Palo Alto Completes Security Automation

Palo Alto Networks He has decided to take the risk. If the bet goes well, it can transform the world of cybersecurity as we understand it. Far from following the current of SASE or the Zero Trust strategies of other competitors, the world’s leading manufacturer made it clear at the last RSA conference that its strategy involved the autonomous SOC (Security Operations Center).

Their The intention is for cybersecurity to start relying more on artificial intelligence and machine learning tools and less on human oversight to detect and prevent cyberattacks. As announced at the conference, the company had already deployed the autonomous SOC technology in about 10 medium-sized and large companies that wanted to test its success. But, in addition, the security firm has already used it in its own SOC where it processes more than a billion events per month.

PAWN believes that this new technology can be the philosopher’s stone of cybersecurity and the truth is that, if successful, it can hit the table that allows you to expand your customer base. The benefits, of course, are clear: companies will be able to significantly reduce their security analyst staff, which would reduce their personnel costs or, perhaps more importantly, be able to face the talent crisis in the sector.

Palo Alto believes that Cortex XSIAM can be the philosopher’s stone of the new era of cybersecurity

The risk that Palo Alto runs is that dispensing with the human part can cause problems if a cyberattack is successful since the AI ​​and Machine Learning would not know how to act. So it looks like companies are going to go towards a hybrid model where the autonomous SOC prevents and deters threats and humans defend the systems in the event that the attack is successful.

The formula is called Cortex XSIAM

The tests seem to have borne fruit, since the company has just announced the general availability of Cortex XSIAM. “The SOC is where some of the best cybersecurity professionals work, and it’s about time they had the right platform to do their jobs effectively. We want to give our clients a new approach to SOC operations focused on results, efficiency and productivity”, points out Lee Klarich, product manager for Palo Alto Networks. “Cortex XSIAM establishes an autonomous SOC where organizations can respond to threats in a fraction of the time, and analysts can focus on the highest priority incidents. The SOC of the future will be built on Artificial Intelligence and automation – any other approach is doomed to fail.”

As we said, the Palo Alto Networks SOC processes over a billion events per month, and Cortex XSIAM automatically handles the vast majority of them. On average, the Cortex-powered SOC detects threats in 10 seconds and responds to high-priority threats in one minute, with a 80% reduction of the alerts that SOC analysts analyze.

By design, XSIAM operates in both the cloud and enterprise security operations, providing a true end-to-end threat managementregardless of where they originate. Unlike most existing SIEM products, XSIAM comes with the ability to collect and integrate cloud telemetry which is unique to cloud-native systems. While enterprises born into this environment benefit from XSIAM’s scale and automation and ease of integration with SaaS and public cloud telemetry, organizations with legacy SIEM deployments can seamlessly transition to XSIAM as state-of-the-art standalone SOC platform.