Cortex XDR For Network Traffic Analysis PDF

Download as pdf or txt
Download as pdf or txt
You are on page 1of 2

Cortex XDR for Network

Traffic Analysis
Why Add Cortex XDR to Your Hunt down and stop attackers in your
Next-Generation Firewalls? ­network with AI-powered analytics
• Detect targeted attacks, insider threats,
and malware with AI-powered analytics.
Blind Spots Increase Your Risk of a
• Monitor managed and unmanaged
devices as well as block threats with
­Successful Attack
your Next-Generation Firewall.
To catch adversaries dwelling in your network, you need
• Collect rich network logs and enhanced
the right data combined with behavioral analytics and
application logs without deploying new
network appliances. machine learning. You should monitor internet traffic as
• Store data effortlessly in the cloud. well as internal, east-west communications between your
users and servers to detect post-intrusion activity, such as
lateral movement and exfiltration.
The Easiest Decision You’ll Make
Unfortunately, most security teams today lack visibility
With Cortex XDR™, you can protect
your organization from attacks while
across all their systems, especially their unmanaged
getting more value from your existing endpoints. Analysts waste time triaging incomplete,
Palo Alto Networks Next-Generation
inaccurate alerts and manually gathering investigative
Firewalls as a subscription.
clues instead of stopping attacks. Teams need a new
approach to security operations, or they will struggle to
protect their digital assets.

Cortex by Palo Alto Networks | Cortex XDR for N


­ etwork Traffic Analysis | Datasheet 1
determine if suspicious processes are malware. By grouping
related alerts into incidents and presenting all the informa-
tion analysts need to confirm an attack, Cortex XDR makes
investigations a snap.

Coordinate Response Across Endpoint, Network,


and Cloud Enforcement Points
Your security team can instantly contain threats using multiple
flexible response options. Using the Cortex XDR agent and Path-
finder, or by blocking malicious traffic with your firewalls, you
can quickly stop the spread of malware, terminate processes,
delete malicious files, and more. With the Live Terminal feature,
your analysts can connect directly to endpoints, access graph-
ical file and task managers, and run Python®, PowerShell®, or
system commands and scripts. Integration with Cortex XSOAR
Figure 1: Machine learning and analytics allows you to orchestrate responses across hundreds of tools.
automatically find active threats

Quickly Detect, Investigate, and “Once we got Cortex XDR in, we had the relief of knowing
Shut Down Threats we were seeing real, viable data—information we could
react to, information we could act on, and what the end-
Cortex XDR empowers you to find and stop the stealthiest points were doing. There was this tremendous relief that,
network threats—fast. When configured for network traffic now, we could be ahead of the situation.”
analysis, Cortex XDR analyzes rich network data with machine
— Greg Biegen, Director of ­Information Security,
learning to pinpoint targeted attacks, malicious insiders, and
Cherwell Software
compromised endpoints with laser accuracy. By reviewing
­actionable alerts, your analysts can rapidly confirm and block
threats before any damage is done.
With Cortex XDR, you can thwart every step of an attack.
Get Started in Minutes with Cloud Delivery
­Cortex XDR detects command and control, lateral movement, The cloud native Cortex XDR platform offers streamlined
data exfiltration, and malware activity by profiling behavior deployment, eliminating the need to deploy log servers or
and detecting anomalies indicative of adversary tactics. new on-premises sensors throughout your network. You
can use your Palo Alto ­Networks Next-­Generation Firewalls
Detect Advanced Threats with Behavioral or third-party firewalls to collect data and easily store it in
­Analytics and Machine Learning Cortex Data Lake, a scalable and efficient cloud-based data
Cortex XDR reveals post-intrusion activity, cutting your repository, reducing the number of products to manage. By
mean time to detect (MTTD) and ensuring your network is automating tasks and simplifying management, Cortex XDR
free of active attackers. Using machine learning, Cortex XDR delivers a 44% cost savings compared to siloed security tools.
continuously profiles user and endpoint behavior to detect
anomalous activity indicative of attacks. By applying a­ nalytics
to an integrated set of data, including security alerts and rich Cortex XDR
network, endpoint, and cloud logs, Cortex XDR exceeds the
detection capabilities of siloed tools. Automated detection
works all day, every day, providing you peace of mind. Cortex Data Lake

Accelerate Investigations with User, Device,


and Endpoint Details
GP VM-
To simplify triage and analysis, Cortex XDR produces a Series

small number of accurate, actionable alerts. Alerts include Next-Gen Firewall Endpoint Cloud Third Party
information about the user, application, and device as well
as endpoint process data collected by the Cortex XDR agent
or the agentless ­Pathfinder endpoint ­analysis service. Cortex Figure 2: Cortex XDR collects data from
XDR integrates with WildFire® malware prevention service to Next-Generation Firewalls and third-party
sources for network traffic analysis

3000 Tannery Way © 2020 Palo Alto Networks, Inc. Palo Alto Networks is a registered
Santa Clara, CA 95054 ­trademark of Palo Alto Networks. A list of our trademarks can be found at
https://www.paloaltonetworks.com/company/trademarks.html. All other
Main: +1.408.753.4000 marks mentioned herein may be trademarks of their respective companies.
Sales: +1.866.320.4788 cortex-xdr-for-network-traffic-analysis-ho-030620
Support: +1.866.898.9087

www.paloaltonetworks.com

You might also like