All news with #cortex xsiam tag

🚀 The author uses the Alien films to illustrate modern SOC challenges, arguing that threats enter unseen, tools create noise, and visibility gaps are lethal. The post highlights Unit 42 findings on faster exfiltration and critiques legacy SIEMs, advocating for a unified data foundation and AI-driven platforms like Cortex XSIAM. It recommends automation to accelerate response while preserving human expertise.

🚀 Palo Alto Networks announced that partners voted Cortex XSIAM as CRN’s 2025 Product of the Year for Security Operations Platform/SIEM and Prisma SASE as a 2025 Tech Innovator. Solution providers credited XSIAM’s AI-driven approach for sweeping the evaluation — leading in technology, revenue and customer need — and praised its ability to shift SOCs from tool management to outcome delivery. Partners highlighted Prisma SASE’s multicloud architecture, unified policies and AI copilot as essential for securing hybrid workforces, informed by feedback from over 70,000 customers and the recent Prisma SASE 4.0 release. Palo Alto frames these awards as validation of platform convergence and continued partner enablement.

🤖 Palo Alto Networks introduces Cortex AgentiX, an agentic AI platform designed to build, deploy and govern autonomous security and IT agents. The vendor says AgentiX extends the Cortex foundation and leverages 1.2 billion playbook executions to deliver end-to-end agentic workflows and drive up to a 98% reduction in Mean Time to Respond with 75% less manual work. It ships with prebuilt agents for threat intelligence, email, endpoint, network, cloud and IT, and highlights full transparency, role-based controls and human-in-the-loop approvals. AgentiX is embedded in Cortex XSIAM and Cortex Cloud today; a standalone platform and Cortex XDR integration are slated for early 2026.

🔒 The 2025 Unit 42 Global Incident Response Report shows that nearly a third of incidents investigated in 2024 were cloud-related, with 21% of cases directly impacting cloud assets. The article stresses the importance of the shared responsibility model and full, dynamic visibility to manage resource sprawl, misconfigurations and complex cloud-native architectures. It highlights identity misuse and overpermissioned accounts as frequent attack vectors and urges least privilege, credential rotation and robust logging. Palo Alto Networks recommends unified posture and response through Cortex Cloud and integration with Cortex XSIAM to reduce noise and automate remediation.

🛡️ At Black Hat, Palo Alto Networks' NOC operates a zero-hour defense model that protects critical infrastructure while enabling controlled exploit training. Engineers from Cortex and Unit 42 collaborate with partners like Corelight to develop rapid detections, deploy contextual rules on PA-5430 firewalls, and automate responses via Cortex XSIAM. The environment balances visibility, segmentation and automated enforcement to stop external threats without disrupting sanctioned exercises.

🌍 Palo Alto Networks has launched a new cloud location in South Africa to bring its AI-powered security platforms closer to local organizations. The region will host core services including Cortex XSIAM, Prisma SASE, Advanced WildFire, Advanced DNS Security, Strata Cloud Manager and Strata Logging Service. Local hosting is designed to reduce latency, meet data residency and sovereignty requirements, and deliver real-time detection, automated response and centralized logging. The investment aims to support South Africa’s digital transformation while addressing rising ransomware and phishing threats across the region.