Creating an Automated Workflow for Account Lockout Resolution
This playbook automates and speeds up response to excessive user account lockouts, which could indicate a credential-based attack.
Security Operations
Security Operations
Must-Read Articles
Product Features
Use-Cases
News and Events
Partner Integrations
Playbook of the Week
Automating Response to Unauthorized Scheduled Task Executions
Discover how Cortex XSIAM automates detection and response to malicious scheduled tasks that reference external HTTP/FTP sources for improved security...
Automating Response to Unauthorized Tor Logins
The A Successful Login from Tor playbook in Cortex XSIAM enhances security teams’ ability to detect and respond to unauthorized access attempts using Tor. By automating identity verification, automated remediat...
Automating Response to Suspicious Process Executions
This playbook automates the investigation and response to suspicious process executions triggered by a scheduled task.
Automated Rapid Response to Suspicious Remote Scheduled Task Creation
This playbook automates the identification and remediation of persistent threats that leverage scheduled tasks to execute malicious payloads across endpoints.
More Blogs
Displaying 1—16 of
485 results
Sort By:
Palo Alto Networks Helps Secure Black Hat Asia 2025
Palo Alto Networks secures Black Hat Asia 2025 with pride. Our NOC and SOC involvement ensures uninterrupted conference experience for attendees.
SOC and Awe — How Autonomous Security Is Changing the Game
Learn how AI and cloud-native detection are revolutionizing SOCs into autonomous security ops. Clay Brothers of Unit 42 warns against traditional meth...
Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps
Palo Alto Networks announces Unit 42 Managed XSIAM, a solution that provides 24/7 expert-led defense across every attack surface.
Automating Response to Suspicious SaaS Access From a Tor Exit Node
This playbook shows how a SecOps team can use Cortex XSIAM to automate and speed response to suspicious SaaS access alerts involving a Tor exit node.
Automating Response to Credential Dumping Attacks
Automated playbook designed to detect, contain and remediate credential dumping activity.
Cortex Xpanse Protects Against Malicious Domain Takeover Techniques
Malicious domain takeovers have become an increasing concern for businesses as attackers exploit vulnerabilities by gaining unauthorized access to a d...
Automating Response to Unauthorized User Account Creation
This playbook automates incident response actions to identify, investigate, and remediate unauthorized hidden user account creation.
MITRE ATT&CK Evaluations — Cortex XDR Among Elite in Endpoint Security
Palo Alto Networks achieves top MITRE ATT&CK 2024 results with 100% detection rates against evolving AI-powered cyber threats.
Democratize Threat Hunting with Cortex Copilot
Discover how Cortex Copilot democratizes threat hunting by enabling analysts to investigate security incidents with AI-powered guidance. Learn how a new threat hunter uncovered a privileged account breach.
SSO Password Spray Playbook
Learn how to detect and prevent SSO password spray attacks with our comprehensive security playbook. Automate response and strengthen authentication security.
Announcement, Application Security, Cloud Security, CNAPP, News and Events, Product Features, Products and Services
Introducing Cortex Cloud — The Future of Real-Time Cloud Security
Cortex Cloud brings the world’s leading CNAPP onto the #1 SecOps platform, delivering real-time protection — for the fir...
Demystifying Impossible Traveler Detection
Discover how Impossible Traveler Detection in Cortex XDR identifies suspicious logins from distant locations in a short time, and how to address challenges like VPN impacts and reduce false positives in complex...
Deloitte’s Cloud Migration Success: Transforming SecOps with Cortex XSOAR
For years, Deloitte's Cybersecurity Center had leveraged Cortex XSOAR on-premises to drive automation across its portfolio. Building on this success,...
Automating Response to Unauthorized User Privilege Escalations Using PowerS...
Automating response to unauthorized privilege escalation activity such as a user being added to local administrator group using a PowerShell command
New Cortex Detectors for macOS Address Stealers and Malicious AppleScript
Cortex releases new detection analytics targeting macOS stealers and malicious applescript
What’s New in Cortex: The Latest Innovations for the World’s #1 SecOps Plat...
Cortex SOC platform introduces new enhancements and features across the entire portfolio including a brand new integration with Prisma Access Browser,...
More Blogs
Displaying 1—16 of
439 results
Sort By:
New Cloud Location Innovates and Strengthens Presence in Indonesia
Find out how Palo Alto Networks’ secure cloud infrastructure is aiding the growth of businesses in Indonesia, enabling them to leverage advanced cloud...
AI, Cybersecurity and the Rise of Large Language Models
Discover how AI impacts threat detection, incident response and risk management, and learn about strategies for secure AI integration.
Forrester Names Palo Alto Networks a Leader in XDR
Palo Alto Networks was named a leader in extended detection and response platforms by Forrester for Cortex XDR.
Palo Alto Networks Excels in MITRE Managed Services Evaluation
Unit 42 MDR identified the most important details of the cyberthreat in the MITRE managed services evaluation - learn more.
Palo Alto Networks Recognized as a Leader in the 2023 Gartner Magic Quadran...
Palo Alto Networks was named a leader in endpoint protection platforms by Gartner for Cortex XDR.
AI Provides an Rx for Cybersecurity in Healthcare
Tapan Mehta discusses the challenges, opportunities and future of AI in protecting healthcare infrastructure and data.
Advancing Innovation and Harnessing AI to Secure the Homeland
Before the House Committee on Homeland Security, Unit 42 shares the Palo Alto Networks perspective on the intersection of AI and cybersecurity.
ONLY Cortex Delivers 100% Protection and Detection in MITRE Engenuity
MITRE Engenuity ATT&CK Evaluations have been released. This year, Cortex is the only vendor with 100% prevention and analytic detection.
The Dark Side of AI in Cybersecurity — AI-Generated Malware
Bar Matalon and Rem Dudas shed light on their groundbreaking research into AI-generated malware and predictions for the future of AI in cybersecurity....
Introducing the New Cortex Shellcode AI Protection: A Precision AI-Driven M...
Discover Palo Alto Networks' new Cortex Shellcode AI Protection Module. Learn how Precision AI™ detects and prevents elusive shellcode attacks in real...
Company & Culture, Customer Spotlight, Must-Read Articles, Product Features, Products and Services, Use-Cases
AI Powers Sabre's Enhanced Threat Detection & Response
Precision AI by Palo Alto Networks helps security teams trust AI outcomes using security-specific models to automate det...
Creating a Security Program with Less Complexity and More Visibility
Our 2024 Incident Response Report shows how vulnerabilities go unpatched, and critical resources sit exposed.
Playbook of the Week: Automating Management of XDR Identity Analytics Alert...
Playbook that automates management of XDR identity analytics alerts for speedier response to identity threats.
What’s Next in Cortex - New Wave of Innovations in Cortex (June 2024 Releas...
Discover the latest innovations in Cortex products: XSIAM 2.3, XDR 3.11, Xpanse 2.6, and XSOAR 8.7. Enhance SecOps efficiency and threat prevention
A Deep Dive Into Malicious Direct Syscall Detection
This blog explains how attackers use direct syscalls to overcome most EDR solutions, by first discussing the conventional Windows syscall flow and how most EDR solutions monitor those calls.
AI in Cyber Is Here to Stay — How to Weather This Sea Change
AI is transforming cybersecurity, automating tasks and enabling better custom threat detection. AI impacts jobs and cloud services.
Subscribe to Security Operations Blogs!
Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.