New Cortex Xpanse Expander features and enhancements in release 2.3 (October 2023).
The table below describes the features and enhancements introduced in the Expander 2.3 (October 2023) release.
Feature | Description |
---|---|
Business Unit Management | You can now modify business unit assignments in Expander for IPv4 ranges, owned responsive IPs, domains, and certificates. These modifications will propagate to their respective alerts, incidents, websites, and services. In-product business unit management enables quick reallocation of assets across your organization. |
GeoIP Data | Expander now displays GeoIP data on services, alerts, and incidents pages, enabling you to filter by location. |
Embedded AI Service Owner Discovery | The new service owner discovery capabilities in Active Response use embedded AI to improve the discovery of service and asset owners through integrations and to provide ranking and categorization of owners. This new AI enhancement simplifies the remediation of attack surface risks by automating the often challenging requirement to identify owners. |
NGFW Remediation | Using engines to connect to Pan-OS within your network, Active Response can now access enrichment details and take remediation action using NGFW logging. |
New Outbound Integrations | Tenable.io—You can now forward the relevant assets that Xpanse discovers to Tenable.io for more detailed assessment and central vulnerability tracking. This integration is hosted by Palo Alto Networks, so there’s nothing to install on your network. Qualys VMDR—Automatically import Xpanse assets as new asset groups in Qualys VMDR for scanning. Jira Server—This new integration enables you to automatically forward new alerts along with guidance and related context from Expander to Jira as new tasks. |
ASM Overview Report | The ASM Overview Report is a new, out-of-the-box monthly or quarterly report that provides an overview of your organization's attack surface and key trends. |
Dashboard Filtering by BU and Tag | Filter your dashboards by business unit and tag to get customized views of the attack surface for specific entities in your organization. |
Other Usability Enhancements | Unresponsive IP Filtering—Filter for specific IP addresses on the Owned IP Ranges page Top Incidents widget—Top Incidents that Need Your Input widget has been added to the Home dashboard, so you can see at-a-glance which incidents require input. |