Configure Cortex XSOAR - Administrator Guide - 8.5 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR On-prem Documentation

Product
Cortex XSOAR
Version
8.5
Creation date
2024-03-10
Last date published
2025-01-15
Category
Administrator Guide
Solution
On-prem
Abstract

Configure engines, playbooks, scripts, dashboards, etc., for your use case.

As soon as you have completed onboarding with Cortex XSOAR, you can start configuring the tenant to match your use cases.

Section

Details

See More

Engines

If you have not done so already, you can configure and manage engines, such as using an engine as a web proxy and setting up Docker hardening.

EnginesEngines

Marketplace

You may want to install additional content packs, delete, update, revert, and set up notifications.

MarketplaceMarketplace

Integrations

Configure integrations, including fetching incidents, managing credentials, troubleshooting, and more.

IntegrationsIntegrations

Incidents

Customize incident fields, layouts, and types, set up preprocessing and post-processing rules, limit access to an investigation, etc.

Incident configurationIncident configuration

Playbooks

Learn how to customize your playbooks including creating tasks, sub-playbooks, and polling.

PlaybooksPlaybooks

Lists

Create lists and add them to playbooks or scripts.

ListsLists

Jobs

Run playbooks based on certain events or on a specific time and date.

JobsJobs

SLAs

Incorporate SLA fields in your investigations so you can view how much time is left before the SLA becomes past due, as well as configure actions to take when the SLA is passed its due date.

SLAsSLAs

Indicators

Customize indicator fields, layouts, and types, classify and map fields, and delete and exclude indicators.

Indicator configurationIndicator configuration

Dashboards, reports, and widgets

Customize and create widgets to add to your dashboard and reports.

Dashboards and ReportsDashboards and Reports

After you have configured Cortex XSOAR, analysts can start to investigate incidents and indicators.