This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Transform Security Operations' Performance with Cortex XSIAM and Okta

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Transform Security Operations' Performance with Cortex XSIAM and Okta

jennaqualls
Community Team Member
‎02-28-2023 04:49 PM

Screen Shot 2023-02-28 at 4.43.22 PM.png

 

Provide analysts with visibility and better understanding of threats as they emerge 

 

Security teams often have a variety of security tools at their disposal. Given that resources can often be limited, they need these tools to integrate better together and enable automation. In order to close the security loop, Okta and Cortex Extended Security Intelligence and Automation Management (XSIAM) integrate to turn widespread event and identity data into an intelligent data foundation to fuel XSIAM machine intelligence to radically improve security outcomes and transform security operations.

 

Top Partners are the first to integrate with Cortex XSIAM

 

Cortex XSIAM and Okta's cloud-based identity management service have partnered to help security teams enable automated actions to enforce identity as a security control point. Cortex XSIAM and Okta enable enterprises to provide better integration and automation of their security tools, especially for identity-centric visibility and response, helping take off the load from the security teams.

 

Okta's cloud-based identity gives security teams visibility into each user’s groups and roles, what apps and data they can access, and other contextual risk information that can streamline the investigation process for rapid response.

 

Cortex XSIAM collects events log for authentication and audit provided by Okta admin API to help security teams collaborate and manage cases across the incident lifecycle. A built-in playbook is available where customers can sync a list of IP addresses to the Okta Network Zone with the given ID.

 

Let’s take a look at why this is so important for your SOC:

 

Lessen SOC team burden: Now, security teams can better respond to suspicious account activity, like a log-in from a new device or location, by automatically restricting access to sensitive applications or prompting for step-up authentication.

 

Accelerate response: Cortex XSIAM leverages the data foundation to detect new adversary tactics that are updated continuously with Palo Alto Networks’ threat intelligence gathered globally across tens of thousands of customers and natively automates key steps of incident investigations.

 

Simplify remediation: If, after further investigation, the user does appear to be compromised, security teams can take additional remediation actions by suspending the compromised account and conducting a password reset.

 

Together, Cortex XSIAM and Okta enable security teams to:

  • Use identity and user context to enrich, understand and analyze security alerts as they arise
  • Prioritize alerts and orchestrate informed security responses in order of importance
  • Contain and remediate threats quickly and decisively, through a range of automated identity-centric actions
  • Enhance visibility and response by enabling identity as a key control point

 

Learn More!

Check out the pack on the Cortex marketplace

Learn more about XSIAM

Labels:
0 Likes Likes
  • 1491 Views
  • 0 comments
  • 0 Likes
Register or Sign-in
Labels
Popular Blogs
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks