Skip to main content

Cortex - User Guide

In this article, you will understand step by step how to easily integrate with Cortex

Updated over a week ago

Cortex is a cloud security platform by Palo Alto, that helps organizations identify and fix risks in their cloud environments.

Cortex detects vulnerabilities, misconfigurations, and attack paths across cloud providers like AWS, Azure, and Google Cloud.

Permissions for Cortex Integration

View permission for these scopes:

  • Cases and Issues

  • Access Management

  • Asset Inventory

How to Connect Scytale and Cortex

1. In Scytale, go to 'Integrations'.

2. Search for Cortex and select 'Connect'.

3. Paste API key, API key ID and FQDN

4. Add a connection name - this will be used to differentiate between your connections - and then select 'Connect'.

You have now successfully connected to Cortex!

How to create an API Key in Cortex

  1. Log in to your Cortex account.

  2. Navigate to Settings → Configurations → Access Management → Roles.

  3. Create a role with View permission for “Cases and Issues”, “Access Management” and “Asset Inventory”.

  4. Navigate to Settings → Configurations → Integrations → API Keys.

  5. Generate a new API key with Standard security level and the role you just created.

  6. Get the ID of the API key you just generated. You can find it on the API Keys page.

  7. Generate FQDN:

    • Click Copy API URL.

Related Articles
GCP Integrations - User Guide
GCP Resource Manager - User Guide
Datadog - User Guide
Hetzner - User Guide
SentinelOne - User Guide
Did this answer your question?