As digitalization drives the deployment of billions of new IIoT devices along with pervasive connectivity between IT and OT networks, the attack surface is constantly expanding. Boards and management teams are increasingly concerned about the risk of costly production downtime and cyber-physical safety incidents from OT cyberattacks.

Cortex is Palo Alto’s open and integrated, AI-based continuous security platform that’s designed to simplify security operations and allow security teams to find threats and orchestrate responses quickly. Current approaches leave data hidden in silos across your security infrastructure, limiting the effectiveness of analytics. Cortex Data Lake enables AI-based innovations for cybersecurity with the industry’s only approach to normalizing and stitching together your enterprise’s data.

The new certified CyberX app, available from the Palo Alto Networks Cortex Hub, is the first of its kind for securing OT networks. The integration of CyberX’s agentless platform with Cortex enables industrial and critical infrastructure organizations to:

  • Implement zero-trust strategies for OT networks to stop the rapid spread of attacks.
  • Rapidly correlate and stitch together OT alerts with IT security events from the Cortex Data Lake, so they can more effectively respond to advanced attacks that routinely pivot from IT to OT.
  • Auto-discover and tag all IIoT/ICS devices — both managed and unmanaged — to automatically define granular segmentation policies and Dynamic Asset Groups (DAGs) based on OT-specific device types, protocols, and behavior patterns.
  • Continuously detect threats and compromised OT devices in real-time. CyberX is the only company to have been awarded a patent for its OT-aware behavioral analytics and machine learning technology, which significantly shortens the learning period and reduces alert noise.
  • Leverage CyberX’s IIoT/ICS threat intelligence feed to bring additional context, speed, and precision to threat investigation and threat hunting.

The ROI benefit of CyberX’s integration with Cortex is that it enables joint customers to collect and analyze network traffic data from Palo Alto Networks sensors they’ve already purchased and deployed, while deploying CyberX as a cloud-based service.

Of course, joint customers can also choose to deploy the full CyberX platform as an on-premises solution (via virtual or physical appliances) integrated with the Palo Alto Networks Security Operating Platform and Panorama, Palo Alto’s centralized management system.

Read the full press release with quotes from Palo Alto Networks’ SVP of Engineering for Cortex, and CyberX’s chief architect, Amit Porat.

Cortex Data Lake from Palo Alto Networks has strict privacy and security controls in place to prevent unauthorized access to sensitive or identifiable information. Cortex Data Lake ensures the privacy of your data by limiting access to your authorized users and apps, which you can revoke at any time. Customers authenticate to apps that are part of the Cortex Hub using single sign-on, including two-factor authentication.

Palo Alto Networks, Cortex and Panorama are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world.