[PANW![PANW](https://www.paloaltonetworks.com/content/dam/pan/en_US/microsite/xsoar-safe/images/pan-logo.svg)](https://www.paloaltonetworks.cn)  
[Cortex![Cortex](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/cortex-logo-light.svg)](https://www.paloaltonetworks.cn/cortex?ts=markdown)

# 检测和响应的 10 大必备要素

保护企业免受复杂攻击的顶级能力  
[获取演示](#must-have-contact-form)  
简介

## 如今的安全运营状态

为了应对不断升级的威胁，安全团队部署了无数的工具，但他们仍然缺乏发现所有威胁所需的数据和分析。如今，孤岛化工具迫使分析员从一个控制台转向另一个控制台以验证威胁，导致很多攻击被遗漏。  
![如今的安全运营状态](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/redesign/ten-must-have/the-state-of-security-operations-today-min.jpeg)

*** ** * ** ***

## 检测和响应的 10 大必备要素

01

## 跨数据源扩展的可视性

为了降低成功攻击的风险，您需要一种整体的检测和响应方法，以消除盲点，提高准确性，并简化调查。  
Video text Video text  
Cortex XDR 是业界首款原生集成网络、端点和云数据，从而阻止复杂攻击的扩展检测和响应平台。

### 02

## 同类最佳攻击防御

为了保护您的端点，您需要强大的保护来阻止已知和未知的恶意软件、无文件攻击和漏洞利用。
![](https://www.paloaltonetworks.com/content/dam/pan/zh_CN/images/Product/Cortex-prevention-techniques-revised-outline-cn.svg)

### 执行前

![](https://www.paloaltonetworks.com/content/dam/pan/en_US/northstar/cortex/use-cases/gear.svg)

#### 侦察保护

防止漏洞利用工具包使用漏洞剖析  
![](https://www.paloaltonetworks.com/content/dam/pan/en_US/northstar/cortex/use-cases/thumb-print.svg)

#### 基于技法的漏洞利用预防

阻止用于操纵良性应用程序的漏洞利用技法  
![](https://www.paloaltonetworks.com/content/dam/pan/en_US/northstar/cortex/use-cases/gear.svg)

#### 内核保护

防止针对/源自内核的漏洞利用  
![](https://www.paloaltonetworks.com/content/dam/pan/en_US/northstar/cortex/use-cases/intelligence.svg)

#### 威胁情报

利用从 Wildfire 收集的情报预防已知威胁  
![](https://www.paloaltonetworks.com/content/dam/pan/en_US/northstar/cortex/use-cases/thumb-print.svg)

#### AI 驱动的本地分析

预防未知威胁

### 云

![](https://www.paloaltonetworks.com/content/dam/pan/en_US/northstar/cortex/use-cases/gear.svg)

#### 基于云的分析

检测高级未知威胁

### 执行后

![](https://www.paloaltonetworks.com/content/dam/pan/en_US/northstar/cortex/use-cases/malicious.svg)

#### 预防恶意进程

阻止基于脚本的威胁  
![](https://www.paloaltonetworks.com/content/dam/pan/en_US/northstar/cortex/use-cases/intelligence.svg)

#### 勒索软件防护

阻止勒索软件  
![](https://www.paloaltonetworks.com/content/dam/pan/en_US/northstar/cortex/use-cases/thumb-print.svg)

#### 行为威胁防护

通过分析端点事件链阻止攻击  
Cortex XDR 通过单一的云原生代理提供威胁预防、检测和响应所需的一切，  
使用久经沙场且经过[验证](https://www.paloaltonetworks.com/cortex/cortex-xdr-industry-validation)的新一代防病毒功能来保护端点。

[了解端点概览](https://www.paloaltonetworks.com/resources/whitepapers/cortex-xdr-endpoint-protection-overview)

*** ** * ** ***

*** ** * ** ***

![简化调查](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/redesign/ten-must-have/root-cause-analysis.png)  
03

## 简化调查

如今孤岛化的安全工具以有限的情境\*\*[无休止地生成警报](https://www.paloaltonetworks.com/resources/infographics/cortex-forrester-2020)\*\*。为了缩短响应时间，安全工具必须提供事件的全貌，并提供丰富的调查细节。

Cortex XDR 通过自动显示来自任何来源的警报的根本原因、事件顺序和威胁情报细节，简化了调查。  
了解 Cortex XDR关闭 Cortex XDR ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/microsite/cortex/images/faster-investigations.svg)  
88%

通过揭示网络、端点和云警报的根本原因和丰富的情境，Cortex XDR 将调查速度提高了  
![](https://www.paloaltonetworks.com/content/dam/pan/en_US/microsite/cortex/images/alert-reduction.svg)  
98%

