More and more enterprises are reaching out to managed detection and response providers (MDR) to increase their security posture. This is an increasing trend because the threat landscape is becoming more and more complex and the attack surface keeps getting bigger. Many companies reach out to MDR to offload investigating, responding to and managing alerts.
MDR provide 24/7 coverage giving customers peace of mind, knowing that a team of experts with the right expertise is there to detect and respond to threats consistently allowing you to act fast and precise to maintain and mitigate threats.
Many customers have turned to us as their trusted security provider of choice. Launching an MDR service built on our product, Cortex XDR is the logical next step for us in extending our services with a complete end-to-end managed security service.
I'm proud to announce that we launched the Unit 42 MDR service, an MDR service for Cortex XDR, delivered by the Palo Alto Networks Unit 42 team. Our Unit 42 experts will work for you 24/7 to stop attacks with continuous monitoring, proactive threat hunting, alert triage, investigation and response services allowing your team to focus on what matters.
The Unit 42 MDR service is powered by Cortex XDR technology, and therefor has unmatched visibility into all data sources (endpoint, network, cloud and 3rd party). It is optimized to not just prioritize alerts, but to massively reduce the number of alerts received, so our experts can focus on response and remediation.
Cortex XDR 3.4
Cortex XDR 3.4 raises the bar for security, visibility and ease of use with a set of new features:
SmartScore incident scoring - We developed a scoring engine that applies machine learning and analytics to automatically identify high-risk incidents allowing your analysts to focus on the threats that matter most for swift triage and response.
Single sign-on integration - Use the identity provider of your choice to authenticate to the Cortex XDR management console. Our new SSO capability makes it easy for administrators to provision users and enforce authentication policies.
Tagging in alerts and incidents - The new tagging feature lets you search, filter and group alerts and incidents based on endpoint, endpoint group, and data source tags.
Forensics memory collection - Cortex XDR can gather full memory images, including kernel and user space memory, to expose adversaries’ tactics and techniques in memory-only attacks.
File system scanning for Linux - You can scan Linux endpoints for dormant malware through both scheduled and on-demand scans. The agent can remove the malicious file before it attempts to harm your endpoint.
Anti-webshell and credential gathering protection - We’ve enhanced our webshell and credential gathering protection to augment existing defenses against these pernicious threats. These enhancements are available for Windows, Linux and macOS endpoints.