Cortex XSOAR
Palo Alto Networks' enterprise SOAR platform (formerly Demisto) that centralizes incident response with automated playbooks, war room collaboration, and 750+ integrations. It's the connective tissue for Palo Alto's broader Cortex ecosystem.
What is Cortex XSOAR?
Cortex XSOAR, formerly known as Demisto, is Palo Alto Networks' enterprise-grade SOAR platform. It centralizes security incident response by providing a collaborative war room environment where analysts can work together on live incidents, automated playbooks that execute response actions across integrated tools, and a case management layer that tracks every action taken during an investigation. With over 750 content packs and integrations, XSOAR serves as the orchestration hub for security operations teams that need to coordinate responses across dozens of different security products. Its playbooks can be fully automated, semi-automated with analyst checkpoints, or manually triggered, giving teams fine-grained control over how much autonomy they delegate to the platform.
How does Cortex XSOAR work with Qevlar?
Qevlar can operate alongside Cortex XSOAR, either receiving cases from XSOAR playbooks for automated investigation or pushing enriched investigation results back into XSOAR for case management and audit tracking. This allows teams already invested in the Palo Alto ecosystem to extend their automation coverage without replacing existing workflows.
Other integrations
Want to help your analysts focus on the most critical alerts?
