Picus & Cortex XSOAR Integration: Automating Security Control Validation
When it comes to cybersecurity, prevention is always going to be more effective than reaction. Rather than responding to threats as they happen, a SOC will work to monitor a network around the clock. By doing so, they can detect malicious activities and prevent them before they can cause any severe damage. This step includes all actions taken to make successful attacks more difficult, including regularly maintaining and updating existing systems; updating firewall policies; patching vulnerabilities; and whitelisting, blacklisting, and securing applications.
With the development of technology in the security world, there have been new additions to the toolbox of security teams. Among these tools, SOAR and BAS product relations are now considered indispensable. Integration between Picus and Cortex XSOAR provides automation into Preventive Security Monitoring and Management workflows. Collaboration with PICUS and XSOAR enhance visibility and traceability in many areas.
Run Threats with SLA in Mind
The integration between PICUS and XSOAR allows:
Create Playbooks to use specific threats in the Picus Threat Library which has thousands of threats to test your analyst capabilities.
Check if it has been fixed after remediation.
After a new threat is added to PICUS, use playbooks for a quick assessment, remediation steps, and observation.
Pull mitigation suggestions directly from the unique PICUS mitigation library and use them in your playbooks for seamless automation to a security product.
See which threats blocked or which are don't work properly in your environment and remediate them automatically.
And see how robust your processes are by measuring the SLA of all these steps.
What does this pack do?
Using the Picus Security integration, you can run commands on Picus platform:
- Get agent list and detail.
- Create and run simulation on Picus NG.
- Get specific simulation,threat and action results.
- Get mitigation list.
And with PICUS NG - Simulation Validation Automation playbook, you can automate security validation.
Combine other Integrations with Picus Playbook
With the PICUS NG - Simulation Validation Automation playbook as a guide, your development process is shortened, and see how these integrations can be used in your environment easily. Integration with applications like SIEM and ticketing tools can be done easily.
Mitigate like never before
The Picus Platform simulates thousands of web application attacks, vulnerability exploitation attacks, malicious code attacks, and endpoint attacks mapped to MITRE ATT&CK to reveal security control gaps. The Picus Mitigation Library offers ad-hoc policy insights updated on a regular basis by Picus Labs Blue Team relevant to a vast array of security technologies based on technology alliances Picus formed across network security, EDR, and SIEM domains to mitigate the revealed gaps. The joint integration with Palo Alto Cortex XSOAR automation allows security teams to hook up with the network security mitigation suggestions directly from Picus Platform to security products seamlessly.
