This section describes the main features of the Cortex XSOAR 8.2 release.
The Cortex XSOAR 8.2 release includes the following enhancements:
Feature | Description |
---|---|
Cortex XSOAR Multi-Tenant | XSOAR 8 now offers Cortex XSOAR Multi-Tenant, which is designed for managed security service providers and enterprises that require strict data segregation with the flexibility to share and manage critical security practices across tenant accounts. You can centrally manage resources and reporting from the main account, push custom content to one or more tenants, search across incidents, and run commands across multiple tenants, without exposing any data across tenants. To use Cortex XSOAR Multi-Tenant, you need to create a main tenant and child tenant from the Cortex Gateway. In the Gateway, you can create, delete and manage child tenants. For more information, see Introduction to Cortex XSOAR Multi-Tenant. |
Role Permissions | Role permissions have been updated to separate some of the administration permissions. In the Settings section you can now do the following:
|
Automations Page | The Automations page has been renamed Scripts. |
War Room Filters | You can now filter by tags in the War Room. |
Marketplace | You can now subscribe to content pack updates in Marketplace. |
Login Messages | You can now display a custom message to users before every login to Cortex XSOAR. |
Indicator/Incident fields | You can now choose to wrap the label text for incident and indicator fields when displayed in a layout. When creating or editing a section of fields, Edit section settings and select Wrap the labels. |
Engines | A "last seen" timestamp was added to the engines table, which represents the last time the engine connected successfully. |
Playbooks |
|
Management Audit Log Notifications | You can now forward management audit log notifications to email distribution lists and syslog servers. |
External Dynamic List Management | You can now manage EDLs (Settings & Info → Settings → Integrations → External Dynamic List Integrations). |
Integration Log Access | You can now view and export integration log details, including status and error messages (Settings & Info → Settings → Integrations → Integration Log). |
Improvements to the Default Playbook | The Default playbook has been improved with the the following capabilities:
|