・The client required a person with professional Cortex XSOAR PlayBook creation skills to create a large number of PlayBooks. ・The client required someone with experience and knowledge of Cortex XSOAR implementation in order to utilize it for purposes other than automation and incident response.
We supported the development of PlayBooks for a total of 7 products, as well as QA support for XSOAR as a whole, improvement proposals for operational methods, functional verification, and vendor support.
As a result, we were able to speed up and lead to higher quality of the development process, and to secure sufficient time for verification and further PlayBook development.
Especially for Tenable.io, CortexXSOAR was used to manage vulnerabilities for all assets.
Not only did CortexXSOAR reduce the workload by automating the capture of scan result, but it also greatly improved productivity by creating a highly visible management screen.
・Creation of custom fields and layouts
・Proposal of analysis methods linked to other solutions' PlayBooks
We initially planned to provide support for a short period of time, but we decided to expand the scope of our work to provide long-term support since we have recieved customer satisfaction.
■Additional support items
・Improvement proposal of overall operations
・Proposal and verification of threat information acquisition and management