利用 Cortex XDR，借助智能警报分组和去重复，将警报减少了

*** ** * ** ***

04

## 分析和机器学习

您需要一套全面的机器学习和分析技术，保持领先于快速进化的威胁。

### Cortex XDR 提供

* AI 驱动的本地分析，用于阻止恶意软件
* 行为分析，用于检测入侵和主动攻击
* 全局分析，用于改善检测准确性和覆盖范围  
  分析和机器学习 分析和机器学习  
  05

## 协调一致的响应

您的团队需要集成和灵活的响应选项来快速阻截攻击。  
Play video Play video  
Cortex XDR 可以让安全团队立即阻止恶意软件的传播、隔离端点、运行脚本，甚至无需重新映像设备即可恢复端点。利用搜索和销毁功能，甚至可以实时扫描所有端点，查找并删除恶意软件。  
06

## 灵活的端点 保护功能套件

您需要一种简单的方法来识别和区分端点风险，减少攻击面，并阻止数据丢失。  
![漏洞评估](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/redesign/ten-must-have/Development-VA.svg) 漏洞评估

利用漏洞评估、跨托管和非托管终点的应用可视性等，可以查看企业范围内的数字资产。  
![主机防火墙](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/redesign/ten-must-have/Development-host-firewall.svg) 主机防火墙

从 Cortex XDR 管理控制台集中管理端点上的入站和出站通信  
![磁盘加密](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/redesign/ten-must-have/Development-disk-encryption.svg) 磁盘加密

对端点应用加密或解密策略，并查看所有加密驱动器的列表。  
![设备控制](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/redesign/ten-must-have/Development-device-control.svg) 设备控制

监控并精确控制 USB 访问，以保护您的端点免受数据丢失和恶意软件的攻击。  
07

## 独立的测试和行业验证

在选择检测和响应解决方案时，您应该始终查看第三方测试、分析师验证和客户证明。

Cortex XDR 是业界首个扩展的检测和响应平台，取得了优异的测试结果，赢得了分析师和客户的赞誉。Cortex XDR 在 [MITRE ATT\&CK](https://www.paloaltonetworks.cn/cortex/cortex-xdr/mitre?ts=markdown) 评估中实现最佳的综合检测和保护，被 AV-Comparatives 评为"战略领导者"，而且在["Forrester Wave™：端点安全 SaaS 2021 年第二季度"](https://start.paloaltonetworks.cn/2021-forrester-xdr-wave)中被评为领导者，客户可以信赖 Cortex XDR。  
[Cortex XDR 行业验证](https://www.paloaltonetworks.com/cortex/cortex-xdr-industry-validation)  
![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/redesign/ten-must-have/16x9_Chart_New.png)

*** ** * ** ***

08

## 自主安全运营

手动流程会减慢事件响应速度并增加安全运营的成本。  
Play video Play video

*** ** * ** ***

09

## 快节奏创新

为了超越快速发展的对手，您应该寻找那些不断增强或扩展其产品功能的供应商。  
![快节奏创新](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/redesign/ten-must-have/rapid-pace-of-innovation-min.png)  
[发行说明](https://docs.paloaltonetworks.com/cortex/cortex-xdr/cortex-xdr-release-notes/release-information)[Cortex XDR 3.0 博客](https://www.paloaltonetworks.com/blog/2021/08/third-generation-xdr-has-arrived)  
![无与伦比的价值和投资回报](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/redesign/ten-must-have/unparalleled.jpg)  
10

## 无与伦比的价值和投资回报

在选择安全基础设施的关键元素时，您需要确保它能够提供明显的价值。Cortex XDR 通过以下方式可满足相应要求：

* 利用现有的安全工具作为检测和响应的传感器。
* 使用云部署消除本地日志服务器。
* 通过数据拼接、警报分组和根本原因分析简化操作。

与传统的孤岛化工具相比，**XDR 将总体拥有成本平均降低了 44%。**  
[获取白皮书](https://www.paloaltonetworks.cn/resources/whitepapers/maximize-the-roi-of-detection-and-response?ts=markdown)  
![评论和感言](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/redesign/ten-must-have/reviews-and-testimonials.png)  
Cortex XDR

## 评论和感言

了解第三方测试人员、分析师和客户的看法。  
[了解业内人士评价](https://www.paloaltonetworks.com/cortex/cortex-xdr-industry-validation)  
{#must-have-contact-form}  
![现场 XDR 演示](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cortex/redesign/ten-must-have/test-drive-cortex-xdr-min.jpeg)  
Cortex XDR 不仅减少了我们必须查看的事件数量，而且还减少了对这些事件采取行动所需的时间... 对我来说，XDR 中的 X 是我的团队的扩展。

**Peter Fletcher,**  
网络安全主管  
San Jose Water Company

## 现场 XDR 演示

请填写下表，观看 Cortex XDR 的实际操作。.  
名字 \*  
姓氏 \*  
电子邮箱 \*  
公司 \*  
职位 \*职务级别  
工作职能/重点领域 \*工作职能/重点领域  
电话 \*  
国家/地区 \*国家/地区  
部门 \*  
州/省州/省  
州/省州/省  
邮政编码 \*  
recaptcha  
通过电子邮件向我发送独家邀请、研究结果、优惠和新闻  
提交此表单即表示您同意我们的[条款](https://www.paloaltonetworks.com/legal-notices/terms-of-use)。查看我们的[隐私声明。](https://www.paloaltonetworks.com/legal-notices/privacy)  
提交  
谢谢！

