Gain Insights into Your Organization’s Mobile Device Posture with Cortex XSOAR and MobileIron

Apr 01, 2021
3 minutes
... views

More than 52% of organizations offer their employees, contractors, and frontline workers the ability to work securely from any endpoint of their choice. This flexible workplace landscape includes diverse endpoints such as iOS, macOS, Android, and Windows 10, as well as other immersive and rugged devices such as HoloLens, Oculus, Zebra and more–resulting in a complicated ecosystem that IT and security teams need to secure and manage.

MobileIron’s Unified Endpoint Management (UEM) platform is the scalable solution for end-to-end management of all your organization’s endpoints. The platform identifies and tracks devices during all stages of use, such as device on-boarding and provisioning, app management, secure access, and retirement.

This content pack consolidates the information from MobileIron Core, the on-prem solution, and MobileIron Cloud, a SaaS offering for devices. Available in the Cortex XSOAR Marketplace, MobileIron’s comprehensive endpoint security content pack is a must have for organizations with dynamic endpoints.

Intuitive interface and dashboard. MobileIron contains a variety of insightful data points related to the security posture of every device within the organization

MobileIron contains a variety of insightful data points related to the security posture of every device within the organization. This information can be used to supplement security event data and improve the decision making process of any security professional, leading to a more secure ecosystem.

Cortex XSOAR™ is the leading security, operations, automation, and response management system for teams to detect and respond to incidents within the organization’s digital footprint. Leveraging both the Core and Cloud versions of the MobileIron platform, Cortex XSOAR provides data enrichment based on device information contained within MobileIron for incidents triggered by 3rd party security systems. This content pack also allows MobileIron users the option to create security incidents based on device data within MobileIron Core or Cloud to be investigated and resolved by the security team using Cortex XSOAR.

What does this pack provide?

  • Commands to fetch device data based on certain common attributes such as a WiFi, MAC address, device UUID, serial number, and IP address.
  • An option to query device data based on the MobileIron’s UEM API Query DSL.
  • Commands to execute device-specific actions such as retiring, wiping, sending messages, and more.
  • Ability to fetch and create incidents based on device data contained within MobileIron’s UEM.
  • Sample playbooks demonstrating how remediation actions can be set up to respond to device incidents.
  • Custom layout and incident mapping to better show data that is relevant to the case.

The MobileIron UEM content pack for Cortex XSOAR by Palo Alto Networks allows customers to discover security incidents related to all of the endpoints they manage

The MobileIron UEM content pack for Cortex XSOAR by Palo Alto Networks allows customers to discover security incidents related to all of the endpoints they manage. Both MobileIron Core and MobileIron Cloud are available now on the Cortex XSOAR Marketplace.

 


Subscribe to Security Operations Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.