Extend Threat Intelligence with Information Processing from Cortex XSOAR and SOCRadar XTI

As threat actors leverage more targeted techniques and attacks to exploit vulnerable systems, protecting an organization becomes a more complicated task. To best protect against the ever changing security landscape, security teams must have a threat intelligence database that is maintained and updated daily. Unfortunately, teams rarely have the time or resources to stay informed on current cyber attacks. Effectively responding is made even more difficult by the lack of attack surface visibility and insufficient context around threat intelligence.

To overcome these threats, SOCRadar XTI and Cortex XSOAR are excited to share that the new SOCRadar content pack with built in playbooks and incident context is now available within the Cortex XSOAR Marketplace. This new content pack provides Cortex XSOAR customers with extended threat intelligence by processing data collected from the internet and streamlining the remediation of high severity incidents into an automated playbook. Supercharge your threat intelligence with one click installation directly from the in-platform XSOAR Marketplace.

Let’s take a look at why this is so important for your security program

Together, SOCRadar and Cortex XSOAR enable your security and IT teams to accelerate the threat investigation and incident response workflows by allowing joint customers to make enriched Indicator Of Compromise queries within Cortex XSOAR. The prebuilt content pack provides immediate value for security teams that leverage this powerful integration by fetching real-time incidents, threat feeds and IOCs.

The SOCRadar content pack enables you to:

  • Increase resiliency against new attacks with automatic and continuous surface, deep, and dark web monitoring.
  • Automate the ingestion of threat feeds and IOCs to accurately block malicious traffic.
  • Pre populate threat intelligence alerts with actionable data and indicator types, including IP addresses, domains, file hashes like SHA-1 or MD5, and more.
  • Leverage bidirectional communication between the SOCRadar and XSOAR platforms, allowing analysts to address incidents as quickly as possible.

Learn More

Build out your security program with the SOCRadar content pack, available now on the Cortex XSOAR Marketplace. Look up prebuilt integrations for your top security tools with over 850 content packs available for Cortex XSOAR, the market’s leading SOAR platform.

To see the SOCRadar content pack, visit https://xsoar.pan.dev/marketplace/details/SOCRadar. Learn more about SOCRadar at www.socradar.io

Don’t have Cortex XSOAR? Download the Community Edition to get started.