Tech today

Palo Alto Networks Adds “Bring Your Own AI” Capability To Cortex XSIAM

It used to take an attacker 44 days on average to exfiltrate data from an organization once it was compromised — now it’s a matter of hours — and with companies taking an average of 5.5 days to initially contain an incident, legacy security operations solutions no longer work.

Since its debut, Cortex XSIAM® has helped customers revolutionize their security operations center (SOC). One services company improved its median time to resolution from days to minutes — 270 times faster than before. Further improving the award-winning AI-driven security operations platform, Palo Alto Networks (NASDAQ: PANW) has unveiled Cortex XSIAM 2.0, which includes a new bring-your-own machine learning (BYOML) framework.

Palo Alto Networks collects more security data than any other cybersecurity company, with more than 5 petabytes of security data ingested daily, and with more than 1 exabyte stored in total. XSIAM offers robust, out-of-the-box AI models built for superior security analytics and protection against threats.

In addition, many mature SOCs want the ability to customize and create their own machine learning models. The BYOML framework makes the vast security data stored in XSIAM available for the first time. This allows security teams to create and integrate their own machine learning models into XSIAM to enable unique use cases like fraud detection, security research, and sophisticated data visualization.

In addition to the BYOML framework, XSIAM 2.0 includes new features that enable organizations to address today’s security operations challenges through increased visibility and threat prioritization. The new XSIAM Command Center creates a seismic shift in how security teams monitor their security operations with a comprehensive view of data sources and alerts, enabling the effortless identification and prioritization of security incidents within a single unified platform.

Additionally, with the new MITRE ATT&CK Coverage Dashboard, organizations can swiftly gauge their overall defense against a broad set of threat actor tactics and techniques, channeling their efforts toward strengthening their overall security posture.

Gonen Fink, senior vice president, Cortex products, Palo Alto Networks, said: “Effective security operations are a major challenge for companies all worldwide. The speed at which attackers are moving, coupled with new regulatory requirements like the SEC Mandate requiring public companies to disclose material cybersecurity incidents within four days of discovery, make it impossible to handle cyberthreats with traditional manual approaches. Using artificial intelligence and automation, XSIAM 2.0 closes this gap by addressing operational complexity, stopping threats at scale, and speeding up incident remediation.”