Device Security now supports using the Strata Cloud Manager API to provision a full-featured Cortex XSOAR server for third-party integrations. When configuring the Palo Alto Networks IoT 3rd Party integration instance, select the SCM API option, and then enter the TSG information and API Client ID and Client Secret to configure Cortex XSOAR to use the Strata Cloud Manager API.

Security teams often struggle to prioritize remediation efforts when vulnerability data is scattered across separate asset management solutions. Manually correlating CVE details with risk scores from disparate tools is time-consuming and can lead to gaps in threat visibility.

Device Security consolidates this context by displaying risk scores and attributes from integrated third-party solutions directly within the Vulnerability details view. This feature integrates data from vulnerability management and endpoint protection integrations alongside standard Device Security vulnerability information. You can now view CVE attributes specific to third-party solutions, such as proprietary risk scores and patch status, without switching between tools.

By combining vulnerability context from Device Security with CVE details from other vulnerability management tools, you gain a unified view that streamlines prioritization and remediation decisions. This unified view helps you more effectively manage risk across your environment.

Managing assets across fragmented IT, OT, and IoT environments often creates data silos that hinder accurate tracking and effective security responses. Keeping asset records synchronized manually between disparate systems is resource-intensive and increases the risk of working with outdated information.

The IBM Maximo integration for Device Security enables bidirectional exchange to ensure comprehensive asset visibility and automated workflow management. By integrating with IBM Maximo, Device Security can learn about assets and asset details from the Maximo database. Device Security uses that information to enrich the Device Security asset inventory, including creating new assets for devices learned through the IBM Maximo integration.

You can streamline incident response by converting high-priority Device Security alerts and critical vulnerabilities into IBM Maximo service requests. From the Alert and Vulnerability pages, you can create a work order to send an alert or vulnerability to IBM Maximo.

This unified approach ensures your asset inventory remains current, enriches investigations with security context, and reduces the operational overhead of maintaining accurate enterprise records.

Gaining visibility into proprietary patient monitoring networks is often difficult, leaving critical medical assets unmanaged and vulnerable to security risks.

The Philips Focal Point integration for Device Security now automates the discovery and profiling of connected medical devices within your healthcare environment. By directly querying Focal Point servers, this feature retrieves essential identity data, such as hostnames, IP addresses, MAC addresses, and serial numbers. Device Security uses the information it learns to update the Asset Inventory, including creating new records for devices not already in the Asset Inventory. Through the integration with Philips Focal Point, you gain comprehensive visibility into your patient monitoring infrastructure, covering hosts (PIIC systems), access points, controllers, and monitors, without requiring changes to your existing network configuration.

This enhanced visibility enables you to strengthen security policies and accurately assess risk for critical care devices previously hidden from standard discovery methods.

January 2026 Device Security now includes information from the European Union’s Medical Device Regulation (EU MDR) for medical device recalls. In the Recalls table, view the Source column to see if the recall comes from EU MDR.

December 2025 When the Medical Device Security vertical is enabled, you can filter the Source attribute in the Recalls table on the RisksRecalls page.

October 2025 Device Security now includes information from Germany's Federal Institute for Drugs and Medical Devices (Bundesinstitut für Arzneimittel und Medizinprodukte, BfArM) for medical device recalls. In the Recalls table, view the Source column to see if the recall comes from BfArM.

Manually tracking medical device recalls across multiple regulatory bodies is often a complex, error-prone process that can compromise patient safety and regulatory compliance. Device Security includes a Medical Device Recalls page that helps you identify and respond to recalls for medical devices in your network.

The Medical Device Recalls page provides a centralized view of all recalls for medical devices in your network, including the recall identifier, the recall status, the recall source, and the recalled devices and profiles in your network. You can view the recall source file by clicking on the Recall ID.

This centralized view of recalls helps you maintain regulatory compliance, reduce the operational overhead of manual tracking, and proactively mitigate risks associated with compromised medical equipment.

January 2026 Device Security now supports uploading MDS2 files in Microsoft Excel format.

Healthcare organizations often collect thousands of Manufacturer Disclosure Statement for Medical Device Safety (MDS2) documents, but the volume of files makes manual analysis difficult and leaves critical security data unused.

Device Security automates the digitization and mapping of MDS2 files directly to your device inventory. By integrating data from MDS2 files into the Device Security device identification and risk analysis process, this capability provides detailed device attributes and more precise, actionable alerts. For example, the system can confirm if a specific software version listed in an MDS2 file matches a known vulnerability.

You can also leverage the MDS2 Community, a shared ecosystem of files verified by security engineers, to reduce the effort of sourcing documents manually. The system automatically prioritizes the best available file for your fleet while allowing you to manage specific versions, ensuring your security posture remains accurate and up to date.