SECURITY
SECURITY
SECURITY
Roll out of Cortex XSOAR by Palo Alto Networks designed to make life of security analyst easier
The life of a security analyst these days is certainly not easy, and Palo Alto Networks Inc. is seeking to change that situation.
The cybersecurity firm introduced an extended security orchestration, automation and response platform this week to provide capabilities for security analysts to deal with threats across the enterprise. The new platform builds on Palo Alto Network’s acquisition of Demisto Inc. for $560 million last year.
“This is taking that Demisto platform and expanding it to include a very core piece, which is threat intelligence management,” said Rishi Bhargava (pictured), co-founder of Demisto and vice president of product strategy at Palo Alto Networks. “We are investing a lot in the next-generation security business across the board.”
Bhargava spoke with John Furrier, co-host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the RSA Conference in San Francisco. They discussed the platform’s key features and how the new platform will encourage collaboration within the enterprise.
Right data at right time
The extended platform is named Cortex XSOAR and includes collaboration features that assist administrators seeking to exchange information in the event of a data breach. The goal is not only to foster better communication, but also to provide an accessible repository of critical information.
“How do you make sure an analyst gets to see the data they are supposed to see at the right time?” Bhargava asked. “We heard from customers that analysts do not talk to each other effectively, and when they do, nobody captures that knowledge.”
The security world has traditionally used a “red team/blue team” model to assess network vulnerabilities and evaluate techniques for threat response. Red teams generally imitate real-world attacks, and blue teams are tasked with finding ways to defend against incidents.
“With Cortex XSOAR and similar products, we are starting to automate the ‘blue team’ side of things,” Bhargava explained. “These things are coming together in a unified platform where the ‘blue team’ and the ‘red team’ are part of the same umbrella. They are sharing the data, sharing the information.”
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference.
Photo: SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
