Cortex XSOAR® combines security orchestration, threat intel and incident management, and interactive investigation into a seamless experience. The orchestration engine is designed to automate security product tasks and weave in human analyst tasks and workflows. Cortex XSOAR® is powered by DBot, which learns from the real-life analyst interactions and past investigations to help SOC teams with analyst assignment suggestions, playbook enhancements, and best next steps for investigations. With Cortex XSOAR, security teams can build future proof security operations to reduce MTTR, create consistent and audited incident management processes, and increase analyst productivity.

 

Latest Releases

Date Version Details
June 21, 2022 Cortex XSOAR 6.6.0
(B3124193)
Maintenance release: bug fixes, and enhancements, including some security issues.
June 8, 2022 Cortex XSOAR 6.6.0  (B3049220) Maintenance release: bug fixes, and enhancements, including some security issues.
May 30, 2022 Cortex XSOAR 6.8

GA

  • Deployment Wizard: When installing or updating the Malware content pack, a new DEPLOYMENT WIZARD tab guides you step-by-step to quickly adopt the Malware use case.
  • Error handling in playbooks: When creating/editing a standard task that uses an automation or a conditional task that uses an automation, if the the task errors, the playbook continues on an error path.
  • New custom playbooks set to quiet mode: When creating a new custom playbook, by default, the playbook is set to Quiet Mode to improve system performance.
  • Exclude items from local changes in remote repositories: Exclude content items in your development environment from syncing with your production machine.
  • HTTP,  HTTPS, and SSH are supported for remote repositories: Connect to a remote repository using HTTP,  HTTPS, or SSH.
  • API keys creation: Select which roles have read and read/write permission when creating API keys.
May 11, 2022 Cortex XSOAR 6.6.0 (B2889656) Maintenance release: bug fixes, and enhancements, including some security issues.
March 20, 2022 Cortex XSOAR 6.6.0
(B2585049)
Maintenance release: bug fixes, and enhancements, including some security issues.
March 15, 2022 Cortex XSOAR 6.5.0 (B2583817) Maintenance release: bug fixes, and enhancements, including some security issues.
February 27, 2022 Cortex XSOAR 6.6

GA

February 21, 2022 Cortex XSOAR 6.5.0
(B2410815)
Maintenance release: bug fixes, and enhancements, including some security issues.
February 11, 2022 Cortex XSOAR 6.2.0 (B2392875) Maintenance release: bug fixes, and enhancements, including some security issues.
December 20, 2021 Cortex XSOAR 6.5.0 (B2102531) Maintenance release: bug fixes, and enhancements, including some security issues.
December 8, 2021 Cortex XSOAR 6.5

GA

  • Unit 42 Intel  Service:
    Enables you to identify threats in your network and discover and contextualize trends. Unit 42 Intel data is continually updated to include the most recent threat samples analyzed by Palo Alto Networks, enabling you to keep up to date with threat trends and take a proactive approach to securing your network.
  • Threat Intel Reports:
    Summarize and share threat intelligence research conducted within your organization by threat analysts and threat hunters. Threat intelligence reports help you to communicate the current threat landscape to internal and external stakeholders, whether in the form of high-level summary reports for C-level executives, or detailed, tactical reports for the SOC and other security stakeholders.
  • Lists:
    Lists can now be included in a Content Pack and be installed from the Marketplace. You can also download/upload lists, and in a remote repository, lists can be pushed to a production environment.
  • Settings Hierachy:
    The Settings page has been reorganized by adding a new OBJECTS SETUP tab, which includes Incidents, Indicators, and Threat Intel Reports. 
October 26, 2021 Cortex XSOAR 6.2.0 (1822745) Maintenance release: bug fixes, and enhancements, including some security issues.
August 30, 2021 Cortex XSOAR 6.2.0 (B1578666) Maintenance release: bug fixes, and enhancements, including some security issues.
August 9, 2021 Cortex XSOAR 6.2.0 (B1473927) Maintenance release: bug fixes and enhancements. 
July 4, 2021 Cortex XSOAR 6.2.0 (B1321594) Maintenance release: bug fixes and enhancements. 
June 23, 2021 Cortex XSOAR 6.2.0 (B1271082) Maintenance release: bug fix.
June 23, 2021 Cortex XSOAR 6.1.0 (B1271079) Maintenance release: bug fix.
June 8, 2021 6.2

GA

  • Playbook Debugger:
    Enables you to build and troubleshoot playbooks, by helping you find tasks that might fail and by testing different conditions, branches, and input and output options.
  •  Indicator Relationships:
    Augment threat intel by identifying connections between different Cortex XSOAR objects that enable you to enhance investigations with information about indicators and how they might be connected to other incidents or indicators.
  • System Diagnostics:
    A dedicated page where you can easily identify and fix common performance and system issues.
  • Widget Builder:
    Define and configure data, and preview how that widget appears. The aim of the widget builder is to be able to create complex widgets, which eliminates the need to write scripts or upload JSON files.

Additional Resources

Developer Hub


Provides Cortex XSOAR developers with a central location for creating integrations, playbooks, automation scripts, and more, including end-to-end use cases and reference documentation.

Live Community


Join the Cortex XSOAR Live community to post questions, find answers, and join the conversation!

Submit a Feature Request


Share your ideas and suggestions on how we can improve Cortex XSOAR. *requires login