Cortex XSOAR® combines security orchestration, threat intel and incident management, and interactive investigation into a seamless experience. The orchestration engine is designed to automate security product tasks and weave in human analyst tasks and workflows. Cortex XSOAR® is powered by DBot, which learns from the real-life analyst interactions and past investigations to help SOC teams with analyst assignment suggestions, playbook enhancements, and best next steps for investigations. With Cortex XSOAR, security teams can build future proof security operations to reduce MTTR, create consistent and audited incident management processes, and increase analyst productivity.

 

Latest Releases

Date Version Details
August 8, 2022 Cortex XSOAR 6.9
(B3387847)

GA

  • Deployment Wizard: When installing or updating content packs, the DEPLOYMENT WIZARD tab guides you step-by-step to adopt your use case (including Phishing and Malware), significantly reducing the setup time.
  • SAML 2.0 Configuration: You can now let administrators manually enter certain user information fields when configuring SAML 2.0, which persist if those fields are not provided by SAML third party provider.
  • Zoom level:  When switching between playbooks, the user's zoom level is now preserved (in = more detail, out = larger view).
  • Add a warning message when viewing comments in incidents: (Multi-Tenant) Added a warning message, when handling bulk incidents to prevent customer information being unintentionally shared with other customers.
July 17, 2022 Cortex XSOAR 6.8.0
(B3261002)
Maintenance release: bug fixes, and enhancements, including some security issues.
June 21, 2022 Cortex XSOAR 6.6.0
(B3124193)
Maintenance release: bug fixes, and enhancements, including some security issues.
June 8, 2022 Cortex XSOAR 6.6.0  (B3049220) Maintenance release: bug fixes, and enhancements, including some security issues.
May 30, 2022 Cortex XSOAR 6.8
(B3001435)

GA

  • Deployment Wizard: When installing or updating the Malware content pack, a new DEPLOYMENT WIZARD tab guides you step-by-step to quickly adopt the Malware use case.
  • Error handling in playbooks: When creating/editing a standard task that uses an automation or a conditional task that uses an automation, if the the task errors, the playbook continues on an error path.
  • New custom playbooks set to quiet mode: When creating a new custom playbook, by default, the playbook is set to Quiet Mode to improve system performance.
  • Exclude items from local changes in remote repositories: Exclude content items in your development environment from syncing with your production machine.
  • HTTP,  HTTPS, and SSH are supported for remote repositories: Connect to a remote repository using HTTP,  HTTPS, or SSH.
  • API keys creation: Select which roles have read and read/write permission when creating API keys.
May 11, 2022 Cortex XSOAR 6.6.0 (B2889656) Maintenance release: bug fixes, and enhancements, including some security issues.
March 20, 2022 Cortex XSOAR 6.6.0
(B2585049)
Maintenance release: bug fixes, and enhancements, including some security issues.
March 15, 2022 Cortex XSOAR 6.5.0 (B2583817) Maintenance release: bug fixes, and enhancements, including some security issues.
February 27, 2022 Cortex XSOAR 6.6
(B2458567)

GA

February 11, 2022 Cortex XSOAR 6.2.0 (B2392875) Maintenance release: bug fixes, and enhancements, including some security issues.

Additional Resources

Developer Hub


Provides Cortex XSOAR developers with a central location for creating integrations, playbooks, automation scripts, and more, including end-to-end use cases and reference documentation.

Live Community


Join the Cortex XSOAR Live community to post questions, find answers, and join the conversation!

Submit a Feature Request


Share your ideas and suggestions on how we can improve Cortex XSOAR. *requires login