Now everything is set up, you are now ready for an analyst to use Cortex XSOAR. Go to incidents and select a Malware Investigation and Response incident. In the Incident info tab you see the out of the box and the customized sections. In the Investigation tab you see the information that was populated. Change and update as necessary until you have the required information, for example you may want to add pre-process rules to optimize the investigation.