SecOps Insider - November

Cortex SecOps Information Hub

The GigaOm Radar Report on Autonomous Security Operation Center (SOC) solutions published, and Cortex XSIAM has been recognized as both a Leader and Outperformer

Palo Alto Networks' Cortex XSIAM was recently recognized as a Leader and Outperformer in the 2023 GigaOm Autonomous Security Operations Center (SOC) Radar Report. Cortex XSIAM was designed to address the challenges faced by SOCs, particularly the time it takes to detect and resolve security incidents due to overwhelming tools, data, and manual tasks.

GigaOm evaluated various autonomous SOC solutions based on market categories, deployment options, and key criteria, including differentiated features and innovation. Cortex XSIAM excelled in the evaluation, earning "exceptional" ratings in six out of nine key criteria. It was recognized for its ability to improve mean time to remediation (MTTR) significantly, demonstrating its effectiveness in enhancing security outcomes, a result that has been realized by many existing customers.?

Cortex XSIAM represents a comprehensive and effective SOC platform, developed from the ground up with embedded AI and automation to address current and future SOC challenges. The GigaOm Radar Report is recommended for those interested in learning more about Cortex XSIAM's capabilities and performance.

Learn more about Cortex XSIAM

10 Reasons to Subscribe to the Cortex SecOps Blog

1. Fresh security content! You’ll get the latest updates about our products and services.
2. Defy hackers with a secret weapon: Our SecOps blog. Gain access to threat intelligence and rapid response advice and protocols.
3. Build your general cybersecurity knowledge and awareness.
4. Stop scrolling into the abyss. Save time and get relevant security content directly in your inbox.?
5. Don’t miss important announcements, event info, or product updates.
6. Stay current on the evolving threat landscape, vulnerabilities, and attack techniques. Understand the mindset of hackers without going to the dark side.
7. No fluff or filler. Our SecOps blog is a lean, mean cybersecurity machine. Learn best practices and expert insights for securing your digital way of life.
8. Gain professional development with valuable knowledge and perspectives.
9. Access expert analysis and research. Knowledge is power.?
10. Be the hero your organization deserves: Stay diligent on cybersecurity trends and arm yourself with actionable content you can use against advanced threats.?

Don’t miss a thing. Subscribe today! (all you need is your email)

“This is How We Do It” Season One Recap

About six months ago, the Sales Enablement Team came up with the idea for a video and blog series featuring interviews with Palo Alto Networks’ SOC team to shed light on the ways the company was protecting its security operations center using its own solutions like Cortex XSIAM, Cortex XDR, Cortex XSOAR, and Xpanse.?

As Devin Johnstone, SOC Ops Specialist, quipped proudly during one exchange, “We are drinking our own champagne.”?

During those candid conversations, they covered topics such as leveraging AI and ML, the criticality of using the right data for optimal outcomes, threat hunting, threat detection, and the power of automation, to name a few.??

With that, “This is How We Do It” was born, providing relevant perspectives and real-life anecdotes of life in the trenches of modern cybersecurity.?

Read the Season One Recap now

Discover How XSIAM 2.0 is Transforming the Way SOCs Operate

Join us for a one-hour event as we delve into the power of AI in the realm of cybersecurity. We will explore Cortex XSIAM 2.0? - a new way to run the SOC - with an automation-first approach strengthened with AI.?

The Cortex XSIAM platform harnesses the power of AI to detect threats in near real-time and prevent incidents with minimal or no manual effort.

Register today!

Cortex XSOAR Playbooks of the Week

Want to streamline your management of XDR incidents? We have a couple of new automated playbooks that help you take out the repetitive response actions. See how you can automate remediation for RDP brute-force incidents with the Cortex XSOAR new automation pack and also automate XDR incident management from enrichment, investigation, verdict determination to remedial actions.

Discover your WS_FTP Exposures with Cortex Xpanse

Progress Software issued a critical advisory regarding a vulnerability (CVE-2023-40044) in their WS_FTP Server product, a secure file transfer server software used for exchanging files between local and remote servers. This vulnerability poses a serious threat, potentially allowing attackers to execute arbitrary code, compromising systems and gaining privileged access to sensitive data.?

Cortex Xpanse researchers have identified over 11,900 vulnerable WS_FTP servers globally, primarily exposed through TCP/22 (SSH) and TCP/21 (FTP) services. To address this alarming issue, Xpanse introduces an Attack Surface Rule to identify exposed instances of WS_FTP, aiding organizations in promptly detecting and mitigating vulnerabilities. Taking action is imperative to prevent financial losses, legal consequences, reputation damage, and disruptions caused by potential cyberattacks.

Read more in our blog

Customer Stories

Boyne Resorts had a legacy SIEM that overloaded its security team with false positives while making it difficult and expensive to integrate data sources. Needing to gain visibility across its distributed environment and achieve best-in-class threat intelligence, the company implemented Palo Alto Networks Cortex XSIAM? and Unit 42 MDR.

Read more

More Information

• Learn more about Cortex.
• Read Security Operations blogs.
• Join an upcoming Cortex event.
• Request a Cortex demo.

?2023 Palo Alto Networks. All the company names and/or brand names, and/or product names, and/or logos referred to in this document are either registered trademarks or trademarks pending registration in accordance with relevant national laws.