As automation becomes mainstream in security operations, there’s been a shift from automating complex workflows to automating anything, including frequent, simple, and repetitive tasks.
Our mission is clear: We want to dramatically reduce the effort required to automate the small, quick, but high-frequency tasks that add up over time and create significant inefficiencies and user frustration. To make automation more accessible, scalable, and impactful for security teams of any size.
Introducing A New, Intuitive Way to Build Playbooks
Our instant automation approach transforms playbook building into a seamless, intuitive experience, eliminating the complexities of setup and execution. Users can focus entirely on their use case rather than the underlying technology, enabling faster automation adoption.
- Start and finish in one place - There is no need to worry about prerequisites, dependencies, or setup. The process is streamlined, so users can begin automation without prior knowledge of integrations, required packs, or platform configurations.
- Use-case first approach – Instead of thinking about alerts, incidents, or integration configurations, users simply define what they want to automate and let the platform handle the rest.
- Intuitive flow creation – Users can “draw” their automation on a visual canvas, leveraging our extensive library of over 1,000 integrations. Missing components are automatically installed or flagged for configuration, ensuring a smooth setup.
- Simplified playbook management – The new playbooks view ensures users only see relevant playbooks. Existing customers will benefit from automatic adoption recommendations based on usage patterns.
- Extensive playbook catalog - All of Cortex’s out-of-the-box playbooks, designed to answer common needs throughout the security lifecycle and across multiple products, are available for browsing through the playbooks page with an easy search for quick adoption and implementation.
- Full visibility into playbook usage – Users can now see exactly where a playbook is being used within their environment, directly from the playbook builder.
Automation for Everyone
Cortex XSOAR has long been a market leader in the security orchestration, automation, and response (SOAR) space, providing the most comprehensive platform for automation with an unmatched library of over 1,000 third-party integrations. Our platform is known for its deep customization capabilities, allowing organizations to tailor automation to their unique security processes.
This flexibility has allowed SOC teams to radically transform their operations using automation, with some teams expanding it beyond the SOC to network security and IT operations.
As we continue to enhance our automation features, we will focus on breaking down the barriers to automation, making it easier than ever for our users to maximize their efficiency. By simplifying playbook creation, streamlining adoption, and providing full visibility, we empower organizations to automate faster, scale smarter, and achieve more.
Experience the Future of Playbook Automation
These automation innovations are core to the Cortex platform, so Cortex XSIAM, Cortex XDR, and Cortex Cloud running on the new Cortex platform will feature this exciting new playbook-building experience, ensuring a unified and seamless automation journey for the user.
Get more details on our automation enhancements in the Cortex release notes.