* [Blog](https://www.paloaltonetworks.com.au/blog) * [Security Operations](https://www.paloaltonetworks.com.au/blog/security-operations/) * [Must-Read Articles](https://www.paloaltonetworks.com.au/blog/security-operations/category/must-read-articles/) * Automation Rising 2020 SO... # Automation Rising 2020 SOAR Hackathon Results [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2Fsecurity-operations%2Fautomation-rising-2020-soar-hackathon-results%2F) [](https://twitter.com/share?text=Automation+Rising+2020+SOAR+Hackathon+Results&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2Fsecurity-operations%2Fautomation-rising-2020-soar-hackathon-results%2F) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2Fsecurity-operations%2Fautomation-rising-2020-soar-hackathon-results%2F&title=Automation+Rising+2020+SOAR+Hackathon+Results&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com.au/blog/security-operations/automation-rising-2020-soar-hackathon-results/&ts=markdown) \[\](mailto:?subject=Automation Rising 2020 SOAR Hackathon Results) Link copied By [Emily Violi](https://www.paloaltonetworks.com/blog/author/emily-violi/?ts=markdown "Posts by Emily Violi") Nov 19, 2020 6 minutes [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown) [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown) [Cortex XSOAR](https://www.paloaltonetworks.com/blog/tag/cortex-xsoar/?ts=markdown) [Hackathon](https://www.paloaltonetworks.com/blog/tag/hackathon/?ts=markdown) [marketplace](https://www.paloaltonetworks.com/blog/tag/marketplace/?ts=markdown) [playbooks](https://www.paloaltonetworks.com/blog/tag/playbooks/?ts=markdown) [security orchestration](https://www.paloaltonetworks.com/blog/tag/security-orchestration/?ts=markdown) ## **Announcing the Automation Rising 2020 Hackathon Winners!** It is with great pleasure and excitement that we get to announce the final results and winners of the Automation Rising 2020 SOAR Hackathon, Palo Alto Networks' first-ever security playbook building competition! During this two-month-long challenge, the Cortex XSOAR team joined forces with our four amazing sponsors AWS, Google, RiskIQ, and Sixgill to offer over $65k across 8 different prize categories to developers in the security community. In total, we had nearly 600 participants who built automated security playbooks for the Cortex XSOAR Marketplace - our recently launched innovation ecosystem to make security products work better together to deliver critical results. We were amazed at how quickly the security community around the globe innovated to automate critical security processes, streamline workflows, and increase efficiency across security tools. Our Hackathon participants pulled from their technical expertise and deep knowledge of threat trends to identify existing gaps and solve critical security challenges. The resulting submissions showcase the boundless potential for security innovation and the role that Cortex Marketplace can play in accelerating that innovation in the