Skip to main content


Download With Dependencies

Run commands on Picus and automate security validation with playbooks.

Picus & Cortex XSOAR Integration: Automating Security Control Validation

When it comes to cybersecurity, prevention is always going to be more effective than reaction. Rather than responding to threats as they happen, a SOC will work to monitor a network around the clock. By doing so, they can detect malicious activities and prevent them before they can cause any severe damage. This step includes all actions taken to make successful attacks more difficult, including regularly maintaining and updating existing systems; updating firewall policies; patching vulnerabilities; and whitelisting, blacklisting, and securing applications.

With the development of technology in the security world, there have been new additions to the toolbox of security teams. Among these tools, SOAR and BAS product relations are now considered indispensable. Integration between Picus and Cortex XSOAR provides automation into Preventive Security Monitoring and Management workflows. Collaboration with PICUS and XSOAR enhance visibility and traceability in many areas.

Run Threats with SLA in Mind

The integration between PICUS and XSOAR allows:

  • Create Playbooks to use specific threats in the Picus Threat Library which has thousands of threats to test your analyst capabilities.

  • Check if it has been fixed after remediation.

  • After a new threat is added to PICUS, use playbooks for a quick assessment, remediation steps, and observation.

  • Pull mitigation suggestions directly from the unique PICUS mitigation library and use them in your playbooks for seamless automation to a security product.

  • See which threats blocked or which are don't work properly in your environment and remediate them automatically.

And see how robust your processes are by measuring the SLA of all these steps.

What does this pack do?

Using the Picus Security integration, you can run commands on Picus platform:

  • Get peer and vector list.
  • Run attacks on Picus.
  • Get specific threat and attack results.
  • Get mitigation list.

And with PICUS - Attack Validation Automation playbook, you can automate security validation.

Combine other Integrations with Picus Playbook

With the PICUS - Attack Validation Automation playbook as a guide, your development process is shortened, and see how these integrations can be used in your environment easily. Integration with applications like SIEM and ticketing tools can be done easily.

Mitigate like never before

The Picus Platform continuously and automatically simulates thousands of web application attacks, vulnerability exploitation attacks, malicious code attacks, and endpoint attacks mapped to MITRE ATT&CK to reveal security control gaps. The Picus Mitigation Library offers ad-hoc policy insights updated on a regular basis by Picus Labs Blue Team relevant to a vast array of security technologies based on technology alliances Picus formed across network security, EDR, and SIEM domains to mitigate the revealed gaps. The joint integration with Palo Alto Cortex XSOAR automation allows security teams to hook up with the network security mitigation suggestions directly from Picus Platform to security products seamlessly.


Picus Security


Cortex XSOARCortex XSIAM


CertificationRead more
Supported ByPartner
CreatedDecember 19, 2021
Last ReleaseSeptember 12, 2023

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.