Palo Alto Networks, the global cybersecurity leader, has officially announced a new update in the context of how security operations centers (SOC) secure the cloud. Arriving alongside company’s proprietary Cortex XSIAM® for Cloud solution, the stated update makes it possible for the platform to natively deliver cloud detection and response capabilities in one unified avenue, thus propelling Cortex XSIAM to be industry’s first SOC platform optimized for the cloud. Before we get any further into this development, though, we must try and understand its importance. You see, while many organizations now run a large portion of their business in the cloud, their traditional SOC tools aren’t exactly built to thrive within that setting. Fortunately enough, Palo Alto Networks’ updated Cortex XSIAM for Cloud platform takes on given the limitation by packing together unique architecture of cloud-based applications, understanding distinct characteristics of cloud-related threats, and providing the necessary real-time analysis and response capabilities to SOC analysts. Talk about what all users can expect on a more granular level, we begin from the renewed solution’s comprehensive UI and workflows. This translates to the fact that, leveraging the same unified platform for enterprise security in Cortex XSIAM, SOC analysts can now utilize a new Cloud Command Center for complete visibility into cloud assets. Such visibility, on its part, should go a long distance to let security teams identify and respond to cloud threats in a timely fashion.
Next up, the update in question brings to the fore an expanded security agent, which scales up Cortex’s best-in-class runtime security and threat protection using Prisma® Cloud’s powerful vulnerability and security compliance management capabilities. Thanks to that, Palo Alto Networks’ wider solution won’t just eliminate the necessity for two agents, but it will also aim to significantly enhance visibility, as well as streamline deployment and operations across the entirety of a security program.
“The evolution of our Cortex XSIAM platform to integrate Cloud Detection and Response capabilities underscores the reason we created Cortex XSIAM – to provide a comprehensive security operations platform powered by AI and automation. This approach eliminates data silos, increases efficiency, and nets optimal experiences for SecOps teams,” said Gonen Fink, SVP of Products for Cortex and Prisma Cloud.
Rounding up highlights for us would be the new native integration with Prisma Cloud. This particular integration bears the responsibility to enrich the capabilities delivered using the cloud SOC, something it does through broader context and security posture information about cloud assets. Such a facility ensures detailed incident grouping and more straightforward navigation.
Operating out of Santa Clara, Palo Alto Networks has risen up on the back of its best-in-class cybersecurity platforms and services. The testimony for these platforms can be had once you consider how they have detected, in total, more than 3.82 thousand attempts for exploitation so far. Apart from that, they have blocked well over 320.12 thousand malware executions, while simultaneously preventing inline 8.6 billion attacks. Hold on, there is more, considering the stated assortment of solutions have also identified an estimated 7.37 million unique attack objects till date, a number which goes upto 1.27 billion when you refer to wider unique objects.
“Our research shows that 89% of SOC teams either play a major role or have complete ownership of cloud security operations. Yet current SOC tools often fall short in providing the level of visibility and context needed to support cloud investigations. The addition of native, cloud SecOps capabilities within Cortex XSIAM narrows this gap,” said Dave Gruber, Principal Cybersecurity Analyst at Enterprise Strategy Group.