Roll out of Cortex XSOAR by Palo Alto Networks designed to make life of security analyst easier
The life of a security analyst these days is certainly not easy, and Palo Alto Networks Inc. is seeking to change that situation.
The cybersecurity firm introduced an extended security orchestration, automation and response platform this week to provide capabilities for security analysts to deal with threats across the enterprise. The new platform builds on Palo Alto Network’s acquisition of Demisto Inc. for $560 million last year.
“This is taking that Demisto platform and expanding it to include a very core piece, which is threat intelligence management,” said Rishi Bhargava (pictured), co-founder of Demisto and vice president of product strategy at Palo Alto Networks. “We are investing a lot in the next-generation security business across the board.”
Bhargava spoke with John Furrier, co-host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the RSA Conference in San Francisco. They discussed the platform’s key features and how the new platform will encourage collaboration within the enterprise.
Right data at right time
The extended platform is named Cortex XSOAR and includes collaboration features that assist administrators seeking to exchange information in the event of a data breach. The goal is not only to foster better communication, but also to provide an accessible repository of critical information.
“How do you make sure an analyst gets to see the data they are supposed to see at the right time?” Bhargava asked. “We heard from customers that analysts do not talk to each other effectively, and when they do, nobody captures that knowledge.”
The security world has traditionally used a “red team/blue team” model to assess network vulnerabilities and evaluate techniques for threat response. Red teams generally imitate real-world attacks, and blue teams are tasked with finding ways to defend against incidents.
“With Cortex XSOAR and similar products, we are starting to automate the ‘blue team’ side of things,” Bhargava explained. “These things are coming together in a unified platform where the ‘blue team’ and the ‘red team’ are part of the same umbrella. They are sharing the data, sharing the information.”
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the RSA Conference.
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.