Cado Security Integration for Cortex XSOAR
Cado Security provides the cloud investigation platform that empowers security teams to respond to threats at cloud speed. By automating data capture and processing across cloud and container environments, Cado Response effortlessly delivers forensic-level detail and unprecedented context to take the complexity out of cloud investigations.
By leveraging the Cado Response and Cortex XSOAR integration, security teams can automatically capture critical incident evidence as soon as a malicious activity is detected. Following incident detection, Cortex XSOAR will trigger the Cado Response platform to capture data across impacted cloud systems. Cado Response offers broad support, enabling investigations across multi-cloud and ephemeral container environments.
The Cado Response and Cortex XSOAR integration enables security teams to benefit from automation to drastically reduce time to incident investigation and response. Further, security teams gain unprecedented context for investigations with the ability to analyse hundreds of data sources across cloud provider logs, disk, memory, and more.
Note, this Content Pack requires a deployed instance of Cado Response.
What does this pack do?
- Allows you to create projects from your war room, or automatically create them based on incident parameters and triggers,
- Provides commands and actions to perform acquisition of files and compromised machines via AWS S3 and EC2,
- Gives you the ability to monitor evidence processing progress inside Cado Response as it happens.
- Try Cado Response for free by visiting: (https://www.cadosecurity.com/free-investigation)[https://www.cadosecurity.com/free-investigation]
- For instructions on how to set up the Cado Response and Cortex XSOAR integration, see Cado’s technical documentation here: (https://docs.cadosecurity.com/docs/cado-response/integrations/cortex-xsoar)[https://docs.cadosecurity.com/docs/cado-response/integrations/cortex-xsoar]
