Abstract
Cortex Xpanse simplifies incident response by providing workflows and playbook-driven automation for monitoring, prioritizing, investigating, and remediating incidents.
Alerts are potential security risks identified by Cortex Xpanse on your assets and services. An Incident is a collection of alerts related to a single service, or to a single asset if no service is detected. Responding to incidents is a critical part of protecting your attack surface, and Cortex Xpanse simplifies incident response by providing workflows and playbook-driven automation for monitoring, prioritizing, investigating, and remediating incidents.