Palo Alto Networks has updated its Cortex XSIAM solution, a cybersecurity platform used within Security Operation Centers (SoCs) to detect and contain cyber threats, bringing it to version 2.0. The main innovation is the introduction of the Bring Your Own AI (BYOAI) and Bring Your Own ML functionalities.
CORTEX XSIAM 2.0: introducing the BYOAI feature
Managing cybersecurity is an increasingly complex task, impossible to perform manually. For this reason, companies rely on advanced solutions capable of automating most operations and prioritizing the multitude of alerts, discarding the less important ones and focusing on those that could actually pose a serious threat.
The most advanced platforms collect an impressive amount of threat intelligence information from numerous systems: Palo Alto, for example, states that XSIAM collects more information than any other security solution. We are talking about 5 petabytes of information per day… a database that has now reached the impressive size of 1 exabyte (1024 petabytes). To analyze this vast amount of data and search for correlations, the use of artificial intelligence is fundamental. Until now, XSIAM customers were limited to the machine learning models provided by Palo Alto. With version 2.0 of the platform, security teams will have the ability to create and integrate their own ML analysis models, enabling unique use cases such as fraud detection, security research, and sophisticated data visualization.
These are not the only novelties of the platform. XSIAM Command Center has been updated, now offering a complete view of data sources and security alerts, and MITRE ATT&CK Coverage Dashboard is available, a tool based on the MITRE ATT&CK framework to assess the security posture of their systems.
“Having effective security operations is a significant challenge for companies worldwide. The speed at which attackers move, combined with new regulatory requirements such as the SEC Mandate, which requires public companies to disclose relevant cybersecurity incidents within four days of discovery, makes it impossible to manage cyber threats with traditional manual approaches,” says Gonen Fink, senior vice president, Cortex products, at Palo Alto Networks. “By using artificial intelligence and automation, XSIAM 2.0 fills this gap, addressing operational complexity, blocking threats at scale, and accelerating incident resolution”.
