RiskIQ for Palo Alto Networks

Optimizing Security’s Impact with Orchestration and Automation

Scaling Threat Intelligence & Data Enrichment

Accelerate threat investigations and response efforts via automated indicator and event enrichment with comprehensive, real-time internet intelligence. Automate monitoring and blocking with curated threat feeds, and proactively discover, monitor, and defend your digital attack surface.

RiskIQ Digital Footprint for XSOAR

Proactive Discovery and Defend Your Attack Surface

Automate Your Attack Surface Defenses

The first step in every security program is knowing what you own, you leverage and what is connected to your organization. You can’t protect what you don’t know about. RiskIQ Digital Footprint pack for Cortex XSOAR provides you a deep, accurate, risk-based insight into your digital footprint. This integration enables proactive attack surface management and defense and allows security teams to create and enrich incidents with RiskIQ asset information.

  • Automate actions against new assets discovered like websites, domains, IP addresses and more in your attack surface in order to stay ahead of the adversary.
  • Accelerate triage efforts by querying your asset inventory in order to understand if the asset is owned and if so, by who within the organization.
  • Gain immediate insight into vulnerable assets that may be impacted by new or resurging exploits being abused by malicious actors.
  • Confidently approve or deny inbound or outbound network connections with automation.
  • Leverage hundreds of Cortex XSOAR third-party product integrations to coordinate response across security functions based on insights from Digital Footprint.

Support

RiskIQ is happy to provide support for our Palo Alto Networks XSOAR integrations. If you have questions, feedback or run into issues, please contact us using support@riskiq.com. Alternatively, existing enterprise clients can reach out directly to their support representative. Please do not contact Palo Alto Networks support for issues related to the RiskIQ integrations.

RiskIQ PassiveTotal for XSOAR

Automated Enrichment with Petabytes of Internet Intelligence

Accelerate Investigations, Eliminate Threats

RiskIQ PassiveTotal pack for Cortex XSOAR enables security teams to scale and automate their threat detection and response programs. RiskIQ’s Internet Intelligence Graph provides crucial external context to all internal IOC’s and incidents. This context helps security teams understand how internal assets interact with external infrastructure so they can better detect and prevent attacks. With these insights, security teams can also proactively detect and block the new threat infrastructure that’s part of attacks against their organization that they wouldn’t otherwise know existed.

  • Enrich Cortex XSOAR incidents and indicators with Passive DNS, WHOIS, SSL Certificates, Web & Social Trackers, Host Pairs, DNS Records, Open Ports and Services
  • Visualize Internet data alongside existing security telemetry to accelerate triage efforts and provide confidence to analysts or responders
  • Leverage hundreds of Cortex XSOAR third-party product integrations to coordinate response across security functions based on insights from RiskIQ PassiveTotal
  • Run 100s of commands interactively via a ChatOps interface while collaborating with other analysts and Cortex XSOAR’s chatbot

Support

RiskIQ is happy to provide support for our Palo Alto Networks integrations. If you have questions, feedback or run into issues, please contact us using support@riskiq.com. Alternatively, existing enterprise clients can reach out directly to their support representative. Please do not contact Palo Alto Networks support for issues related to the RiskIQ integrations.

RiskIQ Security Intelligence Services for XSOAR

Automated Internet Security Intelligence Enrichment, Detection & Prevention

Automate Internet Telemetry

The RiskIQ Security Intelligence Services pack provides customers with filtered lists of known bad hosts, domains, IPs, and URLs that have been associated with malware, phishing, and scam events. These curated lists of malicious observations are powered by RiskIQ’s Internet Intelligence Graph and updated continuously. Cortex XSOAR automates the monitoring and blocking actions across your security infrastructure.

  • Increase the power of XSOAR DBot by consuming millions of indicators of compromise every hour.
  • Proactively enrich, investigate or block newly observed infrastructure that may leverage current events or your organization brand to exploit user trust.
  • Curated feeds with lists of known bad URLs, Domains, and IP addresses associated with malware, phishing, and scam activity globally
  • Leverage hundreds of Cortex XSOAR third-party product integrations to coordinate response across security functions based on insights from RiskIQ Security Intelligence Services.

Support

RiskIQ is happy to provide support for our Palo Alto Networks integrations. If you have questions, feedback or run into issues, please contact us using support@riskiq.com. Alternatively, existing enterprise clients can reach out directly to their support representative. Please do not contact Palo Alto Networks support for issues related to the RiskIQ integrations.

Questions about the integration?

Interested in Becoming a Partner?

RiskIQ and our technology partners enable our customers to maximize the value of their security infrastructure, staff, and better protect their enterprise. Together, we deliver precise detection, faster investigations, easier collaboration, automated remediation, blocking, and takedown.