Case Study: a large North American freight company reduces incident resolution to ~1 hour with Palo Alto Networks Cortex XSIAM

Large North American Freight Company cuts incident resolution to 1 hour with Palo Alto Networks Cortex XSIAM

The customer, a large North American freight company, faced an overwhelming backlog of over 6,000 unresolved security alerts. Their lean security team was bogged down by manual investigations that required switching between multiple consoles, allowing them to close only 10-20% of daily incidents. They adopted Palo Alto Networks Cortex XSIAM to streamline operations and reduce their median time to resolution.

By implementing Palo Alto Networks Cortex XSIAM, the company consolidated its SIEM and SOAR tools into a single platform. This enabled them to ingest more than double the amount of data, automate responses, and eliminate console-switching. The results were dramatic: the team now closes 100% of daily escalated alerts, reduced median resolution time from days/weeks to approximately one hour, and cut the number of daily incidents flagged by 6.7 times.