Palo Alto Networks released new Identity Threat Detection and Response (ITDR) module for Cortex XSIAM, enabling customers to ingest user identity and behavior data and deploy AI technology to detect identity-driven attacks within seconds.
The module further strengthens XSIAM’s ability to consolidate multiple security operations capabilities into a unified, AI-driven security operations center (SOC) platform.
Identity-driven attacks, which target user credentials to access confidential data and systems, are one of the most common methods cyber criminals use to breach organizations’ networks.
For example, in recent years Lapsus$ Group has used privileged user credentials to attack multiple government agencies, as well as multiple large technology companies.
“Today, customers who want to detect identity-related attacks must deploy multiple tools – UEBA, Insider Risk Management, endpoint-based ITDR, etc. – each providing a partial view into user activities,” said Gonen Fink, SVP, Cortex Products at Palo Alto Networks.
“Such disjointed approaches result in poor security outcomes, alert overload, and time wasted on triage. With the addition of ITDR, the…
