Palo Alto Networks Cortex XSIAM Debuts
February 23, 2022
major challenge in cybersecurity today is our inability to leverage massive
scales of data for our defense. To meet this challenge, Palo Alto Networks
introduced Cortex XSIAM: an AI-driven platform that can revolutionize the way
data, analytics and automation are deployed by security organizations. Extended
Security Intelligence & Automation Management (XSIAM) turns widespread
infrastructure telemetry into an intelligent data foundation to fuel
best-in-class artificial intelligence and dramatically accelerate threat
response. Built from the ground up as an autonomous security platform, XSIAM
will disrupt the multibillion dollar SIEM category by offering a modern
alternative that can stay ahead of today's threat landscape.
"Organizations are still taking hours, or even days or months, to remediate
threats — those are hours and days we no longer have given the speed and
sophistication of attacks that are now commonplace. The SIEM space has been
frozen and still relies heavily on human-driven workflows," said Nikesh Arora,
CEO and chairman of Palo Alto Networks. "This is not an area where we need an
evolutionary approach. This is an area where we need a revolutionary approach.
We have to radically reimagine how we run cybersecurity using AI, so that an
enterprise is able to respond to all attacks in real time, not days, not weeks,
The SIEM category has served security operations for many years as a way to
aggregate and analyze alerts and logs — with incremental improvement in security
outcomes. As a result, security operations teams continued to bolt on new tools
that promised to solve point problems, resulting in a fragmented and ineffective
security architecture. As compute and data storage have improved exponentially,
it is essential to radically reimagine how we can deliver real-time security
that can match pervasive, AI-powered cyberattacks. XSIAM is the revolutionary
approach that collects granular data — not just logs and alerts — to drive
machine learning for natively autonomous response actions, such as
cross-correlation of alerts and data, detection of highly sophisticated,
emerging threats, and automated remediation based on native threat intelligence
and attack surface data.
Specifically, Cortex XSIAM will transform security operations by enabling
an intelligent data foundation while reducing costs.
Cortex XSIAM can natively ingest, normalize and integrate granular data across
the security infrastructure at nearly half the list cost of legacy security
products attempting to solve the problem.
Respond in minutes rather than days.
By providing multiple layers of AI-driven analytics based on the data
foundation, Cortex XSIAM detects emerging threats across the entire security
infrastructure, automates correlation of alerts and data into incidents, and
leverages a self-learning recommendation engine to determine response
Proactively outpace threats.
Cortex XSIAM will enable continuous discovery of vulnerabilities through native
attack surface management and automate response based integrated threat
intelligence from tens of thousands of Palo Alto Networks customers.
Availability: Cortex XSIAM is now available to a limited set of customers and is
expected to be generally available later this year.