Welcome to Cortex by Palo Alto Networks. Cortex is the industry's first autonomous security platform, revolutionizing security operations centers (SOCs). Learn more about Cortex's cutting-edge threat detection, prevention, attack surface management, and security automation tools - in one powerful platform.
Empower your SOC to proactively stop attacks and secure the future.
Subscribe to our channel for the latest cybersecurity news, product demos, and expert insights.
Cortex by Palo Alto Networks is building a more resilient and secure digital world together. Join the revolution. #Cybersecurity #Cortex #PaloAltoNetworks #SOC #ThreatDetection #ThreatPrevention
I just implemented this and step #19 in the playbook fails "Print output to warroom", It looks like it's trying to print the variable ${SSLReport.md}, but that doesn't exist in my context data. I have a ${SSLReport.HTML} but not the other one.
This is brilliant and solves the exact problem I'm currently having. Does this also check if the certificate is self-signed vs CA signed? Was thinking that that would also be a good check.
Hi, Can we make XSOAR listen for commands from Slack? Ex - Can I start a ticket by talking to the bot in Slack? Or have the bot recognise a keyword? The use case is to create a service now ticket by reading the user responses through slack
Thanks for your comment! Yes, we support Slack mirroring in Cortex XSOAR. Read about the details on our blog and the automation content pack is available via our Marketplace. Palo Alto Networks BlogPalo Alto Networks Blog Playbook of the Week - Teaching XSOAR a Few New Tricks with Slack Blocks - Palo Alto Networks Blog: www.paloaltonetworks.com/blog/security-operations/playbook-of-the-week-teaching-xsoar-a-few-new-tricks-with-slack-blocks/ Cortex XSOAR integrates with Slack to investigate failed login events and create pre-defined and automated responses.: cortex.marketplace.pan.dev/marketplace/details/Slack/#what-does-this-pack-do
0:00-0:14: Introduction to Senior Researcher Lior Rochberger 0:15-1:46: Introduction to Lockbit Ransomware and Double Extortion 1:47-2:32: How Does Lockbit Infiltrate Networks? 2:33-3:47 How Does Cortex XDR Protect Against Lockbit and Ransomware? 3:48-4:51: Final Thoughts: MultiLayer Protection is Key to Protect Against Ransomware
0:00-0:14: Introduction to Senior Researcher Lior Rockberger 0:15-1:09: Mallox Ransomware: A Double Extortion Ransomware Actor 1:10-1:17: Who, What, and How Mallox Exploits 1:18-1:56: Why Mallox Has Seen a Surge in Activity 1:57-2:52 How Cortex XDR Can Protect Against Mallox and Ransomware in General 2:53-3:54: Final Thoughts: Ransomware is Here to Stay and Multilayer Protection is Imperative
0:00-0:17: Introduction to Principal Researcher Daniel Frank 0:18-1:16: Threat Actors are Using OneNote to Deliver Malicious Attacks 1:17-3:02: What Does a QakBot OneNote Attack Look Like in Real Life, and Who, What, and How Are They Targeted? 3:03-3:51: The QakBot Trojan & Risks of Infection 3:52-4:48: How Cortex XDR Can Mitigate & Block Malicious OneNote Attachments 4:49-5:42: Final Thoughts: Stay Ahead of the Curve with Cortex XDR
0:00-0:13: Introduction to Principal Researcher Daniel Frank 0:14-1:42: Finding the Manic Menagerie 2.0 Threat Actor 1:43-2:21: 2018-2022 Strategies in Manic Menagerie 2:22-3:59: 2022 Manic Menagerie Shifts Operations Strategy 4:00-4:42: Explaining the Shift in Strategy 4:43-5:47: The Risks Manic Menagerie Poses for Businesses 5:48-6:43: How Cortex Prevents Against & Protects from Manic Menagerie 6:44-8:00: Final Thoughts: Stay Vigilant and Updated
0:00-0:49: Introduction to Senior Researcher Lior Rochberger 0:50-1:40: What's New About Node Stealer 2.0 1:41-2:42: Risks of Being Infected with Node Stealer 2.0 2:42-3:43: Who is the Threat Actor Behind Node Stealer 2.0? 3:44-4:35: Cortex Detects & Protects Against Node Stealer 2.0 4:36-5:56: Final Thoughts: Be Aware & Prepared Against Threats with Cortex
In this video, Norlem VP of Engineering Bobby Brillhart shares Norlem's experience: 0:00-0:59: Why Cortex XSIAM is So Good It's Unfair 0:59-1:56: Automation is Approachable, and Problem-Solving is Easier Than Ever 1:56-3:36: Gain a Clear Picture of What Customers Need. Act Accordingly
In this video, Lumifi CISO David Norlin attests to the power of Cortex XSIAM. 0:00-0:47: Cortex XSIAM and Consolidating Security 00:47-1:40: A Quality, UX-Friendly Platform Creates Value for Users and Customers 1:40-2:46: Endpoints to Data Lakes: Expanding the Depths of Insight
It’s meant to replace SIEM’s, so yes it can integrate with 3rd parties. The video actually shows a number of integrations (Fortigate, CheckPoint, AD, etc.) and it covers the marketplace at the end, which is the place you add integrations. Reg EDR’s specifically, XSIAM comes with its Endpoint agents included, so it effectively includes the EDR functionality, which means that you can replace your CRWD/S1/MSFT/etc. agents with it.
