- Palo Alto Networks Xpanse Active Attack Surface Management automatically remediates cyber risks before they lead to cyberattacks.
- The Xpanse Active Response module includes built-in end-to-end remediation playbooks that automatically eliminate critical risks.
- Active Response automatically validates that remediation was successful by scanning assets, compiling audited actions, and placing investigation details.
Cybersecurity company, Palo Alto Networks introduced a new Cortex capability: Xpanse Active Attack Surface Management, or Xpanse Active ASM. It not only helps organizations to actively find known and unknown internet-connected risks but also proactively fix them. Xpanse Active ASM equips organizations with automation to give them an edge over attackers.
Automatically remediates cyber risks
New Cortex Xpanse features give organizations complete visibility and effortless control of their attack surfaces to discover, evaluate and address cyber risks. Available today, Xpanse Active ASM gives organizations the following tools and capabilities:
- Active Discovery: Attackers use frequent, automated probes to find vulnerable and/or exposed assets, and organizations need tools that allow them to have the same visibility. Active Discovery refreshes its internet-scale database several times a day and uses supervised machine learning to accurately map these vulnerabilities back to an organization. This helps them get an outside-in view of their network, the same view attackers have.
- Active Learning: Xpanse continuously processes discovery data, mapping new systems to the people responsible for each system. Active Learning continuously analyzes and maps the streamed discovery data to understand and prioritize top risks in real time. As a result, customers can stay ahead of attackers by closing down the riskiest exposures quickly.
- Active Response: While the instant discovery of vulnerabilities and/or exposures can give security teams a realistic risk picture, merely finding issues isn’t enough. Automated remediation is key to staying ahead of attackers, saving response time in the SOC by eliminating the manual step of merely creating a ticket for analysts who then must spend multiple hours of manual effort actually tracking down the owner of the affected system and resolving the vulnerability. True automation is completely solving the end-to-end remediation process without human intervention. A critical new capability for security teams, Active Response includes native embedded automatic remediation capabilities that make use of active discovery data and active learning analysis to automatically shut down exposures before they allow threats into a network. It executes ASM-specific playbooks to triage, deactivate and repair vulnerabilities automatically.
Matt Kraning, chief technology officer of Cortex for Palo Alto Networks said,
« While the fundamental need for attack surface management hasn’t changed, the threat landscape today is much different. Organizations need an active defense system that operates faster than attackers can. As the leader and pioneer in the ASM market, we realize that customers need complete, accurate, and timely discovery and remediation of risky exposures in their internet-connected systems. With Xpanse Active ASM, we give defenders the ability not only to see their exposures instantly but also to shut them down automatically with no human labor required. »