Automate Alert Enrichment with IT Asset Data for Rapid Event Isolation and Remediation with Cortex XSOAR and Lansweeper

Mar 02, 2022
3 minutes

To properly remediate alerts, it is crucial for security teams to have accurate, up-to-date IT asset data specific to their environment. Unfortunately, the complex technology landscape and BYO devices framework has left organizations vulnerable to unknown or rogue assets.  Between long search times for specific assets and difficulty uncovering critical context, security teams are often unable to take rapid action against alerts or events.

To overcome these threats, Lansweeper and Cortex XSOAR are excited to share that the new Lansweeper content pack is now available within the Cortex XSOAR Marketplace. This pack provides Cortex XSOAR customers with enriched incident alerts by integrating Lansweeper IT Asset data and context into an automated playbook for Lansweeper.  Designed to speed event isolation and remediation, the Lansweeper content pack allows users to search for specific IT assets and provides detailed information such as its type, operating system, serial number, and more. Within Cortex XSOAR, the prebuilt content pack provides immediate value for security teams that leverage this powerful integration with both IP and Mac address hunting.  

Let’s take a look at why the Lansweeper and Cortex XSOAR content pack is so important for your security program.

Together, Lansweeper and Cortex XSOAR enable your security and IT teams to automate and optimize complex workflows across the full stack of your information systems and security tools. The Lansweeper content pack provides accurate searches and detailed results for your security team  to rapidly isolate and remediate alerts and events. With the Cortex XSOAR platform, security teams can seamlessly implement Lansweeper with one click installation into existing security tools and workflows. Whether you want to gather addresses, create documentation, or classify events, this integration will allow your SOC to standardize and scale the most effective SOC possible.  

The Lansweeper content pack enables you to:

  • Automate enrichment of incident alerts to discover accurate data on your IT devices quickly. With Lansweeper data at your fingertips, you gain instant access to always-accurate, up-to-the-minute data so your security team can make informed decisions and take the appropriate actions.
  • Recover rapidly from the identification of vulnerable devices and increase resiliency against new attacks by rapidly deploying the necessary updates and patches. Save additional time and overhead by automating essential incident response and remediation processes
  • Automatically identify and classify IT asset threats and demonstrate compliance with complete and detailed documentation to avoid costly fines and reputational damage.
  • Eliminate time wasted with inaccurate or missing data and navigate with speed across your workloads and unstructured data, reducing the time it takes to investigate and respond to threats.


Learn More

Build out your security program with the Lansweeper content pack, available now on the Cortex XSOAR Marketplace. Look up prebuilt integrations for your top security tools with over 850 content packs available for Cortex XSOAR, the market’s leading SOAR platform. 


You can learn more about Lansweeper at To see the Lansweeper content pack, visit 

Subscribe to Security Operations Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.