New Cortex Xpanse Expander features and enhancements in release 2.2 (June 2023).
The table below describes the features and enhancements introduced in the Expander 2.2 (June 2023) release.
Feature | Description |
---|---|
Active Response Module Launch | The free community trial for the Active Response add-on module continues through the end of July 2023. Beginning August 1, customers must purchase an Active Response license in addition to the Expander license. You can try out Active Response with a 60-day free trial that you activate from within Expander. See Active Response License to activate your 60-day free trial. See Active Response for information about Active Response. |
Active Response Enhancements | Active Response enhancements include the following:
See Active Response for information. |
Remediation Confirmation Scanning for Active Response | Improved scan to validate the resolution of alerts . This scan utilizes the same payloads and global scanning infrastructure that was used for service discovery to ensure that the risk has been addressed. |
Threat Response Center Enhancements |
See Threat Response Center for more information. |
Prisma Cloud Integration | Use the Prisma Cloud integration to Identify rogue cloud and shadow IT instances and bring unmanaged assets under management. Xpanse ingests cloud context from Prisma Cloud for Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft (MS) Azure, Alibaba Cloud, and Oracle Cloud Infrastructure. See Ingest Cloud Resources from Prisma Cloud and Cloud Inventory for details. |
Xpanse Security Rating | The Cortex Xpanse Security Rating represents the overall hygiene of your organization’s external-facing attack surface. The Security Rating Dashboard enables you to track your security rating over time, compare your rating to industry peers, and break down your security rating by geography, business unit, and hosting provider. See Security Rating for details. |
Python Software Development Kit (SDK) | The new Python SDK consists of a collection of tools bundled together in a single, easy-to-install package. The SDK supports the following Expander functionality:
See Cortex Xpanse Python SDK for more information. |
Expander API Enhancements | The following APIs were improved with additional fields and filter options:
The following APIs were introduced in this release:
See the Cortex Xpanse API Reference for details. |
Asset Tag Rules | Define custom tag rules that apply tags automatically to assets that match your rule criteria, including new assets that are attributed to your organization. Tag rules are supported for IP addresses and IP ranges, enabling you to define custom IP ranges. See Asset Tagging for more information. |
Asset Notes | Add notes to individual assets in Expander. See Asset Notes for details. |
Bulk edit attack surface rules | Enable or disable attack surface rules in bulk. |
Improvements to the Inventory navigation |
|
Incident Risk Score Improvements |
|
Configure Access Control in the Cortex Gateway | In the Cortex Gateway, you can view and manage permissions, role-based access control (RBAC), and user group settings across all Cortex products. See the Cortex Gateway Administrator Guide for details. |
Other Usability Enhancements |
|