Skip to main content

XM Cyber

Download With Dependencies

The XM Cyber integration creates unique incidents with valuable data collected daily, and enriches your existing incidents with attack simulation context. This enables you to prioritize your responses based on XM Cyber's insights.

Product/Integration Overview

XMCyber continuously finds attack vectors to critical assets. This integration fetches events (incidents) on new critical assets at risk, new choke points, and trends in the overall risk score. Additionally incidents are enriched with incoming attack vectors to the incident's endpoints, and critical assets at risk form the incident.

Use Cases

  • New attack path to a critical asset triggers alerts and options to quarantine/disconnect/patch
  • New attack technique triggers alerts and options to change policy, and scan endpoints
  • Incidents from EDRs are enriched with critical asset information and if the severity is high then action can be taken


XM Cyber


Cortex XSOARCortex XSIAM


CertificationRead more
Supported ByPartner
CreatedNovember 25, 2020
Last ReleaseSeptember 12, 2023

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.