• Blog
  • Security Operations

Security Operations

Security Operations

Must-Read Articles
Product Features
Use-Cases
News and Events
Partner Integrations
Playbook of the Week
Introducing XSIAM 3.0
Announcement, News and Events, Product Features, Products and Services

Introducing XSIAM 3.0

XSIAM is expanding from reactive response to proactive defense, transforming exposure management and email security with unified data, AI and automation.
Apr 28, 2025
By 
What’s New for Cortex and Cortex Cloud (Apr ‘25)
Must-Read Articles, News and Events, Playbook of the Week

What’s New for Cortex and Cortex Cloud (Apr ‘25)

Discover cutting-edge advancements in security ops with the latest Cortex releases. New features enhance threat prevention, platform coverage, automation, and attack surface tests for streamlined and robust sec...
May 05, 2025
By 
Playbook Creation Reimagined: The Intuitive Approach to Security Automation
Playbook of the Week

Playbook Creation Reimagined: The Intuitive Approach to Security Automation

Continuing to innovate on our market-leading SOAR to simplify security operations, ensure ease of use in the adoption of automation.
May 01, 2025
By 
No More Guessing: Accurate AI Security with Palo Alto Networks
AI and Cybersecurity, Uncategorized, Use-Cases

No More Guessing: Accurate AI Security with Palo Alto Networks

Learn how our rigorous evaluation techniques ensure that Palo Alto Networks’ precision AI solutions deliver the accuracy and reliability you need.
Apr 30, 2025
By 
Palo Alto Networks Helps Secure Black Hat Asia 2025
Announcement, Event, News and Events

Palo Alto Networks Helps Secure Black Hat Asia 2025

Palo Alto Networks secures Black Hat Asia 2025 with pride. Our NOC and SOC involvement ensures uninterrupted conference experience for attendees.
Mar 19, 2025
By  and
SOC and Awe — How Autonomous Security Is Changing the Game
AI and Cybersecurity, Interview, Must-Read Articles, Points of View

SOC and Awe — How Autonomous Security Is Changing the Game

Learn how AI and cloud-native detection are revolutionizing SOCs into autonomous security ops. Clay Brothers of Unit 42 warns against traditional meth...
Mar 18, 2025
By 
Automated Rapid Response to Suspicious Remote Scheduled Task Creation
Playbook of the Week

Automated Rapid Response to Suspicious Remote Scheduled Task Creation

This playbook automates the identification and remediation of persistent threats that leverage scheduled tasks to execute malicious payloads across endpoints.
Mar 13, 2025
By 
Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps
Playbook of the Week, Product Features, Products and Services, Unit 42

Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps

Palo Alto Networks announces Unit 42 Managed XSIAM, a solution that provides 24/7 expert-led defense across every attack surface.
Mar 11, 2025
By 
Automating Response to Suspicious SaaS Access From a Tor Exit Node
Playbook of the Week

Automating Response to Suspicious SaaS Access From a Tor Exit Node

This playbook shows how a SecOps team can use Cortex XSIAM to automate and speed response to suspicious SaaS access alerts involving a Tor exit node.
Mar 06, 2025
By 
Playbook of the Week, Uncategorized

Automating Response to Credential Dumping Attacks

Automated playbook designed to detect, contain and remediate credential dumping activity.
Feb 27, 2025
By 
Cortex Xpanse Protects Against Malicious Domain Takeover Techniques
Product Features, Uncategorized, Use-Cases

Cortex Xpanse Protects Against Malicious Domain Takeover Techniques

Malicious domain takeovers have become an increasing concern for businesses as attackers exploit vulnerabilities by gaining unauthorized access to a d...
Feb 26, 2025
By 
Automating Response to Unauthorized User Account Creation
Playbook of the Week

Automating Response to Unauthorized User Account Creation

This playbook automates incident response actions to identify, investigate, and remediate unauthorized hidden user account creation.
Feb 20, 2025
By 
The Dark Side of AI in Cybersecurity — AI-Generated Malware
Must-Read Articles, Points of View, Products and Services

The Dark Side of AI in Cybersecurity — AI-Generated Malware

Bar Matalon and Rem Dudas shed light on their groundbreaking research into AI-generated malware and predictions for the future of AI in cybersecurity....
May 15, 2024
By 
Introducing the New Cortex Shellcode AI Protection: A Precision AI-Driven Module
Must-Read Articles, News and Events, Product Features

Introducing the New Cortex Shellcode AI Protection: A Precision AI-Driven M...

Discover Palo Alto Networks' new Cortex Shellcode AI Protection Module. Learn how Precision AI™ detects and prevents elusive shellcode attacks in real...
Jul 03, 2024
By 
AI Powers Sabre's Enhanced Threat Detection & Response
Company & Culture, Customer Spotlight, Must-Read Articles, Product Features, Products and Services, Use-Cases

AI Powers Sabre's Enhanced Threat Detection & Response

Precision AI by Palo Alto Networks helps security teams trust AI outcomes using security-specific models to automate det...
May 28, 2024
By 
Creating a Security Program with Less Complexity and More Visibility
Company & Culture, Products and Services, Unit 42

Creating a Security Program with Less Complexity and More Visibility

Our 2024 Incident Response Report shows how vulnerabilities go unpatched, and critical resources sit exposed.
May 23, 2024
By 
Playbook of the Week: Automating Management of XDR Identity Analytics Alerts
Playbook of the Week, Uncategorized

Playbook of the Week: Automating Management of XDR Identity Analytics Alert...

Playbook that automates management of XDR identity analytics alerts for speedier response to identity threats.
Mar 07, 2024
By 
What’s Next in Cortex - New Wave of Innovations in Cortex (June 2024 Release)
Announcement, Must-Read Articles, News and Events, Product Features

What’s Next in Cortex - New Wave of Innovations in Cortex (June 2024 Releas...

Discover the latest innovations in Cortex products: XSIAM 2.3, XDR 3.11, Xpanse 2.6, and XSOAR 8.7. Enhance SecOps efficiency and threat prevention
Jul 02, 2024
By 
A Deep Dive Into Malicious Direct Syscall Detection
Must-Read Articles, Non classifié(e), Product Features

A Deep Dive Into Malicious Direct Syscall Detection

This blog explains how attackers use direct syscalls to overcome most EDR solutions, by first discussing the conventional Windows syscall flow and how most EDR solutions monitor those calls.
Feb 13, 2024
By  and
AI in Cyber Is Here to Stay — How to Weather This Sea Change
Must-Read Articles, Points of View, Products and Services

AI in Cyber Is Here to Stay — How to Weather This Sea Change

AI is transforming cybersecurity, automating tasks and enabling better custom threat detection. AI impacts jobs and cloud services.
May 22, 2024
By 

Subscribe to Security Operations Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

Get the latest news, invites to events, and threat alerts

Get the latest news, invites to events, and threat alerts