Scribd
Upload
28 views

Security Operations Optimization Service For Cortex XDR

Uploaded by

punzango73
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
28 views

Security Operations Optimization Service For Cortex XDR

Uploaded by

punzango73
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Security Operations

Optimization Service
for Cortex XDR
Automate threat detection and speed up investigations
To maximize your use of the Cortex XDR™ framework, you need to incorporate
its capabilities into your processes and ensure your team is familiar with its latest
threat detection and investigation features.

Our SecOps consultant will optimize your Cortex XDR deployment by providing
custom updates based on your environment and threats. Additionally, the
consultant will work with your team to create SecOps processes that will
make your analysts more efficient and effective at protecting your business,
including training on proper use of Cortex XDR features.

We can also conduct ongoing reviews of your policies and how your team is
handling investigations and threat hunting. We work with your team to ensure
the proper knowledge transfer occurs to support operations, administration,
and maintenance of your Cortex XDR deployment as well as use of advanced
features.

Cortex by Palo Alto Networks | Security Operations Optimization Service for Cortex XDR | Datasheet 1
flows and processes. Topics covered in this session will vary
depending on your environment and threats encountered, but
Benefits
they may include:
Once the service is conducted, you’ll have:
• Event analysis and/or policy tuning
• Consistent detection and investigation from SecOps
• Threat hunting
workflow and process integration with Cortex XDR
• SIEM integration
• Insider access to new and advanced feature information
• SecOps workflow process
• Accelerated and simplified investigations from team
education • Log formatting review
• Proper log formatting for effective threat hunting and Following this session, the consultant will meet with your
SIEM integration team again to continue to refine your SecOps procedures and
enable your team to perform advanced tasks with Cortex XDR.
• Effective operations, administration, and manage-
ment with knowledge transfer to your team Documentation Delivery
Palo Alto Networks will deliver a detailed document that

How It Works
­describes the configuration changes made during the
­engagement, as well as an Operations, Administration, and
Maintenance Guide for ongoing daily, weekly, and monthly
Prerequisites and Architecture Review tasks. We’ll review these documents with you to ensure you can
Integrating Cortex XDR into your SecOps workflows and sustain the improvements beyond the end of our engagement.
processes has certain prerequisites, which will be confirmed
before the engagement begins. Additional Optimization
These include: To continuously improve your prevention capabilities, we offer
additional event analysis and recommendations engagements.
• Cortex XDR activated After the initial integration service is complete, you can add
• Cortex™ Data Lake licenses active on regular reviews of your security events and get recommen-
• Enhanced application logging enabled on Panorama™ net- dations to optimize your use of Cortex XDR. An expert familiar
work security management and/or managed devices (hard- with your environment will acquaint your team with the latest
ware-based or VM-Series) for Cortex logging integration capabilities and incorporate them into your processes. Reviews,
performed as often as your business requires, can include:
• Pathfinder installed and forwarding to Cortex Data Lake
• New features and capabilities assessment
• Minimum 21 days of logs from devices and/or Pathfinder
• System and usage overview
• Cortex XDR installed with at least 25% saturation
• Best Practice Assessment (BPA) analysis
After these prerequisites are confirmed, Palo Alto Networks
will conduct an architecture review with your team. • SecOps Cortex XDR policy review
• SecOps Cortex XDR processes review
Initial Security Operations Integration with
• SOC team survey
­Cortex XDR
An expert Palo Alto Networks consultant will meet with your
SecOps team to hold a dynamic knowledge transfer session for To order the Security Operations Optimization
the initial integration of Cortex XDR into your SecOps work- ­Service for Cortex XDR, please contact your local
Palo Alto Networks partner or sales representative.

3000 Tannery Way © 2020 Palo Alto Networks, Inc. Palo Alto Networks is a registered
Santa Clara, CA 95054 ­trademark of Palo Alto Networks. A list of our trademarks can be found at
https://www.paloaltonetworks.com/company/trademarks.html. All other
Main: +1.408.753.4000 marks mentioned herein may be trademarks of their respective companies.
Sales: +1.866.320.4788 security-operations-optimization-service-for-cortex-xdr-ds-050420
Support: +1.866.898.9087

www.paloaltonetworks.com

You might also like