Palo Alto Networks , the global cybersecurity leader, today unveiled Cortex XSIAM 3.0, the next evolution of its industry-leading SecOps platform, bolstered with proactive exposure management and advanced email security, enabling customers to further consolidate on Cortex for significantly better, faster and more cost-effective security operations.
Three years ago, Palo Alto Networks anticipated the future of security operations by introducing Cortex XSIAM, which consolidates and normalizes all cybersecurity data to fuel advanced, real-time analytics and automation, making disjointed point products obsolete. The best-selling platform surged past $1 billion cumulative bookings in FY25 Q2, making it our fastest offering to reach this milestone. Earlier this year, Palo Alto Networks doubled down on cloud security with the introduction of Cortex Cloud, converging its industry-leading CNAPP and CDR capabilities on the unified Cortex platform.
Cortex XSIAM 3.0 continues its relentless disruption of the security operations market by upending decades-old approaches to vulnerability management and email security. It further expands the scope of the SOC from reactive to proactive security to prevent breaches before they happen, in addition to its current powerful incident response capabilities. These new XSIAM innovations will help customers modernize legacy offerings across a total TAM of $37 billion.
Gonen Fink, SVP of Products, Cortex at Palo Alto Networks:
“Cortex XSIAM harnesses the power of the world’s largest and most comprehensive set of security data to transform our customers’ ability to rapidly counter evolving attacks with advanced AI and automation. This expansion of our groundbreaking SecOps platform merges best-in-class reactive with proactive security measures, allowing customers to achieve unprecedented risk reduction across their entire enterprise, from code to cloud to SOC.”
Cortex XSIAM 3.0 will enable customers to stop attacks at scale using AI-driven threat defense with Cortex Exposure Management and Advanced Email Security.
Cortex Exposure Management: Cut vulnerability noise by up to 99% with AI-driven prioritization and automated remediation spanning the entire enterprise:
- See every exposure: Uncover risks with a unified solution spanning native network, endpoint and cloud scanners — extended with integration from any third-party source.
- Cut alert noise based on actual risk, not compliance: Use AI to prioritize high-risk, exploitable vulnerabilities with no compensating controls, eliminating false alarms.
- Close the loop with industry-leading automation to prevent future attacks: Seamlessly create new protections for critical risks in native network, endpoint and cloud security solutions. Automate remediation across first- and third-party tools with playbook automation.
Cortex Advanced Email Security: Stop sophisticated email-based attacks missed by other solutions, with advanced AI and automation:
- Outsmart GenAI-powered threats: Detect advanced phishing and email-based threats based on attacker intent with LLM-powered analytics that continuously learn from emerging threats.
- Stop attacks in real time with built-in automation: Automatically remove malicious emails, disable compromised accounts, and isolate affected endpoints with best-in-class workflow automation.
- Extend industry-leading detection and response with complete email context: Correlate email, identity, endpoint and cloud data for unparalleled visibility into the full attack path for effective incident response.
Chris DeBrunner, VP of Security Operations, CBTS:
“The transition to Cortex XSIAM has transformed our SOC operations at CBTS. Previously, we struggled with alert fatigue due to multi-console complexity, multiple data sources, disparate vendors, and labor-intensive tasks. With the consolidation of major security capabilities into one platform, we have achieved remarkable efficiencies. Our incident close-out rate has reached 100%, and we have significantly reduced our median time to resolution (MTTR) from days to, in some cases, seconds. The automation provided by XSIAM has been crucial in managing the alert overwhelm we faced, making our team more effective and less error-prone.”
Chase Hymel, CISO, State of Louisiana:
“Discovering the capabilities of Cortex XSIAM was a game-changer for the State of Louisiana. It’s helped us to modernize our security infrastructure and set an example for other states to follow. By adopting XSIAM, we have significantly improved threat visibility and response effectiveness. Cortex XSIAM has allowed us to consolidate our security tools into one integrated platform, enhancing our security operations and protecting citizen data effectively. We have reduced MTTR from over 24 hours to under two minutes and automated the resolution of 86% of incidents.”
