- last edited on by
icharkashy
When running a SIEM, you need to have a huge team of many Analysts Level 1, Level 2, Level 3… Escalations to lateral teams (sometimes to take actions such as isolating endpoints/servers, gathering/deleting suspicious files, etc). It is laborious and time consuming to perform simple actions, like creating an alert.
Read Cortex XDR - How We Distinguish Ourselves From a SIEM Solution to learn more on this topic from our experts!
Palo Alto Networks Contributors:
Luis Escobar, Cortex Customer Success Architect
Maor Hojberg, Technical Marketing Engineer
