The Agentic AI Platform for the Agentic Workforce of the Future
Introducing Cortex AgentiX, the Agentic AI platform for the autonomous enterprise, delivering an AI agent workforce for security and IT.
Security Operations
Security Operations
Must-Read Articles
Product Features
Use-Cases
News and Events
Partner Integrations
Playbook of the Week
Reframing Vulnerability Management in an Age of Overload
Overwhelmed by vulnerability alerts? Learn how the Cortex Vulnerability Risk Score (CVRS) cuts through the noise, reducing alerts by up to 99% to find true risks.
Tracking Down Malicious Communication with Advanced XDR Detection Tactics
Learn how Palo Alto Networks uses Precision AI and XDR to detect C2 communications and data exfiltration through advanced classification and diverse d...
Securing Shadow AI with Cortex Xpanse
Rapid AI adoption creates "Shadow AI" and hidden risks. See how Cortex Xpanse discovers unmanaged AI infrastructure to secure your complete attack surface.
Transform Your SOC with Cortex XSIAM: Lessons From a Zombie Infestation
Like zombies, cyber threats need vulnerable hosts. Learn how Cortex XSIAM unifies your SOC to detect, respond, and prevent attacks before they spread....
More Blogs
Displaying 1—16 of
539 results
Sort By:
The Data Digestion Revolution: Why Cortex XDL is the Foundation of Modern S...
Discover how Cortex XDL's intelligence-first approach transforms raw security data into actionable threat intelligence at enterprise scale
Forrester TEI: Unlock 257% ROI with Cortex XSIAM
AI-driven SecOps platform delivered 257% ROI, cut breach risk 60%, and consolidated tools for significant savings. Learn more about Palo Alto Networks Cortex XSIAM.
SIEM Replacement Made Easy (Yes, Really!)
Deploy Cortex XSIAM in 3 months or less with AI-powered migration tools. Replace your SIEM faster with automated onboarding and ready-to-use analytics.
Breaking Down Security Silos: How XDL Powers Advanced Threat Operations
Learn how Cortex XDL unifies vulnerability management and email security through shared intelligence to stop coordinated attacks at enterprise scale.
How Cortex Defends Against Microsoft SharePoint "ToolShell" Exploits
Cortex defends against the new "ToolShell" attack chain, which exploits vulnerabilities to achieve full remote code execution without requiring creden...
Real-World Email Attacks Detected by Cortex Advanced Email Security
Discover how unified email security stops brand impersonation, credential harvesting, and localized phishing attacks using AI and cross-domain analysi...
The Case Files of Detective Aems: A Study in Digital Deduction
Discover how AI-powered email security defeats sophisticated phishing, BEC attacks, and brand impersonation through contextual analysis and unified th...
From Silos to Synergy: How Cortex XDL Transforms XDR to Elevate Threat Dete...
Learn how Cortex XDL transforms Cortex XDR by breaking down data silos and fusing telemetry from endpoint, networks, cloud, and identity to deliver AI...
Discover the Power of Next-Gen Automation in XSIAM 3.x
Discover how XSIAM 3.x on Cortex platform simplifies security automation with intuitive playbook building, 1,000+ integrations, and streamlined workflows.
Stopping Cross-Domain Attacks with Cortex XDL + Cortex XSIAM
Siloed security tools miss 75% of threats. See how Cortex XDL's unified data foundation enables AI-powered detection against identity-driven attacks.
AI and Cybersecurity, AI Security, Cybersecurity, Data Security, Incident Response, Reports, Unit 42
The Case for Multidomain Visibility
Get key insights from the 2025 Unit 42 Global Incident Response Report. Defend against complex, multidomain cyberattacks with unified visibility, AI-powered detection and identity ...
Defending against Phantom Taurus with Cortex
New APT threat actor, Phantom Taurus, is targeting global organizations. Learn more about how Cortex defends, prevents and responds to malware suite, NET-STAR.
