Discovering the capabilities of Cortex XSOAR and Cortex XDR
The center’s original orchestration and endpoint solutions came up for renewal during the planning process, and the orchestration system, in particular, had a hefty price tag for renewing. So, before moving ahead, the security and infrastructure engineering director and CTO asked for a new demo of their current product.
During that demo, the leaders noted that the main benefit of their current orchestration system was its ticketing system. However, it lacked the level of automation they really needed to support a next-gen SOC. This led them to request a live demo of Palo Alto Networks Cortex XSOAR. Seeing the tool in action made them confident they’d found the perfect solution.
“Palo Alto’s XSOAR was a SOAR on steroids. Once I found out what Palo Alto had and how it integrated into our stack, and because we were already working on vendor consolidation, Palo Alto became our primary vendor to support the four pillars of the SOC, which also meant we would utilize them for securing our endpoints,” the director added
Once installed, they then focused on the endpoints, installing XDR with XSOAR to identify their gaps and applications of value (such as its critical SAP servers), to learn behaviors, and to prioritize security updates.
In the midst of all of this transformation, COVID-19 protocols and new work-from-home mandates led them to move much of their workforce to home offices in March 2020. Fortunately, they were able to pivot easily by installing Palo Alto Networks GlobalProtect for firewall and VPN-layered access protections on the network, which integrated with their new Cortex XSOAR for SOC orchestration.