To respond effectively to threats, security teams first need to recognize them as such—and that’s becoming harder than ever. With cybercriminals switching IP addresses and domains after every attack, customers need context for current incidents and insights into the next potential attack.
Meanwhile, false positives from disparate systems across the environment swamp the SOC, creating “alert fatigue,” and making it all too easy for real threats to slip through. The problem is having too much information, and needing to filter to focus on the right intelligence at the right time before it's too late.
That’s why two of the top companies in enterprise cybersecurity have partnered to help security teams recognize threats, understand their significance, and enable a fast and effective response. Together, Palo Alto Networks Cortex XSOAR™ and Accenture Cyber Threat Intelligence (CTI) are making threat intelligence actionable—automatically.
As one of the world’s top providers of enterprise security solutions, Palo Alto Networks helps protect more than 80,000 customers in over 150 countries against a rising tide of cyberthreats. Our Cortex XSOAR solution connects endpoints, security information and event management (SIEM) systems, enterprise directories, and threat intelligence streams in unified security orchestration, automation, and response (SOAR) platform to help security teams collaborate and manage cases across the incident lifecycle. Built-in playbooks for specific types of threats enable an efficient, fully informed response by security analysts, or a fully automated response that eliminates the need for human intervention.
With 16,00+ skilled cybersecurity professionals and 119,000 cloud professionals managing over 1.6 million workloads, Accenture holds the top position on Fortune’s list of the World’s Most Admired Companies: IT Services category. Accenture’s CTI division helps organizations reduce business risk and improve security outcomes with tailored, full-spectrum threat intelligence based on data and analyst insights—including information gathered through close relationships with government agencies and other high-value sources.
In choosing to work with Palo Alto Networks, Accenture CTI is joining the industry’s largest ecosystem of technology partners, which extends the XSOAR platform with more than 850 product integrations and content packs available through the Cortex XSOAR Marketplace.
The partnership between Palo Alto Networks and Accenture CTI weaves together the two most critical elements of cybersecurity: intelligence and action.
Under extreme pressure to validate, evaluate, and interpret an enormous volume of cybersecurity intelligence reports and data feeds in real-time, security teams around the globe rely on Accenture CTI to deliver accurate and actionable intelligence to help them focus on the right threats at the right time. By combining Accenture CTI’s services with Palo Alto Networks’ technologies, Accenture is now making it possible to inject this intelligence directly into its customers’ information security operations without the need for time-consuming manual effort by enterprise security analysts.
Traditionally, enterprise security analysts have fed indicators of compromise (IOCs) such as known malicious IP addresses, URLs, and domains into their security systems using tedious methods such as cutting and pasting text from reports and feeds. The integration between Accenture CTI and the Cortex XSOAR platform now accelerates this process by automatically importing Accenture CTI data and intelligence reports directly into the XSOAR platform.
As security incidents occur, the integration automatically queries the identified IOCs and imports any relevant intelligence into the Cortex XSOAR incident. As a result, the security team gets complete visibility into Accenture CTI’s understanding and analysis of the threat the moment they open the incident.
As security teams take action on the incident, they can run standard and customized XSOAR playbooks to automate the tasks appropriate to the threat, such as interacting with users, blocking email, updating firewall ports, opening tickets, detonating files in a sandbox, and so on.
By stripping away false positives, eliminating time-consuming manual enrichment tasks, and enabling an automated response, the integrated solution provided by Palo Alto Networks Cortex XSOAR and Accenture CTI helps security teams work faster and smarter to stop threats. In an intensifying and accelerating threat landscape, that can make all the difference.
You can learn more about the integration between Cortex XSOAR and Accenture CTI on the Cortex XSOAR Marketplace. If you are interested in test driving Cortex XSOAR, download our free Community Edition. For more information on Accenture CTI please visit Accenture Security.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.