Cortex XSOAR® combines security orchestration, threat intel and incident management, and interactive investigation into a seamless experience. The orchestration engine is designed to automate security product tasks and weave in human analyst tasks and workflows. Cortex XSOAR® is powered by DBot, which learns from the real-life analyst interactions and past investigations to help SOC teams with analyst assignment suggestions, playbook enhancements, and best next steps for investigations. With Cortex XSOAR, security teams can build future proof security operations to reduce MTTR, create consistent and audited incident management processes, and increase analyst productivity.

Latest Releases

Date Version Details
July 27, 2020 6.0 (B79522) GA. Introducing the Cortex XSOAR Marketplace, the central location for installing, exchanging, contributing, and managing all of your content, many threat intel and case management enhancements, and general platform improvements.
July 15, 2020 5.5 (B78518) Maintenance release: bug fix.
June 15, 2020 6.0 (Beta) Available in Beta.
June 10, 2020 5.5 (B75211) Maintenance release: bug fixes and enhancements.
May 19, 2020 5.5 (B73387) Maintenance release: bug fixes and enhancements.
April 20, 2020 5.5 (B70066) Maintenance release: bug fixes and enhancements.
March 31, 2020 5.5 Introduction of Cortex XSOAR (formerly Demisto) and threat intel management capabilities.

Cortex XSOAR Documentation

Cortex XSOAR Release Notes

Cortex XSOAR Administrator’s Guide

Cortex XSOAR Multi-Tenant Guide

Cortex XSOAR Threat Intel Management Guide

Additional Resources

Developer Hub

Provides Cortex XSOAR developers with a central location for creating integrations, playbooks, automation scripts, and more, including end-to-end use cases and reference documentation.

Live Community

Join the Cortex XSOAR Live community to post questions, find answers, and join the conversation!

Submit a Feature Request

Share your ideas and suggestions on how we can improve Cortex XSOAR.