integrations, scripts, playbooks, and widgets, grouped together to address a specific use case. Content packs are free and can be used by all customers.
You can view Marketplace content packs from within Cortex XSIAM or at https://cortex.marketplace.pan.dev/marketplace/.
Cortex XSIAM comes with a number of pre-installed content packs that cover many common uses cases. Pre-installed content packs include, but are not limited to:
Common Scripts, Common Widgets, Common Playbooks, Common Types, Common Reports, Common Dashboards
These content packs provide important tools and building blocks you can use to customize your playbooks and workflows in Cortex XSIAM. The Common Scripts content pack, for example, includes scripts that convert file formats, fetch indicators from a file, export context data, send emails, and more.
Provides integration with the popular Virus Total service to analyze suspicious files, domains, IPs and URLs to detect malware and other security breaches.
In addition, we recommend reviewing if you require the following popular content packs:
Create and respond to phishing incidents based on user reports.
Cortex XDR by Palo Alto Networks
Automate Cortex XDR incident response. Includes custom Cortex XDR incident views and layouts to aid analyst investigations.
Manage ServiceNow tickets directly from the Cortex XSIAM and enrich them with Cortex XSIAM data.
Manage Palo Alto Networks Firewall and Panorama, from Cortex XSIAM.
Integrations & Incidents Health Check
Review failed integrations, incidents, and playbooks.
A collaboration integration, such as Microsoft Teams or Slack to send messages and notifications to your team.