What's New With Cortex XSOAR Threat Intelligence Management 2.0—Plus Event Details

Hello everyone,

I'm looking forward discussing the new Cortex XSOAR Threat Intelligence Management (TIM) 2.0 launch with you! New Cortex XSOAR 2.0 features truly unleash the power of Threat Intelligence in your infrastructure.

How can Threat Intelligence Management help me? 

One of the largest challenges when dealing with Threat Intelligence is having to deal with the magnitude of data. Figuring out how to properly manage, respond to, and even predict what is going to happen can be quite challenging. That's where the new XSOAR Threat Intelligence Management 2.0 comes into play—it gives you unmatched visibility into the global threat landscape.

What's new with XSOAR TIM?

There are three new features that are included with Cortex XSOAR TIM 2.0 that are game-changers:

• Central Threat Intelligence Library for Your Enterprise: We bundle in threat intel from our Unit 42 threat research team, so you have access to a huge repository of high-fidelity threat intel from Palo Alto Networks in addition to your own collection from open source threat intel feeds.
  
• Native Correlation Between Indicators, Incidents and Intel: Not only do you see all the atomic indicators related to your incidents, but you also get enriched strategic intelligence. That way, your team has added insight into threat actors and attack techniques. 
• Easily Discover and Add New Threat Intel Sources Via Our Marketplace: Since the launch of TIM last year, we’ve added 165 threat intel specific integrations. With a single click, you can instantly add a new feed integration and subscription. 

With 2.0 you will also get:

• Centralized Threat Intel Management: With Cortex TIM 2.0, you now have a central threat intelligence repository for storing and managing tactical threat intel (indicators of compromise) and strategic intel reporting on actors and attack techniques. The ability to correlate these different sources of intel with incidents happening internally unlocks a host of threat-use cases previously unknown to the security team. 
  

• Strategic Intelligence Relationships: Threat Intel now supports structured relationships, enabling better alerts and context for SOC/IR. Intel analysts will be able to model their external threat landscape. Indicator layouts have been redesigned. Updates to popular threat intel integrations take advantage of the expanded data, which includes STIX 2 objects such as threat actor, tool, report, malware, attack patterns, campaign, course of action, infrastructure, and intrusion sets. 

LinkedIn Event Details

As the threat landscape continues to evolve, enterprises need to modernize security and automate security systems to stay ahead of threat actors.

To learn about threat intelligence from experts, join us for a LinkedIn panel discussion, “Unlocking the Power of Threat Intelligence,” happening June 15 at 10 a.m. PDT. 

At the event, you'll get perspectives and insights on:

• How threat research and threat intel intersect at Palo Alto Networks
• Threat intel management solutions on the market today
• The role of automation in mature threat intel programs

We’ll round up the discussion with a quick demo of the latest features of our Threat Intelligence Management solution.

We look forward to having you join us online for a lively and informative session covering best practices in automating threat intel management. Register now for the 10 a.m. PDT June 15 event via this link—LinkedIn - Unlocking the Power of Threat Intel.

Read more about unlocking the power of Threat Intelligence with Cortex XSOAR TIM 2.0, and don’t forget to visit the LIVEcommunity Cortex XSOAR page to learn more and participate in XSOAR discussions!

Thanks for taking time to read my blog. If you enjoyed this, please hit the Like (thumb up) button, don't forget to subscribe to the LIVEcommunity Blog area.

As always, we welcome all comments and feedback in the comments section below.

Stay Secure,
Joe Delio
End of line