Cortex Xpanse supports a number of use cases to protect your remote attack surface.
Cortex Xpanse supports a number of use cases to protect your remote attack surface.
Use Case | Xpanse + Cortex XDR | Xpanse + GlobalProtect |
|---|---|---|
Reveal risks and reduce the attack surface related to the remote employee environment Xpanse ingests Cortex XDR endpoint data and GlobalProtect client data and combines it with its global scan results to find risky services and issues. Xpanse creates new Services and Issues in Expander, which you can remediate through XDR or network configuration. |  | |
Identify the internal and external IP mapping of your remote workforce For issues detected on networks where a Cortex XDR agent is installed or GlobalProtect client is deployed, Cortex Xpanse will know the most recent internal IP address of the device, which can aid in investigation and remediation. | | |
Ensure employees are using a VPN service Cortex Xpanse creates new Remote Device records for each Cortex XDR endpoint and maintains a history of IP addresses the endpoint has used. These IP addresses can be compared to your global VPN network to ensure employees are using the VPN service. | |
|
Discover the gaps in coverage of Cortex XDR agents in your organization Cortex Xpanse can identify services running on core infrastructure that lack a corresponding Cortex XDR Agent. Within Expander you can filter Services and Issues by whether or not a Cortex XDR Agent is present. | |
|