UPDATED 19:47 EDT / FEBRUARY 26 2020

SECURITY

Roll out of Cortex XSOAR by Palo Alto Networks designed to make life of security analyst easier

The life of a security analyst these days is certainly not easy, and Palo Alto Networks Inc. is seeking to change that situation.

The cybersecurity firm introduced an extended security orchestration, automation and response platform this week to provide capabilities for security analysts to deal with threats across the enterprise. The new platform builds on Palo Alto Network’s acquisition of Demisto Inc. for $560 million last year.

“This is taking that Demisto platform and expanding it to include a very core piece, which is threat intelligence management,” said Rishi Bhargava (pictured), co-founder of Demisto and vice president of product strategy at Palo Alto Networks. “We are investing a lot in the next-generation security business across the board.”

Bhargava spoke with John Furrier, co-host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the RSA Conference in San Francisco. They discussed the platform’s key features and how the new platform will encourage collaboration within the enterprise.

Right data at right time

The extended platform is named Cortex XSOAR and includes collaboration features that assist administrators seeking to exchange information in the event of a data breach. The goal is not only to foster better communication, but also to provide an accessible repository of critical information.

“How do you make sure an analyst gets to see the data they are supposed to see at the right time?” Bhargava asked. “We heard from customers that analysts do not talk to each other effectively, and when they do, nobody captures that knowledge.”

The security world has traditionally used a “red team/blue team” model to assess network vulnerabilities and evaluate techniques for threat response. Red teams generally imitate real-world attacks, and blue teams are tasked with finding ways to defend against incidents.

“With Cortex XSOAR and similar products, we are starting to automate the ‘blue team’ side of things,” Bhargava explained. “These things are coming together in a unified platform where the ‘blue team’ and the ‘red team’ are part of the same umbrella. They are sharing the data, sharing the information.”

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference.

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU

Cookies

We employ the use of cookies. Find out more.