future. [](https://automationrising.devpost.com/project-gallery) [![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/11/1-all-winners.png)](https://automationrising.devpost.com/project-gallery) **Hackathon Highlights** * We had 587 participants join the competition from 57 countries around the world! * Participants and winners received a total of $65,000 in cash and other prizes. * Dozens of playbooks including the 14 winning contributions are being reviewed by our security experts and will be considered for our Marketplace. ### **Hackathon Champions** Here are the official winners of the Automation Rising 2020 SOAR Hackathon: **Best Security Playbook Winner:** [*Threat Detection Automation in IT OT converged Networks*](https://automationrising.devpost.com/review/submissions/cXRUMkJmNitSSktLTFVvc0djOTB6SllQL3V5WENIcjY2UDZzQ3pmZmw4UVJ5OXhYWE1lR3BUdytpbG9QSEsrd0o3TkhoVEJYdDlDbFBUWU1CRXVHUDU4MDlVY3Q3aCs1RGwvYm9VQnlyRU09LS0zOFVQMXc1N2ZiQWdBMlZiM1Z4NXZ3PT0=--4693635e1d4eaabcf984e1f19908e934daff5dd6)*by Weranga Kumaradasa* [](https://automationrising.devpost.com/review/submissions/cXRUMkJmNitSSktLTFVvc0djOTB6SllQL3V5WENIcjY2UDZzQ3pmZmw4UVJ5OXhYWE1lR3BUdytpbG9QSEsrd0o3TkhoVEJYdDlDbFBUWU1CRXVHUDU4MDlVY3Q3aCs1RGwvYm9VQnlyRU09LS0zOFVQMXc1N2ZiQWdBMlZiM1Z4NXZ3PT0=--4693635e1d4eaabcf984e1f19908e934daff5dd6) [![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/11/2-best-security-playbook.png)](https://automationrising.devpost.com/review/submissions/cXRUMkJmNitSSktLTFVvc0djOTB6SllQL3V5WENIcjY2UDZzQ3pmZmw4UVJ5OXhYWE1lR3BUdytpbG9QSEsrd0o3TkhoVEJYdDlDbFBUWU1CRXVHUDU4MDlVY3Q3aCs1RGwvYm9VQnlyRU09LS0zOFVQMXc1N2ZiQWdBMlZiM1Z4NXZ3PT0=--4693635e1d4eaabcf984e1f19908e934daff5dd6) This playbook aims to solve challenges in IT-OT convergence networks by correlating the alerts generated by both IT and OT point security products, identifying the malware that may have moved across the IT-OT boundaries, and containing the malware to prevent further damage to the organization. Judge Anton Chuvakin, a security solution strategy leader at Google Cloud, describes this winning submission by saying \*"\**While many things in cyber security are challenging, dealing with a mix of IT and OT systems ranks towards the top of the challenge pyramid. Any SOAR playbook that works in such production environments is expected to be of much help to organizations.* *"* Fantastic, Weranga! **Best Palo Alto Networks' Playbook Winner:** [*SecureHealth integration*](https://automationrising.devpost.com/review/submissions/UVRhUWJic2ZwRGhRV0JsL1MwbGZnMk5tL3c1Tit1aTFHVnFzbUNEaGd6a3lobFVlM2c4RDcwNmhrTjlTVjhZR0UzekJDSHhXS3pRaWRPTDZyUGk0dnV1eEMwWEtxaVpoL3NOMUc4ank4YXM9LS1CTU5CSVlMVmVnTlRmV1hsOEp6T0FnPT0=--408c9e0a3d6fe2d81f7197b15b62f1aa60f1f5c2)*by Seth Piezas* [](https://automationrising.devpost.com/review/submissions/UVRhUWJic2ZwRGhRV0JsL1MwbGZnMk5tL3c1Tit1aTFHVnFzbUNEaGd6a3lobFVlM2c4RDcwNmhrTjlTVjhZR0UzekJDSHhXS3pRaWRPTDZyUGk0dnV1eEMwWEtxaVpoL3NOMUc4ank4YXM9LS1CTU5CSVlMVmVnTlRmV1hsOEp6T0FnPT0=--408c9e0a3d6fe2d81f7197b15b62f1aa60f1f5c2) [![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/11/3-best-PANW-integration-playbook.png)](https://automationrising.devpost.com/review/submissions/UVRhUWJic2ZwRGhRV0JsL1MwbGZnMk5tL3c1Tit1aTFHVnFzbUNEaGd6a3lobFVlM2c4RDcwNmhrTjlTVjhZR0UzekJDSHhXS3pRaWRPTDZyUGk0dnV1eEMwWEtxaVpoL3NOMUc4ank4YXM9LS1CTU5CSVlMVmVnTlRmV1hsOEp6T0FnPT0=--408c9e0a3d6fe2d81f7197b15b62f1aa60f1f5c2) Seth's