SBN

Palo Alto Networks Cortex XSOAR: Prioritizing and Accelerating Remediation of Systems

Vulnerability management and threat assessment solutions provide the first line of defense in protecting assets across an organization, yet today’s widely deployed solutions are outdated in terms of providing an accurate real-time assessment of today’s complex hybrid-cloud environments. In addition, the majority of legacy solutions fail to prioritize the remediation of risky assets or even assets under active threat.

For security teams to be successful in preventing breaches, they need a real-time assessment of infrastructure that prioritizes which assets need to be addressed based on business criticality in addition to vulnerability risk or active threat analysis. Without this information security teams still rely on infrequent scans, outdated risk information, manual tracking of assets and vulnerabilities, and prioritization of hundreds or thousands of IP Address with little context, allowing smart attackers to easily exploit these gaps and compromise organizations.

DevOps Connect:DevSecOps @ RSAC 2022

The Digital Defense and Cortex XSOAR integration provides a powerful solution to address these gaps in vulnerability management and threat assessment along with the ability to quarantine high-risk assets and/or systems under active attack.

View the Solution Brief

What Does the Integration Do?

  • Assess a set of assets within a network segment or specific domain that are under active threat, infected, or at high-risk of exploitation.
  • Provides the capability to quarantine indicated network segments, preventing the spread of infection and giving administrators time to remediate.
  • Leverage hundreds of Cortex XSOAR (previously Demisto) third-party product integrations to coordinate response across security functions based on insights from Frontline.Cloud.
  • Run 100s of commands (including for Frontline.Cloud) interactively via a ChatOps interface while collaborating with other analysts and Cortex XSOAR’s chatbot.
  • Cloud also integrates with Palo Alto Networks Cortex XDR to pull additional threat context for identifying systems under attack and using that information with Cortex XSOAR to rapidly quarantine the appropriate network segment or domain.

Not only does this integration empower security teams to take immediate action in order to prevent the spread of an infection, but it also gives them the time to more rapidly remediate the infected infrastructure with the required context about the assets before attackers can move laterally and do more damage.

Digital Defense’s patented technology for real-time tracking of dynamic infrastructure effectively advances asset fingerprinting, and host-optimized vulnerability and threat scanning of any asset or set of assets on-demand without impacting network or host performance. When you couple these capabilities with Cortex XDR advanced machine-learning and AI-based threat detection capabilities, you gain a real-time understanding of risks and threats in your environment. By integrating with Cortex XSOAR you go beyond risk assessment and detection to stop the attack from further impact to your network and greatly reduce the possibility of a breach.

To learn more check out the joint solution brief.

The post Palo Alto Networks Cortex XSOAR: Prioritizing and Accelerating Remediation of Systems appeared first on Digital Defense, Inc..

*** This is a Security Bloggers Network syndicated blog from Digital Defense, Inc. authored by Digital Defense by HelpSystems. Read the original post at: https://www.digitaldefense.com/blog/palo-alto-networks-cortex-xsoar-integration/

DevSecOps Poll

Step 1 of 6

What is the biggest roadblock implementing DevSecOps practices?