Cohesity has announced it has joined forces with Palo Alto Networks to integrate its Cohesity Helios next-gen data management platform with Palo Alto Networks’ CortexTM XSOAR security orchestration, automation and response (SOAR) platform for improved ransomware detection and recovery.
A key factor in defeating cyber-attacks such as ransomware is how quickly the attack can be recognised and remediation steps initiated. This integration provides detailed automatic alerts when the AI-powered Helios platform detects anomalies in the backup data that could indicate an emerging attack.
Once alerted by Cohesity, Cortex XSOAR initiates an automated playbook to triage and mitigate the impact of a potential cyber-attack. Integrating a next-gen data management platform with a SOAR (Security Orchestration, Automation and Response) capability can help greatly accelerate threat detection and response and decrease an organisation’s risk exposure.
“Any delay in ransomware response and recovery could result in extended downtime, data loss, and business disruption,” said Brian Spanswick, CISO, Cohesity. “This integration can help more effectively link data management and data security processes — key to staying one step ahead of ever-persistent ransomware attacks and improving an organisation’s cyber resilience.”
“The integration of Cortex XSOAR with Cohesity’s next-gen data management platform is a significant advancement in helping our joint customers protect themselves from the impact of ransomware attacks and improve their cyber resilience,” said Matt Chase, director, Cortex Alliances at Palo Alto Networks.
“The AI-powered Cohesity platform issues detailed alerts based on data anomalies. The granular quality of these alerts helps Cortex XSOAR security analysts more quickly and accurately determine the scope and severity of the incident, helping customers maintain business continuity in the event of an attack.”
Detailed and timely alerts can help security analysts quickly determine how best to respond and can help relieve pressure and burnout. According to a study by Forrester Consulting, “The 2020 State of Security Operations,” security analysts are being asked to fight a fire with a garden hose.
Only 47% of respondents said their organisations are able to tackle most or all of the security alerts they receive in a single day. The other 53% reported struggling in several ways:
- 20% of alerts are manually reviewed/triaged by an analyst.
- Almost one-third of all alerts are false positives.
- 28% of alerts are never addressed by analysts because the volume is simply too high for them to keep up.