work in the medical device industry and his knowledge of the expanding medical attack surface inspired his submission. This integration allows medical devices that are provisioned and controlled through SecureHealth to be monitored through Cortex XSOAR. Judge Rishi Bhargava spoke to the important application of this integration, stating \*"\**The SecureHealth Hackathon contribution uses Palo Alto Networks NGFW AppId feature to solve the prevalent IOT security issue within the healthcare domain. The content pack detects anomaly in AppId and uses the security data collected by google chronicle to further enrich and respond to the threat using Cortex XSOAR.* *"* Thank you, Seth! **Customer Choice Award Winner** :[*1+1 = 3 Supercharging XSOAR with Ansible*](https://automationrising.devpost.com/review/submissions/ajRGUE5rc0VxOS9sV0JZajd6eTRlYkJyWlNwUDB6VzBqVUlyY1hZeHJpWmNwaVpkZ2pDQnBVWkF4UDVjTmVVMjQrYWZqYUdlaXZrM3RJZktEWGp6S0ppS1BZZVNVc0RXOXZBMlRVeWdzVE09LS1ZMzRCbG1BVVg3bmk0NXhxY2dIU0d3PT0=--0ec28f2fbb008bf34f2eb505b1702efac488eb16)*by Serge Bakharev* [](https://automationrising.devpost.com/review/submissions/ajRGUE5rc0VxOS9sV0JZajd6eTRlYkJyWlNwUDB6VzBqVUlyY1hZeHJpWmNwaVpkZ2pDQnBVWkF4UDVjTmVVMjQrYWZqYUdlaXZrM3RJZktEWGp6S0ppS1BZZVNVc0RXOXZBMlRVeWdzVE09LS1ZMzRCbG1BVVg3bmk0NXhxY2dIU0d3PT0=--0ec28f2fbb008bf34f2eb505b1702efac488eb16) [![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/11/4-best-business-and-customer-choice-playbook.png)](https://automationrising.devpost.com/review/submissions/ajRGUE5rc0VxOS9sV0JZajd6eTRlYkJyWlNwUDB6VzBqVUlyY1hZeHJpWmNwaVpkZ2pDQnBVWkF4UDVjTmVVMjQrYWZqYUdlaXZrM3RJZktEWGp6S0ppS1BZZVNVc0RXOXZBMlRVeWdzVE09LS1ZMzRCbG1BVVg3bmk0NXhxY2dIU0d3PT0=--0ec28f2fbb008bf34f2eb505b1702efac488eb16) This playbook and its featured integrations within Cortex XSOAR fill the gaps required for IT infrastructure operations using Ansible modules. Judge Heather Gantt-Evans, Sr. Director of Security Operations and Cyber Resilience at Home Depot, was thrilled about this playbook and told us \*"\**I love that this solution helps IT and Security speak each other's language while also opening up Ansible usage to people who do not code (which enables more D\&I). I also loved that the author went above and beyond on the number of integrations he custom coded.