>
    Strata Copilot
    Send Security Alerts to SoftPro Medusa
    Focus
    Download PDF
    Focus
    1. Home
    2. Device Security
    3. Device Security Integration Guide
    4. Asset Management
    5. Integrate Device Security with SoftPro Medusa
    6. Send Security Alerts to SoftPro Medusa
    Download PDF
    Device Security

    Send Security Alerts to SoftPro Medusa

    Table of Contents

    Send Security Alerts to SoftPro Medusa

    Send security alerts from Device Security to SoftPro Medusa.
    Where Can I Use This?What Do I Need?
    • Device Security (Managed by Strata Cloud Manager)
    • (Legacy) IoT Security (Standalone portal)
    One of the following subscriptions:
    • Device Security subscription for an advanced Device Security product (Enterprise Plus, Industrial OT, or Medical)
    • Device Security X subscription
    One of the following Cortex XSOAR setups:
    • A free, cohosted, limited-featured Cortex XSOAR instance
      AND
      A free Cortex XSOAR Engine (on-premises integration)
    • A full-featured Cortex XSOAR server
    From Device Security, you can send a security alert to SoftPro Medusa. Before forwarding the alert to SoftPro Medusa, Cortex XSOAR converts it into a security incident, which SoftPro Medusa receives. From there, a SoftPro Medusa user can create a work order for a network security analyst to investigate.
    When sending alerts to SoftPro Medusa, you can choose to send:
    • An alert from a Device Details page
    • A specific alert from the Alert Details page
    • An alert from the alerts inventory
    Because each alert ticket requires a MAC address to match the alert to a device, you can only send one alert at a time.
    After you send an alert to SoftPro Medusa, the action of sending the alert appears in the alert history on the alert details page. On your SoftPro Medusa instance, you can view the ticket created from the alert.

    Strata Cloud Manager

    Send security alerts from Device Security in Strata Cloud Manager to SoftPro Medusa.
    1. Log in to Device Security in Strata Cloud Manager and send an alert to SoftPro Medusa.
      • From the Device Details page:
        Navigate to AssetsInventory and select the device with an alert that you want to send to SoftPro Medusa. On the Device Details page, click on the Alerts tab, select the alert that you want to send, and select ActionsSend to...SoftPro Medusa.
      • From the Alert Details page:
        Navigate to AlertsSecurity Alerts and select the alert that you want to send to SoftPro Medusa. On the Alert Details page, select ActionsSend to...SoftPro Medusa.
      • From the alerts inventory:
        Navigate to AlertsSecurity Alerts and select the check box for the alert that you want to send to SoftPro Medusa. After you have chosen the alert, select MoreSend to...SoftPro Medusa.
    2. In the Send to SoftPro Medusa pop-up that appears, fill in the following fields:
      • Priority: Enter a priority number that your SoftPro Medusa system analyst can use to correlate with the priority numbering system in SoftPro Medusa.
      • Add Comments: Add any additional comments that would help with the risk mitigation workflow.
    3. Send the alert to SoftPro Medusa.
      After you click Send, a link to the Cortex XSOAR work plan appears at the bottom of the pop-up. The link opens a new tab or window to see the Cortex XSOAR work plan for this action.
    4. To confirm that the alert successfully reached SoftPro Medusa, click the link to the Cortex XSOAR playbook for this action.
      For the link in Device Security to open the corresponding work plan in Cortex XSOAR, you must already be logged in to your cloud Cortex XSOAR instance before clicking on the link. If you have an on-premises Cortex XSOAR, you need to search the incidents on your Cortex XSOAR to find the work plan.
      Follow the path through the playbook to see if the action completed successfully, or to triage where the action might have failed.

    Legacy IoT Security

    Send security alerts from the Device Security portal to SoftPro Medusa.
    1. Log in to the Device Security portal and send an alert to SoftPro Medusa.
      • From the Device Details page:
        Navigate to AssetsDevices and select the device with an alert that you want to send to SoftPro Medusa. On the Device Details page, click on the Alerts tab, select the alert that you want to send, and select ActionsSend to...SoftPro Medusa.
      • From the Alert Details page:
        Navigate to AlertsSecurity AlertsAll Alerts and select the alert that you want to send to SoftPro Medusa. On the Alert Details page, select ActionsSend to...SoftPro Medusa.
      • From the alerts inventory:
        Navigate to AlertsSecurity AlertsAll Alerts and select the check box for the alert that you want to send to SoftPro Medusa. After you have chosen the alert, select MoreSend to...SoftPro Medusa.
    2. In the Send to SoftPro Medusa pop-up that appears, fill in the following fields:
      • Priority: Enter a priority number that your SoftPro Medusa system analyst can use to correlate with the priority numbering system in SoftPro Medusa.
      • Add Comments: Add any additional comments that would help with the risk mitigation workflow.
    3. Send the alert to SoftPro Medusa.
      After you click Send, a link to the Cortex XSOAR work plan appears at the bottom of the pop-up. The link opens a new tab or window to see the Cortex XSOAR work plan for this action.
    4. To confirm that the alert successfully reached SoftPro Medusa, click the link to the Cortex XSOAR playbook for this action.
      For the link in Device Security to open the corresponding work plan in Cortex XSOAR, you must already be logged in to your cloud Cortex XSOAR instance before clicking on the link. If you have an on-premises Cortex XSOAR, you need to search the incidents on your Cortex XSOAR to find the work plan.
      Follow the path through the playbook to see if the action completed successfully, or to triage where the action might have failed.

    © 2026 Palo Alto Networks, Inc. All rights reserved.