Security and network teams struggle with the high volume of alerts due to insufficient context and automation to help cut through the noise, especially when they lack information on how to respond and mitigate common incidents. When the SOC is unable to keep up with the volume of incoming alerts, the ability to separate low risk and high risk incidents becomes necessary to ensure the organization maintains security around critical data and devices.
Security teams simulate attacks to test signature-based security controls and overall system response. It is imperative for attack simulations to reflect your environment and prioritize real exposures in your network. To best leverage remediation techniques, your security team needs to fully understand the context of the attack.
To help security teams understand their alerts and test security controls, the XM Cyber content pack, available in the Cortex XSOAR Marketplace, automates continuous discovery of network exposures and simulates new attack paths to critical assets within Cortex XSOAR.
To read the full article, visit the Palo Alto blog at https://blog.paloaltonetworks.com/security-operations/xm-cyber-marketplace-integration/.