Learn about what Cortex XDR™ detection and response is and why Palo Alto Networks is excited about its release. Also, read how it can help improve your security outcomes with the user of automation and unprecedented accuracy. Get your questions answered on Live Community.
Palo Alto Networks is very happy to announce Cortex XDR™ detection and response, the industry’s only open and integrated AI-based continuous security platform. With Cortex XDR, we can significantly improve your security management efforts with the use of automation and unprecedented accuracy.
Two of the larger challenges, when it comes to IT security, is having the ability to detect when there are problems on your network, and then have the ability to identify those problems, lock them down and solve them. With Cortex XDR, you will now have all that and more.
Cortex XDR detection and response allows you to stop sophisticated attacks and adapt defenses to prevent future threats. Cortex XDR uses machine learning while analyzing network, endpoint and cloud data to accurately detect attacks, and it automatically reveals the root cause of alerts to speed up investigations.
The Cortex suite consists of 3 parts:
Cortex provides radical simplicity and significantly improves security outcomes through automation and accuracy. This includes the App portal, API's and Coretec infrasctructure services.
Cortex XDR detection and response breaks silos to stop sophisticated attacks by natively integrating endpoint, cloud and network data. This also includes Analytics. This is replacing Magnifier and Secdo.
Cortex Data Lake
Cortex Data Lake is the industry’s only approach to normalizing and stitching together your enterprise’s data. This is the New name for "Logging Service" to collect and store all your log data.
Automatically uncover stealthy attacks Continuously detect threats with machine learning, behavioral analytics and custom detection rules.
Stop alert fatigue and attrition Validate security alerts in seconds, improving analyst productivity and morale by reducing the backlog.
Reduce mean time to identify (MTTI) Combine precise attack detection with rapid alert triage to drastically cut dwell time.
Reduce mean time to contain (MTTC) Investigate and accurately respond to external attacks and insider threats without years of experience.
Increase ROI from current investments with Cortex Solve all your security needs through an ecosystem of trusted apps while using existing infrastructure as sensors and enforcement points.
Achieve visibility across network, endpoint and cloud data Collect and correlate network, endpoint and cloud data at scale for use in detection, triage, investigation, response and hunting.
Automatically detect sophisticated attacks 24/7 Use always-on machine learning and custom rules to detect advanced persistent threats and other sophisticated attacks.
Eliminate the alert backlog Simplify investigations with automated root cause analysis and timeline views, lowering the skill required to evaluate and analyze alerts.
Drastically reduce false positive alerts Apply knowledge from every investigation to refine behavioral detection rules and speed future analysis, decreasing noise and risk.
Increase SOC productivity Streamline operational processes to a single console by consolidating alert triage, investigation and response across your network, endpoint and cloud environments.
Remediate without business impact Shut down attacks with surgical precision while avoiding user or system downtime.
Eliminate advanced threats Protect your network against malicious insiders, policy violations, external threats, ransomware, file-less and memory-only attacks and advanced zero-day malware.
Supercharge your security team Disrupt every stage of an attack by detecting IoCs, anomalous behavior and malicious patterns of activity.
Long list of Coretex XDR features.
I tried to list all of the abilities and features of the entire Cortex suite, but it is too much to list here. Please be sure to check out the launch event on March 19, 2019 or read more about Cortex with the links I provided below.