Endace and Palo Alto Networks Cortex XSOAR enable accelerated forensics of cyberthreats

2020-06-03 01:15

Endace announced that the EndaceProbe Analytics Platform is now integrated with Palo Alto Networks Cortex XSOAR, the industry's first extended security, orchestration, automation and response platform with native threat intel management that empowers security leaders with instant capabilities against threats across their entire enterprise.

Through this integration, Endace and Cortex XSOAR provide customers with network packet capture from within Cortex XSOAR playbooks to enable accelerated, evidence-led, forensic investigation of cyberthreats.

The integration leverages Endace's rapid-search and data-mining APIs to integrate network history into Cortex XSOAR. Using Cortex XSOAR's powerful automation capabilities, the full packet history relating to specific security incidents is automatically retrieved from one or more EndaceProbes and provided back to analysts as definitive forensic evidence.

"Endace's scalable, network-wide full packet capture is a powerful addition to the Cortex XSOAR ecosystem," said Rishi Bhargava, vice president of product strategy, Cortex XSOAR at Palo Alto Networks.

Cortex XSOAR is an extended security orchestration, automation and response platform that unifies case management, automation, real-time collaboration and threat intel management to transform every stage of the incident lifecycle.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/F6rJQZeKs5A/

#cyberthreat #endace #forensic #paloalto