Cortex XSIAM now enables customers to add their own custom AI models on the XSIAM data lake in addition to the already existing 1,300+ models
Palo Alto Networks collects more security data than any other cybersecurity company, with more than 5 petabytes of security data ingested daily, and with more than 1 exabyte stored in total. XSIAM offers robust, out-of-the-box AI models built for superior security analytics and protection against threats. In addition, many mature SOCs want the ability to customize and create their own ML models. The BYOML framework makes the vast security data stored in XSIAM available for the first time. This allows security teams to create and integrate their own ML models into XSIAM to enable unique use cases like fraud detection, security research and sophisticated data visualization.
In addition to the BYOML framework, XSIAM 2.0 includes new features that enable organizations to address today’s security operations challenges through increased visibility and threat prioritization. The new XSIAM Command Center creates a seismic shift in how security teams monitor their security operations with a comprehensive view of data sources and alerts, enabling the effortless identification and prioritization of security incidents within a single unified platform. Additionally, with the new MITRE ATT&CK Coverage Dashboard, organizations can swiftly gauge their overall defense against a broad set of threat actor tactics and techniques, channeling their efforts toward strengthening their overall security posture.
Gonen Fink, senior vice president, Cortex products, Palo Alto Networks, said:
“Effective security operations are a major challenge for companies all worldwide. The speed at which attackers are moving, coupled with new regulatory requirements like the SEC Mandate requiring public companies to disclose material cybersecurity incidents within four days of discovery, make it impossible to handle cyberthreats with traditional manual approaches. Using artificial intelligence and automation, XSIAM 2.0 closes this gap by addressing operational complexity, stopping threats at scale, and speeding up incident remediation.”
Also Read: QAD Introduces Miny, Generative AI in QAD Process Intelligence
Further building on its recent success and recognition, Palo Alto Networks Cortex XSIAM was identified as a Leader and Outperformer in GigaOm’s 2023 Radar Report on Autonomous SOC.*
Andrew Green, research analyst, GigaOm, said:
“As a solution built from the ground up with lessons learned from a suite of leading security products, XSIAM delivers a comprehensive autonomous SOC solution that scores high on a wide range of key criteria.”
The outcomes achieved by XSIAM 2.0 cannot be met with multiple point products and siloed data. XSIAM converges SOC capabilities, including XDR, SOAR, SIEM and more, into a single platform to streamline security operations. It also continuously collects, stitches and normalizes raw data, all through a unified approach. Unified data, coupled with an AI-driven platform approach, is why customers have seen the following results:
- Oil and gas company: 75% reduction in incidents requiring investigation. This is from ~1,000 a day to ~250 a day, eliminating false positives and duplicates.
- Boyne Resorts: Added 20 more data sources into one platform, streamlining and improving investigations.
- Imagination Technologies: 10x improvement in incident closure rate, going from <10% to 100%.
Paul Alexander, director of IT operations at Imagination Technologies Group, said:
“One of our biggest pain points is information overload. Business growth is great, but it means we have more business operations to manage, and meanwhile, the threat actors are getting more sophisticated. XSIAM is helping because it effectively lets us cut straight to the real and serious incidents that we need to focus on and we’re not wasting time on data that doesn’t need our attention.”
SOURCE: PRNewswire