* \*"\*Great work, Serge! **Additional Winners:** Runner Up Palo Alto Networks Product Integration Playbook:[*AWS EC2 - Prisma and XDR*](https://automationrising.devpost.com/review/submissions/N1lPSlorQmR3ZmtaaW1pcDFURml0UzZZbmMyODlNVmNIMDZaY0xCc2R1cVljVWwzdlJncDFXcTlMUmpaajRaZ01ERXkwZWNPRXA3N2llY3ErcGY5RVJOOFI0dW42WDRpLzY4c0RLWTgweTQ9LS1nSzlUbmF0RXczYm5vNGJHTGJISGNBPT0=--d5debe02edec062deb776a54cec0314952c8ff1c)*by Manoj V* Runner Up Security Playbook:[*SlashNext Online Brand Protection Detect \& Respond Playbook*](https://automationrising.devpost.com/review/submissions/MzYzZGt5NkZoS1RUd0w1SnRJNzNXMi9GN0JPeENsdzFOUGlLSXNucmFMYS9QZm5GTGZoSnFERjN2SmlGL0FxWWYrcHRJbXp6T3YvaXI1VkorQ1FjNDFONVZLd3F2NWlrMC9LMk80QlM3akk9LS14Zll3R1VaVy9kbHRkRUFhTjRuN2lnPT0=--6bf4d26df2b782300344e2b753687f6f5e0c642e)*by Lisa O'Reilly* Early Submission Prize:[*AWS Security Hub | Starter Pack*](https://automationrising.devpost.com/review/submissions/K3NaeGdlV0d5eFR5ZVhkVGd0TGRXcjhOZkNMSlJyaXNsc29ZWDQ2YVp5TXdnWlUxeXJwSXBzSHQ1SjREdlVQZk16aGZ6djNMbVhJbXdSeS83WlIrZ3JRdldiNWFIemY2R1ovSVpwdFJBZGM9LS1PT0JJZmw2YmU1SEU1OGk5WTM4RXpBPT0=--2870e18f6aa03694deda293b96bd38650a61d7ec)*by Daniel Prince* Best Business Use Case Playbook:[*1+1 = 3 Supercharging XSOAR with Ansible*](https://automationrising.devpost.com/review/submissions/ajRGUE5rc0VxOS9sV0JZajd6eTRlYkJyWlNwUDB6VzBqVUlyY1hZeHJpWmNwaVpkZ2pDQnBVWkF4UDVjTmVVMjQrYWZqYUdlaXZrM3RJZktEWGp6S0ppS1BZZVNVc0RXOXZBMlRVeWdzVE09LS1ZMzRCbG1BVVg3bmk0NXhxY2dIU0d3PT0=--0ec28f2fbb008bf34f2eb505b1702efac488eb16)*by Serge Bakharev* Runner Up Business Use Case Playbook:[*Temp Account Management for External Parties*](https://automationrising.devpost.com/review/submissions/a3QyQzl4QmlId2FMRnpSeS9rR0hkMWNFRDkwR3VzZlgwQVJLbjZ1TmxrYy80MXk4eWxOODRqWmNZQVQwY2x6MFpxcStZanFSMFJmSWI4MVdXVlEybU5qSzZJWVJobTVzOE9UT0NXMkVOc289LS02b0FiRmpQcXQwZmxaZzYzU0hVTXFBPT0=--78d1f50017fa70d5535a78bf47c3b127be3751b5)*by Apple Li* In addition to all of the winners above, our sponsors each chose their favorite "hack", recognizing the exciting relationships between Cortex XSOAR and their leading product offerings: **![AWS logo](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/11/aws-logo.png)AWS Security Hub** Playbook Winner: [AWS Security Hub Starter Pack](https://automationrising.devpost.com/review/submissions/K3NaeGdlV0d5eFR5ZVhkVGd0TGRXcjhOZkNMSlJyaXNsc29ZWDQ2YVp5TXdnWlUxeXJwSXBzSHQ1SjREdlVQZk16aGZ6djNMbVhJbXdSeS83WlIrZ3JRdldiNWFIemY2R1ovSVpwdFJBZGM9LS1PT0JJZmw2YmU1SEU1OGk5WTM4RXpBPT0=--2870e18f6aa03694deda293b96bd38650a61d7ec) *by Daniel Prince* This playbook classifies Security Hub incidents and maps the fields to an XSOAR instance with the goal of taking a cloud-native application with auto scaling groups and automatically remediating a compromised instance. A creative collaboration between AWS and Palo Alto Networks technology. [](https://automationrising.devpost.com/review/submissions/K3NaeGdlV0d5eFR5ZVhkVGd0TGRXcjhOZkNMSlJyaXNsc29ZWDQ2YVp5TXdnWlUxeXJwSXBzSHQ1SjREdlVQZk16aGZ6djNMbVhJbXdSeS83WlIrZ3JRdldiNWFIemY2R1ovSVpwdFJBZGM9LS1PT0JJZmw2YmU1SEU1OGk5WTM4RXpBPT0=--2870e18f6aa03694deda293b96bd38650a61d7ec) [![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/11/5-AWS-Security-Hub-playbook.png)](https://automationrising.devpost.com/review/submissions/K3NaeGdlV0d5eFR5ZVhkVGd0TGRXcjhOZkNMSlJyaXNsc29ZWDQ2YVp5TXdnWlUxeXJwSXBzSHQ1SjREdlVQZk16aGZ6djNMbVhJbXdSeS83WlIrZ3JRdldiNWFIemY2R1ovSVpwdFJBZGM9LS1PT0JJZmw2YmU1SEU1OGk5WTM4RXpBPT0=--2870e18f6aa03694deda293b96bd38650a61d7ec) Runner