SANTA CLARA, Calif. — Palo Alto Networks is introducing autonomous extended security intelligence software that’s artificial intelligence (AI)-based.
Palo Alto Networks released Cortex Extended Security Intelligence & Automation Management (XSIAM) to deliver real-time security that can “match” AI-powered cyber attacks, according to the company last month.
Cortex XSIAM is intended to help cybersecurity teams use massive scales of data for defense and “disrupt” the security information and event management (SIEM) market.
The software is available to a limited set of customers and is expected to generally be available “later this year.”
Cortex XSIAM is designed to “transform security operations,” by enabling companies to respond in “minutes rather than days” and proactively outpace threats.
With XSIAM, companies can turn widespread infrastructure telemetry into an intelligent data foundation for AI and accelerate threat response.
Palo Alto Networks believes security operations teams continue to “bolt on” new SIEM tools that promise to solve point problems, resulting in “a fragmented and ineffective security architecture.”
XSIAM collects granular data, beyond logs and alerts, to drive machine learning (ML) for natively autonomous response actions, such as cross-correlation of alerts and data, detection of sophisticated threats, and automated remediation based on native threat intelligence and attack surface data.
“Organizations are still taking hours, or even days or months, to remediate threats — those are hours and days we no longer have, given the speed and sophistication of attacks that are now commonplace,” said Nikesh Arora, chairman and CEO of Palo Alto Networks.
“The SIEM space has been frozen and still relies heavily on human-driven workflows. This is not an area where we need an evolutionary approach. This is an area where we need a revolutionary approach. We have to radically reimagine how we run cybersecurity using AI, so that an enterprise is able to respond to all attacks in real-time.”