Lumen Technologies announced the release of Lumen Defender℠ Advanced Managed Detection and Response (AMDR) for Palo Alto Networks Cortex XSIAM. The partnership combines the power of network-based threat intelligence to assist enterprises in detecting digital threats in advance and reducing response times in light of the ever-growing cyber environment across the globe.
Today’s cybersecurity practices regularly face significant friction in the workflow. With increased speed and frequency of automatic malicious exploits, SOC teams experience an overwhelming amount of low-quality logs coming from their telemetry sources. Security analysts find it challenging to identify essential vulnerabilities of the system because of disconnected security software consoles and too many false alerts. By unifying deep network visibility with an autonomous security operations platform, this enterprise-grade service addresses these challenges, mitigating tool sprawl and accelerating protective response cycles.
“Cyber defense is a speed game, and the network is where threats often show up first,” said Lumen’s Chief Technology and Product Officer, Jim Fowler. “With Palo Alto Networks, we’re again raising the bar for security by expanding access to our high-value network threat intelligence and putting it to work through modern, automated operations. As we bring Lumen Defender AMDR to more partners and platforms, more customers can quickly thwart bad actors.”
Also Read: Keeper Security Introduces Agentic AI Governance for Endpoint Privilege Manager
Neutralizing Pre-Compromise Exploits via Network Intelligence
The core architectural breakthrough of the platform lies in the deep integration of the Lumen Defender℠ Threat Feed, backed by Lumen’s elite threat research division, Black Lotus Labs®. Unlike legacy security monitoring solutions that rely strictly on endpoint telemetry or localized device logs, this specialized threat intelligence stream monitors real-time traffic behaviors directly across the global Lumen network backbone.
This network-level visibility delivers distinct advantages across several threat vectors:
Early Adversary Infrastructure Tracking: Maps outbound malicious staging zones and command-and-control centers before data payloads impact internal corporate domains.
Proactive Reconnaissance Interception: Identifies early-stage unauthorized network scanning and system probing prior to active infiltration attempts.
Autonomous Incident Triage: Reduces overall operational fatigue by transforming raw signal noise into contextualized, high-confidence security alerts.
Agentic Workspace Automation: Minimizes administrative maintenance by leveraging automated playbooks to streamline daily evidence-based investigations.
“Securing the modern enterprise means eliminating complexity and accelerating time-to-resolution,” said Simone Gammeri, Chief Partnership Officer at Palo Alto Networks. “Combining Lumen’s network-level threat intelligence with Cortex XSIAM empowers organizations to proactively defend against sophisticated threats at machine-speed and scale their security operations.”
Flexible SOC Deployment and Ecosystem Connectivity
The platform architecture supports both fully co-managed and completely managed SOC engagement models, enabling enterprise networks to rapidly upgrade their cyber posture without replacing existing security personnel. The unified interface aggregates core security workflows—including Extended Detection and Response (XDR), Security Orchestration, Automation, and Response (SOAR), Attack Surface Management (ASM), and Security Information and Event Management (SIEM) into a centralized dashboard, eliminating console switching.
This integration forms part of Lumen‘s broader ecosystem strategy, which links its global fiber footprint and cloud-native control plane with leading enterprise software applications to deliver scalable data transit, AI acceleration, and infrastructure protection.
The Lumen Defender℠ AMDR platform for Palo Alto Networks Cortex XSIAM is live and available immediately for worldwide enterprise onboarding. Chief information security officers, cloud architects, and risk management executives can explore technical deployment documentation, evaluate platform architecture frameworks, and schedule a custom environment validation by visiting Lumen’s official digital technology interface.






























