Video není dostupné.
Omlouváme se.
Your SOC's Efficiency & Automation Powerhouse | Cortex XSIAM
Vložit
- čas přidán 18. 08. 2024
- Cortex XSIAM transforms your Security Operations Center (SOC) into an efficient, automated powerhouse.
This video demonstrates how XSIAM tackles the biggest challenges facing SOC managers, analysts, and engineers:
-For SOC Managers: Gain instant visibility into analyst efficiency, automation effectiveness, and incident trends. Make data-driven decisions to optimize your SOC's performance.
-For Analysts: Eliminate alert fatigue with XSIAM's Smart Score, which automatically prioritizes critical incidents. Accelerate investigations with contextual automation and actionable recommendations.
-For Engineers: Simplify data onboarding with pre-built content packs that include parsing, normalization, correlations, dashboards, and playbooks. Get new data sources up and running in minutes, not months.
Join us as we showcase real-world scenarios, including:
-Automated Incident Triage: See how XSIAM autonomously handles low-severity incidents, freeing your analysts to focus on high-priority threats.
-Analyst-Guided Workflows: Experience how XSIAM intelligently guides analysts through complex investigations with contextual playbooks and recommendations.
-Effortless Data Onboarding: Witness how XSIAM simplifies the integration of new data sources, instantly enriching and correlating data for immediate value.
Discover how Cortex XSIAM can empower your SOC to work smarter, faster, and more effectively.
0:00 Intro
0:33 Dashboard Overview
3:20 Incident Handling
4:55 Playbook: Automatic Incident Handling
6:11 Playbook: Analyst Input Needed
6:47 Playbook Recommendations from XSIAM
8:44 Automatic Incident Handling
11:13 Data Onboarding and Management
13:14 Integration Dashboard
#XSIAM #SIEM #Cybersecurity #SOC #Automation #ThreatDetection #IncidentResponse
Does this only integrate with Palo solutions or can you use XSIAM if you have Cisco firewalls and Crowdstrike EP?
It’s meant to replace SIEM’s, so yes it can integrate with 3rd parties. The video actually shows a number of integrations (Fortigate, CheckPoint, AD, etc.) and it covers the marketplace at the end, which is the place you add integrations.
Reg EDR’s specifically, XSIAM comes with its Endpoint agents included, so it effectively includes the EDR functionality, which means that you can replace your CRWD/S1/MSFT/etc. agents with it.
your answer can start from 11:15
@@faizansheikh9643 I’m good now. Have been through the XSIAM training they offer lol