Up: [AWS EC2 Compromise Response](https://automationrising.devpost.com/review/submissions/U2k1ODN3Nkh3MDhIL3pXZ0hzNkkrWFBFdnJwWUtwRWRKZ0VDSUVKaWx0YVhvVkFQZ0lTZkpjMlc4Q24zRWFGUWhUWGg4M2p6NkZJZUR5dE9LNVJRUStDa2JKZGRzQjR2QW9TZk50UUdOSUk9LS05cmtUZmFwdktOeE5ta3RaWkJSSnN3PT0=--492fb7e317d86c3f1d7f85dc23432ebc1537c7fe)*by Thomas Burnette* **![Chronicle logo](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/11/chronicle-logo.png)Google Chronicle** Playbook Winner: [Chronicle Threat Hunting](https://automationrising.devpost.com/review/submissions/MFk3UlA5Y1I2MzVmdnFCZGRVeUlsRWUvWFA2dHQ2VTgxaGhoMU1tMld2U1VoZVVGVEtUajQ4N2Ria1cySWk1U1NLYTBURlZpbEVwWlNOK24xR1lzRDNtWjMxSWZuTHgveGp4bTgreDB1Wlk9LS01QWF3WnBBQ2dMeDlMNTdtMDF3Zmp3PT0=--6ca207348aed6dda8be13886db16a820fbdf47db)*by Manoj V* This playbook leverages Cortex XSOAR and Google Chronicle capabilities to detect, identify, and thoroughly understand Indicators of Compromise (IoCs). This important integration will allow analysts and incident responders to quickly isolate and respond to threats by giving them the data they need to apply IoCs to their environments. [](https://automationrising.devpost.com/review/submissions/MFk3UlA5Y1I2MzVmdnFCZGRVeUlsRWUvWFA2dHQ2VTgxaGhoMU1tMld2U1VoZVVGVEtUajQ4N2Ria1cySWk1U1NLYTBURlZpbEVwWlNOK24xR1lzRDNtWjMxSWZuTHgveGp4bTgreDB1Wlk9LS01QWF3WnBBQ2dMeDlMNTdtMDF3Zmp3PT0=--6ca207348aed6dda8be13886db16a820fbdf47db) [![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/11/6-Chronicle-playbook.png)](https://automationrising.devpost.com/review/submissions/MFk3UlA5Y1I2MzVmdnFCZGRVeUlsRWUvWFA2dHQ2VTgxaGhoMU1tMld2U1VoZVVGVEtUajQ4N2Ria1cySWk1U1NLYTBURlZpbEVwWlNOK24xR1lzRDNtWjMxSWZuTHgveGp4bTgreDB1Wlk9LS01QWF3WnBBQ2dMeDlMNTdtMDF3Zmp3PT0=--6ca207348aed6dda8be13886db16a820fbdf47db) Runner Up: [Incident Response Pack](https://automationrising.devpost.com/review/submissions/ZTNPa0l6bXYrVEFKaGRsVXovb1ErZEVqQWZIaFFuNmcyNit2SUtKVGJFdkVsQXl4TzdXaGRZam9jRldsK2d3RVhOdFFGeDQwOWtmczkwRU5PcWxmT2NWc3l3dUxyQWVDQnFUdW9iS2c1UUE9LS16QzZpV2JJaHBITGprbWkxRTV6cjRBPT0=--f83e7e477724953fa02fb237a7b6179080a8c929) *by Arpitha Srinivas* ![sixgill logo](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/11/sixgill-logo.png)**Sixgill** Playbook Winner: [Sixgill Stolen Domain Investigation](https://automationrising.devpost.com/review/submissions/Tk9EaEoxa3dycjJIVVlDcC8wL09QZTBxd3l0LzRTNUVZSGJ1MjAwN3BXazVOQ1ZFRkpTSXZYaEpOSWExa3U0WGE2QjZza2tqNmdvM24vV3BDT1h1MWlWZm42WEhPWmxWNlg3dm9BNkxXeVk9LS1qSlpFRXhrNzFUcGFqY3gyOFpDamRRPT0=--f0b15c429cd9e6e0f9b450ac44d5095d88e85e98) *by Manoj V, U S, and Mala Verma* This playbook is a powerful collaboration between Cortex XSOAR, Sixgill, and RiskIQ. It allows organizations to quickly recognize stolen or malicious domains, and integrate that information into the layers of protection that surround their