New features are available in Cortex XSOAR 8.13 On-prem, including release highlights and feature enhancements.
This section describes the new features and updates of the Cortex XSOAR 8.13 On-prem release.
Release build: master-8.13.0-8.13.0.11-8e954987
Release Highlights
The Cortex XSOAR 8.13 release includes the following highlights:
Feature | Description |
|---|---|
Contextual playbook documentation | We have introduced Info mode to the playbook editor, allowing you to view detailed task and section descriptions directly within your workflow. This update provides essential context and guidance at a glance, helping you understand and navigate complex automated processes without leaving the editor view. |
Maintain uptime with automatic storage expansion | Maintain continuous application uptime by preventing service interruptions caused by full disks. We added an "Auto Expand" feature in the TUI that automatically increases storage capacity when usage hits 85%. |
Feature enhancements
The Cortex XSOAR 8.13 release includes the following enhancements:
Feature | Description |
|---|---|
Improve playbook unlocking | Ensure your team can edit their automation workflows with automatic or manual playbook unlocking. The system now clears locks immediately when a user logs out or when a session expires. Additionally, you can grant a new permission to designated users so they can manually unlock playbooks on the Playbooks page or in the editor. |
Authenticate with Active Directory and OpenLDAP | Simplify your login process and maintain consistent security policies by using your existing corporate credentials. You can now authenticate through OpenLDAP or Active Directory, with permissions automatically mapped to your existing directory groups. We added these options under the Access Management settings to streamline user management. |
Change admin passwords via the TUI | Meet baseline security requirements and protect your infrastructure by updating credentials directly. You can now trigger SSH admin user password change on the next login to the Textual UI (TUI) for each node via a new password management menu. |
Support for Self-Signed Certificates (S3-Compatible External Storage) | You can now connect to S3-compatible storage using self-signed certificates without manual configuration. We automated the certificate setup process in the installer to ensure your backups remain secure and uninterrupted. |
API
Feature | Description |
|---|---|
New System Health Metrics API | The System Health Metrics API ( Each snapshot includes node-level CPU, memory, and disk utilization, as well as component health status, storage usage, and queue depth. By default, the API returns snapshots from the previous 24 hours. Results are sorted by timestamp in descending order, with the most recent snapshot listed first. |
Changed features
The Cortex XSOAR 8.13 release includes the following changed features:
Feature | Description |
|---|---|
Content management | Easily distinguish between your custom work and content pack items with a dedicated workspace for each. To ensure a cleaner view, we moved all content pack items to the Content Pack Items page, while the Content Items page is now reserved exclusively for your custom creations. |
Marketplace Changes
The Cortex XSOAR 8.13 release includes the following changes in content (integrations, playbooks, and indicators):
Content | Description | Change Type |
|---|---|---|
Crowdstrike Falcon integration | Strengthen your cloud defense and gain full visibility into web traffic threats by centralizing security events from your Azure Front Door deployments. We added support for ingesting and analyzing WAF policy data to help you respond to attacks faster. | Update |
AzureWAF integration | Deepen your security insights by consolidating a wider range of security data into a single view for more comprehensive threat analysis. We expanded the CrowdStrike integration by adding a new data collection type to capture additional security events. | Update |