{"id":100944,"date":"2019-08-22T06:00:01","date_gmt":"2019-08-22T13:00:01","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=100944"},"modified":"2019-08-21T14:49:33","modified_gmt":"2019-08-21T21:49:33","slug":"business-case-for-detection-and-response","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2019\/08\/business-case-for-detection-and-response\/","title":{"rendered":"Build a Rock Solid Business Case for Detection and Response"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">In February, <\/span><a href=\"https:\/\/www.paloaltonetworks.com\/blog\/2019\/02\/introducing-cortex-xdr-new-wave-detection-response\/\"><span style=\"font-weight: 400;\">we unveiled Cortex XDR<\/span><\/a><span style=\"font-weight: 400;\">, the world\u2019s first detection and response app that breaks down security silos to stop sophisticated attacks. We developed it with one goal in mind\u2014to help customers like you safeguard your users and data.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To uncover stealthy threats, such as low and slow attacks and evasive malware, we needed to be able to analyze massive amounts of data with machine learning.\u00a0 At the same time, we wanted to address today\u2019s top security operations challenges, including:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Analysts overloaded with too many incomplete, inaccurate security alerts, to the tune of 174,000 alerts per week for an average company, according to our 2018 Demisto State of SOAR report.<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Manual investigations that force analysts to piece together the \u201cwho, what, where, how\u201d details from disconnected security tools<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">A sprawling jumble of single-purpose products to deploy, manage and maintain<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Up until now, if organizations wanted to protect all their digital assets, they needed to provision siloed endpoint detection and response (EDR), network traffic analysis (NTA), and user and entity behavior analytics (UEBA) tools. This meant deploying new appliances, new endpoint agents and additional on-premises log servers.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Rather than follow the status quo, we introduced a new approach that simplifies security operations and, as a result, lowers the total cost of ownership (TCO). The business case for considering Cortex XDR over point solutions like EDR is extremely compelling. Estimates of an average enterprise with 10,000 users show <\/span><b>annual savings of over $889,000 including:<\/b><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">43% saved on alert triage and investigation costs<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">50% saved on management and maintenance costs for software, hardware and log servers<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">25% saved on endpoint security<\/span><\/li>\n<li style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">42% saved on network traffic analysis (NTA)<\/span><\/li>\n<\/ul>\n<p><b>Goodbye, Security Silos<\/b><\/p>\n<p><span style=\"font-weight: 400;\">With Cortex XDR, you can detect and respond to threats across all your network, endpoint and cloud assets. Instead of deploying more hardware and software, you can use your security infrastructure as sensors and enforcement points. You can store all your security data in Cortex Data Lake, a scalable, cloud-based data repository, avoiding the limitations of on-premises log storage.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cortex XDR provides all the capabilities of traditional EDR, NTA, and UEBA products. Plus, because Cortex XDR includes Traps endpoint protection agents standard, you also receive the best possible endpoint protection available.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cortex XDR not only saves money through consolidation, but also improves IT efficiency by dynamically stitching together data, resulting in faster and better investigations. Your security team can also take advantage of unique features like root cause analysis of incidents, one-click investigations of any alert, and incident management workflows. Security teams enjoy better security outcomes, reduced labor costs, and lower risk.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">By simplifying security operations, lowering maintenance and log management costs and leveraging existing security infrastructure as sensors for detection and response, <strong>you can <\/strong><\/span><strong>reduce your total cost of ownership (TCO) for detection and response by 44% compared to siloed tools<\/strong><span style=\"font-weight: 400;\">. <a href=\"https:\/\/start.paloaltonetworks.com\/maximize-the-roi-of-detection-and-response.html\">This white paper<\/a> explains how to get started.\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In February, we unveiled Cortex XDR, the world\u2019s first detection and response app that breaks down security silos to stop sophisticated attacks. The business case for considering Cortex XDR over point solutions like EDR is extremely compelling. Estimates of an average enterprise with 10,000 users show annual savings of over $889,000.<\/p>\n","protected":false},"author":370,"featured_media":101585,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[6770],"tags":[6737],"coauthors":[3907],"class_list":["post-100944","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-secure-the-future","tag-cortex-xdr"],"jetpack_featured_media_url":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2019\/08\/tco-.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/100944","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/370"}],"replies":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=100944"}],"version-history":[{"count":3,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/100944\/revisions"}],"predecessor-version":[{"id":101600,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/100944\/revisions\/101600"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media\/101585"}],"wp:attachment":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=100944"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=100944"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=100944"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=100944"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}