Pima Community College secures academic freedom with a platform approach

Transitioning to a single, unified AI-driven platform eliminated the need for analysts to manually stitch together stories from disparate tools. Further, the automatic grouping and deduping of alerts allows the team to maintain a near-100% case closure rate, even as daily data ingestion and data sources doubled. Cortex XSIAM also unlocked prebuilt playbooks and native integrations that had previously required costly, time-consuming custom development.

For Security Architect Scott McGowan, XSIAM has enabled a fundamental shift in philosophy, from reactive case management to an automation-first mindset. In addition to streamlining workflows, the platform has expanded the team’s visibility into alert categories it previously couldn’t afford to monitor, automatically resolving those streams at a rate of 80%. Looking ahead, PCC plans to use XSIAM as a bidirectional automation layer connecting other enterprise platforms, such as HR systems, that currently lack native automation capabilities.

The integration among Palo Alto Networks solutions has established a seamless intelligence layer that bridges the gap between PCC’s network and endpoint security. Its physical and network layers feed into Cortex XSIAM, where the data enters a unified analytics engine and is stitched together with data from hardware and software firewalls and Cortex agents into a single, comprehensive view. The security team can view network activity from a remote endpoint in the same pane of glass as on-campus traffic, while intelligence gathered at any endpoint immediately triggers an update to network policies across the entire campus. To secure its open network posture, PCC uses the Precision AI® capabilities of Cloud-Delivered Security Services, such as Advanced URL Filtering, to block threats based on behavior rather than broad categories, ensuring that instruction isn’t interrupted.

For elite, 24/7 oversight across its diverse environment, PCC relies on Unit 42 Managed Threat Hunting as an extension of its own SOC. This service integrates directly with the Cortex XSIAM platform, conducting autonomous threat hunts around the clock to provide PCC’s team with true peace of mind. Prioritization of risk through the assignment of alert criticality ensures that analysts aren’t bogged down by extra work; instead, they’re simply seeing things they would have missed otherwise. PCC also benefits from the expansive threat intelligence Unit 42 derives from customers across the globe and appreciates that it can use Unit 42 queries even when not impacted. Each hunt delivers an executive-ready impact report with validated findings and recommended actions. MTH services have saved each analyst 20 hours per week, allowing team members to shift from manual log searching to strategic improvements.