Global
Africa
South Africa
Albania
Australia
Austria
Belgium
Bosnia Herzegovina
Bulgaria
Canada
Canada FR
Croatia
Czech Republic
Denmark
Estonia
Finland 
Finland (English)
France
Germany
Hong Kong
Hungary
Iceland
India
Indonesia
Ireland
Israel
Italy
Kosovo
Latvia
Lithuania
Malaysia
Middle East
Montenegro
Netherlands
New Zealand
North Macedonia
Norway
Philippines
Poland
Portugal
Romania
Saudi Arabia
Serbia
Singapore
Slovakia
Slovenija
Spain
Sweden
Switzerland DE
Thailand
Turkey
USA
Ukraine
United Kingdom
Vietnam
Demisto: THE Comprehensive Security Orchestration (SOAR) Platform
Security Orchestration and Automation
Demisto’s security orchestration and automation enables standardized, automated, and coordinated response across your security product stack. Playbooks powered by thousands of security actions make scalable, accelerated incident response a reality.
Visual Playbook Editor
Easy-to-build, drag-and-drop playbooks with thousands of security actions across products, workflow logic, and manual checks and balances.
Live Workplan Review
A clear graphical interface to review and validate playbook runs in real-time with human-readable output and machine-readable context.
Integrations and Extensible Platform
Hundreds of built-in security product integrations with intuitive classification mappers and a powerful SDK to build custom integrations.
Incident Management
Demisto’s full incident management suite facilitates end-to-end incident oversight. Ingest incidents from a variety of detection sources, study reconstructed timelines to discover root causes, capture all evidence and documentation, and visualize metrics through custom dashboards.
Incident Repository
A database of incidents ingested from multiple sources into Demisto with full search-and-query capabilities, details and context, and visualized data cross-sections.
Evidence Board
An evidence timeline to reconstruct attack chains and piece together key pieces of verification for root cause discovery.
Dashboards and Reports
Fully customizable dashboards and reports with a user-driven widget library to visualize tailored metrics both in real-time and for posterity.
Interactive Investigation
Demisto’s interactive investigation feature-set allows for real-time and collaborative investigation for complex incidents that can’t be solved through standardized means alone. A virtual War Room lets analysts collaborate, run security commands without switching consoles, and capture incident context from disparate sources, all while benefiting from Machine Learning-powered insights.
Virtual War Room
Analysts can conduct joint investigations and run real-time security commands for efficient hand-offs, faster resolution, and auto-documentation of incident context.
Indicator Repository
All indicators (IPs, file hashes, domains, usernames etc.) are auto-discovered and correlated across incidents. A powerful search interface allows for proactive threat hunting.
Machine Learning
DBot (Demisto’s chatbot) trains on incident, indicator, and analyst data to generate insights for simpler workflow creation, increased analyst productivity, and more effective security operations.
Please contact your local Exclusive Networks Account Manager to learn more about Palo Alto Networks Demisto or visit their website (https://www.paloaltonetworks.com/detection-response/demisto
