SafeBreach Integrates With Palo Alto Networks Cortex XSOAR and Panorama to Automate Security Remediation


SUNNYVALE, CALIFORNIA – May 21, 2020

SafeBreach, provider of the leading breach-and-attack simulation (BAS) platform to validate security controls, visualize security risk and prioritize remediations, today announced two integrations with Palo Alto Networks -- Cortex XSOAR (previously Demisto), the industry’s first extended security, orchestration, automation and response platform, and Panorama, a network security management platform. The integration with the SafeBreach BAS platform delivers a true closed-loop solution that provides continuous security controls validation, and risk-based insights to security teams to improve their organization’s security posture.

Automating Remediation to Prevent Attacks

With this new integration with Cortex XSOAR, SafeBreach streams Indicators of Compromise (IOC) data to the platform, triggering automatic remediation steps to quickly close any identified security gaps. This unique capability empowers security teams to quickly and continuously identify and remediate security weaknesses before malicious hackers exploit them. By continuously simulating attacks against networks, endpoints, and cloud infrastructure, SafeBreach enables Cortex XSOAR users to leverage the SafeBreach Hacker’s Playbook. When SafeBreach determines that an attack is not blocked by security controls, it intelligently correlates the detected security weaknesses by control categories including:

  • Data Leak
  • Web
  • Endpoint
  • Network Access
  • Network Inspection
  • Email

By helping security teams optimize their controls and configurations and automating remediation workflows, SafeBreach enables Cortex XSOAR users to maximize their security investment and reduce time spent on remediations by already busy security operations teams.

“Through this integration, security teams with Cortex XSOAR and SafeBreach can quickly and easily benefit from continuous breach-and-attack simulation to identify any defensive weaknesses and automate remediation. This will help them stay ahead of attackers, now and in the future,” said Rishi Bhargava, vice president of product strategy, Cortex XSOAR at Palo Alto Networks.

SecOps teams using SafeBreach can quickly visualize prioritized IOCs in an intuitive heat map to show which attacks have breached the simulated defenses and which controls are affected. SafeBreach’s continuous risk-based insights combined with Cortex XSOAR Threat Intel Management helps security teams orchestrate and automate their mitigation actions, from investigation to approval and validation of endpoint and network security control updates.

"Most mature enterprises today have plenty of excellent security controls and tools. The real question is, are they using them the right way?" says Itzik Kotler, CTO at SafeBreach. "This integration with Cortex XSOAR not only gives security teams the intelligence they need to quickly and easily validate their controls but also automates remediation workflows, which improves their overall security stance and, ultimately, reduces their risk of a breach."

For network security, the integration of SafeBreach and Panorama automatically correlates breach and attack simulation results to network security settings and highlights any policy or configuration gaps. SafeBreach also analyzes which attack methods were not stopped, and identifies network paths where data might be exfiltrated as a result of a successful breach. This allows network security teams to quickly and visually prioritize remediations and to evaluate overall security posture and readiness of their firewalls and other network security controls. The tight integration between attack simulation and network security policy and controls helps security teams maintain the highest levels of network security against the broadest array of attack types.

Faster Remediation, Improved Validation, Reduced Costs

These integrations move enterprise security teams towards a state of near-continuous validation and security stance optimization that results in far fewer breaches and significantly curtails security drift. Tightly integrating SafeBreach’s BAS and Cortex XSOAR improves the efficiency and efficacy of security analysts and SecOps teams by enabling them to process IOC data far more quickly and effectively. Enterprises that use the combination of these technologies to streamline and enhance their security practice realize faster remediation, improved security control validation, and reduced costs of ongoing security operations.

For more information:

About SafeBreach

SafeBreach is the world's most widely used breach-and-attack-simulation platform. The company's patented platform provides a near real-time "hacker's view" of an enterprise's security posture to proactively predict attacks, validate security controls, and improve security operations center (SOC) analyst response capabilities. SafeBreach automatically and safely executes thousands of breach methods validating network, endpoint, cloud, and email security controls by leveraging its extensive and growing Hacker's Playbook™ of research and real-world investigative data. Headquartered in Sunnyvale, California, the company is funded by Sequoia Capital, Deutsche Telekom Capital Partners, OCV Partners, DNX Ventures, Hewlett Packard Pathfinder, PayPal and investor Shlomo Kramer. For more information, visit www.safebreach.com or follow us on Twitter @SafeBreach.