Integrate with Cortex XSOAR—Send alerts to Cortex XSOAR for automated
and coordinated threat response. From Cortex XSOAR, you define,
adjust, and test playbooks that respond to Cortex XDR alerts. You can
also manage your incidents in Cortex XSOAR with any changes automatically
synced to Cortex XDR. For more information, see the in-app documentation
in Cortex XSOAR.
Integrate with external receivers such as ticketing systems—To manage
incidents from the application of your choice, you can use the Cortex
XDR API Reference to send alerts and alert details to an external receiver.
After you generate your API key and set up the API to query Cortex
XDR, external apps can receive incident updates, request additional data
about incidents, and make changes such as to set the status and change
the severity, or assign an owner. To get started, see the Cortex XDR API Reference.