New features available in Cortex XSOAR 8.7, including release highlights and feature enhancements.
This section describes the new features and updates of the Cortex XSOAR 8.7 release.
The Cortex XSOAR 8.7 release includes the following highlights:
Feature | Description |
|---|---|
Oracle Cloud Infrastructure (OCI) deployment | Cortex XSOAR On-prem now supports deployment on Oracle Cloud Infrastructure (OCI). For more information, see Install Cortex XSOAR on a VM deployed on OCI. |
OVA on AWS deployment | Cortex XSOAR On-prem now supports deployment on AWS. For more information, see Install Cortex XSOAR on a VM deployed in AWS. |
Allow SSH log-in | Cortex XSOAR Cortex XSOAR On-prem now supports logging in via SSH to the Cortex XSOAR textual UI for admin users. This enables easier access for deployment and maintenance. For example, see Task 2, step 8 in Install Cortex XSOAR on a VM deployed on OCI. |
Indicator timeline preservation | To effectively investigate an incident and analyze associated indicators, the SOC analyst must have access to up-to-date data and a clear view of the most recent changes made to the relevant indicators, and the initial entries of indicator changes. This capability guarantees access to recent indicator activity data, empowering timely threat detection and facilitating swift response actions. For more information, see Configure the indicator timeline. |
Reports in the Timezone of Choice | Cortex XSOAR now supports teams working in different locations, enabling the user to select the timezone of the report. For more information, see Configure the timezone in a report. |
Improved performance | Cortex XSOAR can now run more playbooks per hour for medium and large scale deployments. For more information, see System Requirements. |
Platform
Cortex XSOAR 8.7 supports the following operating systems for engine installation:
Feature | Description |
|---|---|
Supported Oracle Linux versions | Cortex XSOAR now supports Oracle Linux 8.9 and 9.3. |
Supported Red Hat Enterprise Linux versions | Cortex XSOAR now supports Red Hat Enterprise Linux 8.10 and 9.4. |
For more information, see Engine Requirements.
This section describes the changes in content (integrations, playbooks, and indicators) from Cortex 8.6 to 8.7.
Content | Description | Change Type |
|---|---|---|
CrowdStrike Falcon | The CrowdStrike Falcon integration now supports CrowdStrike Raptor. For more information, see CrowdStrike Falcon. | Update |
Prisma Cloud v2 | The Prisma Cloud v2 integration now enables automated IAM key management via a new set of commands. Administrators can programmatically create, list, and delete access keys directly from Cortex XSOAR. For more information, see Prisma Cloud v2. | Update |
Atlassian Jira Service Management | The new Atlassian Jira Service Management integration leverages the Jira Assets plugin to directly automate asset and inventory management through Cortex XSOAR. For more information, see Atlassian Jira Service Management. | New |
Check Point Harmony Endpoint | The new Check Point Harmony Endpoint integration introduces extensive command support for the platform's endpoint detection and response capabilities. Administrators can now automate key tasks like retrieving IOCs, managing rules and remediation jobs, initiating scans and responses, collecting forensic data, and more directly from Cortex XSOAR. For more information, see Check Point Harmony Endpoint. | New |
Thales CipherTrust Manager | The new Thales CipherTrust Manager integration allows automating key management and certificate tasks directly from the CipherTrust Data Security Platform. Users can now programmatically add users to key user groups, create and manage encryption keys and certificates, and integrate these operations into existing security workflows and responses. For more information, see Thales CipherTrust Manager. | New |
Sigma indicator type | Added a new indicator type, part of the Sigma content pack. NoteThis will be released shortly. | New |
Unit42 Threat Brief - Fighting Ursa | This playbook handles Unit42 Threat Brief - Fighting Ursa. The playbook will:
For more information, see Unit42 Threat Brief - Fighting Ursa. | New |