environment. [](https://automationrising.devpost.com/review/submissions/Tk9EaEoxa3dycjJIVVlDcC8wL09QZTBxd3l0LzRTNUVZSGJ1MjAwN3BXazVOQ1ZFRkpTSXZYaEpOSWExa3U0WGE2QjZza2tqNmdvM24vV3BDT1h1MWlWZm42WEhPWmxWNlg3dm9BNkxXeVk9LS1qSlpFRXhrNzFUcGFqY3gyOFpDamRRPT0=--f0b15c429cd9e6e0f9b450ac44d5095d88e85e98) [![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/11/8-Sixgill-playbook.png)](https://automationrising.devpost.com/review/submissions/Tk9EaEoxa3dycjJIVVlDcC8wL09QZTBxd3l0LzRTNUVZSGJ1MjAwN3BXazVOQ1ZFRkpTSXZYaEpOSWExa3U0WGE2QjZza2tqNmdvM24vV3BDT1h1MWlWZm42WEhPWmxWNlg3dm9BNkxXeVk9LS1qSlpFRXhrNzFUcGFqY3gyOFpDamRRPT0=--f0b15c429cd9e6e0f9b450ac44d5095d88e85e98) Runner Up: [Sixgill XSOAR Content Pack](https://automationrising.devpost.com/review/submissions/WjBpa0NtQWw3SHNiZUJUTGdzREZ3d08yN0ttTTBUaVdjZHlnZGVrRGlMREtZNDE4T0dVSnpvbzdrU0VhL3FHRnN1Q2QxN0ZKNlJmVXdka3BIODVTRUxzYTdJK2ZXY3JWa2FZQ09TU2dNS2c9LS1PMElSdnJhSlJPM2xlU0huZlpncHZnPT0=--afebf2dd512a2ec1291f357422e75546e3f89df2) *by Arpitha Srinivas* ![RiskIQ logo](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/11/riskIQ_logo.png)**RiskIQ** Playbook Winner: [Cyber Squatting Detection with XSOAR](https://automationrising.devpost.com/review/submissions/SFVCTWdNaEsvVW84eDhyMGV6L3RhYk9YNFdmMGcwb1g5TTRtKzBweUZJNklFUHpYVzA0aDZ0M3ozb2VrUzVGWEg2S3l1RUVQWWtqLzMrWGkyMDBtaTBTV0xVNkFzNXVGMVZVb1hja01BbUE9LS1oQUxyYUtHYzd6NXhDK2Y0YitxSnpRPT0=--70bbdb0956e90c903dc1b36b1c66697acc9ec89c) *by Manoj V* This playbook allows organizations to quickly identify cybersquatting and phishing domains. Helping organizations to protect employees, customers, and their own brand, this critical integration with RiskIQ gives analysts the tools they need to determine if a domain exists and if it is legitimate or malicious. [](https://automationrising.devpost.com/review/submissions/SFVCTWdNaEsvVW84eDhyMGV6L3RhYk9YNFdmMGcwb1g5TTRtKzBweUZJNklFUHpYVzA0aDZ0M3ozb2VrUzVGWEg2S3l1RUVQWWtqLzMrWGkyMDBtaTBTV0xVNkFzNXVGMVZVb1hja01BbUE9LS1oQUxyYUtHYzd6NXhDK2Y0YitxSnpRPT0=--70bbdb0956e90c903dc1b36b1c66697acc9ec89c) [![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/11/7-RiskIQ-playbook.png)](https://automationrising.devpost.com/review/submissions/SFVCTWdNaEsvVW84eDhyMGV6L3RhYk9YNFdmMGcwb1g5TTRtKzBweUZJNklFUHpYVzA0aDZ0M3ozb2VrUzVGWEg2S3l1RUVQWWtqLzMrWGkyMDBtaTBTV0xVNkFzNXVGMVZVb1hja01BbUE9LS1oQUxyYUtHYzd6NXhDK2Y0YitxSnpRPT0=--70bbdb0956e90c903dc1b36b1c66697acc9ec89c) Runner Up: [RiskIQ Threat Hunting](https://automationrising.devpost.com/review/submissions/VXJHTS94OWc2WjY0WDhKUG81eUZnbVBBV3JMSDVwM0s5VmVkcWpJRzdwTnR6dFpQNzNpaUpMSTA5UTY3anFSMEl1eTNRYTdqNmxaNDBqcVdWZ1ErRmppSWlsZjJ5aHNRWmI2ZlRObDdod009LS1TUGRYaGVqOW1HaDNpM3dDbXpPNHl3PT0=--9c7dc43cfa3ed752888f0884cb1dacdd15260efe) *by Manoj V, Mala Verma, and U S* Check out the full list of submissions and winners at [https://automationrising.devpost.com/](https://automationrising.devpost.com/) ### **A Huge Thank You to Our Participants, Judges, and Sponsors!