Palo Alto Networks Cortex XSOAR Questions

Henoch Barrera - PeerSpot reviewer
Henoch Barrera
User at Deloittte
Aug 22 2022
Hi community professionals, I work at a large consulting company. At the moment, I'm researching these two SOAR products: Swimlane and Palo Alto Networks Cortex XSOAR.  In your opinion, which of them provides the better value and why? I appreciate your help.
Read More »
Rony_Sklar - PeerSpot reviewer
Rony_Sklar
PeerSpot (formerly IT Central Station)

Users researching SOAR tools often compare these two solutions. In your experience, which is better?

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)

Hi Everyone,

What do you like most about Demisto Enterprise?

Thanks for sharing your thoughts with the community!

it_user434868 - PeerSpot reviewer
Senior Director of Delivery at a tech services company with 51-200 employees

Please share with the community what you think needs improvement with Demisto Enterprise.

What are its weaknesses? What would you like to see changed in a future version?

it_user434868 - PeerSpot reviewer
Senior Director of Delivery at a tech services company with 51-200 employees

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)

If you were talking to someone whose organization is considering Demisto Enterprise, what would you say?

How would you rate it and why? Any other tips or advice?

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
Oct 07 2022

Hi Everyone,

What do you like most about Palo Alto Networks Cortex XSOAR?

Thanks for sharing your thoughts with the community!

it_user434868 - PeerSpot reviewer
Senior Director of Delivery at a tech services company with 51-200 employees
Oct 07 2022

Hi,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
Oct 07 2022

Please share with the community what you think needs improvement with Palo Alto Networks Cortex XSOAR.

What are its weaknesses? What would you like to see changed in a future version?

it_user434868 - PeerSpot reviewer
Senior Director of Delivery at a tech services company with 51-200 employees
Oct 07 2022

How do you or your organization use this solution?

Please share with us so that your peers can learn from your experiences.

Thank you!

Miriam Tover - PeerSpot reviewer
Miriam Tover
Senior Delivery Ops Manager
PeerSpot (formerly IT Central Station)
Oct 07 2022

If you were talking to someone whose organization is considering Palo Alto Networks Cortex XSOAR, what would you say?

How would you rate it and why? Any other tips or advice?

it_user434868 - PeerSpot reviewer
Senior Director of Delivery at a tech services company with 51-200 employees

Hi community,

We all know it's really hard to get good pricing and cost information.

Please share what you can so you can help your peers.

reviewer1333062 - PeerSpot reviewer
reviewer1333062There is a perception that it is priced very high compared to other solutions.
Trish Joseph - PeerSpot reviewer
Trish JosephI think Swimlane is a better cost. It's small and doesn't focus on only… more »
2 Answers
it_user870255 - PeerSpot reviewer
User at a comms service provider with 10,001+ employees

Which do you recommend, Phantom or Demisto Enterprise? Can you give examples of how those tools can eliminate manual work?

Claudia  Lorat - PeerSpot reviewer
Claudia LoratI would not recommend Phantom or Demisto, but rather JASK! JASK is modernizing… more »
2 Answers
Security Orchestration Automation and Response (SOAR) Questions
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Jul 25 2022
Hi community members, Have you created or used an RFP template for SOAR solutions? Please share it with the community to help others. Thanks for your help.
Read More »
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Aug 05 2022

Hi community,

What tools and solutions do you use to maximize the power of the automated incident response in a large organization? 

Is it SOAR only? Others?

Thanks!

Shibu Babuchandran - PeerSpot reviewer
Shibu Babuchandran
Regional Manager/ Service Delivery Manager at ASPL INFO Services

Hi community,

What are your top 5 (or less) cyber security trends in 2022?

Thanks in advance!

Pablo Cousino - PeerSpot reviewer
Pablo Cousino1) Security in endpoints (especially because of remote work), especially to… more »
Bret Mantey - PeerSpot reviewer
Bret Mantey Look to the most recent Presidential order regarding security: Executive… more »
Jairo Willian Pereira - PeerSpot reviewer
Jairo Willian Pereira1. [True!] Cloud Security hardening/assessment.  2. AI (for massive data… more »
10 Answers
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)

Hi infosec professionals,

Which deployment model should an enterprise organization choose and in which case?

Thank you!

reviewer1331706 - PeerSpot reviewer
reviewer1331706There are many variations for a Security Operations Centre. depending on the… more »
Jairo Willian Pereira - PeerSpot reviewer
Jairo Willian PereiraI´m not sure about the answer, but I'll try... Insourcing or outsourcing,… more »
Shibu Babuchandran - PeerSpot reviewer
Shibu BabuchandranWe can have multiple SOC models depending on the requirement and budget… more »
3 Answers
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)

Hi community members,

Can you please share with other peers how Security Orchestration, Automation, and Response (SOAR)  is different from XDR?

