SafeBreach Joins Palo Alto Networks Cortex XSOAR Marketplace As a Launch Partner

Cortex XSOAR Marketplace enables organizations to discover, share and consume security orchestration innovations from a global ecosystem to scale up automation

Sunnyvale, California - August 4th, 2020 -- SafeBreach, the world's most widely used breach-and-attack-simulation platform, today announced that SafeBreach with the SafeBreach Insights(™) content pack is now available on the Palo Alto Networks Cortex XSOAR Marketplace, the industry’s most comprehensive security orchestration marketplace. SafeBreach joins a select group of Cortex XSOAR Marketplace launch partners who have developed content packs that help solve the toughest security challenges for customers with end-to-end automation. The Breach and Attack Simulation (BAS) integration from SafeBreach on Cortex XSOAR Marketplace provides customers with automated validation and remediation of their security controls to ensure they detect and prevent known indicators of compromise (IOCs).

SafeBreach offers an extensive Hacker’s Playbook with over 15,000 breach and attack methods that enables security teams to test their controls against known attacks with the latest indicators of compromise (IOCs). Validated IOCs are streamed automatically from SafeBreach into Cortex XSOAR playbooks to fully automate updates of endpoint and network security controls. The integration enables closed-loop automated security control remediation of IOCs by:

Discovering security gaps through continuous breach & attack simulation Automatically remediating and validating missed IOCs Maximizing the effectiveness of existing security controls SafeBreach Insights(™) further extends the BAS offering and integration to include remediation and validation of behavioral-based indicators of compromise (BIOCs). Coverage of BIOCs allows security teams to expand control validation beyond detection of specific attack and compromise signatures to evidence of compromise contained in the behavior of processes, registry, files, and network activity.

“A robust, open ecosystem is at the heart of Cortex XSOAR. We are proud to welcome SafeBreach to the industry’s largest SOAR ecosystem," said Rishi Bhargava, vice president of product strategy, Cortex XSOAR at Palo Alto Networks. "Having SafeBreach available on the Cortex XSOAR Marketplace will enable our shared customers to rapidly scale automation and further improve their security posture.”

“Today’s security teams have plenty of excellent controls and tools. Integrating SafeBreach and Cortex XSOAR makes it far simpler for those teams to optimize their use of controls, validate that their control settings are effective against the most current threats, and automate critical portions of the remediation process,” said Itzik Kotler, CTO at SafeBreach. "Our inclusion in the Cortex XSOAR Marketplace makes it even easier for CISOs to give their teams cutting-edge risk detection, remediation and response capabilities that will ultimately help them use their existing controls to prevent more breaches and remain on top of the ever-changing cybersecurity risk environment."

Cortex XSOAR is the industry’s first extended security orchestration, automation and response platform that empowers security teams by simplifying and harmonizing security operations across their entire enterprise. As a native extension of Cortex XSOAR, the Cortex XSOAR Marketplace enables customers to discover, share, and consume orchestration innovations contributed by the industry's largest SOAR community.

For more information, please read the Palo Alto Networks and SafeBreach joint solution brief for Cortex XSOAR. For more information on the integration please watch the product video.

About SafeBreach

SafeBreach is the world's most widely used breach-and-attack-simulation platform. The company's patented platform provides a "hacker's view" of an enterprise's security posture to proactively predict attacks, validate security controls, and improve security operations center (SOC) analyst response capabilities. SafeBreach automatically and safely executes thousands of breach methods validating network, endpoint, cloud, and email security controls by leveraging its extensive and growing Hacker's Playbook™ of research and real-world investigative data. Headquartered in Sunnyvale, California, the company is funded by Sequoia Capital, Deutsche Telekom Capital Partners, OCV Partners, DNX Ventures, Hewlett Packard Pathfinder, PayPal and investor Shlomo Kramer. For more information, visit or follow us on Twitter @SafeBreach.


  • 111 W Evelyn Ave
  • Sunnyvale, CA94086
  • USA
  • 408-743-5279

R&D Center

  • Yosef Karo St 18
  • Tel Aviv-Yafo,
  • Israel
  • +972-77-434-4506
© SafeBreach Inc. 2022