When Cortex XSIAM was released in October 2022, we set out to solve the core problem that SOC’s are facing - it takes too long to detect and resolve security incidents. This problem is a symptom of how SOCs operate today, overwhelmed with too many tools to work in, too much data to process and analyze effectively, and too many manual tasks.
We believe that the solution to this problem is a converged security operations platform, that leads with AI-driven outcomes and an automation-first approach. These combined capabilities are often referred to in the market as autonomous security operations platforms.
To be clear, when the market refers to “autonomous security operations” or an “autonomous SOC”, this does not mean that SOCs will ever be fully autonomous and cut out humans altogether. Instead, it means that the security solutions we implement should handle a majority of the analysis and work before humans ever see the incident. Out-of-the-box security analytics should drive effective threat protection; embedded automation should take care of many of the repeatable tasks; and then present analysts with remaining incidents that require additional human judgment and reason. In short, a machine-led, human-empowered SOC.
Cortex XSIAM is an AI-driven platform that converges SOC capabilities, leverages AI for accurate threat protection and applies an automation-first approach to security operations. With Cortex XSIAM, we aim to simplify security operations, stop threats at scale and accelerate incident remediation - all within a single platform.
In just a year, we are redefining what ideal SOC operations should look like, and customers and industry analysts are validating this approach.
GigaOm evaluated a number of vendor’s autonomous SOC solutions, measuring them against their ability to serve specific market segments, deployment options of their solution, and other key criteria for product capabilities and innovation.
The GigaOm Radar then weighs all of these results to assess each vendor's execution, roadmap and ability to innovate, which ultimately determines the final position on the radar.
Based on the analysis conducted by GigaOm, Cortex XSIAM was recognized as a leader in the GigaOm Radar Report on Autonomous Security Operations Center (SOC) solutions.
Additionally, Cortex XSIAM was recognized as an outperformer based on a strong strategy and pace of innovation, as demonstrated by the continuous innovation and features delivered over the last year, including the Identity Threat Detection & Response (ITDR) module.
Across all of the measured criteria, Cortex XSIAM received top rating of “exceptional” six of nine key criteria measured, and “capable” in the remaining three key criteria.
“As a solution built from the ground-up with lessons learned from a suite of leading security products, Cortex XSIAM delivers a comprehensive autonomous SOC solution that scores high on a wide range of key criteria", states GigaOm analyst Andrew Green.
All of these capabilities are meant to drive better security outcomes like detecting and remediating incidents faster. With this in mind, Cortex XSIAM received the top score for improving mean time to remediation (MTTR), a result that has been realized by many existing customers.
At Palo Alto Networks, we’ve been on a journey to build the most comprehensive and effective SOC platform in the industry. We built Cortex XSIAM from the ground up with embedded AI and automation to solve SOC’s challenges of today and into the future.
If you want to learn more about how we are doing that, download the GigaOm Radar for Autonomous SOC today.