Cortex XSOAR 8.12 - New features are available in Cortex XSOAR 8.12 On-prem, including release highlights and feature enhancements. - Release Notes - 8.13 - Cortex XSOAR - Cortex - Security Operations

Conflict-free playbook editing

Prevent concurrent playbook editing with this enhancement, ensuring your team can build and modify automation workflows without conflicts.

Unique task logos

Boost clarity, quickly distinguish between integration commands, custom scripts, and system actions with playbook tasks that display unique logos and content pack indicators.

Forward logs to your syslog server

Enable centralized monitoring and satisfy log retention requirements by forwarding Management Audit, Integration, and Guard Rails logs to your preferred syslog server.

Automated audit log cleanup

Ensure continuous system availability and prevent node shutdowns by automatically managing disk space for audit logs. This update introduces a background service that compresses rotated Debian audit logs and removes archived files older than six months.

Threat Intel

The following pages and tabs have been removed:

The Indicator search in the legacy Unit 42 library has been deprecated.

AWS Migration Hub deprecation

Improve the reliability of your AWS deployments by using the updated AMI conversion process. This update replaces the deprecated AWS Migration Hub Orchestrator method with a streamlined process for importing virtual machine images directly to AWS. For more information, see Install Cortex XSOAR on a VM deployed on AWS.Install Cortex XSOAR on a VM deployed on AWS

System login and access

A security setting that could permanently lock out default Linux admin and viewer system users was fixed, ensuring these users can now change their passwords after expiration without being locked out.

Rapid Response Playbook

Automate the detection and mitigation of CVE-2025-59287, a critical remote code execution vulnerability in Microsoft Windows Server Update Services (WSUS) caused by insecure deserialization.

New