Corporate Blogs

Advancing Innovation and Harnessing AI to Secure the Homeland
As Chief Technology Officer for Unit 42 and a cybersecurity educator, I have a unique vantage point into the cyberthreat landscape. I recently had the honor of testifying before th...
Jun 12, 2024
Creating a Security Program with Less Complexity and More Visibility
Developing a strong security program is like tending a garden. It takes a lot of work, and you don’t always see immediate results. Ever...
May 23, 2024
By 
AI in Cyber Is Here to Stay — How to Weather This Sea Change
“AI’s Impact in Cybersecurity” is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42, with roles in AI research, product management, cons...
May 22, 2024
Prowling the Wilds — Upgrade Your SOC and Hunt Down Threats
It would be nice to imagine our SOC analysts as the apex predators of the IT jungle, stalking the network perimeter and tracking the scent of trespassing attackers. But, for most S...
May 21, 2024
By 
Tipping the Scales for DoD Cybersecurity with Prisma Access IL5
I’ve worked in the cybersecurity field for over 15 years now and have had the opportunity to witness the security evolution of many companies and organizations over that tenure. On...
May 16, 2024
The Dark Side of AI in Cybersecurity — AI-Generated Malware
“AI’s Impact in Cybersecurity” is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42, with roles in AI research, product management, cons...
May 15, 2024
Untangling IT-OT Security Knots with a Zero Trust Platform Approach
Accelerating Real Time Security Outcomes with Precision AI
New capabilities enable customers to counter AI with AI, secure AI by design and simplify security.
May 07, 2024

Network Security Blogs

Simplifying Network Security for Enterprises in Public Cloud
As enterprises increasingly transition to the public cloud, they face a crucial decision: should they manage software firewalls in-house or outsource this critical function to experts? This question arises amon...
Jun 12, 2024
Forrester Names Palo Alto Networks a Leader in OT Security
Palo Alto Networks has been named a leader in OT security in The Forrester Wave™: Operational Technology Security Solutions, Q2 2024 report. We receiv...
Jun 11, 2024
Learn how to protect your AWS AI applications at AWS re:Inforce 2024
Palo Alto Networks will be showcasing our latest product innovations to defend against the evolving AI threat landscape at AWS re:Inforce 2024.
Jun 03, 2024
Putting More Cure In Secure With Medical IoT Security
New capabilities that dramatically improve the end-to-end process of seeing and securing connected medical devices for network security and clinical engineering teams
May 20, 2024
Manufacturers key target for CIRCIA cyber incident reporting rule
CISA is requesting input on a new proposed rule that introduces a requirement for critical infrastructure organizations to report substantial cyber incidents and ransomware payment...
May 14, 2024
Untangling IT-OT Security Knots with a Zero Trust Platform Approach
Organizations today are grappling with the complexities of digital transformation, a shifting threat landscape with the...
May 13, 2024
Strengthening Your DNS Protection with Advanced DNS Security
The intensity of today’s threat landscape has put organizations at greater risk of a breach. However, vulnerability can be looked at as the birthplace...
May 08, 2024
Strata Copilot - Accelerating to an Autonomous Cybersecurity Future
Today, Palo Alto Networks is sharing its vision for fully autonomous cybersecurity at our virtual event Prepare for a Brand-New Fight. As part of that...
May 07, 2024

SASE Blogs

Prisma SD-WAN Supports AWS Cloud WAN Service Insertion
As enterprises migrate their applications and operations to the cloud, the need for robust, secure, and efficient networking solutions has never been more critical. As such, the su...
Jun 11, 2024
Unlocking Unimagined Use Cases with Prisma Access Browser
The browser has become the main workspace and focal point for user-data interactions, exposing a missing layer in corporate security th...
Jun 06, 2024
Embracing AI-Powered Data Security for the Digital Age
Almost every company is becoming a technology company, adopting SaaS applications at a record pace and moving vast amounts of data and applications to the cloud. This drastically d...
May 29, 2024
Transforming Data Security with AI-Powered Classification
Handling and securing sensitive data is a practice fraught with potential pitfalls such as inadvertent leaks, compliance violations, and the ever-present threat of cyberattacks.
May 22, 2024
Managed SD-WAN Services for MSPs Unlock New Revenue Streams
Businesses are adopting cloud-driven services at an unprecedented rate and utilizing SaaS apps to deliver their services. With the hybrid workforce here to stay, enterprises are challenged with securely delivering an exceptio...
May 16, 2024
Uncover Suspicious SaaS Activities with Behavior Threats
Safeguarding enterprise data is paramount in today’s fast-paced world of cloud-based business services and operations.
May 15, 2024
Myth Busting the PoP Fallacy
At Palo Alto Networks, we innovate based on first principles across security, performance, and availability. As part of our continued commitment to our customers, we constantly benchmark apps and infrastructure to identify th...
May 13, 2024
The Dark Secret of Enterprise Security
It's the challenge of securing unmanaged devices in a world where remote work, contractors, and Bring Your Own Device (BYOD) are common.
May 09, 2024

