Recently, Respond Software announced the Respond Analyst app for Cortex by Palo Alto Networks. Cortex is the industry's only open and integrated AI-based continuous security platform. It delivers radical simplicity and significantly improves security outcomes through automation and unprecedented accuracy.

In other words, Cortex allows Palo Alto Networks customers to aggregate and normalize massive amounts of data from various sources including their next-generation firewalls (NGFW) and Traps (endpoint data) into a single data lake in the cloud. Once the data is collected, customers are able to analyze it, as well as to apply artificial intelligence and machine learning to find threats and orchestrate responses quickly. The Respond Analyst app on Cortex, using Robotic Decision Automation (RDA), is one of the first apps to deliver automated monitoring and triage for the entire Cortex Data Lake dataset.

The Challenge

Under normal operating conditions firewalls and endpoints collect a massive amount of security event data. The Cortex platform reduces the siloed event data being collected from these sources, however security teams need to be selective about which data they use.  To increase manageability of the data, organizations often filter or apply rules tuning their security infrastructure to reduce the event volume to be analyzed.  Tuning down systems means the probability of an attack will increase since not all data is being exposed to the security team.  Still, a vast number of false positives are surfaced, frustrating security teams as they weed through them looking for real incidents.

The Respond Analyst App

The Respond Analyst app for Cortex addresses this problem head-on. The Respond Analyst app is trained to perform consistent, thorough security analysis at scale -- without having to tune down firewall or endpoint data collection. The Respond Analyst eliminates the need for security teams to spend their days, nights and weekends manually analyzing alerts to determine if they are true positives that require actionable responses.  Instead, security teams are empowered to do what they like best - hunt for real events that threaten their business.

Like a frontline security analyst, the Respond Analyst app escalates triaged and scoped incidents based on data collected by Cortex, including but not limited to alerts on malware beaconing, malware outbreaks, lateral movement through exploitation, and unauthorized scanning and reconnaissance.

The Respond Analyst app for Cortex optimizes total cost of ownership of Palo Alto Networks next-generation firewalls and Traps customers by removing the human analyst’s task of reviewing and analyzing alerts in addition to automating analyst decision-making.

Respond Software at Ignite’19

Does the Respond Analyst app seem too good to be true?  Join us at the Palo Alto Networks Ignite event in Austin, TX from June 3rd to 6th in the Innovation Sandbox where you will be able to sign up for the Respond Analyst app right from the show floor! See for yourself how companies from different industries are using the Respond Analyst to reduce the time it takes to weed through mountains of false positives, while vastly reducing their security risk.

If you are not able to make it to Ignite, you can download the app from the Palo Alto Networks app page.

Press Release