Palo Alto Cortex XSOAR

Posted: 15th April 2022
Palo Alto Cortex XSOAR

Accelerate Investigation and Response with Vast Intelligence

Today’s ever-changing security landscape makes it nearly impossible for time-strapped security operations and incident response teams to mitigate every potential threat to their organization. Our integration with Cortex XSOAR instantly positions SecOps Intelligence and Identity Intelligence at your fingertips within your SOAR platform, empowering you to:

Detect Threats Automatically analyze and identify threats to automate responses and reduce risk

Triage Alerts Quickly see which alerts to prioritize based on real-time risk scores

Prevent Threats Automatically identify and block high-risk threats, minimize false positive blocking, and improve overall security posture

Prioritize Vulnerabilities Gain deeper analysis and prioritize CVEs faster with access to information on exploited vulnerabilities

Our SecOps Intelligence integration with Cortex XSOAR provides analysts with the ability to:

Automate Recorded Future enrichment of IPs, URLs, domains, and file hashes as playbook-driven tasks within Cortex XSOAR Access related entities for an indicator in Recorded Future from Cortex XSOAR in real time Leverage hundreds of Cortex XSOAR product integrations to further enrich Recorded Future alerts and coordinate response across security functions Run thousands of commands — including commands for Recorded Future — interactively via a ChatOps interface, while collaborating with other analysts and Cortex XSOAR’s chatbot

Our Identity Intelligence integration with Cortex XSOAR provides analysts with the ability to:

  • Monitor for Identity Compromise Monitoring: Continuous for leaked passwords, recycled or reused credentials, identity and credential exposure
  • Integrate Response Controls: Trigger actions like opening a support ticket, force a password reset, or notify the user of findings in order to remediate detected vulnerabilities