Docs Tech Contact

Use Palo Alto Cortex XSOAR with OctoxLabs Platform

We are happy to announcement the OctoxLabs Integration enabled in Palo Alto Cortex XSOAR.
Why should you use OctoxLabs on Cortex XSOAR in your security operations?
  • Fetch devices with advanced/complex queries as historically.
  • Fetch specific device information with its extended details and display these data as historically.
How does it work?
Let's see what's OctoxLabs do in Cortex XSoar.
Installation
  • Log in to your Cortex XSOAR admin interface
  • On the left menu, tab over MarketPlace
  • Type "octoxlabs" in search bar and click it.
Click "Install" button on top right corner.
Usage
To setup OctoxLabs Integration on Cortex XSOAR.
  • Go to Settings on the left menu.
  • Tab over Integrations > Instances.
  • Search "octoxlabs" in search bar.
  • Click Add Instance button.
Generate API Key on OctoxLabs
  • Log in to your OctoxLabs Platform.
  • Click Settings button on right top corner.
  • Tab over Users.
  • Click Add User button.
  • Select User Type option as "API User", fill other fields.
  • Click create and edit button in action column.
  • Copy API Token.
Configure OctoxLabs Integration
  • Type your OctoxLabs Platform IP
  • Paste your OctoxLabs API Token
Click "Test" button and check everything is ok.
Save & Exit.
Generate query
In our case, we want fetch devices defined in active directory, seen last in 60 days and unscanned on nessus platform.
  • Log in to your OctoxLabs Platform.
  • Tab over Devices
  • Click Query Wizard button and open it.
Close query wizard and copy query in search bar.
Adapters = active-directory AND LastSeen last now-60d/d AND NOT Adapters = nessus`
Run query on Cortex XSOAR
Run **!octoxlabs-search-devices** command on your Cortex XSOAR. We want to see Hostnames and Ip Addresses of searched devices. Page and Size fields are not required. Page is 1 as default, Size is 50 as default. If you don't use Fields field, OctoxLabs uses default fields on defined own it.

`!octoxlabs-search-devices query="Adapters = active-directory AND LastSeen last now-60d/d AND NOT Adapters = nessus" fields="Hostname, IpAddresses" page=1 size=5`
Summary
OctoxLabs Integration on Palo Alto Cortex XSOAR is here to change your security approaches and find your gaps.
Thank you Cortex XSOAR developers and community.
Best regards.

Request a Demo

We can help you improve your security.
Request a demo to see for yourself about OctoXLabs CAASM Platform.
Get a platform for asset management that is both secure and comprehensive.
Make your flaws known.
Check that your policies are being followed correctly.
Manage your apps.
Get license management.
Keep track of your security flaws.
Make your work more automated.