Palo Alto Networks

IOC enrichment

Security Orchestration Use Case: Automating IOC Enrichment

Enrichment of indicators is one of the first tasks security teams perform during incident response. The challenges here are twofold. Firstly, the process of indicator enrichment is as repetitive as it is important. Analysts risk getting mired in this grunt-work while the attack continues to manifest. Secondly, isolated security tools result in a struggle to reconcile threat intelligence data across platforms to get an overall understanding of indicator malice....

Oct 09, 2018

Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.