This table describes the types of Cortex XSOAR licenses
which are used in the following circumstances:
Cortex XSOAR Community Edition
For evaluating Cortex XSOAR, partner development,
and general free usage.
Cortex XSOAR Threat Intel Management Edition
Built for Threat Intelligence & Security
Operations teams who need threat intelligence based automation.
Cortex XSOAR Starter Edition
Built for Security Operations and Incident
Response customers who need case management with collaboration and
playbook driven automation
Cortex XSOAR Edition
Built for customers who need a complete security
Cortex XSOAR License Quota
The following table describes the license
quotas of each version in Cortex XSOAR. The license includes the
number of users that can be configured. Self service read-only users
do not count as users in your license pool.
Cortex XSOAR Users
Cortex XSOAR has audit users and full users.
Audit users have read-only permission in Cortex XSOAR, meaning
they do not have the ability to edit system components and data,
or run commands, automations, and playbooks. Audit users can view
incidents, dashboards, and reports.
Full users have read-write permission in Cortex XSOAR, meaning
they have the ability to view and edit system components and data.
They can investigate incidents, run automation scripts and playbooks,
chat in the War Room, etc. Full users’ access to Cortex XSOAR is
determined by their assigned role.