SlashNext Reinvents Incident Response with Cortex XSOAR

Jun 07, 2021
2 minutes
... views

The current security landscape is filled with targeted attacks, including sophisticated phishing and spear-phishing campaigns, and as many threat actors as defenders. Beyond stealing credentials, attackers are interested in compromising systems and data to any advantage they can gain, and  security teams are struggling to maintain organizational defenses in today’s rapidly changing landscape.

To help combat threat actors and their techniques, SlashNext has joined the Cortex XSOAR Marketplace to accurately identify external phishing attacks in milliseconds and provide full scanning and forensics to quickly preempt phishing attempts before they land. The SlashNext Phishing Incident Response content pack analyzes all phishing attempts, including shortened URLs and URL redirects and utilizes the case management and automation features of Cortex XSOAR to deliver:

  • Analysis of suspected phishing URLs by automatically extracting and scanning both URLs and hosts from suspicious emails or logs.
  • Run-time analysis through virtual browsers to overcome evasion techniques and detect unknown threats on both compromised and legitimate hosting infrastructure.
  • Pre-built playbooks for ‘take-down’ services designed to protect the world’s largest brands.

In addition to the above offerings, the SlashNext content pack also equips security teams with the means to more effectively plan a strategy to remediate compromised sites and takedown threat sources. This is done through rich forensic data, including screenshots, threat status, URLs, HTML and text downloads. Using the Cortex XSOAR platform as the foundation, security teams can also seamlessly integrate SlashNext Phishing Incident Response with existing security tools and workflows. This will enable the SOC to standardize and scale the most effective defense possible.

The pairing of SlashNext and Cortex XSOAR is so effective and well received that during the Automation Rising 2020 SOAR Hackathon competition, the SlashNext Phishing Protection Playbook won the Best Security Playbook Runner-Up award. Using this playbook, security teams get accurate, definitive binary verdicts on suspicious URLs that reinvents phishing incident response workflows and threat-hunting with enhanced automation.

Learn More

To learn more about the SlashNext content pack, join us for the Cortex XSOAR Top Use Cases webinar on June 24th at 9:00 AM PST and discover how to effectively identify threats, takedown threat sources, and save hundreds of hours per week.

Save your seat today!

 


Subscribe to Security Operations Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.