* [Blog](https://origin-researchcenter.paloaltonetworks.com/blog)
* [Security Operations](https://origin-researchcenter.paloaltonetworks.com/blog/security-operations/)
* [Must-Read Articles](https://origin-researchcenter.paloaltonetworks.com/blog/security-operations/category/must-read-articles/)
* Tackle New Email-Borne Th...

# Tackle New Email-Borne Threats with Cyren Threat InDepth + Cortex XSOAR

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2Fsecurity-operations%2Fcortex-xsoar-cyren-threat-indepth%2F)  
[](https://twitter.com/share?text=Tackle+New+Email-Borne+Threats+with+Cyren+Threat+InDepth+%2B+Cortex+XSOAR&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2Fsecurity-operations%2Fcortex-xsoar-cyren-threat-indepth%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Forigin-researchcenter.paloaltonetworks.com%2Fblog%2Fsecurity-operations%2Fcortex-xsoar-cyren-threat-indepth%2F&title=Tackle+New+Email-Borne+Threats+with+Cyren+Threat+InDepth+%2B+Cortex+XSOAR&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://origin-researchcenter.paloaltonetworks.com/blog/security-operations/cortex-xsoar-cyren-threat-indepth/&ts=markdown)  
\[\](mailto:?subject=Tackle New Email-Borne Threats with Cyren Threat InDepth + Cortex XSOAR)  
Link copied  
By [Kaustubh Jagtap](https://www.paloaltonetworks.com/blog/author/kaustubh-jagtap/?ts=markdown "Posts by Kaustubh Jagtap")  
Feb 18, 2021  
4 minutes  
[Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown)  
[News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown)  
[Partner Integrations](https://www.paloaltonetworks.com/blog/security-operations/category/partner-integrations/?ts=markdown)

With more than 300 billion emails\[1\] being sent daily, it is no surprise that threat actors prefer email as their primary threat vector. Recent data suggests that over 90% of breaches begin with a single email and 2/3rds of breach victims are large enterprises\[2\]. This highlights the risks posed by evolving threats and attacker tactics, techniques, and procedures (TTPs) on enterprises. Existing security tools are programmed to be highly effective in detecting and stopping known threats, but these very tools may be blind to newer attack tactics without actionable intelligence, amidst increasing organizational vulnerability.

This is why we are excited to announce that together, Cyren now integrates with Cortex XSOAR and allows enterprises to automate and supercharge threat detection and response with intelligence from Cyren Threat InDepth.

Cyren Threat InDepth provides the earliest visibility into key indicators of email-based threats, including phishing and malicious attachments. Threat InDepth provides security analysts and threat hunters with a comprehensive, multi-dimensional presentation of critical threat characteristics that help them detect, investigate, and respond to threats. When combined with the Cortex XSOAR platform, analysts have direct access to key indicators and supporting context, helping them to automate the entire security operations lifecycle and stay ahead of attackers. This capability helps security organizations to reduce key metrics such as mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR).

Threat InDepth is powered by Cyren's GlobalView™ Threat Intelligence Cloud, which is utilized by leading security vendors and analyzes billions of transactions per day, including email content, web traffic, and suspicious files and will be available in the Cortex XSOAR Marketplace at the end of February through four unique *premium content packs*:

**Cyren Phishing and Fraud Intelligence Feed** provides real-time info on URLs that are known to serve phishing pages. Contextual information includes brand and industry information, among others. Use cases include enriching incidents with phishing information observed by Cyren, including additional insights about targeted brands and industries to improve incident classification and prioritization.

**Cyren IP Reputation Intelligence Feed** provides real-time info on URLs that serve spam, phishing and malicious links, and malware files. Contextual information includes threat intensity, risk score, country of origin, and relationships. Use cases include enriching incidents with IP Reputation information to provide additional insights on how IPs can be abused for phishing, spam, or to spread malware. Feed includes a risk score, making IP indicators more actionable for security analysts.

