Cyberint and Cortex XSOAR - Extending Automated Digital Risk Protection

Apr 01, 2021
3 minutes
... views

The enterprise risk surface has grown, driven by factors such as digital transformation and the global shift to remote workforces. Today’s attack surface also now includes channels that are incredibly difficult to protect, like social media, mobile, third party vendors, and more. Previously, security teams relied on hardening the organization’s network security posture, but today, networks make up only a fraction of the risk surface from which attackers try to breach and exploit organizations.

This new reality of frequent attack surface changes demands a regularly updated and adaptive security approach. As a result, organizations are turning to Digital Risk Protection (DRP) solutions to monitor the full breadth of modern attack surfaces.

According to Gartner, Digital Risk Protection solutions “provide visibility into the open (surface) web, dark web, and deep web sources to identify potential threats to critical assets and provide contextual information on threat actors and the tactics and processes utilized to conduct malicious activity." DRP solutions are becoming indispensable tools in an organization’s arsenal to prevent the advanced and dynamic threats they face in a rapidly-evolving digital landscape. That is why we are so excited that the Cyberint content pack is finally available to help simplify and streamline Digital Risk Protection for Cortex XSOAR users.

The Cortex XSOAR and Cyberint Integration

Cyberint has been focusing on monitoring the ever-expanding attack surface and its many potential permutations for years to create highly relevant and actionable alerts from its findings. In order to allow businesses like yours to respond quickly and efficiently to these alerts, Cyberint now offers an integrated content pack in the Cortex™ XSOAR Marketplace. This pack is designed to bring enriched threat intelligence from the Argos™ Digital Risk Protection Platform into Cortex XSOAR.

This new content pack provides your team with the ability to automatically apply and combine Intelligence-Driven Digital Risk Protection with orchestration playbooks and incident processes that span all your third party tools and data sources.

This pack provides you with the ability to:

  • Leverage enriched and contextualized data from the Argos™ Digital Risk Protection platform to maximize your security posture within Cortex XSOAR.
  • Easily expose attack tools, phishing sites, fraud incidents, and more.
  • Automatically block IOCs, reset account credentials, change access tokens, and more.
  • Optimize your security’s team performance for faster MTTA and MTTR.
  • Track the status of tickets with automatic sync updates across systems for instant visibility and comprehensive performance metrics.

With this new content pack, your team finally has access to Cyberint’s deep visibility and Cortex XSOAR’s complete and simple automation, so you can effectively tackle the challenges of an ever-expanding attack surface. For more information, please visit the Cortex XSOAR Marketplace.

Subscribe to Security Operations Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.