Download content packs in Marketplace for your use case.
Cortex XSOAR content in Marketplace is organized in packs. Content packs are created by Palo Alto Networks, technology partners, consulting companies, MSSPs, customers, and individual contributors. Content packs may include a variety of different components, such as integrations, scripts, playbooks, and widgets, grouped together to address a specific use case. Content packs are free and can be used by all customers.
Pre-installed content packs
Cortex XSOAR comes with a number of pre-installed content packs that cover many common uses cases. Pre-installed content packs include, but are not limited to:
Common Scripts, Common Widgets, Common Playbooks, Common Types, Common Reports, Common Dashboards
These content packs provide important tools and building blocks you can use to customize your playbooks and workflows in Cortex XSOAR. The Common Scripts content pack, for example, includes scripts that convert file formats, fetch indicators from a file, export context data, send emails, and more.
Provides integration with the popular Virus Total service to analyze suspicious files, domains, IPs and URLs to detect malware and other security breaches.
TIM - Indicator Auto-Processing
The TIM - Indicator Auto-Processing content pack includes playbooks that automate the processing of indicators for multiple use cases such as tagging, checking for existence in various lists , running enrichment for specific indicators and preparing indicators if necessary for a manual review. The content pack also includes incident types and incident layouts for manual review.
Recommended content packs
In addition, we recommend reviewing if you require the following popular content packs:
Create and respond to phishing incidents based on user reports.
Cortex XDR by Palo Alto Networks
Automate Cortex XDR incident response. Includes custom Cortex XDR incident views and layouts to aid analyst investigations.
Manage ServiceNow tickets directly from the Cortex XSOAR and enrich them with Cortex XSOAR data.
Manage Palo Alto Networks Firewall and Panorama, from Cortex XSOAR.
Integrations & Incidents Health Check
Review failed integrations, incidents, and playbooks.
A mail sender integration, such as Microsoft Exchange Online.
A collaboration integration, such as Microsoft Teams or Slack to send messages and notifications to your team.
Content packs such as the Malware Investigation and Response content pack and the Phishing content pack include a deployment wizard. When you install the content pack, you are prompted to use a wizard, which sets up your use case. The deployment wizard sets up the fetching integration, configures the playbook and parameters, and configures supporting integrations, in a user friendly, step-by-step interface.