Cortex Xpanse supports integration with Cortex XDR using an API connector.
Attack Surface Management (ASM) for Remote Workers is an API integration between Cortex Xpanse and Cortex XDR or GlobalProtect that enables you to identify and alert on security issues on remote worker systems and network environments.
The Cortex Xpanse integration with Cortex XDR enables you to perform the following key tasks to secure your remote worker attack surface:
Identify risks and reduce attack surface related to your remote employee environments
Identify the gaps in coverage of Cortex XDR agents in your organization
Identify the internal and external IP mapping of your remote workforce
Ensure employees are using VPN services
Improve MTTR by providing additional network data to incidents identified by Cortex XDR.
To set up the integration between Cortex Xpanse and Cortex XDR, perform the following tasks:
For more information about ASM for Remote Workers and the Remote Attack Surface Dashboard in Cortex Xpanse Expander, see Remote Attack Surface Overview.