Auto-translation used

Cortex XSOAR: How to improve SOC efficiency

The low efficiency of the Security Operations Center (SOC) can occur due to the complexity of integration with a variety of solutions, false positives, as well as vaguely defined processes and procedures. As a result, MTTR and MTTD indicators suffer, followed by the security of the organization. A solution of the SOAR class (Security Orchestration, Automation, and Response) will help to eliminate problems and increase efficiency. 

A BAKOTECH engineer has prepared an article that examines the deployment architecture using the example of Cortex XSOAR from Palo Alto Networks. It is a SOAR system that provides the ability to automate incident response, distinguish false positives, apply configurations to various security solutions, and document incidents.  

Read the material at the link to get more information, as well as a specific example of using XSOAR in a test environment:

Comments 1

Login to leave a comment