Cortex Xsiam
Cortex Xsiam
Cortex Xsiam
A streamlined data onboarding process lets SecOps teams easily add new data sources while an
extended data model normalizes and correlates data for schema on-read data access. Cortex X SIAM
also automatically stitches together endpoint, network, cloud, identity, and other data so it can detect
advanced threats with precision and simplify investigations with cross-data insights.
Cortex XSIAM lets analysts swiftly investigate incidents by providing a complete picture of every attack
with intelligent alert grouping and root cause analysis. Embedded automation enriches alerts, respond
to malicious activity, and close low-risk alerts before they reach the queue—enabling analysts to focus
on the few threats that require human intervention. Cortex XSIAM is powering Palo Alto Networks own
SOC and turning over a trillion events per month into a handful of analyst incidents per day.
Unlike legacy SOC solutions, where operationalizing and optimizing the product is an exercise left
to the customer, Cortex XSIAM benefits from continuous updates from the Palo Alto Networks Unit
42 research team. Palo Alto Networks experts collect threat intel from more than 90,000 customers,
update machine learning (ML) detection models, and automatically distribute the latest protections to
Cortex XSIAM deployments. Insights from across the threat landscape help safeguard customers from
the latest advanced and fast-moving threats. By fusing leading technology with shared intelligence and
research, Palo Alto Networks shares the r esponsibility of protecting our customers’ ongoing operations.
MTTR
75%
270x Faster Reduction
in incidents requiring
investigation from
Added 10x more data yet ~1,000 a day to ~250 a day,
improved MTTR from eliminating false positives
3 days to 16 minutes and duplicates
Figure 2: Cortex XSIAM Customers have improved SOC efficiency while increasing overall visibility
Visit the Cortex XSIAM page or connect with your account manager today to set up a demo and see
XSIAM in action.
Unit 42 Managed Detection and Response (MDR) and Managed Threat Hunting (MTH) services can be
easily added to your Cortex XSIAM subscription.
Resources
• Cortex XSIAM e-book
• Cortex XSIAM Help Center
• Customer Story: Imagination Technologies transforms SOC operations with Cortex XSIAM
• Customer Story: Oil and gas company deploys AI-driven SOC with Cortex XSIAM
3000 Tannery Way © 2023 Palo Alto Networks, Inc. Palo Alto Networks and the Palo Alto Networks
Santa Clara, CA 95054 logo are registered trademarks of Palo Alto Networks, Inc. A list of our trademarks
can be found at https://www.paloaltonetworks.com/company/trademarks.html.
Main: +1.408.753.4000 All other marks mentioned herein may be trademarks of their respective companies.
Sales: +1.866.320.4788 cortex_ds_cortex-xsiam_102523
Support: +1.866.898.9087
www.paloaltonetworks.com