Redefining Security Orchestration And Automation With Cortex XSOAR

0 views

Skip to first unread message

Message has been deleted

Malena Bower

unread,

Jul 15, 2024, 10:56:48 AM7/15/24

to gastporloavi

Since Palo Alto Networks acquired Demisto almost a year ago, we have worked tirelessly to scale Demisto's strong offering to every security team in need of automation, while driving the next stage of innovation within the SOAR category.

If threat intelligence and SOAR were meant to be together, who are we to stop that from happening? Today, we are excited to premiere the first extension of the platform with the addition of native threat intel management. Now, security leaders can take advantage of a new approach to threat intelligence management that uses the power of playbook-driven automation to drive the right response across their entire enterprise.

Redefining Security Orchestration and Automation with Cortex XSOAR

Download File ===> https://urlgoal.com/2yW0Uu

Threat intelligence platforms (TIPs) emerged to help security teams make sense of the overwhelming volume of Indicators of Compromise (IoCs) generated from threat feeds, allowing analysts to manually apply those insights to improve the security of their environment. Good idea, wrong platform. Since TIPs premiered, SOAR has entered the scene, providing the means to bridge external threat intelligence with internal incidents and use playbook-driven automation to take quick, confident action across the enterprise. Tools, processes and teams must be able to collaborate and ultimately act on intel together.

"Customers are facing an overwhelming volume of alerts, threat intel sources, and security tasks," says Lee Klarich, chief product officer for Palo Alto Networks. "Both SOAR and threat intelligence management have developed over recent years as tools to help them, but existing product silos have led to even more manual work. Bringing threat intel data into Cortex XSOAR means security orchestration just got simpler for the customer. It makes no sense to have SOAR without native threat intel."

"The integration of threat management into security orchestration and automation is an inevitable evolution for improving security operations," notes Jon Oltsik, senior principal analyst and fellow at the Enterprise Strategy Group (ESG). "Cortex XSOAR brings the right pieces together. Until now, operationalizing vital threat intelligence data has been difficult or even impossible as it requires time, experience, and resources that are beyond the capabilities of many organizations. A platform like Cortex XSOAR acts as a security operations and analytics platform architecture, or SOAPA, for analyzing and operationalizing cyber threat intelligence. The benefit? Bringing the value of threat intel to the masses."

"Threat intelligence without context is just threat data. In order for threat intelligence to be of use, the original context of the threat intel has to be applied appropriately and mapped to internal incidents and policies," says Michael Poddo, director, Cyber Threat Analysis & Response, Emerson. "However, doing this at scale and speed to keep pace with real-time threat feeds is tough without automation. SOAR applied to threat intelligence can help fully integrate it into all aspects of your incident response program."

About Palo Alto Networks
Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before. For more information, visit www.paloaltonetworks.com.

About Palo Alto NetworksPalo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before. For more information, visit www.paloaltonetworks.com.

Security orchestration involves interweaving people, processes, and technology in the most effective manner to strengthen the security posture of an organization. By streamlining security processes, connecting disparate security tools and technologies, and maintaining the right balance of machine-powered security automation and human intervention, security orchestration empowers security professionals to effectively and efficiently carry out incident response. Cortex XSOAR is the industry-leading Security Orchestration, Automation & Response (SOAR) technology by Palo Alto Networks that will automate up to 95% of all response actions requiring human review and allow overloaded security teams to focus on the actions that really require their attention.

Palo Alto Networks, the global cybersecurity leader, introduced Cortex XSOAR, an extended security orchestration, automation and response platform that empowers security leaders with instant capabilities against threats across their entire enterprise. Cortex XSOAR is an evolution of the Demisto platform, which was acquired by Palo Alto Networks in March 2019.

With the ever expanding security horizon, security professionals are always looking for things to make their life and jobs easier. When it comes to security orchestration and automation (SOAR), it can be a complicated environment. This environment is similar to an ecosystem. And just like any ecosystem, it can go terribly wrong if not managed properly.

Any great tool can only be as useful if it can integrate with other partners. That's what makes Cortex XSOAR exceptional with 360+ integrations. With so many integrations, this opens up Cortex XSOAR to several great capabilities at your fingertips. Users also have the ability to combine the real-time threat detection capability of Google Chronicle with the security orchestration and automation features of Cortex XSOAR to better understand threat activity within their organizations and automate remediation across affected assets.

Industry leaders in these areas are integrating with the newly announced Commvault Cloud platform to provide joint customers with more ways to rapidly detect, protect, and respond to potential threats and attacks while also improving data visibility and governance. Commvault is working with partners across the security tool chain, including: security information and event management (SIEM), security orchestration, automation, and response (SOAR), network detection and response, vulnerability and threat detection and assessment, incident management, and data governance and privacy.

Cortex XSOAR is a comprehensive security orchestration, automation and response (SOAR) platform that unifies case management, automation, real-time collaboration, and threat intelligence management to serve security teams across the incident lifecycle.