Remote Attack Surface Use Cases
Cortex® Xpanse™ supports a number of use cases to protect
your remote attack surface.
Cortex® Xpanse™ supports a number of
use cases to protect your remote attack surface.
Use Case | Xpanse + Cortex XDR | Xpanse + GlobalProtect |
|---|---|---|
Reveal risks and reduce the attack surface
related to the remote employee environment Xpanse ingests
Cortex XDR endpoint data and GlobalProtect client data and combines
it with its global scan results to find risky services and issues.
Xpanse creates new Services and Issues in Expander, which you can
remediate through XDR or network configuration. |  | |
Identify the internal and external IP mapping
of your remote workforce For issues detected on networks
where a Cortex XDR agent is installed or GlobalProtect client is
deployed, Cortex Xpanse will know the most recent internal IP address
of the device, which can aid in investigation and remediation. | | |
Ensure employees are using a VPN service Cortex
Xpanse creates new Remote Device records for each Cortex XDR endpoint and
maintains a history of IP addresses the endpoint has used. These
IP addresses can be compared to your global VPN network to ensure employees
are using the VPN service. | | |
Discover the gaps in coverage of Cortex
XDR agents in your organization Cortex Xpanse can identify
services running on core infrastructure that lack a corresponding
Cortex XDR Agent. Within Expander you can filter Services and Issues
by whether or not a Cortex XDR Agent is present. | |
