The following table describes the different
license types that are available for Cortex XSOAR.
Cortex XSOAR Community Edition
Evaluates Cortex XSOAR for partner development.
Cortex XSOAR Threat Intel Management
: Limited to customers
migrating from Minemeld and do not require case management for security
orchestration, automation and response (SOAR).
Cortex XSOAR Starter Edition
: Relevant for customers who
require case management for SOAR.
: Relevant for customers with case management
for SOAR and threat intelligence needs.
Cortex XSOAR Users
Cortex XSOAR has audit users and full users.
Audit users have read-only permission in Cortex XSOAR, meaning
they do not have the ability to edit system components and data,
or run commands, automations, and playbooks. Audit users can view
incidents, dashboards, and reports.
Full users have read-write permission in Cortex XSOAR, meaning
they have the ability to view and edit system components and data.
They can investigate incidents, run automation scripts and playbooks,
chat in the War Room, and so on. Full users’ access to Cortex XSOAR
is determined by their assigned role.