By integrating Device Security with the Phoenix Data Systems Asset Information Management System (AIMS), you can periodically import the device inventory from the AIMS database through Cortex XSOAR to Device Security. Device Security can integrate with AIMS 2 and AIMS 3. When integrating with AIMS 2, you can also manually forward security alerts and vulnerabilities as auto-generated work orders from Device Security through Cortex XSOAR to AIMS.

Through the integration, Device Security learns biomedical and facility equipment by importing device information from AIMS. From there, you can use Device Security's functionality to query devices based on vendor-specific metadata, equipment types, device locations, and other attributes. The integration makes it easier for you to identify security vulnerabilities on specific medical devices while maintaining context about their clinical importance, maintenance history, and operational status. This unified view helps to prioritize security remediation based on equipment criticality and compliance requirements.

The integration specifically benefits healthcare organizations by providing security insights for medical equipment that traditionally lacks visibility on the network. Medical devices often contain outdated operating systems or have limited security controls, yet perform critical patient care functions. By combining AIMS inventory data with security monitoring, you gain actionable context about these devices, enabling better-informed security decisions and improved operational efficiency while maintaining regulatory compliance.

AIMS can be deployed in the cloud or on premises, and Device Security integrates with it through Cortex XSOAR in both cases. When AIMS is in the cloud, Cortex XSOAR communicates with it directly. When AIMS is on premises, Cortex XSOAR communicates with it through an on-premises Cortex XSOAR engine.

When importing asset information from AIMS, Device Security learns AIMS specific attributes and also common attributes, such as:

Device Security uses the MAC address and IP address to match assets from AIMS to assets in the Device Security inventory. For devices that aren't already in the Device Security inventory, Device Security creates new entries using the information from AIMS.

AIMS 2 When you send a work order from Device Security to AIMS 2 for a security alert or vulnerability, the device associated with the incident must already have an asset tag assigned to it. Otherwise, it's not possible for AIMS 2 to find it in its database.

Integrating with AIMS requires either a full-featured Cortex XSOAR™ server or the activation of a Device Security free cohosted Cortex XSOAR instance. It also requires purchasing the Palo Alto Networks add-on from Phoenix Data Systems.