The results of the fifth round of the MITRE Engenuity ATT&CK Evaluations have been released, and while every vendor is claiming 100% of everything, the truth is in the details, and the data does not lie. This year, Cortex is the only vendor with 100% prevention and analytic detection.
In the ever-evolving landscape of cybersecurity, staying one step ahead has never been more critical. Adversaries continuously seek new and sophistica...
Palo Alto Networks is proud to announce a new cloud location in Taiwan, bringing Cortex XDR, Xpanse, XSOAR, and XSIAM to customers in the country. This is a testament to Palo Alto...
The U.S. Securities and Exchange Commission (SEC) has placed cybersecurity at the center of public company governance with its new cybersecurity incident reporting rule. Companies...
If you want to protect applications and workloads throughout today’s complex and interrelated environments, you need software firewalls. But, what exa...
Are you seeking more simplicity and choice to secure your applications and workloads in Google Cloud? You’re not alone. Too often the need to secure applications built and deployed in the cloud — or being moved...
Following our strong Fiscal Year 2023 financial results, we bring you the August 2023 edition of Always Innovating in Network Security. In this edition, we share our latest innovations in Advanced Threat Preven...
Now there’s yet another reason to deploy Cloud NGFW for AWS. The managed cloud firewall service — which provides best-in-class security with AWS cloud native ease of use — is now integrated with the Panorama™ m...
Prisma Access, the cloud-delivered security service edge platform from Palo Alto Networks, expands ZTNA 2.0 coverage to Microsoft Azure AD with Cloud...
We reached a big milestone for our customers with applications in the Azure public cloud. Two months ago, we launched the public preview version of Cloud NGFW for Azure, a managed next-generation firewall (NGFW...
This blog is part of the “Branch of the Future” series where we take a closer look at the four key tenets that next-generation SD-WAN and SASE provide to deliver a branch network that is digital-first, secure a...
Our July 2023 edition of Always Innovating in Network Security is now here. Palo Alto Networks is always innovating to protect our customers and help them manage cyber risk. As we...
Whether it’s helping us write a book or predict the likelihood of developing certain diseases, artificial intelligence (AI) has the opportunity to impact every aspect of our lives....
Managed service providers (MSPs) globally find themselves in a challenging environment where intense competition and the commoditization of bandwidth have increasingly made it difficult to achieve and maintain profitability.
Learn how a novel attack vector in GitHub Actions allows attackers to distribute malware across repositories using a technique that exploits the actio...
OpenID Connect (OIDC) is a modern authentication and authorization protocol built on top of the 0Auth 2.0 framework. OIDC enables secure and standardized authentication in applications, particularly web and mobile applications.
Moving to the cloud comes with technical complexities — security being one. Addressing the misconfigurations and risks contributes to this complexity,...
In today’s post, we look at action pinning, one of the profound mitigations against supply chain attacks in the GitHub Actions ecosystem. It turns out, though, that action pinning...
As the cloud continues to dominate the operating landscape, it has also revolutionized identity and access management, giving rise to new challenges — particularly with the proliferation of identities required...
In the cybersecurity maze, finding and addressing vulnerabilities is like chasing shadows. Every point of weakness opens a door to potential threats. While many organizations rely on the CVE system to identify...
GitHub Actions has gained immense popularity in recent years as a powerful and flexible automation platform for software development workflows. With its intuitive user interface, e...
As cloud computing continues to increase in popularity, businesses should consider remaining vigilant in protecting their information. Enterprises are...
Cloud computing's scalability, adaptability, and cost-efficiency have seen businesses increasingly utilize these services. Nevertheless, with the growth of cloud services come new...
Palo Alto Networks is proud to announce a new cloud location in Taiwan, bringing Cortex XDR, Xpanse, XSOAR, and XSIAM to customers in the country. This is a testament to Palo Alto...
In today's digital landscape, data loss prevention (DLP) solutions have become a critical component for keeping sensitive data secure in an organization. With an increasing amount of data being generated and shared, the need...
Charting the course of my career, transitioning from a cybersecurity webmaster to chief information security officer (CISO), has given me unique insights (and scars) into the multifaceted nature of cybersecurity. Where preven...
When you hear about sinkholes, it’s not necessarily a good thing. However, in the cybersecurity realm, DNS sinkholing is a technique used to redirect DNS queries for malicious doma...
Muddled Libra uses the 0ktapus phishing kit, among other advanced tactics. We detail our observations of their activity using the MITRE ATT&CK framework....
A phony proof-of-concept (PoC) code for CVE-2023-40477 delivered a payload of VenomRAT. We detail our findings, including an analysis of the malicious code....
A threat assessment of Turla (aka Pensive Ursa) breaks down this Russian-based APT's arsenal and techniques used, covering the top 10 active malware employed....
The Unit 42 Attack Surface Threat Report examines the current global attack surface landscape. Here we present some key findings and share actionable data....
Part two of our RedLine Stealer Wireshark quiz walks analysts through understanding a malware infection, from interpreting malicious traffic to identifying targ...
RedLine stealer harvests credentials and other data from a Windows host. Part one of this Wireshark tutorial analyzes RedLine traffic to determine what data was...
Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.