May 21, 2020

SafeBreach Integrates With Palo Alto Networks Cortex XSOAR and Panorama to Automate Security Remediation

SUNNYVALE, CALIFORNIA – May 21, 2020. — SafeBreach, provider of the leading breach-and-attack simulation (BAS) platform to validate security controls, visualize security risk and prioritize remediations, today announced two integrations with Palo Alto Networks — Cortex XSOAR (previously Demisto), the industry’s first extended security, orchestration, automation and response platform, and Panorama, a network security management platform. The integration with the SafeBreach BAS platform delivers a true closed-loop solution that provides continuous security controls validation, and risk-based insights to security teams to improve their organization’s security posture.

Automating Remediation to Prevent Attacks

With this new integration with Cortex XSOAR, SafeBreach streams Indicators of Compromise (IOC) data to the platform, triggering automatic remediation steps to quickly close any identified security gaps. This unique capability empowers security teams to quickly and continuously identify and remediate security weaknesses before malicious hackers exploit them. By continuously simulating attacks against networks, endpoints, and cloud infrastructure, SafeBreach enables Cortex XSOAR users to leverage the SafeBreach Hacker’s Playbook. When SafeBreach determines that an attack is not blocked by security controls, it intelligently correlates the detected security weaknesses by control categories including:

  • Data Leak
    Web
  • Endpoint
  • Network Access
  • Network Inspection
  • Email

By helping security teams optimize their controls and configurations and automating remediation workflows, SafeBreach enables Cortex XSOAR users to maximize their security investment and reduce time spent on remediations by already busy security operations teams.

Through this integration, security teams with Cortex XSOAR and SafeBreach can quickly and easily benefit from continuous breach-and-attack simulation to identify any defensive weaknesses and automate remediation. This will help them stay ahead of attackers, now and in the future” said Rishi Bhargava, vice president of product strategy, Cortex XSOAR at Palo Alto Networks.

SecOps teams using SafeBreach can quickly visualize prioritized IOCs in an intuitive heat map to show which attacks have breached the simulated defenses and which controls are affected. SafeBreach’s continuous risk-based insights combined with Cortex XSOAR Threat Intel Management helps security teams orchestrate and automate their mitigation actions, from investigation to approval and validation of endpoint and network security control updates.

“Most mature enterprises today have plenty of excellent security controls and tools. The real question is, are they using them the right way?” says Itzik Kotler, CTO at SafeBreach. “This integration with Cortex XSOAR not only gives security teams the intelligence they need to quickly and easily validate their controls but also automates remediation workflows, which improves their overall security stance and, ultimately, reduces their risk of a breach.”

For network security, the integration of SafeBreach and Panorama automatically correlates breach and attack simulation results to network security settings and highlights any policy or configuration gaps. SafeBreach also analyzes which attack methods were not stopped, and identifies network paths where data might be exfiltrated as a result of a successful breach. This allows network security teams to quickly and visually prioritize remediations and to evaluate overall security posture and readiness of their firewalls and other network security controls. The tight integration between attack simulation and network security policy and controls helps security teams maintain the highest levels of network security against the broadest array of attack types.

Faster Remediation, Improved Validation, Reduced Costs

These integrations move enterprise security teams towards a state of near-continuous validation and security stance optimization that results in far fewer breaches and significantly curtails security drift. Tightly integrating SafeBreach’s BAS and Cortex XSOAR improves the efficiency and efficacy of security analysts and SecOps teams by enabling them to process IOC data far more quickly and effectively. Enterprises that use the combination of these technologies to streamline and enhance their security practice realize faster remediation, improved security control validation, and reduced costs of ongoing security operations.

For more information:

Attend the SafeBreach and Palo Alto Networks webinar May 26 at 1pm PT for an overview and demo of the integration and how it works.
Watch the Read the Palo Alto Networks and SafeBreach joint solution brief for Cortex XSOAR for more information on the integration and watch a product video.
Read the Palo Alto Networks and SafeBreach joint solution brief for Panorama for more information on the integration and watch a product video.

About SafeBreach

A pioneer in the Breach and Attack Simulation (BAS) market, SafeBreach is the world’s most widely used continuous security validation platform. The patented platform automatically and safely executes thousands of attack methods to validate network, endpoint, cloud, container, and email security controls against its Hacker’s Playbook™, the world’s largest collection of attack data broken down by methods, tactics and threat actors. Founded in 2014 by experienced CISOs, hackers, and security entrepreneurs, SafeBreach makes it possible for security teams to invest wisely, protect more and mitigate risk.

Media Contact:

Merritt Group for SafeBreach – [email protected]

Subscribe to
our Newsletter