SlashNext Integrates with Palo Alto Networks Cortex XSOAR to Deliver Automated Phishing IR and Threat Hunting

Integration combines SlashNext URL Analysis and Enrichment with Cortex XSOAR to protect enterprise customers against zero-hour phishing threats

PLEASANTON, CA – May 7, 2020 – SlashNext, a leading provider of real-time anti-phishing and incident response solutions, today announced that its Phishing Incident Response (IR) solution is now  integrated with Palo Alto Networks Cortex XSOAR (previously Demisto),the industry’s first extended security orchestration, automation and response platform with native threat intel management that empowers security leaders with instant capabilities against threats across their entire enterprise. With this integration, users can now access SlashNext URL Analysis and Enrichment to get accurate, definitive binary verdicts on suspicious URLs (not inconclusive threat scores) to enable higher automation and throughput for phishing IR and threat-hunting playbooks. 

Together with Cortex XSOAR, users can save time with more fully automated phishing IR and threat hunting playbooks, such as those for abuse inbox management. SlashNext URL Analysis and Enrichment enables security operations center (SOC) and IR teams to dramatically reduce the time and effort involved in researching suspicious URLs. Whether in phishing emails or log data, security teams can get accurate, definitive verdicts and forensics evidence for suspicious URLs on demand. 

As an API-based service, SlashNext URL Analysis and Enrichment features a pre-built integration with the Cortex XSOAR platform, empowering quick operationalization for a variety of IR and threat hunting playbooks. SlashNext also provides sample playbooks to simplify implementation for different use cases. High-precision phishing URL analysis and enrichment enables rapid detection of genuine threats, plus faster and more automated processing of false positives.

“Palo Alto Networks is pleased to add SlashNext to the growing ecosystem of Cortex XSOAR technology integrations that help standardize, scale and accelerate phishing incident response,” said Rishi Bhargava, vice president of product strategy, Cortex XSOAR at Palo Alto Networks. “Through this integration, Cortex XSOAR users now benefit from the enhanced protections of SlashNext’s phishing URL analysis to speed incident response, analysis, and protection from fast-moving phishing threats.”

“SlashNext is excited to integrate with Cortex XSOAR to help automate phishing IR, threat hunting, and offer enhanced phishing protection for customers,” said Atif Mushtaq, SlashNext founder and CEO. “Innovative new phishing tactics have upped the ante for security professionals, who need better intelligence and automation to manage the surge of phishing threats before they lead to even more costly breaches.”

Cortex XSOAR is an extended security orchestration, automation and response platform that unifies case management, automation, real-time collaboration and threat intel management to transform every stage of the incident lifecycle. Teams can manage alerts across all sources, standardize processes with playbooks, take action on threat intel and automate response for any security use case – resulting in significantly faster responses that require less manual review.

SlashNext detects all major types of social engineering threats, not just fake log-in pages for major brands, and it provides rich forensics data for additional analysis and reporting. SlashNext SEER™ technology does run-time analysis with browsers to overcome evasion techniques and accurately detect previously unknown threats, including those hosted on compromised websites and legitimate hosting infrastructure.

To see Cortex XSOAR and SlashNext in action register for the May 12th webinar for a demo, including how to automate phishing detection and remediation for O365.

For more information, please visit:



SlashNext helps organizations close the gaps in their existing defenses against today’s—and tomorrow’s—more advanced phishing and social engineering threats. SlashNext provides IT security teams with a range of real-time phishing protection, phishing incident response, threat intelligence, and threat hunting solutions to protect users, both inside and outside network perimeter protections. SlashNext is headquartered in Silicon Valley and is backed by top-tier venture capital firms. For more information visit:


Media Contact

Lisa Cravens

Lumina Communications