Thanks for the help!

Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)

Hi peers,

Why SOC is important for an organization? What are the main challenges of the modern SOC?

Thanks.

Hasan Zuberi ( HZ ) - PeerSpot reviewer
Hasan Zuberi ( HZ )SOC refers to a dedicated platform and team organization to prevent, detect… more »
Denis L - PeerSpot reviewer
Denis LSOC is the heart of your infrastructure security, a centralized system… more »
3 Answers
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Hi community, We all know that it's important to conduct a trial / POC as part of the buying process.  Do you have any advice for your peers about the best way to conduct a SOAR trial or POC? How do you conduct a trial effectively?  What should be taken into consideration and are there any mis...
Read More »
Ertugrul Akbas - PeerSpot reviewer
Ertugrul Akbas
Manager at ANET
Hot data is necessary for live security monitoring.  Archive data (cold data) is not available fastly. It takes days to make archive data live if the archive data time frame is more than 30 days (in most of the SIEM solutions).  As an example, SolarWinds said the attackers first compromised its...
Read More »
reviewer1469436 - PeerSpot reviewer
reviewer1469436We changed our model to be able to cover such critical long-term cases.  We… more »
1 Answer
Chiheb Chebbi - PeerSpot reviewer
Chiheb Chebbi
Defender with 501-1,000 employees

Hi community, 

When one writes detection rules for SIEM solutions, what are the criteria of a good detection rule? 

Can you share any examples?

Thanks.

Shibu Babuchandran - PeerSpot reviewer
Shibu Babuchandran@Chiheb Chebbi, I hope the below test cases are helpful. Test 1 - Recon:… more »
3 Answers
Evgeny Belenky - PeerSpot reviewer
Evgeny Belenky
PeerSpot (formerly IT Central Station)
Aug 23 2022
Hi community members, We would like to hear your insights on the latest trends in SOC. What are you seeing in the field or forecasting?  Please share your opinions on how these trends are going to influence the future of the relevant tools and solutions used in SOC. Thanks!
Read More »
John Rendy - PeerSpot reviewer
John RendyEvgeny,  My personal experience tells me that SOC will be driven by… more »
Johannes Kresse - PeerSpot reviewer
Johannes Kresse- Decentralization: SOC Analysts do not sit in one room, not even work for one… more »
4 Answers
William Milton - PeerSpot reviewer
William Milton
User at VAE-MARMARA8

Hi peers,

I'm looking for a technical comparison between Splunk Phantom SOAR and FireEye SOAR solutions.

Can anyone help with the insights?

Rony_Sklar - PeerSpot reviewer
Rony_Sklar
PeerSpot (formerly IT Central Station)

Hi dear community,

Can you explain what an incident response playbook is and the role it plays in SOAR? How do you build an incident response playbook? 

Do SOAR solutions come with a pre-defined playbook as a starting point?

Maged Magdy - PeerSpot reviewer
Maged MagdyHi, what an incident response playbook?  Incident Response Playbook is the… more »
Robert Cheruiyot - PeerSpot reviewer
Robert CheruiyotHi Rony,  Playbook automates the gathering of threat intelligence from a… more »
David Swift - PeerSpot reviewer
David SwiftIncident Response playbooks detail how to act when a threat or incident occurs… more »
4 Answers
Rony_Sklar - PeerSpot reviewer
Rony_Sklar
PeerSpot (formerly IT Central Station)

When evaluating SOAR tools, what features are most important to look out for? 

Rony_Sklar - PeerSpot reviewer
Rony_Sklar
PeerSpot (formerly IT Central Station)
SIEM and SOAR have a lot of components in common. How do they differ in the role they play in Cyber Security? If you've been working in cybersecurity, you've likely come across SOAR and SIEM technologies. There are differences between their capabilities, although they have a fair amount of commo...
Read More »
Ashraf Abbas - PeerSpot reviewer
Ashraf AbbasSIEM involves in collection, correlation and aggregation of security logs and… more »
Hasan Zuberi ( HZ ) - PeerSpot reviewer
Hasan Zuberi ( HZ )It's not easy to understand the key differences when looking at SOAR vs. SIEM… more »
Denis L - PeerSpot reviewer
Denis LTLDR: SIEM: Security information management: Long-term storage as well as… more »
8 Answers
Ariel Lindenfeld - PeerSpot reviewer
Ariel Lindenfeld
Sr. Director of Community
PeerSpot