Community Team Member

Cortex XSOAR by Palo Alto NetworksCortex XSOAR by Palo Alto Networks

Palo Alto Networks announced Cortex XSOAR (formerly Demisto), and we dive into some details and capabilities, including third-party and partner-owned integrations. We also include a link to a webcast for more information about Cortex XSOAR. 

 

 

What is Cortex XSOAR?

With the ever expanding security horizon, security professionals are always looking for things to make their life and jobs easier. When it comes to security orchestration and automation (SOAR), it can be a complicated environment. This environment is similar to an ecosystem. And just like any ecosystem, it can go terribly wrong if not managed properly.

 

Have you heard of Demisto? Well, this is the new evolution of it—now better than ever. Palo Alto Networks has been tirelessly working to improve the Demisto product, and we're happy to present Cortex XSOAR.

 

Cortex XSOAR Capabilities

The Cortex XSOAR platform includes more than 270 out-of-the-box playbooks to automate and orchestrate any security use case. Our commitment to an open ecosystem couldn’t be stronger, so we also have more than 360 third-party integrations, including 105 that we recently added in the last 11 months. Read about our newest partner-owned integrations.

  • Standardize and automate processes for any security use case - Easily automate hundreds of security use cases with playbooks that orchestrate response actions across more than 350 third-party products.

  • Adapt to any alert with security-focused case management - Accelerate incident response by unifying alerts, incidents, and indicators from any source within a single case management framework.

  • Boost SecOps efficiency with real-time collaboration - Facilitate investigations across teams with a Virtual War Room with built-in ChatOps and command line interface to execute commands across the entire product stack in real time.

  • Take action on threat intelligence with confidence and speed - With full control of threat data, you can aggregate disparate sources, customize and score feeds, and match indicators against a customer's specific environment while leveraging playbook automation to drive instant action.

 

Third-Party Integrations

Any great tool can only be as useful if it can integrate with other partners. That's what makes Cortex XSOAR exceptional with 360+ integrations. With so many integrations, this opens up Cortex XSOAR to several great capabilities at your fingertips. Users also have the ability to combine the real-time threat detection capability of Google Chronicle with the security orchestration and automation features of Cortex XSOAR to better understand threat activity within their organizations and automate remediation across affected assets. 

 

Key integration features include:

  • Automate incident and indicator enrichment with Google Chronicle alert data, such as domain/IP reputation, ingestion time, and sighting details.
  • Access or query Google Chronicle for asset list and details associated with a domain/IP from within Cortex XSOAR.
  • Leverage hundreds of Cortex XSOAR product integrations to coordinate and automate remediation across endpoints or affected assets.

 

Partner-Owned Integrations

If any tool is hard to use or hard to integrate, then it will not be useful. One of the great features of Cortex XSOAR is that technical partners can architect, build, submit, and support their own offerings built on Cortex XSOAR. 

 

Over a dozen partners have already participated in this new process:

AnalystPlatform

Chronicle

Claroty

CloudShark

CounterCraft

Digital Defense

Expanse

ExtraHop

FlashPoint

Indeni

IronNet

Pcysys

PolySwarm

SecBI

SecurityAdvisor

SixGill

SlashNext

 

 

Our partner website has more information on partner-owned integrations. Take a look and learn how easy it is to join our platform.

Sneak Peek at the Extended Cortex XSOAR Offering with Native Threat Intel ManagementSneak Peek at the Extended Cortex XSOAR Offering with Native Threat Intel Management

 

 

Cortex XSOAR Webcast

Palo Alto Networks is going to be hosting a Webcast on April 7, 2020. For more information and to reserve your spot, please visit: 

Introducing Cortex XSOAR Webcast

 

I will be posting more information about Cortex XSOAR just as soon as I have it, so stay tuned.

 

Additional Information

Check out the following blogs with even more information about Cortex XSOAR

 

Redefining Security Orchestration and Automation with Cortex XSOAR

Google Chronicle Integrates with Cortex XSOAR

The Cortex XSOAR Ecosystem is Exploding with Partner-Owned Integrations

 

 

Thanks for taking time to read my blog.
If you enjoyed this, please hit the Like (thumbs up) button, don't forget to subscribe to the LIVEcommunity Blog.

 

As always, we welcome all comments and feedback in the comments section below.

 

Stay Secure,
Joe Delio
End of line

608 Views
Ask Questions Get Answers Join the Live Community
Labels