This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

xsiam and xdr

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

xsiam and xdr

winston
L0 Member

‎09-19-2023 08:06 PM

can someone explain the difference between xsiam and xdr, it seems most of the modules in xsiam are also in the xdr, is xsiam the second generation of xdr?

0 Likes Likes
2 REPLIES 2

JGonzalez676
L0 Member

‎09-26-2023 02:34 PM

Its XDR plus supposedly SIEM replacement functionality plus automation.  So think single pane for XDR, SIEM and SOAR.  Though as much as they claim its a SIEM replacement, it clearly is not. 

0 Likes Likes

afurze
L4 Transporter

‎09-27-2023 07:35 AM

Hi Winston,

 

Cortex XSIAM is logical progression, as it were, of several Cortex solutions including XDR, and XSOAR.  It also includes many SIEM like components including a standard data model, allowing you to ingest all of your security solution data into a single platform and then apply our AI driven Analytics Engine for anomoly detection, and XSOAR-style automation to perform tasks like enrichment and automated response actions.  While XSIAM does include many components of XDR including the XDR agent itself for endpoint protection, many of it's features, especially around 3rd party data collection and automation, are not.

While it is accurate to say that XSIAM's goal is to displace customer's existing SIEM solutions, it is not a traditional SIEM itself.  Instead, it is designed to be a single location to ingest security related data, apply our advanced analytic capabilities, and automate your response process to ensure that analysts spend time only on incidents which need further triage or response actions.

 

Of course, this is a very high-level overview and there are many other great inclusions like attack surface management, threat intel management, the data model, etc.  Please reach out to your account team for a more detailed discussion of your use cases and pain points to see how Cortex XSIAM can help you get closer to our vision of the automated SOC.

  • 1701 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks