What is Cortex XDR™?

Community Team Member

Learn about what Cortex XDR™ detection and response is and why Palo Alto Networks is excited about its release. Also, read how it can help improve your security outcomes with the user of automation and unprecedented accuracy. Get your questions answered on LIVEcommunity.

Cortex Banner from Palo Alto Networks

 

Palo Alto Networks is very happy to announce Cortex XDR™ detection and response, the industry’s only open and integrated AI-based continuous security platform. With Cortex XDR, we can significantly improve your security management efforts with the use of automation and unprecedented accuracy.

 

Two of the larger challenges, when it comes to IT security, is having the ability to detect when there are problems on your network, and then have the ability to identify those problems, lock them down and solve them. With Cortex XDR, you will now have all that and more. 

 

Cortex XDR detection and response allows you to stop sophisticated attacks and adapt defenses to prevent future threats. Cortex XDR uses machine learning while analyzing network, endpoint and cloud data to accurately detect attacks, and it automatically reveals the root cause of alerts to speed up investigations.

 

The Cortex suite consists of 3 parts:

 

hub (formerly Cortex Hub)

Cortex provides radical simplicity and significantly improves security outcomes through automation and accuracy. This includes the App portal, API's and Coretec infrasctructure services.

 

Cortex XDR

Cortex XDR detection and response breaks silos to stop sophisticated attacks by natively integrating endpoint, cloud and network data. This also includes Analytics. This is replacing Magnifier and Secdo.

 

Cortex Data Lake

Cortex Data Lake is the industry’s only approach to normalizing and stitching together your enterprise’s data. This is the New name for "Logging Service" to collect and store all your log data.

 

Business Benefits

  • Automatically uncover stealthy attacks
    Continuously detect threats with machine learning, behavioral analytics and custom detection rules.

  • Stop alert fatigue and attrition 
    Validate security alerts in seconds, improving analyst productivity and morale by reducing the backlog.

  • Reduce mean time to identify (MTTI)
    Combine precise attack detection with rapid alert triage to drastically cut dwell time.

  • Reduce mean time to contain (MTTC)
    Investigate and accurately respond to external attacks and insider threats without years of experience.

  • Increase ROI from current investments with Cortex  
    Solve all your security needs through an ecosystem of trusted apps while using existing infrastructure as sensors and enforcement points.

 

Operational Benefits

  • Achieve visibility across network, endpoint and cloud data
    Collect and correlate network, endpoint and cloud data at scale for use in detection, triage, investigation, response and hunting.

  • Automatically detect sophisticated attacks 24/7
    Use always-on machine learning and custom rules to detect advanced persistent threats and other sophisticated attacks.

  • Eliminate the alert backlog
    Simplify investigations with automated root cause analysis and timeline views, lowering the skill required to evaluate and analyze alerts.

  • Drastically reduce false positive alerts
    Apply knowledge from every investigation to refine behavioral detection rules and speed future analysis, decreasing noise and risk.

  • Increase SOC productivity
    Streamline operational processes to a single console by consolidating alert triage, investigation and response across your network, endpoint and cloud environments.

  • Remediate without business impact
    Shut down attacks with surgical precision while avoiding user or system downtime.

  • Eliminate advanced threats
    Protect your network against malicious insiders, policy violations, external threats, ransomware, file-less and memory-only attacks and advanced zero-day malware.

  • Supercharge your security team
    Disrupt every stage of an attack by detecting IoCs, anomalous behavior and malicious patterns of activity.

 

Screenshot of List of Cortex XDR FeaturesLong list of Coretex XDR features.

I tried to list all of the abilities and features of the entire Cortex suite, but it is too much to list here. Please be sure to check out the launch event on March 19, 2019 or read more about Cortex with the links I provided below.

 

Register for the Online Event!

To introduce Cortex XDR™ to the world, Palo Alto Networks will be hosting an online event happening on March 19, 2019.

 

USA: March 19, 2019 | 10:00 – 10:30 AM PDT

ASIA: 21 March 2019 | 11:00 – 11:30 AM SGT

ASIA: 21 March 2019 | 5:00 – 5:30 PM SGT

EUROPE: 27 March 2019 | 11:00 – 11:30 AM GMT

 

Join us for this transformative online event as our founder and CTO, Nir Zuk, and Lee Klarich, Chief Product Officer, cut through industry hype and explain some of the details, including:

  • The role of behavioral analytics to detect sophisticated threats
  • Using any data source, and why it’s so important
  • How AI will radically reduce complexity in investigations

Click here to register for the Cortex event on 3.19.19

 

For more info about Cortex components, please visit the following product pages:

 

Cortex: https://www.paloaltonetworks.com/products/cortex

 

Cortex XDR: https://www.paloaltonetworks.com/products/xdr

 

Cortex Data Lake: https://www.paloaltonetworks.com/products/cortex/data-lake

 

 

See Also:

 

For more information and product documentation on Cortex, please visit: Cortex on TechDocs

 

Please see the Cortex XDR LIVEcommunity page, which includes links to Cortex XDR resources and articles.

Cortex XDR LIVEcommunity

 

If you want to read or participate in the discussion area in the LIVEcommunity, please visit:

Cortex XDR Discussions (formerly Magnifier)

 

 

We will be bringing you more information in the next couple of weeks, so stay tuned.

 

Thanks for taking time to read my blog.

If you enjoyed this, please hit the Like (thumbs up) button, and don't forget to subscribe to the LIVEcommunity Blog.

 

As always, we welcome all comments and feedback in the comments section below.

 

Stay Secure,

Joe Delio

End of line

3,849 Views
Ask Questions Get Answers Join the Live Community
Labels