Use Palo Alto Networks XSIAM with Censys Platform to enrich alerts, investigations, and SOC workflows with Internet intelligence from Censys. This vendor-developed integration helps analysts bring external context into security operations workflows for faster and more informed triage.
Use cases
Alert enrichment: Add Censys context to suspicious IPs, domains, certificates, and services observed in XSIAM workflows.
SOC triage: Help analysts determine what a suspicious external asset is, how it is exposed, and whether it merits escalation.
Investigation acceleration: Give security teams more infrastructure-level context when handling ambiguous or incomplete alerts.
Threat-informed prioritization: Use external infrastructure context to separate routine findings from more meaningful investigative leads.
Benefits
Faster investigations: Analysts can access relevant Internet intelligence without leaving their existing workflow.
Better prioritization: External infrastructure context helps teams distinguish routine findings from higher-value investigative leads.
More complete analysis: Censys provides context that complements internal detections and telemetry.
Stronger analyst confidence: Teams can make faster, more informed decisions with broader visibility into suspicious infrastructure.
Censys Supported Products:
- Platform
Category:
- SIEM
Vendor:
- Palo Alto Networks
Maintained By:
- Palo Alto Networks