Palo Alto Networks 专家将很快与您取得联系。我们期待您的消息！  
{#footer}

## 产品和服务

* [实时人工智能驱动的网络安全](https://www.paloaltonetworks.cn/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.cn/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.cn/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.cn/sase/ai-access-security?ts=markdown)

* [云交付的安全服务](https://www.paloaltonetworks.cn/network-security/security-subscriptions?ts=markdown)

* [高级威胁预防](https://www.paloaltonetworks.cn/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.cn/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.cn/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.cn/network-security/advanced-dns-security?ts=markdown)

* [企业数据丢失防护](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.cn/network-security/enterprise-iot-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.cn/network-security/medical-iot-security?ts=markdown)

* [工业 OT 安全](https://www.paloaltonetworks.cn/network-security/industrial-ot-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown)

* [新一代防火墙](https://www.paloaltonetworks.cn/network-security/next-generation-firewall?ts=markdown)

* [硬件防火墙](https://www.paloaltonetworks.cn/network-security/hardware-firewall-innovations?ts=markdown)

* [软件防火墙](https://www.paloaltonetworks.cn/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.cn/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.cn/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.cn/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.cn/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.cn/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.cn/sase?ts=markdown)

* [应用加速](https://www.paloaltonetworks.cn/sase/app-acceleration?ts=markdown)

* [自主数字体验管理](https://www.paloaltonetworks.cn/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.cn/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.cn/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.cn/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.cn/sase/sd-wan?ts=markdown)

* [远程浏览器隔离](https://www.paloaltonetworks.cn/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.cn/sase/saas-security?ts=markdown)

* [基于 AI 的安全运营平台](https://www.paloaltonetworks.cn/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.cn/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.cn/cortex/cloud/application-security?ts=markdown)

* [云态势安全](https://www.paloaltonetworks.cn/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.cn/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.cn/prisma/cloud?ts=markdown)

* [人工智能驱动的 SOC](https://www.paloaltonetworks.cn/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.cn/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.cn/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.cn/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.cn/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 托管检测和响应](https://www.paloaltonetworks.cn/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.cn/cortex/managed-xsiam?ts=markdown)

* [威胁情报和事件响应服务](https://www.paloaltonetworks.cn/unit42?ts=markdown)

* [主动评估](https://www.paloaltonetworks.cn/unit42/assess?ts=markdown)

* [事故响应](https://www.paloaltonetworks.cn/unit42/respond?ts=markdown)

* [安全策略转型](https://www.paloaltonetworks.cn/unit42/transform?ts=markdown)

* [发现威胁情报](https://www.paloaltonetworks.cn/unit42/threat-intelligence-partners?ts=markdown)

## 公司

* [关于我们](https://www.paloaltonetworks.cn/about-us?ts=markdown)
* [人才招聘](https://jobs.paloaltonetworks.com/en/)
* [联系我们](https://www.paloaltonetworks.cn/company/contact-sales?ts=markdown)
* [企业责任](https://www.paloaltonetworks.com/about-us/corporate-responsibility)
* [客户](https://www.paloaltonetworks.cn/customers?ts=markdown)
* [投资者关系](https://investors.paloaltonetworks.com/)
* [位置](https://www.paloaltonetworks.com/about-us/locations)
* [新闻资讯](https://www.paloaltonetworks.cn/company/newsroom?ts=markdown)

## 热门链接

* [博客](https://www.paloaltonetworks.com/blog/?lang=zh-hans)
* [社区](https://www.paloaltonetworks.com/communities)
* [内容库](https://www.paloaltonetworks.cn/resources?ts=markdown)
* [网络百科](https://www.paloaltonetworks.com/cyberpedia)
* [事件中心](https://events.paloaltonetworks.com/)
* [管理电子邮件首选项](https://start.paloaltonetworks.com/preference-center)
* [产品清单](https://www.paloaltonetworks.cn/products/products-a-z?ts=markdown)
* [产品认证](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance)
* [报告漏洞](https://www.paloaltonetworks.com/security-disclosure)
* [网站地图](https://www.paloaltonetworks.cn/sitemap?ts=markdown)
* [技术文档](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [请勿出售或分享我的个人信息](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [隐私](https://www.paloaltonetworks.com/legal-notices/privacy)
* [信任中心](https://www.paloaltonetworks.com/legal-notices/trust-center)
* [使用条款](https://www.paloaltonetworks.com/legal-notices/terms-of-use)
* [文档](https://www.paloaltonetworks.com/legal)

版权所有 © 2025 Palo Alto Networks。保留所有权利

* [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/)
* CN  
  Select your language