Palo Alto Networks

Cortex

Rapid Response to CVE-2025-31324: Mitigating SAP NetWeaver Visual Composer Exploitation

Protect against SAP NetWeaver's critical CVE-2025-31324 vulnerability with Cortex XSIAM's automated detection and response playbook for identifying and mitigating exploitation

Must-Read Articles

News and Events

Playbook of the Week

May 15, 2025

By Sasha Sokolovich

Palo Alto Networks

Products and Services

Partners

Must-Read Articles, News and Events, Playbook of the Week

What’s New for Cortex and Cortex Cloud (Apr ‘25)

Discover cutting-edge advancements in security ops with the latest Cortex releases. New features enhance threat prevention, platform coverage, automation, and attack surface tests for streamlined and robust sec...

May 05, 2025

By Scott Simkin

Playbook of the Week, Uncategorized

Playbook Creation Reimagined: The Intuitive Approach to Security Automation

Continuing to innovate on our market-leading SOAR to simplify security operations, ensure ease of use in the adoption of automation.

May 01, 2025

By Alon Yardeni

Must-Read Articles, Partner Integrations, Product Features, Uncategorized

Flexible Security Data Management with Cortex XSIAM & Cribl

Cortex XSIAM now integrates with Cribl to help security teams route high-quality data, fuel AI-driven operations, and detect threats fast with full vi...

Apr 29, 2025

By John Moran

Must-Read Articles, Product Features

Cortex Email Security Module: Defending Against Evolving Email Threats

Discover how Cortex Email Security Module detects sophisticated phishing attacks through AI-powered analysis, cross-domain correlation, and automated ...

Apr 28, 2025

By Yoav Zemah, Niv DavidPur, Luda Lazar and Gal Guzman

AI and Cybersecurity, Must-Read Articles, Product Features, Use-Cases

NL2XQL: Turning Natural Language into Powerful Cybersecurity Querying

NL2XQL transforms natural language into powerful XQL queries, making cybersecurity investigations accessible to all security teams without requiring d...

Apr 23, 2025

By Gal Itzhak and Lior Perry

Playbook of the Week

Creating an Automated Workflow for Account Lockout Resolution

This playbook automates and speeds up response to excessive user account lockouts, which could indicate a credential-based attack.

Apr 10, 2025

By Ido Van Dijk

Playbook of the Week, Unkategorisiert

Automating Response to Suspicious Process Executions

This playbook automates the investigation and response to suspicious process executions triggered by a scheduled task.

Mar 20, 2025

By Omri Itzhak

Playbook of the Week

Automating Response to Suspicious SaaS Access From a Tor Exit Node

This playbook shows how a SecOps team can use Cortex XSIAM to automate and speed response to suspicious SaaS access alerts involving a Tor exit node.

Mar 06, 2025

By Arik Day

Playbook of the Week, Uncategorized

Automating Response to Credential Dumping Attacks

Automated playbook designed to detect, contain and remediate credential dumping activity.

Feb 27, 2025

By Omri Itzhak

Product Features, Uncategorized, Use-Cases

Cortex Xpanse Protects Against Malicious Domain Takeover Techniques

Malicious domain takeovers have become an increasing concern for businesses as attackers exploit vulnerabilities by gaining unauthorized access to a d...

Feb 26, 2025

By Yvonne Le

Playbook of the Week

SSO Password Spray Playbook

Learn how to detect and prevent SSO password spray attacks with our comprehensive security playbook. Automate response and strengthen authentication security.

Feb 13, 2025

By Karina Fishman

Playbook of the Week

Automating Response to Unauthorized User Privilege Escalations Using PowerS...

Automating response to unauthorized privilege escalation activity such as a user being added to local administrator group using a PowerShell command

Feb 05, 2025

By Omri Itzhak

Announcement, Must-Read Articles, News and Events

What’s New in Cortex: The Latest Innovations for the World’s #1 SecOps Plat...

Cortex SOC platform introduces new enhancements and features across the entire portfolio including a brand new integration with Prisma Access Browser,...

Feb 04, 2025

By Scott Simkin

Playbook of the Week

Automating Response to Multi-Factor Authentication Threats

SEO Meta description Cortex XSIAM automated playbook addressing user rejected numerous SSO MFA attempts

Jan 30, 2025

By Tomer Haimof

Playbook of the Week, Product Features

Automating Response to Unauthorized Email Forwarding Activity in Google Wor...

Automating response to “A mail forwarding rule was configured in Google Workspace” with Cortex XSIAM

Jan 28, 2025

By Arik Day

Playbook of the Week, Product Features

Handling Successful SSO Sign-ins from Tor

Automating response to successful Tor SSO sign-ins with Cortex XSIAM

Jan 09, 2025

By Omri Itzhak

Must-Read Articles, Product Features

Optimize Analyst Workflows with Cortex Copilot

Discover how Cortex Copilot streamlines security analyst workflows, reduces burnout, and accelerates incident investigations by leveraging AI to automate mundane tasks.

Nov 07, 2024

By Yitzy Tannenbaum

Must-Read Articles, Product Features, Uncategorized

Cutting Through the Noise: Simplifying SIEM Alerts with Cortex

Discover how integrating Cortex XSOAR with Splunk SIEM reduces false positives, automates alert triage, and enhances cybersecurity efficiency.

Oct 16, 2024

By Nadav Shai Kanon

Announcement, Must-Read Articles, News and Events, Product Features

Cortex Copilot - Another Step Forward in SOC Transformation

Discover how Cortex Copilot, an AI-powered security assistant, transforms SOC operations by speeding up investigations and optimizing analyst workflow...

Oct 15, 2024

By Gil Blum

Must-Read Articles, News and Events, Product Features

What’s Next in Cortex: New Innovations for Security Operations

Cortex continues to transform the SOC with new innovations across the platform, including support for third-party EDR data to ease the transition from...

Sep 23, 2024

By Scott Simkin

Load more blogs

Palo Alto Networks

Cortex

Rapid Response to CVE-2025-31324: Mitigating SAP NetWeaver Visual Composer Exploitation

Palo Alto Networks

Subscribe to the Blog!

Get the latest news, invites to events, and threat alerts