We changed our name from IT Central Station: Here's why
2020-04-23T10:13:36Z

What is your primary use case for Palo Alto Networks Cortex XSOAR?


How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

ITCS user
Guest
88 Answers

author avatar
Top 20Real User

We were looking for a single pane of glass type of solution that would allow us to physically be in one appliance be able to work in concert with other servers that we have within our environment. We wanted orchestration and automation. The single pane of glass was the most important part. Every investigator has a different way of tackling an investigation. Essentially what we wanted to do is to take the mundane tasks that the investigators have to do as part of their investigation process and then automate those mundane tasks as a pre-processor. That way, when the investigation is provided to the investigator in order to review what was found, all they have to do is look at the data that was presented to them and they wouldn't have to go through the process of doing the data enrichment with regards to threats and functions of that nature because all of that was done ahead of time as part of the processing. Right now we've started with one investigation, which is phishing. The user will report any phishing attempts against any of our users within JPL to an email address. Our XSOAR appliance will peek into that mailbox, pull the emails out, and then process those emails that have been reported. As part of the processing, it'll do the data enrichment and once that's done, that's presented to the investigator in order to review the findings. The investigator makes the final verdict. Once the final verdict is rendered, then the other automated task would be the enforcement tasks, which would include any blocking of the sender, blocking of the IP, blocking of the domain, blocking of the URL, and those types of actions.

2021-11-11T20:34:00Z
author avatar
Top 20Real User

We use Palo Alto Networks Cortex XSOAR for several areas of security automation, such as phishing, investigating, mitigating, the detection of impossible travel, and consolidating threat information for our internal systems.

2021-09-08T17:50:45Z
author avatar
Top 5LeaderboardReal User

We use Palo Alto as a firewall, a system for detecting and whitelisting certain IP addresses or to block certain IP addresses based on where they're coming from. We then send the logs to another log management tool for more forensics and analysis before we make a decision. We're basically using Palo Alto for firewalling and sending those logs to another security monitoring tool to make decisions based on analytics that it provides us.

2021-07-02T21:29:00Z
author avatar
Top 5LeaderboardReseller

We are using this solution to have a completely organized SOC from a list of devices in our environment. We are able to manage all of our devices, such as firewalls and endpoint protection solutions.

2021-06-04T22:17:49Z
author avatar
Top 5LeaderboardReal User

I primarily pitch and sell this solution to our customers. We do product assessments and consult with customers for the most part. Clients can use it for automation.

2021-05-15T08:48:25Z
author avatar
Top 5LeaderboardMSP

We primarily use the solution for automation and the orchestration of security.

2021-04-16T12:03:35Z
author avatar
Top 20Real User

The use cases basically came from the customers. Most of the time, the major concern is from a security perspective because various kinds of attacks are happening. To restrict or stop those attacks, we are building playbooks. We are also automating repetitive tasks. We are using on-premise as well as cloud deployments.

2020-11-04T15:41:37Z
author avatar
Top 5LeaderboardReseller

We are a solution provider and this is one of the products that we are selling to our clients.

2020-04-23T10:13:36Z
Learn what your peers think about Palo Alto Networks Cortex XSOAR. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
563,148 professionals have used our research since 2012.