Cybersecurity giant Palo Alto Networks is launching the general availability of Cortex XSIAM, a new autonomous security operations platform designed to power modern security operations centers (SOC) and change the way data, analytics and automation are used in enterprise and cloud security operations.
The general availability comes after the company earlier this year made the Cortex XSIAM platform available to “a number of top organizations” through a design partner program, spanning healthcare, logistics, design, manufacturing, technology, public sector and entertainment verticals.
According to the Santa Clara, Calif.-based company, those organizations faced similar challenges, including overwhelming alert volumes combined with false positives, lack of visibility across the organization and excessive manual overhead from managing siloed tools.
The company says XSIAM operates across both cloud and enterprise security operations for end-to-end management of threats wherever they originate. Unlike other SIEM products, the platform provides the ability to collect and integrate cloud telemetry that is unique to cloud systems. This allows companies operating in the cloud to benefit from the scale, automation and integration with public cloud and SaaS telemetry while also giving organizations with legacy SIEM deployments the ability to transition to XSIAM.
Palo Alto Networks claims it operates its own SOC on Cortex XSIAM, with the platform able to help the company process over one trillion events each month by handling most of those events. Leveraging intelligent data integration, machine learning-based threat models, automation and proactive analysis of IT environments, the company says the platform can help SOCs detect threats in 10 seconds and respond to high priority threats in one minute with an 80% reduction in alerts.
According to Lee Klarich, chief product officer at Palo Alto Networks, the company feels that SOC analysts deserve tools that enhance results, efficiency and productivity.
“Cortex XSIAM establishes an autonomous SOC where organizations can respond to threats in a fraction of the time it takes today, and analysts can focus on the highest priority incidents,” Klarich says. “The SOC of the future will be built on AI and automation — any other approach is destined for failure.”
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply