Latest Blogs

The Case for Multidomain Visibility
AI and Cybersecurity, AI Security, Cybersecurity, Data Security, Incident Response, Reports, Unit 42

The Case for Multidomain Visibility

Oct 01, 2025
By 
Agentic AI and the Looming Board-Level Security Crisis
AI Governance, AI Security, Points of View

Agentic AI and the Looming Board-Level Security Crisis

Sep 29, 2025
By 
The Ransomware Speed Crisis
AI and Cybersecurity, AI Security, Must-Read Articles

The Ransomware Speed Crisis

Sep 24, 2025
By 
Raising the Bar for Incident Response
Announcement, Unit 42

Raising the Bar for Incident Response

Sep 18, 2025
By 
Securing the Future of AI
AI Security, Announcement, Event, Partners, Products and Services

Securing the Future of AI

Sep 17, 2025
By 
Security Operations Under Fire Inside Black Hat's NOC
Events, Security Platform

Security Operations Under Fire Inside Black Hat's NOC

Sep 09, 2025
By 

POPULAR BLOGS

Popular Topics

SOC
Cortex XDR
Code to Cloud
Runtime Protection
Real-time cloud security
Cortex Cloud

Corporate Blogs

From Ransom to Revenue Loss
AI Security, Malware, Products and Services, Research, Unit 42

From Ransom to Revenue Loss

Discover how ransomware attacks go beyond ransom payments, impacting your company's bottom line through recovery costs, lost revenue and damaged trust.
Oct 07, 2025
By 
Prisma SASE 4.0: Powering the AI-Ready Enterprise
Announcement, News & Events, Product Features, Products and Services

Prisma SASE 4.0: Powering the AI-Ready Enterprise

Prisma SASE 4.0 powers the AI-ready enterprise with AI-powered threat protection, frictionless data security and unified, intelligent o...
Sep 04, 2025
By 
Salesforce-Connected Third-Party Drift Application Incident Response
CIO/CISO, Incident Response, Unit 42

Salesforce-Connected Third-Party Drift Application Incident Response

Companies were impacted by a Salesloft Drift data breach. Our investigation reveals exfiltrated data includes business contact and sale...
Sep 02, 2025
By 
Securing the AI Before Times
AI Security, CSO Perspective, Points of View, Predictions, Unit 42

Securing the AI Before Times

The cybersecurity landscape is being reshaped by AI, requiring a fundamental rethinking of our approach to cyber resilience and a new security framework.
Aug 28, 2025
By 
A Leader in the First Gartner Magic Quadrant for Hybrid Mesh Firewall
AI Security, AI Security, Strata Network Security Platform

A Leader in the First Gartner Magic Quadrant for Hybrid Mesh Firewall

Palo Alto Networks named a Leader in the 2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall in its inaugural report
Aug 27, 2025
By  and
Palo Alto Networks Named a Leader in WW Incident Response Services
Announcement, Reports, Unit 42

Palo Alto Networks Named a Leader in WW Incident Response Services

Palo Alto Networks is positioned as a Leader in the IDC MarketScape: Worldwide Incident Response 2025 Vendor Assessment.
Aug 25, 2025
By 
What Is a Hybrid Mesh Firewall and Why It Matters
Announcement, Cloud NGFW, Cloud Security, Products and Services, Strata Network Security Platform

What Is a Hybrid Mesh Firewall and Why It Matters

Palo Alto Networks Strata Network Security Platform delivers AI-powered, unified hybrid me...
Aug 25, 2025
By 
The Challenge of Cybersecurity Frenemies and Collaboration
Points of View, Predictions

The Challenge of Cybersecurity Frenemies and Collaboration

Michael Sikorski discusses how cybersecurity relies on "frenemies" building cultural bridges to collaborate against shared threats, as attackers already do.
Aug 20, 2025
By 
See all Corporate blogs

Network Security Blogs

Red Teaming Your AI Before Attackers Do
AI Security, AI Security

Red Teaming Your AI Before Attackers Do

Learn why traditional security fails against unique AI threats like prompt injection, and how continuous AI red teaming is vital for secure deployment.
Oct 01, 2025
By  and
The Modern Firewall for the Enterprise of Connected Devices
IoT Security, Products and Services

The Modern Firewall for the Enterprise of Connected Devices

The Palo Alto Networks hybrid mesh firewall delivers unified security, visibility & control for users, workloads & connected devices enterprise-wide.
Sep 30, 2025
By 
From Chaos to Command: An Organization's Journey to Master Multicloud
Products and Services

From Chaos to Command: An Organization's Journey to Master Multicloud

How organizations can master multicloud security by moving from chaos to command with a unified framework to discover, deploy, protect, and operationalize.
Sep 29, 2025
By 
Cloud NGFW for Azure by Palo Alto Networks | Scalable FWaaS Security
Cloud NGFW, Cloud Workload Protection

Cloud NGFW for Azure by Palo Alto Networks | Scalable FWaaS Security

Get scalable, fully managed security for Azure. New auto scaling and AppInsights integration lets you balance speed, scale, and security.
Sep 25, 2025
By  and
When Hidden Flaws Surface: Securing AI at Runtime
AI Security

When Hidden Flaws Surface: Securing AI at Runtime

Is your AI chatbot secure? With every prompt, new attack vectors emerge. Learn how runtime security protects your AI from evolving threats in real time.
Sep 23, 2025
By  and
Enterprise & Branch Security with Palo Alto Networks New NGFWs
Announcement, Next-Generation Firewalls, Products and Services

Enterprise & Branch Security with Palo Alto Networks New NGFWs

Get the latest details on the 14 new NGFWs Palo Alto Networks released to secure data centers, enterprise branches and remote locations.
Sep 22, 2025
By  and
Protecting the Utility Grid’s Digital Ecosystem, from Core to Edge to AI
5G Security, Firewall, IoT Security

Protecting the Utility Grid’s Digital Ecosystem, from Core to Edge to AI

Securing private 4G & 5G networks helps utilities enable critical service continuity & maintain community safety and trust.
Sep 17, 2025
By  and
Securing the Future of AI
AI Security, Announcement, Event, Partners, Products and Services

Securing the Future of AI

Discover how Palo Alto Networks Prisma AIRS provides end-to-end AI security, protecting models, agents, apps and data across the entire AI lifecycle.
Sep 17, 2025
By 
See all Network Security blogs

SASE Blogs

Prisma Browser Innovations: AI-Powered Security for Enterprise Work
AI Security, Product Features

Prisma Browser Innovations: AI-Powered Security for Enterprise Work

Protect your enterprise with AI-powered Prisma Browser to stop web threats, enforce password policies & secure all apps beyond SSO.
Oct 01, 2025
By 
Why Securing Web Sessions is the Missing Link in Zero Trust
Product Features, Uncategorized

Why Securing Web Sessions is the Missing Link in Zero Trust

Identity has become the new battleground. In a world where work happens everywhere and applications live in the cloud, passwords, passwordless authentication, and even MFA can no l...
Sep 17, 2025
By  , and
Prisma SASE a Leader in Forrester Wave: Secure Access Service Edge
Announcement

Prisma SASE a Leader in Forrester Wave: Secure Access Service Edge

Forrester has named Palo Alto Networks a Leader in its newly released report, The Forrester Wave™: Secure Access Service Edge Solutions, Q3 2025.
Sep 11, 2025
By 
Prisma SASE 4.0: Powering the AI-Ready Enterprise
Announcement, News & Events, Product Features, Products and Services

Prisma SASE 4.0: Powering the AI-Ready Enterprise

Prisma SASE 4.0 powers the AI-ready enterprise with AI-powered threat protection, frictionless data security and unified, intelligent o...
Sep 04, 2025
By 
The End of Data Leaks: Modern Data Security Begins in the Browser
Data Security, Product Features, Use-Cases

The End of Data Leaks: Modern Data Security Begins in the Browser

See how Prisma Access Browser provides a proactive, intelligent and user-centric approach that ensures sensitive data is protected in t...
Sep 03, 2025
By  , and
Deliver a Best-of-Breed Application Experience with Prisma SD-WAN
Products and Services, SD-WAN

Deliver a Best-of-Breed Application Experience with Prisma SD-WAN

Prisma SD-WAN provides the automation, intelligence, and deep insight needed to deliver secure and reliable application experiences.
Aug 28, 2025
By  and
Raising the Bar for Endpoint Security: Prisma Access Browser & IGEL
Partner Integrations, Partners

Raising the Bar for Endpoint Security: Prisma Access Browser & IGEL

Prisma Access & IGEL address the modern challenges of a browser-first workspace with a unified solution that secures work from endpoint to cloud.
Aug 27, 2025
By  and
Why Your AI Agent Needs a Performance Review
AI Security, Use-Cases

Why Your AI Agent Needs a Performance Review

CxOs need to unlock the true potential of AI without the fear of a friendly AI agent accidentally bringing down the house.
Aug 13, 2025
By  and
See all SASE blogs

Cloud Security Blogs

Beyond Shift Left: Why Application Security Needs Smart Context
Application Security, ASPM, Cloud Security

Beyond Shift Left: Why Application Security Needs Smart Context

Application security posture management (ASPM) turns scans into context, prioritizes risk, and embeds guidance in developer workflows to prevent produ...
Sep 26, 2025
By 
The Expanding API Attack Surface
API Security, Cloud Runtime Security, Cloud Workload Protection, CWPP, Web Application & API Security

The Expanding API Attack Surface

API security for cloud-native teams: discover every API, prioritize risk with context, and enable real-time protection without slowing developers.
Sep 24, 2025
By  and
How Auto-Remediation Shifts the Odds in Cloud Security
Cloud Security, Cloud-Native Application Protection Platform, CNAPP

How Auto-Remediation Shifts the Odds in Cloud Security

CNAPP autoremediation streamlines cloud security by cutting alert noise, enforcing guardrails, and driving faster, safer outcomes for teams.
Sep 17, 2025
By 
Breakdown: Widespread npm Supply Chain Attack Puts Billions of Weekly Downloads at Risk
AppSec, ASPM, Cloud Security

Breakdown: Widespread npm Supply Chain Attack Puts Billions of Weekly Downl...

npm supply chain attack exposed billions of downloads to risk. Learn how malicious packages spread and how to prevent threats with Cortex Cloud.
Sep 10, 2025
By  and
Accelerate Secure Development by Automating Delivery of a Compliant Cloud Infrastructure
AppSec, Cloud Security, Partners

Accelerate Secure Development by Automating Delivery of a Compliant Cloud I...

Cortex Cloud and HashiCorp Terraform integration secures cloud infrastructure by default, enabling fast, compliant provisioning and reduced risk.
Sep 09, 2025
By 
Taking Cloud Security from Visibility to Prevention with eBPF
Cloud Detection and Response, Cloud Runtime Security, Cloud Security, Cloud Workload Protection, CNAPP

Taking Cloud Security from Visibility to Prevention with eBPF

eBPF delivers real-time cloud security with deep visibility, stability, and speed—enabling Cortex to protect workloads w...
Aug 27, 2025
By 
Why Self-Managed AI Models Are Blind Spots and What to Do About It
AI Security, AI Security Posture Management, Cloud Security

Why Self-Managed AI Models Are Blind Spots and What to Do About It

Understand the real AI security risks of running self-managed models, from hidden deployments to supply chain threats, and how to effectively monitor ...
Aug 18, 2025
By 
Microsoft Entra Permissions Management to Retire: Why the Time for a Vendor-Neutral CIEM Is Now
Cloud Infrastructure Entitlement Management, Cloud Security, Identity Security

Microsoft Entra Permissions Management to Retire: Why the Time for a Vendor...

Microsoft Entra Permissions Management retirement leaves multicloud identities exposed. Discover why a vendor-neutral CIEM is essential and how Cortex...
Aug 15, 2025
By 
See all Cloud Security blogs

Security Operations Blogs

From Silos to Synergy: How Cortex XDL Transforms XDR to Elevate Threat Detection
AI and Cybersecurity, Must-Read Articles, News and Events, Product Features, Use-Cases

From Silos to Synergy: How Cortex XDL Transforms XDR to Elevate Threat Dete...

Learn how Cortex XDL transforms Cortex XDR by breaking down data silos and fusing telemetry from endpoint, networks, cloud, and identity to deliver AI...
Oct 07, 2025
By 
Discover the Power of Next-Gen Automation in XSIAM 3.x

Discover the Power of Next-Gen Automation in XSIAM 3.x

Discover how XSIAM 3.x on Cortex platform simplifies security automation with intuitive playbook building, 1,000+ integrations, and streamlined workflows.
Oct 06, 2025
By 
Stopping Cross-Domain Attacks with Cortex XDL + Cortex XSIAM
Must-Read Articles, Product Features

Stopping Cross-Domain Attacks with Cortex XDL + Cortex XSIAM

Siloed security tools miss 75% of threats. See how Cortex XDL's unified data foundation enables AI-powered detection against identity-driven attacks.
Oct 02, 2025
By 
The Case for Multidomain Visibility
AI and Cybersecurity, AI Security, Cybersecurity, Data Security, Incident Response, Reports, Unit 42

The Case for Multidomain Visibility

Get key insights from the 2025 Unit 42 Global Incident Response Report. Defend against complex, multidomain cyberattacks with unified v...
Oct 01, 2025
By 
Defending against Phantom Taurus with Cortex
Must-Read Articles

Defending against Phantom Taurus with Cortex

New APT threat actor, Phantom Taurus, is targeting global organizations. Learn more about how Cortex defends, prevents and responds to malware suite, NET-STAR.
Sep 30, 2025
By 
The Ransomware Speed Crisis
AI and Cybersecurity, AI Security, Must-Read Articles

The Ransomware Speed Crisis

There is a ransomware speed crisis. Attacks have accelerated 100x faster since 2021. Discover why traditional security fails and build AI-powered defenses.
Sep 24, 2025
By 
Cortex XDR is the Only Endpoint Security Market Leader to Achieve 99% in Both Threat Prevention and Response in AVC EPR
AI and Cybersecurity, Must-Read Articles, News and Events

Cortex XDR is the Only Endpoint Security Market Leader to Achieve 99% in Bo...

Palo Alto Networks Cortex XDR achieves 99% in both threat prevention & response in AV-Comparatives 2025 EPR test - the only endpoint se...
Sep 23, 2025
By 
Raising the Bar for Incident Response
Announcement, Unit 42

Raising the Bar for Incident Response

Unit 42 is now NCSC Enhanced Level CIR assured, proving our commitment to exceed the highest global standards for incident response and trust.
Sep 18, 2025
By 
See all Security Operations blogs

Unit 42 Threat Research

company article
High Profile Threats Vulnerabilities

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-...

We detail the observed limited activity regarding authentication bypass vulnerability CVE-2024-0012 affecting specific versions of PAN-OS software, and include ...
November 22, 2024
By  Unit 42
company article
Cloud Cybersecurity Research General Insights

Responding to Cloud Incidents A Step-by-Step Guide from the 2025...

Cloud breaches are rising. This step-by-step guide from Unit 42 shows how to investigate, contain and recover from cloud-based attacks....
October 7, 2025
By  Unit 42
company article
Threat Research Vulnerabilities

TOTOLINK X6000R: Three New Vulnerabilities Uncovered

Researchers identified vulnerabilities in TOTOLINK X6000R routers: CVE-2025-52905, CVE-2025-52906 and CVE-2025-52907. We discuss root cause and impact....
October 1, 2025
By  Zhibin Zhang
company article
Malware Threat Actor Groups

Phantom Taurus: A New Chinese Nexus APT and the Discovery of the ...

Phantom Taurus is a previously undocumented Chinese threat group. Explore how this group's distinctive toolset lead to uncovering their existence....
September 30, 2025
By  Lior Rochberger
company article
General Insights

Threat Insights: Active Exploitation of Cisco ASA Zero Days

CVE-2025-20333, CVE-2025-20362 and CVE-2025-20363 affect multiple Cisco products, and are being exploited by a threat actor linked to the ArcaneDoor campaign. ...
September 26, 2025
By  Andy Piazza
company article
Malware Threat Actor Groups

Bookworm to Stately Taurus Using the Unit 42 Attribution Framewor...

We connect Bookworm malware to Chinese APT Stately Taurus using our attribution framework, enhancing our understanding of threat group tradecraft....
September 24, 2025
By  Kyle Wilhoit
company article
High Profile Threats Malware

"Shai-Hulud" Worm Compromises npm Ecosystem in Supply Chain Attac...

Self-replicating worm “Shai-Hulud” has compromised hundreds of software packages in a supply chain attack targeting the npm ecosystem. We discuss scope and ...
September 23, 2025
By  Unit 42
company article
Malware Threat Research

Operation Rewrite: Chinese-Speaking Threat Actors Deploy BadIIS i...

SEO poisoning campaign "Operation Rewrite” uses a malicious IIS module called BadIIS to redirect users to unwanted websites....
September 22, 2025
By  Yoav Zemah
See all Unit 42 threat research

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

Get the latest news, invites to events, and threat alerts

Get the latest news, invites to events, and threat alerts