Cortex Marketplace - Administrator Guide - 8 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Cloud Documentation

Product
Cortex XSOAR
Version
8
Creation date
2024-03-07
Last date published
2024-12-10
Category
Administrator Guide
Solution
Cloud
Abstract

Search the Cortex Marketplace and find content. Search by use cases, integrations, and categories.

Marketplace enables you to:

  • Leverage content from the largest SOAR community: Continuously extend Cortex XSOAR with proven use cases contributed by SecOps users and SOAR partners.

  • Discover top-rated, validated content: Identify the content offerings recommended by your peers and validated by the world’s leading cybersecurity company. Discover how to increase automation with the tools that you already have.

  • Solve your toughest security use cases: Deploy turnkey security workflows that span integrations, playbooks, dashboard layouts, and reports with a single click.

Marketplace enables you to build a strong community with other security professionals by exchanging content. You can explore the latest trends from Cortex XSOAR and other contributors and test drive use cases all within your Cortex XSOAR platform.

Cortex XSOAR supports free content packs, which are either Cortex XSOAR or partner-supported content packs. You can restrict a user role from managing content packs in Marketplace when defining/editing user roles.

In Marketplace, you can browse all content packs (including installed content), or view only installed content packs.

You can search for content packs by entering text in the search bar and selecting the relevant content pack from the search results.

You can sort content packs by latest update, best match, recommended, number of downloads, and filter according to the following criteria:

  • Use cases: Filter according to high-level use cases, such as Phishing, Malware, Ransomware, Access.

  • Integrations: Filter according to the integration included in the content pack.

  • Categories: Filter according to content pack categories, such as Messaging, and Forensics & Malware Analysis

  • Published: Filter according to whether published by Cortex XSOAR or by Cortex XSOAR technology partners.

  • General:

    • Certified: Created and supported by a user and certified by Cortex XSOAR. Cortex XSOAR has tested the content to ensure that it meets standards and works correctly.

    • Support: Supported by either Cortex XSOAR or a partner-supported content pack.

    • Uses my integrations: Content packs that use integrations that you have added instances for (whether or not they are enabled).

  • Content Pack Includes: Filter according to the content of the content pack, such as scripts, Integrations, and Playbooks.

  • Tags: Filter according to tags, such as Alerts, Network, and Security.

  • Types: Filter according to Collection or TIM.

When clicking a content pack you can view detailed information including content that it installs (such as scripts and playbooks, and indicator fields), dependencies (what content packs are required or optional) and version history (including whether you want to roll back to earlier versions).