Accelerated incident response in Cortex XSOAR through packet captures
The Cortex XSOAR platform excels at data collection and decision making when responding to incidents. However, when an issue moves beyond automation or requires analysts to step in, seamless access to network and packet data within the playbook is critical.
The CloudShark and Cortex XSOAR integration improves network intelligence by automatically uploading captures directly to a centralized, secure management platform designed for increasing team efficiency.
Using network packet intel as part of the Cortex XSOAR playbook gives your team the details needed, with the right context, to enhance and accelerate SIEM automation.