demisto · mmhw · May 3, 2026 · Apr 30, 2026 · May 3, 2026 · May 3, 2026
@@ -142,6 +142,85 @@ messages and the steady flow of the integration.**
 2. Navigate to your Instance Settings page in Cortex XSOAR and click **Test**. A message should appear in the channel
    from your app.
 
+## Cortex AI Assistant in Slack
+
+The Slack integration allows users to interact with the **Cortex Agentic Assistant** directly from Slack. Users can mention the bot in any channel or thread to ask security questions, run investigations, and receive AI-powered responses, all without leaving Slack.
+
+![Cortex AI Assistant in Slack](../../doc_files/slack_ai_assistant_demo.png)
+
+### Prerequisites
+
+Before using the AI Assistant feature, ensure the following requirements are met:
+
+1. **Supported Cortex product version** — The tenant must be running one of the following versions (or later), depending on your product:
+
+   | Product | Minimum Version |
+   |---------|-----------------|
+   | Cortex AGENTIX | V1.3 |
+   | Cortex Platform | 1.5 |
+   | Cortex CLOUD | 2.1 |
+   | Cortex XDR | 3.18 / 5.1 |
+   | Cortex XSIAM | 2.10 / 3.5 |
+
+2. **Slack App installed** — The Slack app must be created and installed in your workspace as described in [Creating a Custom App](#creating-a-custom-app) and [Installing the App to Your Workspace](#installing-the-app-to-your-workspace).
+3. **Slack integration version 3.6.0 or later** — The SlackV3 integration pack version must be **3.6.0** or above.
+4. **User permissions** — Each Slack user who interacts with the AI Assistant must have the appropriate permissions to use the Cortex Agentic Assistant in the Cortex platform. Users without the required permissions will receive an error message when attempting to interact with the bot. Contact your Cortex administrator to ensure the relevant roles and permissions are assigned.
+
+### How to Enable
+
+1. **Enabled AI assistant** — In the integration instance settings, the **Enabled AI assistant** checkbox must be checked.
+2. **Long running instance** — The **Long running instance** checkbox must be enabled in the instance settings (required for listening to bot mentions in real time).
+
+### How It Works
+
+Once the prerequisites are met, users can interact with the AI Assistant by **mentioning the bot** (e.g., `@YourBotName <your question>`) in any Slack channel or thread where the bot has been added.
+
+> **Note:** Only users with the appropriate Cortex Agentic Assistant permissions can interact with the bot. Users without the required permissions will receive an error message prompting them to contact their administrator.
+
+#### Conversation Flow
+
+1. **Mention the bot** — Type `@YourBotName` followed by your question or request in a channel or thread.
+2. **Agent selection** — On the first interaction, the assistant presents a dropdown menu of available AI agents (e.g., Case Investigation, Threat Intel). Select the agent best suited for your query.
+3. **AI response** — The assistant replies in the same thread with the AI-generated response.
+4. **Follow-up questions** — Continue the conversation in the same thread by mentioning the bot again. The assistant maintains context from previous messages in the thread (up to the last 5 messages).
+
+#### Sensitive Action Approval
+
+When the AI agent needs to perform a sensitive action (e.g., blocking an IP, isolating an endpoint), it will:
+
+1. Display the action details with an **⚠️ Sensitive action detected** warning.
+2. Present **Proceed** and **Cancel** buttons.
+3. Wait for the conversation owner to approve or reject the action before continuing.
+
+> **Note:** Only the user who started the conversation can approve or reject sensitive actions.
+
+#### Available Commands
+
+| Command | Description |
+|---------|-------------|
+| `@BotName <question>` | Send a question or request to the AI assistant. |
+| `@BotName !help` | Display help information about the assistant, including usage tips. |
+| `@BotName !reset` | Reset the current session and release the thread lock, allowing a new conversation to start. |
+
+#### Feedback
+
+Each AI response includes feedback buttons:
+
+- **Good response** 👍 — Mark the response as helpful.
+- **Bad response** 👎 — Opens a feedback modal where you can select specific issues (e.g., *Factually incorrect*, *Unhelpful*, *Answered another question*) and provide additional comments.
+
+Feedback is sent back to the platform to help improve AI responses over time.
+
+#### Thread Locking
+
+- Each thread is **locked to the user who started the conversation**. Other users cannot interact with the assistant in the same thread.
+- Other users will see a message indicating the thread is locked and can start their own conversation in a different thread.
+- To release a locked thread, any Cortex user can type `@BotName !reset`.
+
+#### Session Management
+
+Conversations automatically expire after 14 days of inactivity. After this period, the thread is unlocked, and a new conversation can begin.
+
 ## Backwards Compatibility with Slack V2
 
 Slack V3 contains improvements to enhance the stability of the integration as well as the circumvention of OProxy. This

@@ -25,6 +25,22 @@ Send messages and notifications to your Slack team and integrate with Slack's se
   - Rules for parsing and modeling Slack audit logs that are ingested via the event collector into Cortex XSIAM.
   - The ingested Slack logs can be queried in XQL Search using the *`slack_slack_raw`* dataset.
 
+</~XSIAM>
+
+<~PLATFORM>
+
+### Cortex AI Assistant in Slack
+
+Interact with the **Cortex Agentic Assistant** directly from Slack. Mention the bot in any channel or thread to ask security questions, run investigations, and get AI-powered responses, all without leaving Slack.
+
+![Cortex AI Assistant in Slack](doc_files/slack_ai_assistant_demo.png)
+
+> For setup instructions and detailed usage, see the [Slack V3 integration README](https://xsoar.pan.dev/docs/reference/integrations/slack-v3#cortex-ai-assistant-in-slack).
+
+</~PLATFORM>
+
+<~XSIAM>
+
 ## Supported log categories
 
 | Category | Category Display Name |