This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

XDR vs XSOAR

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

XDR vs XSOAR

FWPalolearner
L4 Transporter

‎10-06-2021 10:06 AM

Hello people ,

 

I am trying to figure out real difference between XDR and XSOAR.

 

XDR is far more intelligent than. SIEM . So this means SIEM is killed ?

 

XDR can also perform incident response , so what is the real value of SOAR?

0 Likes Likes
2 REPLIES 2

WSeldenIII
L3 Networker

‎10-06-2021 11:54 AM

Hi @FWPalolearner, It appears that you are looking to understand more on the Cortex Portfolio, which is one integrated platform for security operations. Each one of the security tools provides multiple solutions to your security posture. For example, Cortex XDR provides the ability to stitch together network, endpoint, cloud, and identity data for threat detection. Cortex XSOAR optimizes the SecOps workflow by automating incident response with playbook automation. Please take a look at the Cortex Portfolio reference links mentioned above for additional details on the security tools and the additional solutions/use-cases. If you have any specific questions about any one of the security tools, then I suggest to contact your Palo Alto Networks representatives to assist with providing you a path forward. 

eluis
L4 Transporter

‎10-07-2021 03:50 AM

Palo Alto Networks XSOAR is Security Orquestration and Response. There you can design and develop your process and procedures framework for your SOC and Security Operations and Response. Including there your playbooks for your analysts and Incident Responders. This is a very useful tool for Incident Response / Incident "Management"

 

XDR is to detect, investigate and give lets say the technical response to the incident. In this last sentence technical response I mean that you might follow the processes, procedures,  playbooks ... that you have written on your Palo Alto XSOAR.

Palo Alto Cortex XDR will automatically detect the malicious/suspicious activity in your infrastructure/assets create the alerts within the incidents for your analysts who just go there to see that tons of technical work has been already done and all meaningful events are put together and in context. So your analysts will understand what is going on. Which kind of incident they are facing understanding the real threats taking place at your organization. They can even give a response gathering more information, malicious files, deletion of those files in all your infra, isolating endpoints or groups of them in just seconds and all this  with just a few clicks. 

 

 

 

  • 5996 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks