September 17, 2024 | Cortex XSOAR 8.7 On-prem | GA Cortex XSOAR On-prem now supports: To effectively investigate an incident and analyze associated indicators, the SOC analyst must have access to up-to-date data and a clear view of the most recent changes made to the relevant indicators, as well as the initial entries of indicator changes. Cortex XSOAR now supports teams working in different locations, enabling the user to select the timezone of the report. Cortex XSOAR can now run more playbooks per hour for medium and large-scale deployments
|
August 18, 2024 | Cortex XSOAR 6.13 (B1284375) | GA Migration from Cortex XSOAR 6 On-prem to Cortex XSOAR 8 Cloud is now available. To start the migration, users need to upgrade to this version. For more information about the Migration process, see Cortex XSOAR Migration Guide. Cortex XSOAR 6.13 now supports: Oracle Linux versions 8.9 and 9.3 (for engine and server installation) RHEL versions 8.10 and 9.4 (for engine and server installation) Elasticsearch versions 8.11, 8.12 and 8.13 OpenSearch versions 2.10, 2.11, 2.12, and 2.14
|
August 18, 2024 | Cortex XSOAR 6.12.0 (B1271551) | Maintenance Release: bug fixes including some security issues.Minor Releases |
July 14, 2024 | Cortex XSOAR 8.6 On-prem | GA Cortex XSOAR Cluster High Availability: Cortex XSOAR On-prem cluster, with three or more nodes, includes high availability capabilities to improve reliability for critical security operations. Enhanced role-based access control for dashboards: The Administrator can now restrict access to specific dashboards for designated users through role assignment. Multi-role API keys: You can now create API keys with multiple roles to improve operational efficiency and allow dynamic RBAC management of API keys. New endpoint for managing API keys using the API: Cortex XSOAR now has an API endpoint for GET, CREATE, UPDATE, and DELETE for API keys. Customize the favicon color: You can now change the color of the favicon for each tenant. This allows you to identify which tenant is being used in each tab at a glance.
|
June 30, 2024 | Cortex XSOAR 8 Cloud | GA Seamlessly migrate all your data, configurations, and settings including indicators and incidents from Cortex XSOAR 6.13 On-prem to Cortex XSOAR 8 Cloud using a built-in wizard that streamlines the migration process. To effectively investigate an incident and analyze associated indicators, the SOC analyst must have access to up-to-date data and a clear view of the most recent changes made to the relevant indicators, as well as the initial entries of indicator changes. When generating a report, you can choose the timezone to ensure accurate and localized reporting for users working in multiple geographical locations. Admin users can manage notification distribution by adding or removing tenant’s stakeholders' email addresses on the Server Settings page, without the need to add them first on the tenant. This feature streamlines communication and simplifies administration.
|
April 14, 2024 | Cortex XSOAR 8 Cloud | GA You can create API keys with multiple roles to improve operational efficiency and allow dynamic RBAC management of API keys. The Administrator can restrict access to specific dashboards for designated users through role assignment. Cortex XSOAR has an API endpoint for GET, CREATE, UPDATE, and DELETE for API keys. You can change the color of the favicon for each tenant, which allows you to identify which tenant is being used in each tab at a glance.
|
March 31, 2024 | Cortex XSOAR 8.5 On-prem | GA Cortex XSOAR 8.5 On-Prem is now released and includes the following features: Integration into the Cortex platform: Improved performance and reliability High scalability based on a revamped architecture User-friendly installation with an easy-to-follow step-by-step TUI to install Cortex XSOAR and configure:
|
February 29, 2024 | Cortex XSOAR 6.12.0 (B857430) | Maintenance Release: bug fixes including some security issues.Minor Releases |
February 11, 2024 | Cortex XSOAR 8 Cloud | GA Enable communication between SOC analysts (MT/MSSP) Keep retained incidents Assign retention licenses for MT deployments Content repository improvements Customize system emails Use an authenticated docker image
|
December 3, 2023 | Cortex XSOAR 6.12.0 (B661643) | Maintenance Release: bug fixes including some security issues.Minor Releases |
October 29, 2023 | Cortex XSOAR 8 Cloud | GAOctober 2023 In-app documentation Private repository support in a dev/prod environment Export incidents to Excel Authenticated communication tasks Define credentials for long-running integrations SSO improvements
|
September 20, 2023 | Cortex XSOAR 6.12.0 (B493375) | Maintenance Release: bug fixes including some security issues.Minor Releases |
September 3, 2023 | Cortex XSOAR 6.12 (B481081) | GANew Features Migration from Cortex XSOAR 6 to 8 is available for Hosted customers Cortex XSOAR supports RHEL v8.8 and v9.0 Edit a list installed from a content pack by detaching it The reputationCalcAsync argument is now available for the addEntries command The list.<listName>.separator and list.separator server configurations now support tabs as list separators, using \t
|
August 7, 2023 | Cortex XSOAR 6.11.0 (B443478) | Maintenance Release: bug fixes, and enhancements, including some security issues.Minor Releases |
July 9, 2023 | Cortex XSOAR 8 Cloud | GAJuly 2023 Improved Auditing Mange User Groups in the Cortex Gateway Manage RBAC settings in the Cortex Gateway Improved Navigation Improved Indicator Verdict Calculation
|
April 23, 2023 | Cortex XSOAR 8 Cloud | GAApril 2023 XSOAR 8 now offers Cortex XSOAR Multi-Tenant, which is designed for managed security service providers and enterprises that require strict data segregation with the flexibility to share and manage critical security practices across tenant accounts. Role permissions have been updated to separate some administration permissions. You can now subscribe to content pack updates in Marketplace. Improved UI for Data Collection and Ask tasks in Playbooks and a simplified search for playbooks with free text search. Improvements to the Default Playbook.
