palo alto networks logo icon white arrow icon pointing left to return to main Palo Alto Networks site
cortex-logo
email share button< email-icon
Cortex SOC Squad™ Presents: A Log4j Incident Response Simulation
guy avatar

Guy, Threat Hunter

Hunt for sophisticated attacks and low and slow threats that have slipped under the radar.

Search for indicators of compromise, unusual activity, and adversary tactics, techniques and procedures.

View Mission Readiness
peter avatar

Peter, Tier 2 SOC Analyst

Monitor, prioritize and investigate alerts.

Resolve incidents and remediate attacks.

View Mission Readiness
Kasey avatar

Kasey, Director of Vulnerability Management

Discover and analyze application, system, network and other IT vulnerabilities.

Assess and prioritize risk.

Patch or resolve vulnerabilities.

View Mission Readiness
Finish Your Mission
Finish Your Mission

Guy, Threat Hunter

Key Hunting Tool:

Cortex XDR for threat hunting across all security data, including endpoint, network, cloud, and identity data. An advanced XQL query language offers aggregation, visualization, and filtering of results.

Mission:

Create a set of queries that will help the SOC team discover potentially affected assets and search for signs these assets are indeed impacted.

Finish Your Mission

Peter, Tier 2 SOC Analyst

Key Incident Response Tool:

Cortex XDR for unified detection, investigation and response.

Cortex XDR uncovers advanced and zero-day threats with behavioral analytics and machine learning.

It speeds investigations by grouping related alerts into incidents, and revealing the root cause and cross-data insights. Flexible response options let analysts quickly contain and recover from attacks.

Mission:

Review security incidents and collaborate with threat hunters and other team members for investigations. Coordinate response if signs of compromise or vulnerable assets are uncovered.

Finish Your Mission

Kasey, Director of Vulnerability Management

Key Incident Response Tool:

Cortex XDR for vulnerability assessment and file discovery.

Cortex Xpanse for Attack Surface Management.

Prisma Cloud for visibility into containers and serverless applications.

Vulnerability scanners.

Mission:

Find and mitigate vulnerable Log4j software anywhere in the organization, including on the network, in the cloud and across managed and unmanaged assets.

Previous Next
back to the team

Threat Mitigated

Your organization is free and clear thanks to Cortex XDR

shield
Get our Essential Guide to XDR

Learn more about Extended Detection and Response

Download Now