An Automated Response to Malicious Pod Activity
Automated playbook for effectively tackling malicious activity within Kubernetes clusters.
Palo Alto Networks
XSOAR playbook
Rapid Response for Fighting Ursa Phishing Campaign
Automated playbook to speed response to Russian threat actor, Fighting Ursa, APT phishing campaign offering diplomatic cars for sale.
Rapid Response for OpenSSH Vulnerability CVE-2024-6387
Automated playbook to speed response to CVE-2024-6387, OpenSSH vulnerability
Playbook of the Week: Automating Response to Living-Off-the-Land (LOTL) Att...
Defend against stealthy LOTL attacks leveraging common tools and LOLBins. Cortex XDR automates detection, investigation, and remediation of suspicious...
Playbook of the Week: Prisma Cloud Compute - Compliance Alert v2
Empower compliance alert management with Cortex XSOAR. Enriched data, dedicated layouts, and streamlined workflows ensure proactive risk mitigation.
Playbook of the Week: Streamlining Suspicious Data Upload Alert Investigati...
The Cortex XSOAR XDR large-upload playbook is designed to streamline the management of Cortex XDR analytics “large upload” alerts, speeding the investigation process and providing ...
Playbook of the Week: Automating Management of XDR Identity Analytics Alert...
Playbook that automates management of XDR identity analytics alerts for speedier response to identity threats.
Playbook of the Week: Prisma Cloud Compute - Audit Alert v3
The Cortex XSOAR's Prisma Cloud Compute - Audit Alert v3 playbook emerges as a reliable ally, ensuring runtime audit events are not just responded to but proactively managed.
Playbook of the Week: XSOAR Common Playbooks
Foundational playbooks for automating the most common SOC use cases
Introducing New XSOAR Capture the Flags!
Capture the Flag content packs for a fun, interactive introduction to Cortex XSOAR
Bootstrap Your Threat Intel Management Program With Free Feeds and IOC Enri...
Leveraging automation to manage and optimize value from your threat feed subscriptions, particularly free feeds and IOC enrichers.
Playbook of the Week: Streamlining the management of XDR Incidents
The Cortex XSOAR XDR Lite playbook streamlines the handling of XDR alerts, by automating the repetitive tasks associated with incident response.
Playbook of the Week: Unleash the Power of Identity Threat Intelligence wit...
The Cortex XSOAR Prisma Cloud Virtual Machine (VM) Alert Prioritization content pack helps cloud security operations teams prioritize and manage these alerts.
Playbook of the Week: Automating DLP Incident Feedback
With an increasing amount of data being generated and shared, the need for a DLP solution has become more pressing than ever.
Playbook of the Week: Using CVEs in Incident Investigation
Using CVEs in your incident investigations and automated response playbooks.
Playbook of the Week: Automating Malicious File Detonation with Joe Securit...
The Joe Security sandbox integration with XSOAR allows security teams to automatically detonate files detected as part of malware incident response
Playbook of the Week: Automated Rapid Response to 3CXDesktopApp Supply Chai...
This Cortex XSOAR Rapid Response content pack helps security teams perform quick actions to address a supply chain attack involving a software-based p...
Playbook of the Week: Automating the Prioritization of Prisma Cloud Virtual...
The Cortex XSOAR Prisma Cloud Virtual Machine (VM) Alert Prioritization content pack helps cloud security operations teams prioritize and manage these alerts
Playbook of the Week: Automated Rapid Response to Microsoft Outlook for Win...
This Cortex XSOAR Rapid Response content pack helps security teams perform quick actions to address the recently released Microsoft Outlook for window...
Playbook of the Week: Catch Me if You Can! Stopping the Impossible Traveler
The Cortex XSOAR Impossible Traveler content pack can help to automatically determine the legitimacy of remote access attempts and take appropriate steps to contain malicious user activity
Playbook of the Week: Manage Secrets and Protect Sensitive Data
The HashiCorp Vault content pack for Cortex XSOAR enables security operations center (SOC) teams to easily manage their secrets.
Subscribe to the Blog!
Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.