XDR, Channel partners, Content, Security Program Controls/Technologies, MSSP, Channel partner programs

MSSP Investment: Palo Alto Networks Powers Incident Response Through Cortex XDR Offering

Vector abstract background with dynamic waves, line and particles. Illustration suitable for design

By expanding its NextWave Program, Palo Alto Networks is helping its partners to quickly contain and stop cyber threats through incident response (IR) services powered by Cortex XDR.

The NextWave Program provides the tools, training and resources to address customer demand for IR services and aligns with the expansion of the Palo Alto Networks’ Cortex MSSP ecosystem, the company said in a prepared statement.

Early Threat Identification Delivered

Palo Alto Networks noted its 2022 Unit 42 Incident Response Report, which found that in 44% of cases organizations did not have an extended detection and response (XDR) security solution, or it was not fully deployed on the initially impacted systems.

Tom Barsi, vice president of Cortex Ecosystems, explained the impact of Cortex XDR for MSSPs:

“Cortex XDR is designed to provide more comprehensive visibility so threats are identified early along with better context for accelerated investigation and tighter containment. We are investing in our MSSP partner ecosystem more than ever before with the expansion of the NextWave Partner Program to encompass threat response. Partners that achieve this designation are highly skilled and have met stringent requirements with demonstrated deep experience in delivering threat hunting and IR services leveraging Cortex XDR. They are able to support customers through Incident Response, during their greatest time of need."

A Closer Look at the NextWave Partner Program

The Palo Alto Networks NextWave Program for Threat Response offers partners:

  • Leading IR XDR technology built utilizing proactive and reactive use cases to reduce time and resources spent on delivering services, including collecting data, aggregating data, analyzing data and remediating. It also offers a purpose-built platform and program that is designed for true IR in addition to endpoint detection and response (EDR).
  • Expert technical and deployment support 24/7 for online access to XDR tenants within minutes and around-the-clock technical support.
  • Expanded routes to market with more ways to offer proactive services to clients pre- or post-IR engagement, including advanced threat analytics, proactive assessments and attack surface management.

Deloitte India and Palo Alto Networks recently announced an expansion of their collaboration to offer complete, end-to-end technology-based cyber incident response services to businesses in India.

Aloke Kumar Dani, Risk Advisory partner for Deloitte India, noted the impact of the partnership with Palo Alto Networks and NextWave:

"We are pleased to have earned the Palo Alto Networks NextWave designation for Threat Response to help transform the cyber incident response space together. With cybersecurity incidents becoming increasingly prevalent and sophisticated, along with added regulatory pressure, we foresaw the need for a smarter, faster and more extensive suite of services that would provide our clients with next-generation security technology and services. Our partnership with Palo Alto Networks affirms that commitment to our clients.”

More Advancements from Palo Alto Networks

Palo Alto Networks in September 2022 released its VM-Series Virtual Next-Generation Firewall (NGFW) technology on the Azure Marketplace — “delivering end-to-end Zero Trust security at the enterprise edge,” MSSP Alert reported.

VM-Series virtual firewalls can now extend best-in-class NGFW capabilities to help protect Azure private multi-access edge computing (MEC) applications, providing centralized defense against cyberattacks.

In addition, Palo Alto Networks recently added SaaS security posture management (SSPM) capabilities to its Prisma secure access service edge (SASE) solution. SSPM allows Prisma users to configure their security settings for multiple SaaS apps in one location. They also ensure that Prisma users can fix misconfigurations with one click and lock security settings in place to protect against configuration drift.

Jim Masters

Jim Masters is Managing Editor of MSSP Alert, and holds a B.A. degree in Journalism from Northern Illinois University. His career has spanned governmental and investigative reporting for daily newspapers in the Northwest Indiana Region and 16 years in a global internal communications role for a Fortune 500 professional services company. Additionally, he is co-owner of the Lake County Corn Dogs minor league baseball franchise, located in Crown Point, Indiana. In his spare time, he enjoys writing and recording his own music, oil painting, biking, volleyball, golf and cheering on the Corn Dogs.