|
April 23, 2023 | Cortex XSOAR 6.11 (B300044) | GANew Features Improved Upgrade Process for Multi-Tenant Deployments After deleting a user, you can now clear the user's data from content, such as active incidents and investigations, automations, etc. Substantial improvements of playbook performance including context operations, indicator extraction and playbook execution. New Menu Navigation Role Permissions have been updated for more granular control.
|
March 6, 2023 | Cortex XSOAR 6.10.0 (B255865) | Maintenance release: fixes an issue related to hosts connecting to the main server, in a multi-tenant deployment.Minor Releases |
February 26, 2023 | Cortex XSOAR 6.10.0 (B250144) | Maintenance release: bug fixes, and enhancements, including some security issues.Minor Releases |
January 1, 2023 | Cortex XSOAR 8 | GAJanuary 2023 Integration into the Cortex platform: Unified look and feel Uses the platform's storage engines Simplified deployment and onboarding Consistent user management
Improved performance and reliability High scalability based on revamped architecture that utilizes cloud features Built-in Git Repository for sharing data between development and production instances
|
December 5, 2022 | Cortex XSOAR 6.10 (B187344) | GARelease Information Communication task links in Context Data: When running an Ask or Data Collection task, links are generated to collect the recipients' responses and are now available in the incident's context data. Content Security Policy: You can now enable Content Security Policy (CSP), which adds a layer of security including detecting and mitigating certain types of attack. Quiet Mode for Manual Tasks: You can now turn quiet mode on or off for individual manual tasks in a playbook. Documentation Portal: Documentation for all Cortex products including Cortex XSOAR has moved to https://docs-cortex.paloaltonetworks.com/.
|
November 18, 2022 | Cortex XSOAR 6.9.0 (B177754) | Maintenance release: bug fixes, and enhancements, including some security issues.Minor Releases |
November 16, 2022 | Cortex XSOAR 6.8.0 (B176620) | Maintenance release: bug fixes, and enhancements, including some security issues.Minor Releases |
August 8, 2022 | Cortex XSOAR 6.9 (B3387847) | GANew Features Deployment Wizard: When installing or updating content packs, the DEPLOYMENT WIZARD tab guides you step-by-step to adopt your use case (including Phishing and Malware), significantly reducing the setup time. SAML 2.0 Configuration: You can now let administrators manually enter certain user information fields when configuring SAML 2.0, which persist if those fields are not provided by SAML third-party provider. Zoom level: When switching between playbooks, the user's zoom level is now preserved (in = more detail, out = larger view). Add a warning message when viewing comments in incidents: (Multi-Tenant) Added a warning message, when handling bulk incidents to prevent customer information being unintentionally shared with other customers.
|
July 17, 2022 | Cortex XSOAR 6.8.0 (B3261002) | Maintenance release: bug fixes, and enhancements, including some security issues.Minor Releases |
June 21, 2022 | Cortex XSOAR 6.6.0 (B3124193) | Maintenance release: bug fixes, and enhancements, including some security issues.Minor Releases |
June 8, 2022 | Cortex XSOAR 6.6.0 (B3049220) | Maintenance release: bug fixes, and enhancements, including some security issues.Minor Releases |
May 30, 2022 | Cortex XSOAR 6.8 (B3001435) | GANew Features Deployment Wizard: When installing or updating the Malware content pack, a new DEPLOYMENT WIZARD tab guides you step-by-step to quickly adopt the Malware use case. Error handling in playbooks: When creating/editing a standard task that uses an automation or a conditional task that uses an automation, if the the task errors, the playbook continues on an error path. New custom playbooks set to quiet mode: When creating a new custom playbook, by default, the playbook is set to Quiet Mode to improve system performance. Exclude items from local changes in remote repositories: Exclude content items in your development environment from syncing with your production machine. HTTP, HTTPS, and SSH are supported for remote repositories: Connect to a remote repository using HTTP, HTTPS, or SSH. API keys creation: Select which roles have read and read/write permission when creating API keys.
|
May 11, 2022 | Cortex XSOAR 6.6.0 (B2889656) | Maintenance release: bug fixes, and enhancements, including some security issues.Minor Releases |
March 20, 2022 | Cortex XSOAR 6.6.0 (B2585049) | Maintenance release: bug fixes, and enhancements, including some security issues.Minor Releases |
March 15, 2022 | Cortex XSOAR 6.5.0 (B2583817) | Maintenance release: bug fixes, and enhancements, including some security issues.Minor Releases |
February 27, 2022 | Cortex XSOAR 6.6 (B2458567) | GANew Features Indicator field Trigger Scripts: Associate indicator fields with trigger automation scripts that check for field changes, and then take actions based on them. Dynamic layouts and fields: When customizing an indicator/indicator layout add a filter. Saved Query Sharing: Share saved queries with specific roles. Enhanced RBAC: More granularity to the RBAC roles page.
|
February 11, 2022 | Cortex XSOAR 6.2.0 (B2392875) | Maintenance release: bug fixes, and enhancements, including some security issues. |