Palo Alto Networks Xpanse Active Attack Surface Management Automatically Remediates Cyber Risks Before They Lead to Cyberattacks
New Cortex Xpanse features give organizations complete visibility and effortless control of their attack surfaces to discover, evaluate and address cyber risks
"While the fundamental need for attack surface management hasn't changed, the threat landscape today is much different. Organizations need an active defense system that operates faster than attackers can," said
Available today, Xpanse Active ASM gives organizations the following tools and capabilities:
- Active Discovery: Attackers use frequent, automated probes to find vulnerable and/or exposed assets, and organizations need tools that allow them to have the same visibility. Active Discovery refreshes its internet-scale database several times a day and uses supervised machine learning to accurately map these vulnerabilities back to an organization. This helps them get an outside-in view of their network — the same view attackers have.
- Active Learning:
Xpanse continuously processes discovery data, mapping new systems to the people responsible for each system. Active Learning continuously analyzes and maps the streamed discovery data to understand and prioritize top risks in real time. As a result, customers can stay ahead of attackers by closing down the riskiest exposures quickly. - Active Response: While instant discovery of vulnerabilities and/or exposures can give security teams a realistic risk picture, merely finding issues isn't enough. Automated remediation is key to staying ahead of attackers, saving response time in the SOC by eliminating the manual step of merely creating a ticket for analysts who then must spend multiple hours of manual effort actually tracking down the owner of the affected system and resolving the vulnerability. True automation is completely solving the end-to-end remediation process without human intervention. A critical new capability for security teams, Active Response includes native embedded automatic remediation capabilities that make use of active discovery data and active learning analysis to automatically shut down exposures before they allow threats into a network. It executes ASM-specific playbooks to triage, deactivate and repair vulnerabilities automatically.
The Xpanse Active Response module includes built-in end-to-end remediation playbooks. These playbooks automatically eliminate critical risks such as exposed Remote Desktop Protocol (RDP) servers and insecure OpenSSH instances without any manual labor.
Following remediation, Active Response automatically validates that remediation was successful by scanning assets, compiling audited actions and placing investigation details into clear dashboards and reports.
Cortex
Availability
Cortex Xpanse Active ASM is now available globally with full support.
Additional Resources
- Learn more about Xpanse Active ASM.
- Register for the Xpanse Active ASM online event.
- Follow
Palo Alto Networks on Twitter, LinkedIn, Facebook and Instagram.
About
At
View original content to download multimedia:https://www.prnewswire.com/news-releases/palo-alto-networks-xpanse-active-attack-surface-management-automatically-remediates-cyber-risks-before-they-lead-to-cyberattacks-301699989.html
SOURCE
mmanturi@paloaltonetworks.com