**Cyren Malware File Intelligence Feed** provides real-time info on files serving malware. Contextual information includes URL and IP information (including FQDNs within file), malware behavior characteristics, malware family, and relationships to IP addresses and links. Feed allows analysts to check every extracted file hash against the Cyren Malware Detection Engine database to determine if the file is malicious.

**Cyren Malware URL Intelligence Feed** provides real-time info on URLs serving malware. Contextual information includes first seen and last seen timestamps, associated IP addresses, and associated files. Use cases include enriching incidents with relationship information that security analysts can use to easily identify which malware files or IPs are associated with the suspect URL.

Threat InDepth intelligence will enable customers to maximize their investment in Cortex XSOAR by providing features including:

* Automatic identification of IOCs including IPs, URLs, domains, and file hashes as playbook-driven tasks within Cortex XSOAR.
* Access to detailed intelligence and context for IOCs from Cyren in Cortex XSOAR in real time.
* Ability to leverage hundreds of Cortex XSOAR product integrations to further coordinate response across security functions.

Organizations can bridge the gaps and advance the maturity of their security program by tapping into the fastest growing community of security experts. [Visit us here](http://paloaltonetworks.com/cortex/xsoar-ecosystem) for a list of available integrations and featured content packs.

Don't have Cortex XSOAR? Download our [free Community Edition](https://start.paloaltonetworks.com/sign-up-for-community-edition.html) today!

![Incident Overview with Threat InDepth and Cortex XSOAR](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/02/14-Incident-Overview-Indicator-Quick-View.png)

Figure 1: Incident Overview with Threat InDepth and Cortex XSOAR

![Indicator Quick View](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/02/14-Incident-Overview-Indicator-Quick-View-blownup.png)

Figure 2: Indicator Quick View

\[1\] https://www.statista.com/statistics/456500/daily-number-of-e-mails-worldwide/

\[2\] 2019 Verizon DBIR Report

*** ** * ** ***

## Related Blogs

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Partner Integrations](https://www.paloaltonetworks.com/blog/security-operations/category/partner-integrations/?ts=markdown)

[#### Deloitte's Cloud Migration Success: Transforming SecOps with Cortex XSOAR](https://origin-researchcenter.paloaltonetworks.com/blog/security-operations/deloittes-cloud-migration-success-transforming-secops-with-cortex-xsoar/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Partner Integrations](https://www.paloaltonetworks.com/blog/security-operations/category/partner-integrations/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown)

[#### Use VMRay Analyzer's Contextual Threat Intelligence for Automated Threat Hunting in Cortex XSOAR](https://origin-researchcenter.paloaltonetworks.com/blog/security-operations/use-vmray-analyzers-contextual-threat-intelligence-for-automated-threat-hunting-in-cortex-xsoar/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Partner Integrations](https://www.paloaltonetworks.com/blog/security-operations/category/partner-integrations/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)

[#### Automated Intrusion Detection and Response with Google Cloud IDS and Cortex XSOAR](https://origin-researchcenter.paloaltonetworks.com/blog/security-operations/cortex-xsoar-integration-with-google-cloud-ids/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Partner Integrations](https://www.paloaltonetworks.com/blog/security-operations/category/partner-integrations/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)

[#### Integrating Threat Detection with XDR in Google Cloud](https://origin-researchcenter.paloaltonetworks.com/blog/security-operations/cortex-xdr-integration-with-google-cloud-ids/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Partner Integrations](https://www.paloaltonetworks.com/blog/security-operations/category/partner-integrations/?ts=markdown)

[#### Leveraging Rubrik in Cortex XSOAR](https://origin-researchcenter.paloaltonetworks.com/blog/security-operations/rubrik-xsoar/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Partner Integrations](https://www.paloaltonetworks.com/blog/security-operations/category/partner-integrations/?ts=markdown)

[#### Automating Identity Lifecycle Management](https://origin-researchcenter.paloaltonetworks.com/blog/security-operations/automating-ilm/)

### Subscribe to Security Operations Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://origin-researchcenter.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language