For a comprehensive overview of the Malware Investigation and Response content pack and how it can help analysts investigate and respond more quickly and accurately to malware incidents, see this video.
When you install the Malware Investigation and Response content pack, you are prompted to install additional supporting content packs, including:
(Mandatory) End point detection and response
For this tutorial, select the Cortex XDR by Palo Alto Networks content pack.
(Optional) Sandbox
For this tutorial, select the Palo Alto Networks WildFire content pack (installed by default).
(Optional) Messaging
For this tutorial, select Microsoft Exchange On-Premise
(Optional) Case management
For this tutorial, do not select a content pack.
(Optional) Data enrichment and threat intelligence
For this tutorial, select the AutoFocus by Palo Alto Networks and VirusTotal content packs.
After installation completes, the Deployment Wizard tab appears with a popup window where you click Let’s Start to start the wizard that sets up the supporting integration instances for your use case.