Enhancing Security Workflows in Palo Alto Networks Cortex XSOAR with Layer 7 Indicators

To protect applications as modern development processes evolve and accelerate, businesses need to integrate security as part of the DevOps and security toolchain. This is a primary driver behind why we built Signal Sciences web application and API protection platform on an API-first, flexible architecture. This enables us to provide native integrations with technology partners that enhance workflow and collaboration between DevOps, operations, and security teams.

Security Playbooks Triggered by Layer 7 Telemetry

The value of the Signal Sciences approach is proven by its latest integration with Palo Alto Networks Cortex XSOAR in which the two solutions work together to optimize application security. Incident response workflows can be automated based on granular event classification and context, allowing security events from Signal Sciences to be sent to the right teams in real time.

Cortex XSOAR playbook triggered by Signal Sciences ATO indicator

Cortex XSOAR playbook that integrates Signal Sciences security events.

Receiving this Layer 7 telemetry, XSOAR then triggers playbooks that run a series of automated tasks in response to each event type, decreasing mean time to resolution. This is another among the 40+ integrations Signal Sciences has today with the most common DevOps tools and security platforms.

Augment Security Response with Application Threat Intelligence

Threat intelligence feeds from other sources can be referenced against incoming Signal Sciences incidents by Cortex XSOAR, further enhancing detection and blocking decisions in real time. As a result, security teams can dramatically improve their security posture as well as the effectiveness and timeliness of their response to application security incidents. In fact, with 400+ integrations available in Cortex XSOAR, there’s countless ways to automate incident response processes around the application security events detected by Signal Sciences.

Signal Sciences also recently extended its integration and compatibility footprint across several leading cloud and application delivery platforms, including Microsoft Azure App Services, Amazon Linux 2, and Citrix Workspace and Application Delivery solutions. Organizations can deploy Signal Sciences web application and API protection quickly and easily to secure their most important web applications, APIs, and microservices on any architecture—all under one unified management system with full feature parity regardless of deployment method.

Signal Sciences next-gen WAF and RASP solution is now part of the Palo Alto Networks Cortex XSOAR ecosystem. To learn more, check out our upcoming Webinar on Oct. 22 with Palo Alto Networks that will show how this integration empowers security teams to investigate and prevent web app attacks that could have led to a breach.

Additional Resources:

The post Enhancing Security Workflows in Palo Alto Networks Cortex XSOAR with Layer 7 Indicators appeared first on Signal Sciences.

*** This is a Security Bloggers Network syndicated blog from Signal Sciences authored by Tom Chang. Read the original post at: