Cortex® Xpanse™ supports a number of use cases to protect
your remote attack surface.
Cortex® Xpanse™ supports a number of
use cases to protect your remote attack surface, including the following:
Reveal risks and reduce the attack surface related to
the remote employee environment
Xpanse ingests Cortex
XDR™ endpoint data and combines it with its global scan results
to find risky services and issues. Xpanse creates new Services and Issues
in Expander, which you can remediate through XDR or network configuration.
Discover the gaps in coverage of Cortex XDR agents in your
Cortex Xpanse can identify services running on
core infrastructure that lack a corresponding Cortex XDR Agent.
Within Expander you can filter Services and Issues by whether or
not a Cortex XDR Agent is present.
Identify the internal and external IP mapping of your remote
For issues detected on networks where a Cortex XDR
agent is installed, Cortex Xpanse will know the most recent internal
IP address of the device, which can aid in investigation and remediation.
Ensure employees are using a VPN service
creates new Remote Device records for each Cortex XDR endpoint and
maintains a history of IP addresses the endpoint has used. These IP
addresses can be compared to your global VPN network to ensure employees are
using the VPN service.