Scribd
Upload
94 views13 pages

Cortex XDR Cornerstone Demo

The Cortex XDR demo provides a comprehensive overview of Palo Alto Networks' detection and response solution, emphasizing its integration of network, endpoint, and cloud data to combat sophisticated attacks. The demo is structured to last approximately 10 minutes and covers various features such as visibility, data ingestion, incident response, and automation. Access to the demo requires specific login credentials and includes a guided walkthrough to showcase the platform's capabilities.

Uploaded by

ouijdane.rhmira
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
94 views13 pages

Cortex XDR Cornerstone Demo

The Cortex XDR demo provides a comprehensive overview of Palo Alto Networks' detection and response solution, emphasizing its integration of network, endpoint, and cloud data to combat sophisticated attacks. The demo is structured to last approximately 10 minutes and covers various features such as visibility, data ingestion, incident response, and automation. Access to the demo requires specific login credentials and includes a guided walkthrough to showcase the platform's capabilities.

Uploaded by

ouijdane.rhmira
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

Cortex XDR Cornerstone

Demo

Technical Depth of the Demo

●​ High Level

Expected Time to Complete the Demo

●​ 10 minutes

1
Table of Contents

Accessing the Demo​ 3


Demo Flow​ 4
Palo Alto Networks Solution​ 4
Guided Walkthrough​ 5
Visibility & Insights​ 5
Data Ingestion​ 6
Alert Transformation​ 7
Incident Response​ 8
Incident Investigation​ 9
XDR Automation​ 10
Incident Causality Details​ 11
Assets & Artifacts​ 12
Custom XQL Queries​ 13

© 2025 Palo Alto Networks, Inc.​ ​ ​ ​ ​ ​ ​ ​ ​ 2


Accessing the Demo
Demo Link

Demo Link https://sedemo-xdrlabs.xdr.us.paloaltonetworks.com/

Login Information

Username Password

Palo Alto Networks username NextWave Partner Okta MFA Credentials

© 2025 Palo Alto Networks, Inc.​ ​ ​ ​ ​ ​ ​ ​ ​ 3


Demo Flow
Palo Alto Networks Solution

Note: The script below has some minor deviations from the demo video.

Cortex XDR is the world’s first detection and response app that natively integrates
network, endpoint and cloud data to stop sophisticated attacks. Cortex XDR accurately
detects threats with behavioral analytics and reveals the root cause to speed up
investigations. Tight integration with enforcement points accelerates containment,
enabling you to stop attacks before the damage is done. Download the datasheet to
learn the key features and benefits of Cortex XDR.

This section highlights the Palo Alto Networks product and describes how it addresses
the current challenges that other solutions cannot. Cortex is the only platform to
achieve 100% detection and 100% prevention with zero configuration changes or
delayed detections in the latest MITRE Engenuity ATT&CK evaluation.

© 2025 Palo Alto Networks, Inc.​ ​ ​ ​ ​ ​ ​ ​ ​ 4


Guided Walkthrough

This section goes through each feature of the product

Visibility & Insights

How Does this Feature Address the Customer’s Issue?

●​ As a unified platform with a single UI, XDR replaces dozens of SOC tools,
significantly lowering TCO.

Step-by-Step Guide:

1.​ Cortex XDR is the definitive AI-driven security operations platform, transforming
the SOC with unified data, AI, and automation for unprecedented outcomes.

© 2025 Palo Alto Networks, Inc.​ ​ ​ ​ ​ ​ ​ ​ ​ 5


Data Ingestion

How Does this Feature Address the Customer’s Issue?

●​ Cortex XDR ingests and normalizes data across extended data sources,
including endpoints, network traffic, identity data and cloud assets

Step-by-Step Guide:

1.​ Focus on features that offer the most immediate value, like cross-the-board data
ingestion, automated alert grouping, incident prioritization, continuous
ML-driven analytics, and native forensic capabilities across all endpoint and
cloud environments

© 2025 Palo Alto Networks, Inc.​ ​ ​ ​ ​ ​ ​ ​ ​ 6


Alert Transformation

How Does this Feature Address the Customer’s Issue?

●​ XDR is redefining unified detection and response across endpoints, networks,


clouds, and identities in an all-in-one solution, ensuring streamlined operations
and cost savings while reducing analyst fatigue.

© 2025 Palo Alto Networks, Inc.​ ​ ​ ​ ​ ​ ​ ​ ​ 7


Incident Response

How Does this Feature Address the Customer’s Issue?

●​ XDR provides a single cohesive view for managing and investigating incidents
with extended alerts

Step-by-Step Guide:

1.​ Showcase the one-stop 360-view created by analysts for analysts to proactively hunt
and eliminate threats with high precision and context that streamlines threat detection
and response across the entire security ecosystem.​

© 2025 Palo Alto Networks, Inc.​ ​ ​ ​ ​ ​ ​ ​ ​ 8


Incident Investigation

How Does this Feature Address the Customer’s Issue?

●​ XDR provides detailed incident information such as assets & artifacts, alerts &
insights, timelines, and executions

1.​ Demonstrate how the consolidated views of alerts illuminates and encapsulates
incident details.

© 2025 Palo Alto Networks, Inc.​ ​ ​ ​ ​ ​ ​ ​ ​ 9


XDR Automation

How Does this Feature Address the Customer’s Issue?

●​ Automation enables consistent, rapid responses to simple incident types. This


reduces manual steps allowing analyst to focus on high priority tasks

1.​ Review automation, forensics to show how XDR provides a comprehensive view
of each threats origin and progression

© 2025 Palo Alto Networks, Inc.​ ​ ​ ​ ​ ​ ​ ​ ​ 10


Incident Causality Details

How Does this Feature Address the Customer’s Issue?

●​ Incident causality visually trace attack chains, highlighting how threats


propagate across assets through one unified view

1.​ Drill into an incident's causality details and showcase how XDR visually provides
detailed stages and comprehensive information to help the analyst quickly
research the attack.

© 2025 Palo Alto Networks, Inc.​ ​ ​ ​ ​ ​ ​ ​ ​ 11


Assets & Artifacts

How Does this Feature Address the Customer’s Issue?

●​ Analysts are able to respond quickly and effectively to contain exposure,


preventing escalation, and ultimately eliminating threats in real-time

1.​ Provide insight to various components of an incident such as the one shown
below. Demonstrate the granularity of information provided in the Key Assets &
Artifacts area as well as other valuable information.

© 2025 Palo Alto Networks, Inc.​ ​ ​ ​ ​ ​ ​ ​ ​ 12


Custom XQL Queries

How Does this Feature Address the Customer’s Issue?

●​ Analysts can run custom queries across multiple data sources to pinpoint
hidden patterns and uncovering potential risks

1.​ Review existing queries as well as the flexibility of using the Query Builder

© 2025 Palo Alto Networks, Inc.​ ​ ​ ​ ​ ​ ​ ​ ​ 13

You might also like