Alert Investigation and Response Just Got Easier with the Digital Shadows Threat Intelligence Pack Available Now via the Cortex XSOAR Marketplace

Mar 09, 2022
3 minutes
... views

When it comes to responding to threats, a quick and informed response makes the difference between protecting your business and falling victim to a breach. Unfortunately, many security teams lack the automation required to speed response, forcing analysts to manually explore the alert. The biggest hindrance teams face in their quest for speedy response is the time needed for investigation.

Digital Shadows and Cortex XSOAR have partnered to help address this common challenge. We are excited to announce the availability of the Digital Shadows Searchlight content pack for threat intelligence and the premium pack for SearchLight Essentials within the Cortex XSOAR Marketplace. These new capabilities can be installed with the click of a button for existing Cortex XSOAR clients and allow users to rapidly contextualize threats with industry-leading intelligence from SearchLight. Cortex XSOAR users can also subscribe to SearchLight Private Offer, providing streamlined procurement and custom term lengths.

The SearchLight Essentials premium pack empowers teams to quickly access the most actionable and relevant threat intelligence for exposed credentials, impersonating domains, and vulnerable services. Armed with this intelligence, organizations are now able to protect their data, secure their brand, and efficiently enrich IOCs utilizing Cortex XSOAR playbooks.

Why is this so important to your organization and those responsible for remediating threats?

In a fast-moving security landscape with limited resources, every moment is critical. SearchLight and Cortex XSOAR enable you to quickly respond to your online exposure and external threats. SearchLight can both identify new threats–like phishing domains–and enrich existing alerts raised from Cortex XSOAR’s single pane of glass with indicators and valuable context. This provides a relevant and actionable approach to threat intelligence, allowing organizations to focus on the digital risks that they are most concerned about.

The new playbooks included in the SearchLight content pack were created hand-in-hand with our clients to meet their scaling and resourcing challenges. By automating threat intelligence processes, like IOC enrichment and prioritization, one large retail client with global operations was able to save 90 hours of manual effort per month prioritizing over 1,000 monthly alerts.

The SearchLight content pack enables your SOC to:

  • Automate enrichment of observables to discover and leverage related intelligence.
  • Respond quickly to alerts by triggering out of the box playbooks that enable remediation.
  • Eliminate manual investigation and navigate with speed across your workloads and unstructured data, reducing the time it takes to enrich and respond to threats.
  • Automatically attach associated MITRE techniques, indicators, and other summary information to the incident for easy review and remediation.

Learn More

Build out your security program with the SearchLight premium pack or inquire about a private offer through the “Try Now” button in your XSOAR deployment. The Cortex XSOAR Marketplace houses more than 850 prebuilt content packs for your top security tools.

Discover how the pairing between SearchLight and Cortex XSOAR can elevate your security program with an expert led discussion on streamlined investigation and response. Save your seat today!


Subscribe to Security Operations Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.