Cortex XSOAR customers can now bolster their cyber threat intel with our customizable, actionable alerts from the deep & dark web. Here’s what you need to know.

If you are a customer of Palo Alto Networks Cortex XSOAR, then you may know about our partnership. Last year, we at Cybersixgill announced that we had completed an integration letting Cortex XSOAR customers tap into the power of our Darkfeed solution. That was followed by an integration with our DVE Score solution, empowering Cortex XSOAR customers to identify and prioritize their most urgent cybersecurity vulnerabilities in need of patching.

Now, we have expanded that partnership by making actionable alerts from the Cybersixgill Investigative Portal accessible within the Cortex XSOAR platform. Following this latest integration, any Cortex XSOAR customer can easily add Cybersixgill’s actionable alerts to their Cortex XSOAR dashboard via the Cortex XSOAR Marketplace. Then, they can set up and customize the alerts they want to receive, based on their own organization’s cybersecurity assets. 

This integration empowers Cortex XSOAR customers to bolster their cyber threat intelligence using Cybersixgill’s collection of intel from the deep and dark web – the largest such collection on the market. Based on their own specifications, these customers can automatically receive alerts whenever our threat intelligence uncovers any reference on the deep and dark web to their key assets (assets such as their organization’s name, products, IP addresses, domains, CVEs, third-party suppliers, names of executives, and more). 

The integration also gives these Cortex XSOAR customers quick and easy access to our full Investigative Portal. 

Realizing the Threat Intelligence Potential of the Deep and Dark Web

By setting up the alerts they want to receive, Cortex XSOAR customers can now use Cybersixgill’s unmatched capabilities to get early notice of threats – often before those threats materialize. These fully customizable alerts will provide context and essential details for any threat our technology discovers, as well as recommendations and an assessment of each threat’s risk level. 

As a result, these customers can enjoy the full power of our automated approach to gathering and analyzing intelligence from the deep and dark web – the channels of choice for hackers and other threat actors looking to communicate, collaborate, and transact anonymously. This way, Cortex XSOAR customers can immediately find out whenever our technology uncovers any hints that discourse on the deep and dark web seems to point to a past or future threat to their key assets. And once they receive a threat alert from Cybersixgill, they can automatically implement a playbook within Cortex XSOAR to mitigate the risk they face.

In addition, these customers can get a full picture of the alerts they have already received from Cybersixgill by referring to the Cybersixgill dashboard within the Cortex XSOAR platform. And for a deeper dive into any threat, a customer can simply click to access the full Cybersixgill Investigative Portal, giving them a closer look at the various risks they may face.

Beyond the ability to stay apprised of any threats as their footprints on the deep and dark web are uncovered, this integration enables Cortex XSOAR customers to conduct threat hunts using the Cybersixgill Investigative Portal. They can also use the threat intel they receive to prioritize incidents based on their urgency, and to analyze relevant malware being offered via the deep and dark web.

Bringing it All Together

Following this new integration, Cortex XSOAR customers can easily boost their approach to cybersecurity using the full power of Cybersixgill’s unmatched collection of threat intelligence from the deep and dark web. Most excitingly, these customers now have convenient ways to put all three of our core products to use in order to boost both their threat intelligence and their overall approach to cybersecurity. In addition to using actionable alerts and the Investigative Portal to keep tabs on the latest threats facing their own organizations, they can access our Darkfeed stream of malicious indicators of compromise (IOCs) and our DVE Score system of evaluating the real-world urgency of specific vulnerabilities. 

In short, these customers can now use each of Cybersixgill’s core technologies to make the most of our unmatched collection of threat intelligence from the deep and dark web.

For more on how Cybersixgill’s solutions can help you use threat intelligence from the deep and dark web to boost your cyber defenses, check out our overview of our various products.