** Congratulations to all the Hackathon winners and a huge thank you to all participants for your important contributions. We are grateful to our judges for donating their time and their expertise, defining the criteria for a winning playbook and reviewing hundreds of submissions. ![Cortex XSOAR Hackathon judges](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/11/hackathon-judges.png) Finally, we thank our sponsors for making this event possible and supporting the vision of SOAR and mission of the Cortex XSOAR Marketplace. A special thank you to Amazon Web Services (AWS) for donating the cloud host instances for all of our participants, giving them a seamless experience and the platform they needed to excel. ![Hackathon sponsor logos](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/11/hackathon-sponsors.png) [Cortex XSOAR Marketplace](https://xsoar.pan.dev/docs/partners/marketplace) will continue to play a significant role in scaling and accelerating the use of automation in enterprise security. We are honored to have such a great start to our journey back in August and will continue to push forward with innovations in the marketplace to make sure that each day is safer and more secure than the one before. *** ** * ** *** ## Related Blogs ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown) [#### Cortex XSOAR Marketplace's Top Contributors for April - June 2023!](https://www.paloaltonetworks.com.au/blog/security-operations/cortex-xsoar-marketplaces-top-contributors-for-april-june-2023/) ### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Partner Integrations](https://www.paloaltonetworks.com/blog/security-operations/category/partner-integrations/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) [#### Use VMRay Analyzer's Contextual Threat Intelligence for Automated Threat Hunting in Cortex XSOAR](https://www.paloaltonetworks.com.au/blog/security-operations/use-vmray-analyzers-contextual-threat-intelligence-for-automated-threat-hunting-in-cortex-xsoar/) ### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Secure the Future](https://www.paloaltonetworks.com/blog/category/secure-the-future/?ts=markdown) [#### Automation Rising 2020: Join the Ultimate Playbook Building Challenge!](https://www.paloaltonetworks.com.au/blog/2020/08/cortex-playbook-building-challenge/) ### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Partner Integrations](https://www.paloaltonetworks.com/blog/security-operations/category/partner-integrations/?ts=markdown) [#### Deloitte's Cloud Migration Success: Transforming SecOps with Cortex XSOAR](https://www.paloaltonetworks.com.au/blog/security-operations/deloittes-cloud-migration-success-transforming-secops-with-cortex-xsoar/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown) [#### Cortex XSOAR Ranked #1 for SOC Automation](https://www.paloaltonetworks.com.au/blog/security-operations/cortex-xsoar-ranked-1-for-soc-automation/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown) [#### What's Next in Cortex - New Wave of Innovations in Cortex (June 2024 Release)](https://www.paloaltonetworks.com.au/blog/security-operations/whats-next-in-cortex-new-wave-of-innovations-in-cortex-june-2024-release/) ### Subscribe to Security Operations Blogs! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www.paloaltonetworks.com.au/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language