Palo Alto Networks: Cortex XDR 3.0 Released

Palo Alto Networks: Cortex XDR 3.0 Released

Third-generation XDR automates threat detection and investigation across endpoint, network, cloud and identity, from a single console

Palo Alto Networks announced Cortex® XDR™ 3.0, expanding its pioneering extended detection and response (XDR) solution to cloud- and identity-based threats to give organizations the holistic analytics needed to protect against increasingly sophisticated cyberattacks.

The third generation of Cortex XDR — already delivering top performance in the MITRE ATT&CK® evaluation — now offers security operations center (SOC) teams even broader protections across their attack surface. By extending detection, monitoring and investigation into cloud environments, and detecting malicious user activities and insider threats through analysis of identity data, SOC teams benefit from security analytics across endpoint, network, cloud and identity for organization-wide detection and response — critical in an era of increasingly interrelated attacks.

In addition, Cortex XDR 3.0 offers security teams forensic investigation features based on the advanced proprietary tools of Palo Alto Networks’ world-class Unit 42 Security Consulting group and supports ingestion and custom correlations for virtually all third-party data sources.

New features of Cortex XDR 3.0 to prepare SOC teams to know and stop attacks include:

  • Cortex XDR for cloud allows SOC teams to extend detection, monitoring and investigation into cloud environments.
  • Cortex XDR Identity Analytics further enhances the user behavior analytics capabilities of XDR to detect malicious activities and insider threats by collecting and analyzing an extensive set of identity data.
  • Cortex XDR Forensics module delivers the advanced forensic investigation tool used by the Palo Alto Networks Unit 42 Security Consulting group directly to Cortex XDR customers.
  • Cortex XDR Incident Management Interface provides security analysts with a comprehensive story of an incident in one place, including related malicious artifacts, hosts, users and correlated alerts mapped to the MITRE ATT&CK framework.
  • Cortex XDR Third-Party Data Engine offers customers the ability to ingest, normalize, correlate, query and analyze data from virtually any source.

Read the full press release here.

More information on Cortex XDR 3.0 is available here, in the Palo Alto Networks blog here, or from your local Exclusive Networks Account Manager.