The Ransomware Speed Crisis
There is a ransomware speed crisis. Attacks have accelerated 100x faster since 2021. Discover why traditional security fails and build AI-powered defenses.
Cortex XDR is the Only Endpoint Security Market Leader to Achieve 99% in Bo...
Palo Alto Networks Cortex XDR achieves 99% in both threat prevention & response in AV-Comparatives 2025 EPR test - the only endpoint security market l...
Raising the Bar for Incident Response
Unit 42 is now NCSC Enhanced Level CIR assured, proving our commitment to exceed the highest global standards for incident response and trust.
SCCM: Enterprise Backbone or Attack Vector? Part 2
Learn how attackers exploit Microsoft SCCM infrastructure through LDAP, WMI enumeration & detection strategies to secure enterprise environments.
More Blogs
Displaying 1—16 of
500 results
Sort By:
Announcement, Application Security, Cloud Security, CNAPP, News and Events, Product Features, Products and Services
Introducing Cortex Cloud — The Future of Real-Time Cloud Security
Cortex Cloud brings the world’s leading CNAPP onto the #1 SecOps platform, delivering real-time protection — for the fir...
A Leader in the 2024 Gartner Magic Quadrant for EPP
Palo Alto Networks was named a leader in endpoint protection platforms by Gartner for Cortex XDR.
Introducing XSIAM 3.0
XSIAM is expanding from reactive response to proactive defense, transforming exposure management and email security with unified data, AI and automation.
Forrester Names Palo Alto Networks a Leader in XDR
Palo Alto Networks was named a leader in extended detection and response platforms by Forrester for Cortex XDR.
Cortex Email Security Module: Defending Against Evolving Email Threats
Discover how Cortex Email Security Module detects sophisticated phishing attacks through AI-powered analysis, cross-domain correlation, and automated ...
MITRE ATT&CK Evaluations — Cortex XDR Among Elite in Endpoint Security
Palo Alto Networks achieves top MITRE ATT&CK 2024 results with 100% detection rates against evolving AI-powered cyber threats.
A Deep Dive Into Malicious Direct Syscall Detection
This blog explains how attackers use direct syscalls to overcome most EDR solutions, by first discussing the conventional Windows syscall flow and how most EDR solutions monitor those calls.
Automating Response to Suspicious Process Executions
This playbook automates the investigation and response to suspicious process executions triggered by a scheduled task.
Forrester Names Palo Alto Networks a Leader in Attack Surface Management
Palo Alto Networks was named a leader in attack surface management by Forrester for Cortex Xpanse.
NL2XQL: Turning Natural Language into Powerful Cybersecurity Querying
NL2XQL transforms natural language into powerful XQL queries, making cybersecurity investigations accessible to all security teams without requiring d...
Automating Response to Unauthorized Scheduled Task Executions
Discover how Cortex XSIAM automates detection and response to malicious scheduled tasks that reference external HTTP/FTP sources for improved security...
Automating Response to Unauthorized Tor Logins
The A Successful Login from Tor playbook in Cortex XSIAM enhances security teams’ ability to detect and respond to unauthorized access attempts using Tor. By automating identity verification, automated remediat...
Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps
Palo Alto Networks announces Unit 42 Managed XSIAM, a solution that provides 24/7 expert-led defense across every attack surface.
Detecting Threats with Microsoft Graph Activity Logs
Discover how Microsoft Graph API is used as an attack vector by threat actors through a real-world attack scenario. Find out why monitoring Microsoft Graph activity logs is important and how Cortex delivers tai...
Creating an Automated Workflow for Account Lockout Resolution
This playbook automates and speeds up response to excessive user account lockouts, which could indicate a credential-based attack.
Flexible Security Data Management with Cortex XSIAM & Cribl
Cortex XSIAM now integrates with Cribl to help security teams route high-quality data, fuel AI-driven operations, and detect threats fast with full vi...
Subscribe to Security Operations Blogs!
Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.