Case Study: Esri achieves a 95% reduction in weekly alerts with Palo Alto Networks Cortex XSOAR

How Esri Reduced Its Alert Barrage with Cortex XSOAR

Esri, a global leader in geospatial software serving more than 350,000 customers, was facing severe SOC strain: more than 10,000 alerts per week, just five analysts, widespread false positives and duplicate incidents, and fragmented threat-indicator management that increased business risk and wasted resources.

Esri integrated Cortex XSOAR with its SIEM and network monitoring, using custom automated playbooks, historical cross-correlation for duplicate detection, and the XSOAR War Room for collaborative investigations. The platform centralized alerts and ticketing, cut weekly alert volume by about 95% (to roughly 500), sped investigations, boosted analyst productivity and satisfaction, and reduced organizational risk.

Esri

Sean Kohlmeier

Security Operations Manager