Cortex

Cortex platform

Cortex platform supports endpoint detection and remediation of cybersecurity incidents, providing information about the severity, compromised assets, and data sources of the associated events, as well as automated responses. The software gathers data from hosts and network traffic, and relies on several machine learning models to identify anomalous activities, generating subsequent alerts. It also enables the performance of advanced threat hunting operations.

Cortex maps the cybersecurity incidents through the MITRE ATT&CK framework, categorizing and describing the attacks in a standardized manner. Furthermore, it allows to detect the attacks and limit their impact by launching several actions, such as the isolation of compromised endpoints, or the remote execution of scripts and commands. Further investigation of the incidents is supported through root cause analysis and forensics features.

Cortex features: