Security orchestration platform gets attack-centric prioritization
XM Cyber, a leader in Attack-Centric Exposure Prioritization, has announced integration with the Cortex XSOAR security orchestration automation and response (SOAR) platform from Palo Alto Networks. This integration adds one-click access within the Cortex XSOAR Marketplace to risk-free attack simulation that enables security teams to see the full path of a potential attack.
“By integrating Cortex XSOAR with the XM Cyber platform, security analysts can receive additional contextual information if an incident should be prioritized because it could be used to create an attack path toward a critical asset. The XM Cyber platform also generates incidents if there is a dramatic change in the company’s security posture,” said Boaz Gorodissky, co-founder and CTO of XM Cyber.
“XM Cyber allows the security team to immediately understand the criticality of the assets involved and all attack paths associated with any incident. The combination not only helps to dramatically reduce risk, but also optimizes how security teams spend their time and resources,” he added.
Security and network teams are constantly asking themselves whether a particular alert is high risk, low risk, impacts mission critical assets, or if it can wait until the next patch. The combined power of XM Cyber and Cortex XSOAR enables teams with the contextual data needed to make the best decisions possible when protecting an organization’s critical assets.
“XM Cyber gives Cortex XSOAR customers a new capability that enhances the security team’s ability to continuously evaluate their security posture,” said Matt Chase, the Director of Cortex Alliances, Palo Alto Networks. “This attack-centric contextual data is necessary for more accurate decision-making to reduce risk to critical assets.”
The integration enriches events and incidents in Cortex XSOAR with critical information, including:
- The ability to determine whether business critical assets are at risk;
- The name and a description of the attack technique;
- Detailed information on all impacted assets, including those deemed mission critical;
- Identification of choke points, i.e. whether the asset resides in line with multiple attack paths;
- Context-sensitive recommendations for remediation ranked in order of importance;
- A link to the XM Cyber platform for running attack simulations.
This information helps security analysts better understand their network environment and allows them to identify user mistakes, poor IT hygiene, misconfigurations, and misplaced credentials that can often go unnoticed. The industry leading automation and orchestration capabilities and features of Cortex XSOAR, combined with an attack-centric exposure approach to threat simulation, can help companies eliminate 99% of the real threats to their network by just solving the 1% that matters.