Cortex Xpanse offers several different products and licenses.
Cortex Xpanse offers several different products and licenses.
Expander—Software-as-a-service (SaaS) web application and series of APIs that continuously discover and monitor your on-prem and cloud assets across the internet. Integration with Cortex XSOAR, Cortex XDR, Prisma Cloud, and other workflow products like SIEMS and ITSMs allows our attack surface management (ASM) findings to enhance security workflows, and secure unknown, unmanaged risks on your cloud attack surface. Expander requires the base platform SKU plus a SKU based on the size of the network.
Active Response—Add-on module for Expander. Active Response uses embedded playbooks to automatically enrich incidents with ownership information, create tickets, and fully remediate exposures through cloud integrations, by creating firewall block rules or triggering endpoint isolation.
Attack Surface Testing—Add-on module for Expander. Cortex Xpanse Attack Surface Testing confirms the presence of a vulnerability on your external attack surface, enabling you to quickly and confidently prioritize risks. With your approval, Cortex Xpanse runs benign exploits against externally facing assets to confirm the presence of vulnerabilities. Rather than manually verifying inferred CVEs yourself, Cortex Xpanse Attack Surface Testing runs daily scans based on your preferences.
Link —SaaS web application that continuously identifies internet assets, risky services, and misconfigurations in third parties to help secure a supply chain or identify risk for M&A due diligence.
Third Party Assess—SaaS web application that provides a comprehensive, point-in-time assessment of a third party's internet assets, risky services, and misconfigurations to help secure a supply chain or identify risk for M&A due diligence.