Download PDF version Contact company

Palo Alto Networks, the global cybersecurity company, introduced Cortex™ XSOAR, an extended security orchestration, automation and response platform that empowers security leaders with instant capabilities against threats across their entire enterprise. Cortex XSOAR is an evolution of the Demisto® platform, which was acquired by Palo Alto Networks in March 2019.

Threat intel data

Palo Alto Networks is redefining the security orchestration, automation and response category by making threat intelligence management a core component. By tightly integrating threat intelligence management with SOAR capabilities — such as unified case management, automation and real-time collaboration — customers are now able to fully operationalise threat feeds.

Bringing threat intel data into Cortex XSOAR means security orchestration just got simpler for the customer"

Customers are facing an overwhelming volume of alerts, threat intel sources, and security tasks,” says Lee Klarich, chief product officer for Palo Alto Networks. “Both SOAR and threat intelligence management have developed over recent years as tools to help them, but existing product silos have led to even more manual work. Bringing threat intel data into Cortex XSOAR means security orchestration just got simpler for the customer. It makes no sense to have SOAR without native threat intel.”

Threat management into security orchestration

The integration of threat management into security orchestration and automation is an inevitable evolution for improving security operations,” notes Jon Oltsik, senior principal analyst and fellow at the Enterprise Strategy Group (ESG).

Cortex XSOAR brings the right pieces together. Until now, operationalising vital threat intelligence data has been difficult or even impossible as it requires time, experience, and resources that are beyond the capabilities of many organisations. A platform like Cortex XSOAR acts as a security operations and analytics platform architecture, or SOAPA, for analysing and operationalising cyber threat intelligence. The benefit? Bringing the value of threat intel to the masses.”

Cortex XSOAR

With Cortex XSOAR, customers are able to:

  • Standardise and automate processes for any security use case: Easily automate hundreds of security use cases with playbooks that orchestrate response actions across more than 350 third-party products.
  • Adapt to any alert with security-focused case management: Accelerate incident response by unifying alerts, incidents and indicators from any source within a single case management framework.
  • Boost SecOps efficiency with real-time collaboration: Facilitate investigations across teams via a virtual War Room with built-in ChatOps and command line interface to execute commands across the entire product stack in real time.
  • Take action on threat intelligence with confidence and speed: Take full control of threat data by aggregating disparate sources, customising and scoring feeds, and matching indicators against a customer’s specific environment, as well as leveraging playbook automation to drive instant action.

Extending existing platform capabilities

SOAR applied to threat intelligence can help fully integrate it into your incident response program""Threat intelligence without context is just threat data. In order for threat intelligence to be of use, the original context of the threat intel has to be applied appropriately and mapped to internal incidents and policies," says Michael Poddo, director, Cyber Threat Analysis & Response, Emerson.

"However, doing this at scale and speed to keep pace with real-time threat feeds is tough without automation. SOAR applied to threat intelligence can help fully integrate it into all aspects of your incident response program."

Cortex XSOAR will replace Demisto by Palo Alto Networks, subsuming and extending existing platform capabilities. Demisto customers will be migrated to Cortex XSOAR upon general availability, expected in March 2020, with an option to evaluate the new Threat Intel Management module at no additional cost.

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

In case you missed it

What are the challenges and benefits of mobile access control?
What are the challenges and benefits of mobile access control?

There is a broad appeal to the idea of using a smartphone or wearable device as a credential for physical access control systems. Smartphones already perform a range of tasks that extend beyond making a phone call. Shouldn’t opening the door at a workplace be among them? It’s a simple idea, but there are obstacles for the industry to get there from here. We asked this week’s Expert Panel Roundtable: What are the challenges and benefits of mobile access control solutions? 

