Palo Alto Networks – 22 juni – Kick-Start Your Security

Description

Topic: Detect attacks with Cloud IDS and block them with Cortex XSOAR by Palo Alto Networks

Speakers: 

Dominique Pfeffer, Technology/ISV Partner Lead, EMEA, Google Cloud

Nana-Ampofo Ampofo-Anti, Systems Engineer Specialist, Palo Alto Networks

Where: Online

Part 1: Google Cloud IDS

In this section, you deploy Cloud IDS, a next-generation advanced intrusion detection service that provides threat detection for intrusions, malware, spyware and command-and-control attacks. You will simulate multiple attacks and view the threat details in the Cloud Console. You will create a Google Cloud Pub/Sub topic and a subscription. You will create log sink for Cloud IDS threat logs and send the threat logs to Pub/Sub topic.

Part 2: Deploy XSOAR playbook and block the attacks

In this section, you will prepare your Google Cloud environment for XSOAR, you will configure XSOAR pub/sub and Compute Engine integration instances at your XSOAR, you will deploy XSOAR IP Blacklist GCE Firewall playbook. You will repeat the attacks, viewing the threat details in the Cloud Console and observe XSOAR adds the attacker’s IP address to the VPC Network firewall rule, therefore the attacks are blocked by the firewall rule.

Date Location Duration Time of Event Reminder