Cortex XSOAR
Product Overview
With Cortex XSOAR, you have a single platform to orchestrate and automate actions across your cloud product stack for better time to detect (TTD) and faster, scalable response. We integrate with a host of AWS services and 100s of security/IT products so you can correlate and standardize incident response across your entire environment.
Our task-based playbooks can help you automate tasks within your incident workflow or handle end-to-end incident lifecycles.
With keyless automation, users can leverage IAM roles from within Cortex XSOAR, attach privileges and users to those roles and execute automated actions through playbooks tied to those roles without the need for credential storage and transfer.
Cortex XSOAR orchestration platform executes workflows that coordinate across cloud and on-premise security environments. You can automate tasks, run custom searches and queries, track granular SLAs and metrics, and extract wider context - without the need for screen switching and manual repetition.
Your analysts can gain new actionable information about the attack by running AWS commands in the Cortex XSOAR War Room. Analysts can get the GuardDuty detector tied to the alert or the list of resources affected by the alert, in real-time.
The War Room is also powered by ChatOps that helps your analysts converse with each other for joint investigations, and all commands, notes, and evidence are auto-documented.
Version
By
DemistoVideo
Categories
Operating System
Linux/Unix, Amazon Linux 2
Delivery Methods