Palo Alto Networks Integrates Latest AI-backed Security Features to its Cortex Line

Highlights:

• Since the AI explosion of the previous year, most of the company’s enterprise customers have requested that Cortex XSIAM v2.0 be able to integrate any machine learning framework.
• Cortex is going to incorporate a new module called Command Center, which will help security operations staff members monitor alerts and prioritize research subjects with incredible skill.

Palo Alto Networks Inc. integrated the latest AI-based security features into its Cortex security automation and intelligence product line — the keyword being ‘automation’ regarding spotting and preventing exploits and threats.

The corporation states that finding and containing an incident typically takes five and a half days. Furthermore, the process of remediation is taking longer than expected because there are numerous security solutions used by different teams that have separate data silos that aren’t often shared throughout an organization. Furthermore, many security operation systems in the market still rely on human processes to sort through the alerts and determine their significance.

Since the AI explosion of the previous year, most of the company’s enterprise customers have requested that Cortex XSIAM v2.0 be able to integrate any machine learning framework. The free and open-source Jupyter Notebook tool is used to do it.

This means that to reduce the time an attacker has between compromise and execution, Palo Alto’s daily collection of petabytes of network telemetry is now accessible for these models, enabling improved fraud detection or data visualization. One customer of an oil and gas company was able to cut the amount of false positive notifications by 75%.

Paul Alexander, Director of IT for Imagination Technologies, said it could shut all its open security instances with the latest features. Earlier, it could only close ten percent of incidents. He admires Cortex “because it effectively lets us cut straight to the real and serious incidents that we need to focus on, and we’re not wasting time on data that doesn’t need our attention.”

Additionally, Cortex is going to incorporate a new module called Command Center, which will help security operations staff members monitor alerts and prioritize research subjects with incredible skill. This dashboard is intended to answer inquiries about the sort of data set being evaluated, the quantity and variety of open occurrences, and the number of threats that have been stopped. Along with a distinct dashboard to map threats to the MITRE ATT and CK schema, it also contains a beautiful depiction of the operations involved in threat remediation and removal.