Configure security settings - Administrator Guide - 8 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Cloud Documentation

Product
Cortex XSOAR
Version
8
Creation date
2024-03-07
Last date published
2025-02-17
Category
Administrator Guide
Solution
Cloud
Abstract

Configure security settings such as session expiration, user login expiration, and dashboard expiration.

You can configure security settings such as how long users can be logged into Cortex XSOAR, and from which domains and IP ranges users can log in.

Go to Settings & InfoSettingsSystemSecurity Settings.

Settings

Options

Description

Session Expiration

User Login Expiration

The number of hours (between 1 and 24) after which the user login session expires. You can also choose to automatically log users out after a specified period of inactivity.

Dashboard Expiration

Whether the Dashboard page expires at the same time as the user login session or after seven days. This is useful when you view a dashboard on a separate screen.

For example, if you select seven days for dashboards and eight hours for login expiration and you are currently viewing the Dashboard page, the dashboard expiration takes priority (seven days). This ensures that the Dashboard page continues to display the widgets for an extended period.

Allowed Sessions

Approved Domains

The domains from which you want to allow user access (login) to Cortex XSOAR. You can add or remove domains as necessary.

Approved IP Ranges

The IP ranges from which you want to allow user access (login) to Cortex XSOAR. You can also choose to limit API access from specific IP addresses.

User Expiration

Deactivate Inactive User

Deactivate an inactive user, and also set the user deactivation trigger period. By default, user expiration is disabled. When enabled, enter the number of days after which inactive users should be deactivated.

Allowed Domains

Domain Name

Enables you to specify one or more domain names that can be used in your distribution list for audit forwarding.