As companies accelerate the adoption of AI agents to boost their productivity, they face new challenges related to integration complexity within their ecosystems and lack of control over these technologies. In this context, Palo Alto Networks (NASDAQ: PANW), a global leader in cybersecurity, has introduced Cortex® AgentiX™, a solution designed to address these challenges.
Designed as the next generation of Cortex XSOAR®, AgentiX positions itself as the safest platform in the sector for creating, deploying, and managing AI agents, providing organizations with the control and security mechanisms necessary to ensure responsible and reliable use of artificial intelligence.
The launch of AgentiX marks a revolution in SOC (Security Operations Center) automation, at a time when adversaries can execute attacks up to 100 times faster thanks to AI. Its preconfigured agents have the ability to plan, reason, and execute tasks dynamically, mimicking expert decision-making and giving security analysts a key competitive advantage.
Operationally, AgentiX enables a reduction of up to 98% in average incident resolution time (MTTR) and a 75% decrease in manual work, freeing resources so teams can focus on higher-value strategic projects.
“Deploying autonomous agents without strict control is a recipe for disaster. That’s why we developed AgentiX on our proven Cortex platform, offering all the power of agentic AI with the level of control, traceability, and permissions management every business needs,” says Gonen Fink, Senior Vice President of Products, Cortex, Palo Alto Networks. “Applied to security teams, this isn’t just automation; it’s the end of repetitive manual work. We are empowering experts to transform the SOC instead of just chasing alerts.”
Unlike isolated approaches that focus on automating individual SOC tasks, AgentiX offers full workflow autonomy from start to finish. It is the only AI agentic platform built on over a decade of security automation leadership and trained with 1.2 billion real-world playbook executions. Additionally, to ensure seamless compatibility with all critical enterprise tools, AgentiX includes more than 1,000 preconfigured integrations and native support for the “Model Context Protocol” (MCP).
With Cortex AgentiX, organizations can:
- Deploy the most experienced security agents in the industry: go beyond rigid playbooks with preconfigured agents that function as a natural extension of operations. The initial set includes:
- Threat Intelligence Agent: adds and enriches threat info to identify related cases and detect new adversary techniques.
- Email Investigation Agent: automates the entire response to email threats, from search and analysis to containment, across all platforms.
- Endpoint Investigation Agent: offers rapid analysis, forensic collection, and host containment across all major EDR platforms.
- Network Security Agent: orchestrates threat response, policy enforcement, and network management on Palo Alto Networks firewalls and third-party solutions.
- Create custom agents without coding: quickly build powerful AI agents using an intuitive GenAI builder that leverages over 1,000 preconfigured integrations, native support for MCP, and robust safeties to ensure full control.
- Coordinate complex workflows across the enterprise: launch context-aware agents directly from any Cortex product, or orchestrate enterprise-wide actions from the standalone AgentiX platform.
- Govern autonomous actions with enterprise-grade safeties: operate AI agents securely with role-based access controls, requiring human approval for high-impact actions. Each agent action is fully traceable, ensuring compliance with strict security and regulatory standards.