Cortex XSOAR Marketplace is the future of acquiring new security tools, enabling customers to simplify the procurement process by subscribing to premium content packs with Marketplace points. Existing customers can trial any premium offering today, including the new SlashNext phishing pack and Titaniam data privacy pack. New to Cortex XSOAR? Sign up for the Community Edition.
One of the premium content packs listed here is not like any other: the Titaniam Protect content pack delivers the company’s real-time encryption capabilities for Cortex XSOAR data and incidents. This pack enables a new and advanced set of capabilities that enhances the operation of Cortex XSOAR by dynamically protecting sensitive data within our platform. Learn more about this new offering.
Get the latest Marketplace updates directly to your inbox by signing up for the monthly What’s SOARing Newsletter to stay up to date on new content releases.
We added 56 new packs and released over 900 updates last quarter, and now offer 700+ integrated content packs covering a wide range of security automation use cases including authentication, case management, endpoint security, email gateways, threat intel, messaging, network security, SIEM, and more. Since the launch of Marketplace last fall, we have seen over 1.3 million pack downloads and with the addition of new packs and use cases every month, we will continue to celebrate these milestones.
FireEye Central Management - Intelligence hub for the FireEye integration line.
Respond Analyst - Open investigations created by Mandiant Automated Defense (MAD) into XSOAR.
Sumo Logic Cloud SIEM - Apply automation and perform actual SOC workflows from your Cortex XSOAR platform.
JWT Token Generator - Generate JWT Tokens.
Thycotic Secret Server - Secure privileges for service, application, root and administrator accounts across your enterprise.
Asana Connect - Connect your Asana account with the Cortex XSOAR platform.
Elasticsearch Monitoring - Monitor Elasticsearch and Opensearch dashboards and widgets.
TheHive Project - Provides an integration, incident type and layout for use with TheHive Project.
TOPdesk - Connect to the TOPdesk portal, connecting service teams and processing requests.
Trello - Interact with Trello task manager.
ArcannaAI - Provides AID assistance for alert triage.
G Suite Security Alert Center - Fetch alert types, delete or recover alerts, retrieve an alert's metadata, and create or view alert feedback.
Google Cloud SCC - Enables consistent and continuous organization-wide detection and response by leveraging Google Cloud Security.
Group-IB Threat Intelligence & Attribution - Manage your incident and indicators from Group-IB.
Host.Io - Collect and retrieve information about any domain in Host.io’s database.
IPQualityScore (IPQS) - Detect threats with real-time risk scoring by IPQS.
Linkshadow - Fetch network anomaly data from LinkShadow and execute the remediation actions.
OpenCTI - Connect to the OpenCTI database for threat indicators and additional information to help with your investigation.
SlashNext - [Premium] - Fully automate the phishing incident response process such as the analysis of suspicious URLs.
TwitterIOCHunter - Implements the Twitter IOC project daily full feed as indicator feed into XSOAR.
Unit42 v2 - Introduces the STIX format and ingests more Threat Intel than before.
FireEye Email Security (EX) - Protects against breaches caused by advanced email attacks.
TrustwaveSEG - Protects from email-borne threats, including phishing, blended threats, and spam.
Covalence - Triggers by any alert from endpoint, cloud, and network security monitoring, with mitigation steps where applicable.
Azure Storage - Manage storage accounts and blob services and containers.
iLert - Respond to incidents faster by alerting and notifying users more efficiently.
SendGrid - Track email opens, unsubscribes, bounces, and spam reports.
Confluera - Fetch detections & progressions from confluera's Iq-Hub portal.
F5 Silverline - Retrieve alerts and read/update IP lists.
HPE Aruba Clearpass - Provides role and device-based network access control for employees, contractors, and guests across any multi-vendor wired, wireless and VPN infrastructure.
Microsoft 365 Defender - A unified pre- and post-breach enterprise defense suite that natively coordinates across endpoints.
Netscout Arbor Edge Defense - Detect and stop both inbound threats and outbound malicious communication from compromised internal devices.
NetScout Arbor Sightline - Identify potential network outages and gain business insights to solve your problems.
PAN-OS Policy Optimizer - Gain visibility into, control usage of, and safely enable applications in Security policy rules.
PAN-OS to Cortex Data Lake Monitoring - Monitor the PAN-OS FW log upload to the Cortex Data Lake in a recurring job.
SolarWinds - Interacts with the SWIS API to allow users to fetch alerts and events.
AlphaVantage - Provides accessible APIs for financial market data such as stock prices, trade volume, and more.
Armis - Manage your ecosystem by searching alerts and devices, tagging and untagging devices, and setting alert statuses.
BitSight - Measure, monitor, manage, and report on the cybersecurity program performance over time.
DBot Truth Bombs - DBot will provide humor, motivational affirmations, and companionship to your day to day efforts!
DevSecOps - Multiple integrations and playbooks for CI/CD orchestration.
FireEye Common Fields - Concentrates all of the mutual content entities for the FireEye integrations.
GenerateAsBuilt - Auto-generate as-built documentation based on the running XSOAR instance.
Identity - A table view of all identities related to an incident.
JSON Sample Incident Generator - A utility for testing incident fetching with mock JSON data.
MapPattern - Take in a value and transform it based on multiple condition expressions defined in a JSON dictionary structure.
Quantum Security Systems - Manage and automate SOC activities in an efficient way.
Random Images, Videos, and Audio - Change the themes of your dashboards and incident layouts.
Screenshot Machine - Capture any online web page with website screenshot API.
StringifyArray - A transformer to encode an array or any value given as JSON text.
TIM Campaign Tracking - Upload threat intelligence briefs to track IOCs related to specified threat actor campaigns.
Titaniam Protect - [Premium] - Encode and protect incident data.
XSOAR Lab Updates - Send weekly notifications of new packs to a dedicated Slack channel.
XSOAR Storage - Provides a server-wide Key/Value store that allows values to be stored and retrieved; it supports namespaces to assist with key collisions.
Cyberpion - Vulnerability assessment for far-reaching online ecosystems.
For a full breakdown of all the new XSOAR Integrations, check out the content packs in our web Marketplace by visiting: https://xsoar.pan.dev/marketplace/
Sign up to take your business to the next level by joining the Cortex XSOAR technology partner program and add your own integrated content pack to the Marketplace. Get exposure with thousands of visits each week! Learn more about our partner program.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.