The typical use cases for Cortex XSIAM are diverse. I would describe the impact of Cortex XSIAM's automation on my security operations center as efficient. I use Cortex XSIAM's behavior analytics, and it helps identify unusual activities. I leverage Cortex XSIAM's incident management features for automation.
Cortex XSIAM functions as a SIEM and SOAR solution, where you can integrate all your firewalls and other security tools, whether cloud-based or on-premises hardware. You can send all your security incidents, and it will provide correlation. Additionally, you can implement automation for blocking in response to security incidents. Regarding behavior analytics, we haven't explored this feature yet, so I cannot comment on it, but it is one of the capabilities Cortex XSIAM offers.
In our organization, we are using Cortex XSIAM for full-fledged SOC monitoring services. We onboard all the devices and network devices, and all the possible syslogging devices, everything is on one tool.
I primarily use Cortex XSIAM ( /products/cortex-xsiam-reviews ) for protection against ransomware as a system integrator working on behalf of my customer.
TAC Engineer at a tech services company with 10,001+ employees
MSP
Top 20
2024-09-30T06:56:00Z
Sep 30, 2024
We use Cortex XSIAM as a NextGen antivirus to detect malware in endpoints and devices. We have integration with data sources and other third-party data sources, enabling us to ingest logs from a third-party website to the Cortex XSIAM console. This allows the management of detailed data. It aims to keep track of work ingested through Cortex.
Chief Information Security Officer at a tech vendor with 1-10 employees
Real User
Top 5
2024-07-03T17:20:00Z
Jul 3, 2024
The primary use case for Cortex XSOAR is that it requires less management and integration effort. It automates many tasks and integrates seamlessly with other Palo Alto Networks products.
Subject Matter Expert at Softcell Technologies Limited
Reseller
Top 10
2023-12-27T07:21:54Z
Dec 27, 2023
It is just a replacement in front of CrowdStrike or Trend Micro. I'll pitch Cortex because it can do the same thing. So if there's competition with CrowdStrike or with Trend Micro, and the customer can't afford CrowdStrike pricing, then I'll suggest Cortex.
Senior Manager - Security Operations at First Advantage Corporation
Real User
Top 10
2023-09-28T14:59:50Z
Sep 28, 2023
At our organization, we have implemented Cortex XSIAM as our primary Security Information and Event Management (SIEM) solution. We've also harnessed its capabilities for our store operations. Our approach has been to strategically design it as the foundation for our in-house Security Operations Center (SOC), with a strong emphasis on incorporating store automation seamlessly into our security infrastructure.
Cortex XSIAM acts as a critical element for SOC foundations, integrating SIEM and EDR capabilities, valued for threat detection and seamless security orchestration with Palo Alto Networks products.
Organizations find Cortex XSIAM beneficial for SOC foundations due to its capability to integrate SIEM and EDR tools, facilitating data collection, detection, and response. It connects with third-party data sources while reducing management effort and offering cost-effective alternatives to...
The typical use cases for Cortex XSIAM are diverse. I would describe the impact of Cortex XSIAM's automation on my security operations center as efficient. I use Cortex XSIAM's behavior analytics, and it helps identify unusual activities. I leverage Cortex XSIAM's incident management features for automation.
Cortex XSIAM functions as a SIEM and SOAR solution, where you can integrate all your firewalls and other security tools, whether cloud-based or on-premises hardware. You can send all your security incidents, and it will provide correlation. Additionally, you can implement automation for blocking in response to security incidents. Regarding behavior analytics, we haven't explored this feature yet, so I cannot comment on it, but it is one of the capabilities Cortex XSIAM offers.
In our organization, we are using Cortex XSIAM for full-fledged SOC monitoring services. We onboard all the devices and network devices, and all the possible syslogging devices, everything is on one tool.
I primarily use Cortex XSIAM ( /products/cortex-xsiam-reviews ) for protection against ransomware as a system integrator working on behalf of my customer.
I am trying to check the solution for a new organization I have moved to. Previously, I used the older version of the solution.
We are a partner, and we train people. However, we have not installed the product for a customer yet.
We use Cortex XSIAM as a NextGen antivirus to detect malware in endpoints and devices. We have integration with data sources and other third-party data sources, enabling us to ingest logs from a third-party website to the Cortex XSIAM console. This allows the management of detailed data. It aims to keep track of work ingested through Cortex.
We use the product to integrate several third-party logs into the dashboard and perform micro-automation in response to incidents.
The primary use case for Cortex XSOAR is that it requires less management and integration effort. It automates many tasks and integrates seamlessly with other Palo Alto Networks products.
It is just a replacement in front of CrowdStrike or Trend Micro. I'll pitch Cortex because it can do the same thing. So if there's competition with CrowdStrike or with Trend Micro, and the customer can't afford CrowdStrike pricing, then I'll suggest Cortex.
At our organization, we have implemented Cortex XSIAM as our primary Security Information and Event Management (SIEM) solution. We've also harnessed its capabilities for our store operations. Our approach has been to strategically design it as the foundation for our in-house Security Operations Center (SOC), with a strong emphasis on incorporating store automation seamlessly into our security infrastructure.