# Palo Alto XSOAR integration (RUX)

{% hint style="info" %}
**Please Note:**

This article is ONLY for customers using Vectra's Respond UX (RUX) with XSOAR. While similar, there are some differences in the implementation for customers using the Quadrant UX. If you are unsure which UX you are using, please see: [Analyst UX options (RUX vs QUX)](https://docs.vectra.ai/deployment/getting-started/analyst-ux-options-rux-vs-qux) **.**

If you are configuring XSOAR for the Quadrant UX, please see [Palo Alto XSOAR integration (QUX)](https://docs.vectra.ai/configuration/response/soar/palo-alto-xsoar-integration-qux) instead.
{% endhint %}

## New Version Available

**November 2025 - Content Pack version 1.2.0**

The following documentation pertains to the Vectra integration for Palo Alto XSOAR content pack version 1.2.0.

## Contains

* Introduction\
  \- Document and Release Information
* Terminology
* Architecture
* Implementation\
  \- Vectra Pre-requisites\
  \- XSOAR Pre-requisites\
  \- Downloading and Installing the App\
  \- Implementation Checklist\
  \- Initial Configuration of New Asset
* Operational Components\
  \- Incidents\
  \- Incident Template\
  \- Incident Info\
  \- Entity Detections\
  \- War Room\
  \- Work Plan\
  \- Remaining Tabs\
  \- Context Data\
  \- Indicators\
  \- Actions\
  \- Playbooks
* Operations\
  \- Incident Creation Philosophy\
  \- Incident Priority\
  \- Investigate\
  \- Detections\
  \- War Room\
  \- Work Plan\
  \- Sync Assignment\
  \- Basic Workflow\
  \- Intermediate Workflow\
  \- Running Actions - General\
  \- Running Actions - Resolve Assignment
* Working with Playbooks
* Known Limitations
* Troubleshooting
* Worldwide Support Contact Information

### Attachments

{% file src="<https://4227135129-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FHJ1ltuWFvsArFWtevnRn%2Fuploads%2Fgit-blob-f64b6030b3592697eec3e2683011466e70532c0b%2FXSOAR%20Integration%20Guide%20for%20Vectra%20XDR.pdf?alt=media>" %}