Palo Alto Networks Delivers the Industry's First Cloud-Optimized SOC Platform

• 15 Apr 2024
• TM Team
• 0 Comments

Palo Alto Networks, the global cybersecurity leader, today announced a new milestone in how security operations centers (SOC) secure the cloud. The new innovations as part of Cortex XSIAM® for Cloud bolster the Palo Alto Networks Cortex XSIAM platform to natively deliver Cloud Detection and Response capabilities in one unified solution, making Cortex XSIAM the industry's first SOC platform optimized for the cloud.

Many organizations now run a large portion of their business in the cloud, yet traditional SOC security tools weren't designed for the cloud. Palo Alto Networks new Cortex XSIAM for Cloud innovations delivers cloud security operations capabilities through one platform for faster, better security outcomes. It incorporates the unique architecture of cloud-based applications, understands the distinct characteristics of cloud-related threats, and provides the necessary real-time monitoring and response capabilities for SOC analysts.

Gonen Fink, SVP of Products for Cortex and Prisma Cloud, said: "The evolution of our Cortex XSIAM platform to integrate Cloud Detection and Response capabilities underscores the reason we created Cortex XSIAM – to provide a comprehensive security operations platform powered by AI and automation. This approach eliminates data silos, increases efficiency, and nets optimal experiences for SecOps teams. Cortex XSIAM for Cloud represents our commitment to providing a unified security solution in one platform, leading to greater speed and better security."  

As part of the new Cloud Detection and Response capabilities, Cortex XSIAM provides customers:

· Comprehensive UI and workflows: Within the same unified platform for enterprise security in Cortex XSIAM, SOC analysts can now utilize a new Cloud Command Center for complete visibility into cloud assets. This visibility enables security teams to identify and respond to cloud threats quickly.

· An expanded security agent: An expanded version of the Cortex XDR® Agent augments Cortex's best-in-class runtime security and threat protection with Prisma® Cloud's powerful vulnerability and security compliance management capabilities to deliver a complete Cloud Detection and Response solution. These new capabilities not only eliminate the necessity for two agents but also significantly enhance visibility while streamlining deployment and operations across the entirety of a security program.

· Native integration with Prisma Cloud: The new Prisma Cloud integration further enriches the capabilities delivered through the cloud SOC with broader context and security posture information about cloud assets for detailed incident grouping and more straightforward navigation.

Dave Gruber, Principal Cybersecurity Analyst at Enterprise Strategy Group, said: "Our research shows that 89% of SOC teams either play a major role or have complete ownership of cloud security operations. Yet current SOC tools often fall short in providing the level of visibility and context needed to support cloud investigations. The addition of native, cloud SecOps capabilities within Cortex XSIAM narrows this gap, enabling cloud and security teams to work more collaboratively to see, understand, and mitigate attacks involving cloud resources."