Skip to main content

Cado Response

Download With Dependencies

Automate data collection. Process data at cloud speed. Analyze with purpose.

Cado Security Integration for Cortex XSOAR

Cado Security provides the cloud investigation platform that empowers security teams to respond to threats at cloud speed. By automating data capture and processing across cloud and container environments, Cado Response effortlessly delivers forensic-level detail and unprecedented context to take the complexity out of cloud investigations.

By leveraging the Cado Response and Cortex XSOAR integration, security teams can automatically capture critical incident evidence as soon as a malicious activity is detected. Following incident detection, Cortex XSOAR will trigger the Cado Response platform to capture data across impacted cloud systems. Cado Response offers broad support, enabling investigations across multi-cloud and ephemeral container environments.

The Cado Response and Cortex XSOAR integration enables security teams to benefit from automation to drastically reduce time to incident investigation and response. Further, security teams gain unprecedented context for investigations with the ability to analyse hundreds of data sources across cloud provider logs, disk, memory, and more.

Note, this Content Pack requires a deployed instance of Cado Response.

What does this pack do?
  • Allows you to create projects from your war room, or automatically create them based on incident parameters and triggers,
  • Provides commands and actions to perform acquisition of files and compromised machines via AWS S3 and EC2,
  • Gives you the ability to monitor evidence processing progress inside Cado Response as it happens.

Cado Security Integration for Cortex XSIAM

Cado Security provides the cloud investigation platform that empowers security teams to respond to threats at cloud speed. By automating data capture and processing across cloud and container environments, Cado Response effortlessly delivers forensic-level detail and unprecedented context to take the complexity out of cloud investigations.

By leveraging the Cado Response and Cortex XSIAM integration, security teams can automatically capture critical incident evidence as soon as a malicious activity is detected. Following incident detection, Cortex XSIAM will trigger the Cado Response platform to capture data across impacted cloud systems. Cado Response offers broad support, enabling investigations across multi-cloud and ephemeral container environments.

The Cado Response and Cortex XSIAM integration enables security teams to benefit from automation to drastically reduce time to incident investigation and response. Further, security teams gain unprecedented context for investigations with the ability to analyse hundreds of data sources across cloud provider logs, disk, memory, and more.

Note, this Content Pack requires a deployed instance of Cado Response.

What does this pack do?
  • Allows you to create projects from your war room, or automatically create them based on incident parameters and triggers,
  • Provides commands and actions to perform acquisition of files and compromised machines via AWS S3 and EC2,
  • Gives you the ability to monitor evidence processing progress inside Cado Response as it happens.

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByPartner
CreatedJanuary 30, 2022
Last ReleaseDecember 4, 2024
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.