Palo Alto Networks

XSOAR playbook

Bootstrap Your Threat Intel Management Program With Free Feeds and IOC Enrichers

Getting your threat intel management (TIM) program up and running might seem like a daunting task. Picking the right feeds and enrichers can be challenging as there are many different options and flavors to choose from, and these subscriptions sometimes come with a hefty price tag.

So, we have made it easier for our Cortex XSOAR customers to find and install integrations that do not require a subscription and in some cases might ...

Playbook of the Week

Uncategorized

Dec 07, 2023

By Dror Avrahami

Palo Alto Networks

Products and Services

Partners

Announcement, Playbook of the Week

Playbook of the Week: Streamlining the management of XDR Incidents

The new Cortex XDR Lite - Incident Handling playbook is a new addition to the Palo Alto Networks Cortex XDR - Investigation and Response content pack....

Nov 09, 2023

By Omri Itzhak

Playbook of the Week

Playbook of the Week: Unleash the Power of Identity Threat Intelligence wit...

When it comes to detecting identity-related threats, security teams need to distinguish between suspicious but benign activity and truly malicious activity. This can be challenging...

Oct 24, 2023

By Ido Van Dijk

Playbook of the Week

Playbook of the Week: Automating DLP Incident Feedback

In today's digital landscape, data loss prevention (DLP) solutions have become a critical component for keeping sensitive data secure in an organization. With an increasing amount of data being generated and sh...

Sep 07, 2023

By Tomer Haimof

Playbook of the Week

Playbook of the Week: Using CVEs in Incident Investigation

The Common Vulnerabilities and Exposures (CVE) repository is designed to provide a reference for a publicly known information security vulnerability. CVE identifiers, or CVEs, are...

Aug 03, 2023

By Dror Avrahami

Playbook of the Week

Playbook of the Week: Automating Malicious File Detonation with Joe Securit...

The role of a security analyst has evolved significantly over the years, as the nature of cybersecurity threats have become increasingly sophisticated and complex. Today's security...

Apr 20, 2023

By Arad Carmi

Announcement, Must-Read Articles, Playbook of the Week

Playbook of the Week: Automated Rapid Response to 3CXDesktopApp Supply Chai...

A supply chain attack involving a software-based phone application called 3CXDesktopApp hit at the end of March.

Apr 06, 2023

By Jane Goh

Playbook of the Week

Playbook of the Week: Automating the Prioritization of Prisma Cloud Virtual...

Understanding and visualizing your cloud risks can be difficult to do. And, even if you have overcome those issues, the more data you collect often means more alerts and more work...

Mar 30, 2023

By Tomer Haimof

Must-Read Articles, News and Events, Playbook of the Week

Playbook of the Week: Automated Rapid Response to Microsoft Outlook for Win...

Automate Your Response to the Microsoft Outlook for Windows Vulnerability (CVE-2023-23397) On March 14th 2023, as part of Microsoft’s Patch Tuesday re...

Mar 21, 2023

By Ben Melamed

Playbook of the Week: Catch Me if You Can! Stopping the Impossible Traveler

Employee remote work continues to challenge the security measures of organizations. Is the user who keeps trying to access your cloud applications from Boston really Amelia in HR, who logged in this morning fro...

Mar 10, 2023

By Charity Spiri

Playbook of the Week

Playbook of the Week: Manage Secrets and Protect Sensitive Data

Information security teams rely on a variety of products and tools to manage their daily work. Each product typically has its own login details, creating a significant challenge fo...

Mar 03, 2023

By Moishy Matyas

Playbook of the Week, Uncategorized

Automate Workflows Using Threat Vault

As a security analyst, staying up-to-date on the latest threats is a crucial part of your job. This can be a time-consuming task, especially if you are manually researching vulnerabilities, exploits, viruses, and spyware. That's where Threa...

Jan 20, 2023

By Bar Katzir

Playbook of the Week, Uncategorized

Playbook of the Week: Uncovering Unknown Malware Using SSDeep

Cryptographic hashes like MD5 are often used to identify malware, but as malware evolves, new iterations of the same malware are being released consta...

Jan 13, 2023

By Ido Van Dijk

Playbook of the Week, Uncategorized

Playbook of the Week: Automate NGFW Management with Cortex XSOAR

Today’s security operations centers (SOCs) are plagued with lengthy investigation times and security teams are often drowning in repeatable, manual ta...

Jan 06, 2023

By Danil Vilenchik

Playbook of the Week

Integrate Elasticsearch Into Your Incident Management Playbooks Using XSOAR

Security teams continue to face many challenges in their daily jobs, including the overwhelming task of sifting through large data sets to aid in identifying and responding quickly...

Dec 16, 2022

By Guy Liberman

Playbook of the Week

Playbook of the Week: Malware Investigation and Response - The Sequel

Enhancing your security automation and response capabilities across multiple platforms while tending to large amounts of threat investigations is anything but easy. But not doing s...

Nov 11, 2022

By Bar Katzir and Sasha Sokolovich

Playbook of the Week

Playbook of the Week: Speed Detection and Automate Response to Insider Risk...

In the 2022 Bureau of Labor Statistics report, the overall employee turnover rate is 57.3%, including both voluntary and involuntary leaves per year. Whether employees are leaving...

Nov 04, 2022

By Yvonne Le

Playbook of the Week

Playbook of the Week: Automated Ghost Busting with Cortex XSOAR

“Those houses haunt in which we leave / Something undone.” So begins Ghosts, a lyrical sonnet on haunted houses, by Elizabeth Jennings, a major figure in The Movement, a 1950s Brit...

Oct 28, 2022

By Jane Goh

Playbook of the Week

Playbook of the Week — Teaching XSOAR a Few New Tricks with Slack Blocks

In most cases, SlackAsk does not provide enough information suitable for analyst investigations, as it focuses mainly on binary “yes/no” questions. Creating independent SlackAsk ta...

Oct 21, 2022

By Amichai Shamah

Playbook of the Week, Uncategorized

Playbook of the Week: Automating EDL Management

A few years back when I was doing professional services at a financial company, I talked with one of the security operations center (SOC) analysts about one of the worst days in their career.

Oct 14, 2022

By Bar Katzir

Must-Read Articles, Playbook of the Week, Uncategorized

Playbook of the Week: Automating Your Threat Intelligence with Cortex XSOAR

How confident are you in tracking and assessing the threat actors that stalk your enterprise? Despite the millions of threat indicators that come in d...

Sep 16, 2022

By Brendan Powers

Load more blogs