JamfProtect

Details
Content
Dependencies
Version History

Apple Mobile and Mac endpoint protection

Integrations

Name	Description
Jamf Protect Event Collector	Use this integration to fetch audit logs events, alerts events and computer assets from Jamf Protect to Cortex XSIAM.

Modeling Rules

Name	Description
JamfProtect Modeling Rule

1.2.9 - 10150329 (June 14, 2026)

Documentation and metadata improvements.

Related pull requests:
- 44584

1.2.8 - 8542515 (April 28, 2026)

Modeling Rules

JamfProtect Modeling Rule

Documentation and metadata improvements.

Related pull requests:
- 43940

1.2.7 - 8227525 (April 13, 2026)

Integrations

Jamf Protect Event Collector

Updated the required API client permissions documentation to include Read access Compliance and Read access Plans permissions, which are necessary for the fetch-assets command to work correctly.
Updated the Docker image to: demisto/python3:3.12.13.8160132.

Related pull requests:
- 43828

1.2.6 - 8210013 (April 13, 2026)

Integrations

Jamf Protect Event Collector

Documentation and metadata improvements.

Related pull requests:
- 43748

1.2.5 - 7827247 (March 22, 2026)

Documentation and metadata improvements.

Related pull requests:
- 43566

1.2.4 - 5636304 (October 29, 2025)

Changes are not relevant for XSIAM marketplace.

Related pull requests:
- 41629

1.2.3 - R5469292 (October 20, 2025)

Integrations

Jamf Protect Event Collector

Updated the Docker image to: demisto/python3:3.12.8.3296088.

Related pull requests:
- 40498

1.2.2 - R3324525 (May 6, 2025)

Integrations

Jamf Protect Event Collector

Metadata and documentation improvements.

Related pull requests:
- 38987

1.2.1 - 2707769 (March 10, 2025)

Integrations

Jamf Protect Event Collector

Fixed an issue causing duplicate entries due to a mismatch in date formatting.
Updated the Docker image to: demisto/python3:3.12.8.1983910.

Related pull requests:
- 38975

1.2.0 - 2429474 (February 11, 2025)

Integrations

Jamf Protect Event Collector

Breaking Changes: The Fetch all computers was removed from the fetch events command. Instead, computers can now be fetched using the Fetch assets and vulnerabilities parameter.
Added the command fetch assets to fetch computers.
Added the datasets jamf_protect_computers_raw to store computers assets.

Related pull requests:
- 38336

1.1.6 - 1780397 (December 9, 2024)

Integrations

Jamf Protect Event Collector

Fixed an issue where the fetch-events command failed when no new events were fetched.

Related pull requests:
- 37150

PUBLISHER

PLATFORMS

Cortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	March 20, 2024
Last Release	June 14, 2026

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

By downloading or using Marketplace content, you agree to the applicable Terms of Use and End User License Agreement. Third-party content is provided by its publisher, and Palo Alto Networks does not warrant, endorse, support, or assume responsibility for content not expressly identified as owned by Palo Alto Networks.