As a Solutions Architect, I have been involved in multiple sales processes over the last few years that have focused on security automation. When we discuss XSOAR and its capabilities in solving customer problems related to automation, we always consider the question “How can we create our own content?”. Well, the answer is simple: anyone can do it! To demonstrate this, I will share my experience with the different live packs that I created.
Personally, I enjoy developing content for XSOAR. It's very easy and seamless to connect the dots between other tools and our own. Part of what makes XSOAR such a strong platform is the flexibility to automate any use case or tool that you interact with. Some of the packs that I have created over the last couple of years have started from customer engagements where we were missing specific pieces and some have been integrating with tools that I have found personally useful. There are even a few packs that I developed just for use around my home, for example an automation to charge my EV at the optimal time and price.
This latest pack I released was a language translator service called DeepL. I found their translation capabilities were superb and the API was well documented, but there was no ask for the tool from anyone else. Now and then customers will request such capabilities in regards to cases of Phishing, Web/Deepweb intel, or other investigations where there might be text or files in foreign languages. DeepL supports translating text and files via the API and can return them to the War Room with context for further use. I was excited to create the content pack, and I hope it will be beneficial for XSOAR users. Right now, I’m developing a Playbook to submit files and wait for the translations as well as some dedicated layout views that might be handy. I hope to add these features to the pack in the coming weeks.
When I started contributing packs, I was quite lost as I am not a developer, so tools like Github and VScode were not familiar to me. Luckily the development portal for XSOAR has really nice documentation on the best practices and examples on how to create your code so it conforms to the best practices set by the XSOAR content development team. The process of contributing has been made simple as you can contribute from the XSOAR GUI directly. After a few clicks and some basic linting checks you can submit your content into the Marketplace. It will go through expert analysis by the XSOAR content team and they will work with you to discuss possible changes and missing items. I truly encourage everyone that has created content to contribute as it's really straightforward and simple via the GUI and makes XSOAR better every time.
If you’d like to visit or download the DeepL pack, you can find it on the XSOAR Marketplace. I hope that it works well for you! You can also check out the 850+ content packs we have currently available.
For more information on submitting a pack, check out our Contributing Docs.