Cloud Native Security Blogs

One Small Step for Developers, One Giant Leap for Security
Incorporate Prisma Cloud directly into your development workflows with intuitive IDE and VCS integrations.
Jun 12, 2024
Breaking Bad Habits with CIS Benchmarks
In today’s cyberthreat climate, organizations must prioritize the security of their IT infrastructure. The Center for Internet Security (CIS) Benchmarks provide a set of comprehens...
Jun 11, 2024
Are Cloud Serverless Functions Exposing Your Data?
More than 25% of all publicly accessible serverless functions have access to sensitive data, as seen in internal research. The question then becomes, Are cloud serverless functions exposing your data? — which i...
Jun 06, 2024
Acting on NSA Zero Trust Guidance for Applications and Workloads
The U.S. National Security Agency (NSA) recently published the cybersecurity information sheet Advancing Zero Trust Maturity Throughout the Applicatio...
Jun 05, 2024
Improving API Security with Google Cloud Service Extensions
Explore the potential of Service Extensions to strengthen your API security layer and protect web applications across any cloud-native architecture, public or private.
Jun 04, 2024
Harnessing AI to Bolster Cybersecurity: Safeguarding Qatar’s Digital Transformation
As the world embraces digital transformation, the threat landscape expands in parallel. With threat actors constantly developing new tactics, techniques and procedures, the speed t...
Jun 03, 2024
Best Practices for Managing Vulnerabilities in the Cloud–Part 2
Welcome back to our Best Practices for Managing Vulnerabilities in the Cloud series. In part one, we discussed how important it is to have complete visibility into vulnerabilities...
May 31, 2024
Bringing a Point of View to Your CIEM Strategy with Prisma Cloud
Managing cloud infrastructure and entitlement management (CIEM) is hard enough with multicloud, sprawling machine and user identities, and users acces...
May 30, 2024

Security Operations Blogs

SmartGrouping - Precision AI™-Driven Investigation
SmartGrouping is a crucial aspect of security operations, allowing to connect disparate alerts and paint a comprehensive picture of an attack. It's like piecing together a puzzle, where each alert represents a...
May 23, 2024
Advancing Innovation and Harnessing AI to Secure the Homeland
As Chief Technology Officer for Unit 42 and a cybersecurity educator, I have a unique vantage point into the cyberthreat landscape. I recently had the honor of testifying before th...
Jun 12, 2024
Forrester Names Palo Alto Networks a Leader in XDR
Since our founder, Nir Zuk, first coined the term “extended detection and response” nearly 6 years ago, we have been on a mission to ma...
Jun 03, 2024
AI Powers Sabre's Enhanced Threat Detection & Response
As the cyberthreat landscape continues to evolve at an unprecedented pace, security teams...
May 28, 2024
Creating a Security Program with Less Complexity and More Visibility
Developing a strong security program is like tending a garden. It takes a lot of work, and you don’t always see immediate results. Ever...
May 23, 2024
By 
AI in Cyber Is Here to Stay — How to Weather This Sea Change
“AI’s Impact in Cybersecurity” is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42, with roles in AI research, product management, cons...
May 22, 2024
Prowling the Wilds — Upgrade Your SOC and Hunt Down Threats
It would be nice to imagine our SOC analysts as the apex predators of the IT jungle, stalking the network perimeter and tracking the scent of trespassing attackers. But, for most S...
May 21, 2024
By 
The Dark Side of AI in Cybersecurity — AI-Generated Malware
“AI’s Impact in Cybersecurity” is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42, with roles in AI research, product management, cons...
May 15, 2024

Unit 42 Threat Research

company article
We detail Operation MidnightEclipse, a campaign exploiting command injection vulnerability CVE-2024-3400, and include protections and mitigations....
April 12, 2024
By  Unit 42
company article
A Chinese APT group is targeting political entities across multiple continents. Named Operation Diplomatic Specter, this campaign uses rare techniques and a uni...
May 23, 2024
company article
This article examines the distribution of malicious payloads embedded in Microsoft OneNote files by type, a first in our research to do so at such a scale....
May 16, 2024
company article
We provide a walkthrough of how attackers leverage DNS tunneling for tracking and scanning, an expansion of the way this technique is usually exploited. ...
May 13, 2024
company article
Muddled Libra now actively targets CSP environments and SaaS applications. Using the MITRE ATT&CK framework, we outline observed TTPs from incident response....
April 9, 2024
company article
We describe the characteristics of malware-initiated scanning attacks. These attacks differ from direct scanning and are increasing according to our data....
company article
An overview of CVE-2024-3094, a vulnerability in XZ Utils, and information about how to mitigate....
March 30, 2024
By  Unit 42
company article
Unit 42 researchers discovered CVE-2024-1313, a broken object level authorization (BOLA) vulnerability in open-source data visualization platform Grafana. ...
March 27, 2024

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.