{"id":101952,"date":"2019-09-12T06:00:46","date_gmt":"2019-09-12T13:00:46","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=101952"},"modified":"2020-07-30T20:09:31","modified_gmt":"2020-07-31T03:09:31","slug":"cortex-data-lake","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2019\/09\/cortex-data-lake\/","title":{"rendered":"What Is Cortex Data Lake?"},"content":{"rendered":"<p><b>Cortex Data Lake is an epic, scalable data infrastructure that\u2019s capable of ingesting, learning and signaling millions of events per second. It\u2019s the technology that enables Cortex XDR to detect and stop threats across network, cloud and endpoints, running over a dozen machine learning algorithms.<\/b><\/p>\n<p><div style=\"max-width:100%\" data-width=\"689\"><span class=\"ar-custom\" style=\"padding-bottom:52.1%;\"><img loading=\"lazy\" decoding=\"async\"  class=\"wp-image-101953 aligncenter lozad\"  data-src=\"https:\/\/www.paloaltonetworks.com\/blog\/wp-content\/uploads\/2019\/09\/image2-230x120.png\" alt=\"A conceptual image representing the power of Cortex Data Lake\" width=\"689\" height=\"359\" srcset=\"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2019\/09\/image2-230x120.png 230w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2019\/09\/image2-500x262.png 500w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2019\/09\/image2-510x267.png 510w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2019\/09\/image2-76x40.png 76w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2019\/09\/image2-573x300.png 573w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2019\/09\/image2-874x457.png 874w, https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2019\/09\/image2.png 1529w\" sizes=\"auto, (max-width: 689px) 100vw, 689px\" \/><\/span><\/div><\/p>\n<p><span style=\"font-weight: 400;\">Cortex Data Lake is the powerful backbone of the Cortex platform. The relationship between Cortex Data Lake and Cortex XDR reminds me of a joke: The president and the first lady stop at a gas station, where the first lady recognizes the owner of a gas station as an old boyfriend. The president jokes that she could have been the wife of a gas station owner, and the first lady responds, \u201cNo dear, he\u2019d be the President of the United States!\u201d\u00a0<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">What can Cortex Data Lake do?<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">First, Cortex Data Lake ingests your Next-Generation Firewall logs, your Traps logs, and your Prisma Access logs. It ingests data with full fidelity, with over a hundred data points per network log, including metadata from WildFire, our malware prevention service. We designed and priced the product to store all these details for future AI processing; the higher the fidelity, the more accurate your machine learning will be. No wonder we were found to deliver the broadest coverage with the fewest missed attack techniques among 10 endpoint detection and response (EDR) vendors <\/span><a href=\"https:\/\/www.paloaltonetworks.com\/blog\/2019\/05\/xdr-cortex-xdr-sets-standard-mitres-attck-evaluations\/\"><span style=\"font-weight: 400;\">in the recent MITRE evaluation<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">What\u2019s the point of ingesting all this data? Let\u2019s see some of the things you can do with it:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\"><b>Network traffic visibility<\/b><span style=\"font-weight: 400;\">: The <a href=\"https:\/\/apps.paloaltonetworks.com\/marketplace\/explore\">Explore app<\/a> enables network operations teams to interact with their Palo Alto Networks Next-Generation Firewall traffic via a simple web UI.\u00a0<\/span><\/li>\n<li style=\"font-weight: 400;\"><b>SOAR<\/b><span style=\"font-weight: 400;\">: With Demisto, you can orchestrate workflows on your firewall, cloud and endpoint data across your Cortex Data Lake, Splunk and other security information and event management (SIEM) instances. We hear lots of praise for this coexistence to help customers avoid forwarding huge volumes of firewall logs to their SIEMs.<\/span><\/li>\n<li style=\"font-weight: 400;\"><b>Feed the data into applications: <\/b><span style=\"font-weight: 400;\">We have <\/span><a href=\"https:\/\/apps.paloaltonetworks.com\"><span style=\"font-weight: 400;\">24 partner apps<\/span><\/a><span style=\"font-weight: 400;\"> and counting. The Cortex team and our partner ecosystem are busy building new apps every day to simplify, integrate and improve security operations.\u00a0<\/span><\/li>\n<\/ul>\n<div>Check out this <a href=\"https:\/\/apps.paloaltonetworks.com\/logging-service-calculator\" target=\"_blank\" rel=\"noopener noreferrer\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/apps.paloaltonetworks.com\/logging-service-calculator&amp;source=gmail&amp;ust=1568419692369000&amp;usg=AFQjCNEfit6aGIyYTuexcSMACaLAEJm5IA\">online calculator<\/a> to find out how much data your organization could store.<\/div>\n<div><\/div>\n<div>Learn more about how Cortex Data Lake enables <a href=\"https:\/\/www.paloaltonetworks.com\/detection-response\/data-lake\" target=\"_blank\" rel=\"noopener noreferrer\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/www.paloaltonetworks.com\/detection-response\/data-lake&amp;source=gmail&amp;ust=1568419692369000&amp;usg=AFQjCNG1HesDkDbyVJvxQWILyiGPlnALeQ\">AI-based innovations for cybersecurity<\/a>.<\/div>\n<p><b>Happy log forwarding!<\/b><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cortex Data Lake, which enables Cortex XDR, is an epic, scalable data infrastructure that can ingest, learn and signal millions of events per second.<\/p>\n","protected":false},"author":663,"featured_media":101953,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[6770],"tags":[6738,6849,6737],"coauthors":[6848],"class_list":["post-101952","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-secure-the-future","tag-cortex","tag-cortex-data-lake","tag-cortex-xdr","sec_ops_category-product-features"],"jetpack_featured_media_url":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2019\/09\/image2.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/101952","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/663"}],"replies":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=101952"}],"version-history":[{"count":13,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/101952\/revisions"}],"predecessor-version":[{"id":117069,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/101952\/revisions\/117069"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media\/101953"}],"wp:attachment":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=101952"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=101952"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=101952"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=101952"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}