Skip to main content

PicusNGAutomation

Download With Dependencies

Run commands on Picus NG and automate security validation with playbooks.

Picus & Cortex XSOAR Integration: Automating Security Control Validation

When it comes to cybersecurity, prevention is always going to be more effective than reaction. Rather than responding to threats as they happen, a SOC will work to monitor a network around the clock. By doing so, they can detect malicious activities and prevent them before they can cause any severe damage. This step includes all actions taken to make successful attacks more difficult, including regularly maintaining and updating existing systems; updating firewall policies; patching vulnerabilities; and whitelisting, blacklisting, and securing applications.

With the development of technology in the security world, there have been new additions to the toolbox of security teams. Among these tools, SOAR and BAS product relations are now considered indispensable. Integration between Picus and Cortex XSOAR provides automation into Preventive Security Monitoring and Management workflows. Collaboration with PICUS and XSOAR enhance visibility and traceability in many areas.

Run Threats with SLA in Mind

The integration between PICUS and XSOAR allows:

  • Create Playbooks to use specific threats in the Picus Threat Library which has thousands of threats to test your analyst capabilities.

  • Check if it has been fixed after remediation.

  • After a new threat is added to PICUS, use playbooks for a quick assessment, remediation steps, and observation.

  • Pull mitigation suggestions directly from the unique PICUS mitigation library and use them in your playbooks for seamless automation to a security product.

  • See which threats blocked or which are don't work properly in your environment and remediate them automatically.

And see how robust your processes are by measuring the SLA of all these steps.

What does this pack do?

Using the Picus Security integration, you can run commands on Picus platform:

  • Get agent list and detail.
  • Create and run simulation on Picus NG.
  • Get specific simulation,threat and action results.
  • Get mitigation list.

And with PICUS NG - Simulation Validation Automation playbook, you can automate security validation.

Combine other Integrations with Picus Playbook

With the PICUS NG - Simulation Validation Automation playbook as a guide, your development process is shortened, and see how these integrations can be used in your environment easily. Integration with applications like SIEM and ticketing tools can be done easily.

Mitigate like never before

The Picus Platform simulates thousands of web application attacks, vulnerability exploitation attacks, malicious code attacks, and endpoint attacks mapped to MITRE ATT&CK to reveal security control gaps. The Picus Mitigation Library offers ad-hoc policy insights updated on a regular basis by Picus Labs Blue Team relevant to a vast array of security technologies based on technology alliances Picus formed across network security, EDR, and SIEM domains to mitigate the revealed gaps. The joint integration with Palo Alto Cortex XSOAR automation allows security teams to hook up with the network security mitigation suggestions directly from Picus Platform to security products seamlessly.

Picus & Cortex XSIAM Integration: Automating Security Control Validation

When it comes to cybersecurity, prevention is always going to be more effective than reaction. Rather than responding to threats as they happen, a SOC will work to monitor a network around the clock. By doing so, they can detect malicious activities and prevent them before they can cause any severe damage. This step includes all actions taken to make successful attacks more difficult, including regularly maintaining and updating existing systems; updating firewall policies; patching vulnerabilities; and whitelisting, blacklisting, and securing applications.

With the development of technology in the security world, there have been new additions to the toolbox of security teams. Among these tools, SOAR and BAS product relations are now considered indispensable. Integration between Picus and Cortex XSIAM provides automation into Preventive Security Monitoring and Management workflows. Collaboration with PICUS and XSOAR enhance visibility and traceability in many areas.

Run Threats with SLA in Mind

The integration between PICUS and XSOAR allows:

  • Create Playbooks to use specific threats in the Picus Threat Library which has thousands of threats to test your analyst capabilities.

  • Check if it has been fixed after remediation.

  • After a new threat is added to PICUS, use playbooks for a quick assessment, remediation steps, and observation.

  • Pull mitigation suggestions directly from the unique PICUS mitigation library and use them in your playbooks for seamless automation to a security product.

  • See which threats blocked or which are don't work properly in your environment and remediate them automatically.

And see how robust your processes are by measuring the SLA of all these steps.

What does this pack do?

Using the Picus Security integration, you can run commands on Picus platform:

  • Get agent list and detail.
  • Create and run simulation on Picus NG.
  • Get specific simulation,threat and action results.
  • Get mitigation list.

And with PICUS NG - Simulation Validation Automation playbook, you can automate security validation.

Combine other Integrations with Picus Playbook

With the PICUS NG - Simulation Validation Automation playbook as a guide, your development process is shortened, and see how these integrations can be used in your environment easily. Integration with applications like SIEM and ticketing tools can be done easily.

Mitigate like never before

The Picus Platform simulates thousands of web application attacks, vulnerability exploitation attacks, malicious code attacks, and endpoint attacks mapped to MITRE ATT&CK to reveal security control gaps. The Picus Mitigation Library offers ad-hoc policy insights updated on a regular basis by Picus Labs Blue Team relevant to a vast array of security technologies based on technology alliances Picus formed across network security, EDR, and SIEM domains to mitigate the revealed gaps. The joint integration with Palo Alto Cortex XSIAM automation allows security teams to hook up with the network security mitigation suggestions directly from Picus Platform to security products seamlessly.

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByPartner
CreatedFebruary 14, 2023
Last ReleaseDecember 4, 2024
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.