Securing a sustainable future
Securing a sustainable future

The UK Government has set out an ambitious ten-point plan, known as the green industrial revolution, with an aim “to forge ahead with eradicating its contribution to climate change by 2050.” This makes our government the first major economy to embrace such a legal obligation. Green recovery Acknowledging climate change and meeting net-zero is a demanding challenge especially for those affected by the pandemic. But the UK Government, with the launch of its aspiring strategy, is investing everything in its power to promote a ‘green recovery.’ Here, Reece Paprotny, Commercial Manager and Sustainability Champion at Amthal, highlights how the fire and security industry has an opportunity to use the current recovery period to explore its own sustainable journey and embrace the significance of environment, economic and social collaboration, transparency, and accountability. Employing sustainable technologies Pressure is mounting on construction to find ways to reduce emissions and help meet net-zero targets The perception is that COVID-19 presents a once-in-a-lifetime opportunity to re-write the existing rulebook. This is riding on the significance of changing public support for more environmentally friendly living opportunities, with associated cost savings, efficiencies, and cleaner industries. Innovative sustainable technologies are the key to kickstart this route to success.  Nowhere can this be seen more than in the built environment, which currently contributes to 40% of the UK's carbon footprint. Pressure is mounting on construction to find ways to reduce emissions and help meet net-zero targets. This is through the entire life cycle of a building, to reduce their impact on the environment from planning stages, through build and demolition. Building the right environment By creating the right policy environment, incentives for innovation and infrastructure, the Government can encourage companies to seize the sustainable opportunities of new technologies and value chains linked to green sectors. They can accelerate the shift of current carbon-intensive economic and industrial structures onto greener trajectories, enabling the UK to meet global climate and development goals under the Paris Agreement on climate change and the 2030 Agenda for Sustainable Development. Transparent working practices Each industry sector is expected to engage and pledge its support to achieve the significant deadlines. Every company can make a difference, even with small steps towards a sustainable future. So whilst elements such as safety and security represent just one component of building the right sustainable environment, it paves the way to opening up our sector to greater efficiencies, transparent working practices, and encourages collaborative use of resources. Sustainability in security The security sector has a significant opportunity to incorporate ‘going green’ into its practices In fact, the security sector has a significant opportunity to incorporate ‘going green’ into their processes, and practices. This is right from product lifecycles to more environmentally friendly work practices when it comes to maintenance and monitoring services. When integrating environmentally friendly practices, starts with the manufacturing and production of the wide variety of systems in operation for the security sector. And some certifications and guidelines can be achieved, such as the ISO 14000 which looks into eliminating hazardous materials being used which in turn will reduce carbon footprint.  Upgrading supply chain process Observing the complete supply chain and working with partners to reduce unnecessary travel, shipments, and transportation of products, can all contribute and create sustainable processes.  In the maintenance and monitoring of products, it is essential installers and security specialists consider their own environmental impacts. Simple changes such as switching company vehicles to electric options for site visits can make a significant difference to climate change and improving air quality. Presenting sustainable ways of disposing of products at the end of their natural lifecycle is key to change in our sector. This is especially in the security industry where many customers will need a complete overhaul of outdated solutions or need systems upgrading due to changing threat levels. Sustainable evolution Progress is being made, specifically in the fire and security industry, in its sustainable evolution. Businesses are trying to develop a reputation for “sustainability” or “good corporate citizenship.” And it has gone well beyond the theory to the practical, where companies recognise activities have an impact on the environment and are also reviewing the social and economic influences. Three pillars of sustainability In a recent interview, Inge Huijbrechts, the Global Senior Vice President for safety and security and Responsible Business at Radisson Hotel Groups sees her vision to combine safety, security, and sustainability. Inge focuses on three pillars, namely, Think People, Think Community, and Think Planet. Think People means that we “always care for the people in our hotels and our supply chain.” So, in outwards communications, safety and security were always part of the Think People focus area. Think Community is caring and contributing in a meaningful way to communities where we operate. Finally, Think Planet makes sure that “our footprint on the environment is as light as it can be in terms of energy, water, waste, and carbon, and making sure that we incorporate sustainability into our value proposition.” Moving forward Apprenticeship schemes are integral to ‘think people’ and have a role to play in the social impact on the security industry There are immediate actions that can be taken by companies in the security industry to support sustainable development, working right from within a company to supporting industry-wide initiatives. From a social perspective, at a foundation level, “Think People’ can see the Living Wage Foundation as an example of a commitment to a team.  This is for businesses that choose to go further and pay a real Living wage based on the cost of living, not just the Government minimum. Apprenticeship schemes are also integral to ‘think people’ and have a pivotal role to play on the social impact on the security industry.  It addresses the sector-wide issue of finding employees with the right mix of skills to collaborate and meet discerning consumer demands for increasingly smart security solutions for homes and businesses. Impact of the full lifecycle of products From an environmental view, or ‘think planet,’ we need to collectively look at all elements of our industry, with a desire to analyse the impact of ingredients used, supply chain, or manufacturing alone, and also consider the full lifecycle of our selected products from creation to end of life. As Jamie Allam, CEO Amthal summarises, “This is a long-term, sustainable investment in our people, our products, and our business based on our values.” “When put together, a social team which feels empowers and operates in environmental optimum working conditions is in a position to provide a great experience to our customers, creating an economic positive difference. It forms the basis of a sustainable sector vision for the security industry-wide to adopt.” Taking action Amthal is taking action based on the ready-made universally agreed UN 17 Sustainable Development Goals. Also known as Global Goals, these are at the heart of the 2030 Agenda for Sustainable Development, adopted by all United Nations Member states. This agenda is a plan of action for people, the planet, and prosperity. By being an early adopter, we believe we can engage with customers, partners, and suppliers on these issues and generate opportunities to innovate for mutual and industry sector benefit. Together, we can contribute to building a more sustainable security sector and future, and contribute to the UK Government’s green industrial revolution.

What is the impact of privacy concerns on physical security?
What is the impact of privacy concerns on physical security?

Adoption of General Data Protection Regulation (GDPR) by the European Union in 2016 set a new standard for data privacy. But adherence to GDPR is only one element, among many privacy concerns sweeping the global security community and leaving almost no product category untouched, from access control to video to biometrics. Because privacy concerns are more prevalent than ever, we asked this week’s Expert Panel Roundtable: What is the impact on the physical security market?