Case Study

Complete, connected cybersecurity secures Brazil’s shipping trade

One of Brazil’s largest marine terminal and dry port operators relies on a complete, connected Palo Alto Networks cybersecurity platform to ensure the uninterrupted flow of trade across the region. The modern platform is also reducing costs, risk, and mean time to respond (MTTR).

Multiterminais is among the largest marine terminal and dry port operators in Brazil and is a leader in integrated logistics. Millions of tons of freight – some vessels carry up to 24,000 containers – need to be loaded and unloaded around the clock. An operation of this size needs to be protected by a robust, flexible, and cost-effective cybersecurity platform.

By using the Palo Alto Networks platform to secure data, people, and processes, Multiterminais is ensuring the continuous flow of container operations and trade across Brazil and around the world. The security operations center (SOC) now faces 80% fewer alerts, freeing the team to focus on strategic security issues and mean time to detect (MTTD) has been reduced by 93% and MTTR by 90%.

In brief







Size of Operations

Millions of tons of freight managed annually




Multiterminais’ port and logistics services need to operate threat free 24/7/365 to ensure the smooth flow of goods and services into/out of South America.


  • Palo Alto Networks® Next-Generation Firewalls
  • Cortex XDR®
  • Cloud-Delivered Security Services.


  • Ensures uninterrupted shipping operations.
  • Eliminates risk of outages (costing six figures per day).
  • Reduces volume of alerts by 80%.
  • Cuts mean time to detect from 8 hours to 30 minutes and mean time to respond by 90%.

Download PDF Share


If the systems stop, so do the ships

Multiterminais is one of the largest operators of maritime port terminals, dry ports, and integrated logistics services in Brazil. Its services include import and export of goods, warehousing, supply chain management and delivery. The container terminal (MultiRio) has TiL as one of its shareholders, which operates a diversified, global portfolio of container terminals.

Operating 24/7 Multiterminais relies on minute-by-minute logistics scheduling. Massive 1,300-foot-long container ships, each packed with as many as 24,000 intermodal containers, need to be loaded or unloaded almost immediately to ensure the continued global movement of trade. Any delay to the port schedule could jeopardize the country’s imports and exports – and potentially result in product shortages on supermarket shelves.

“Network security is of paramount importance for Multiterminais,” explains Antonio Rodrigues, Chief Information Officer (CIO). “Our systems must be continually available and operating at peak performance. A cyberattack at any one of our ports or other sites could potentially cost hundreds of thousands of dollars in lost revenue and damage to our reputation.” Proven endpoint security is equally essential. However, Multiterminais’ existing siloed endpoint security system drained performance and demanded regular intervention. A malware incident originating in one of the endpoints also resulted in a multiday system outage.


We learned from this event. Our goal was to deploy a single, connected cybersecurity platform – a best-in-class solution to safeguard the organization, whatever threat or change was over the horizon.

- Antonio Rodrigues
Chief Information Officer


A safe harbor for data

safe harbor for data

Multiterminais has been a satisfied Palo Alto Networks network security customer for almost a decade, using ML-Powered Next-Generation Firewalls (NGFWs) to defend global logistics in near real time from known and unknown threats.

“Our seven sites worldwide are all connected by unified network security. Deep, real-time learning allows Multiterminais to be intelligent and proactive about cybersecurity, ensuring the business is equipped to see every threat and secure the entire infrastructure,” says Antonio.

The ML-Powered NGFWs are supported by Cloud-Delivered Security Services (CDSS) delivering AI-powered threat prevention. Advanced WildFire, for example, delivers detection and prevention at speed and scale across the most evasive threats, preventing never-before-seen threats inline. Threat Prevention uses inline deep learning models to prevent exploit-attempted attacks on the Multiterminais Azure infrastructure in real time. The Palo Alto Networks MLPowered NGFWs also serve as enhanced sensors that provide more advanced telemetry for deeper visibility of Cortex XDR. This allows for stitching better data together, providing the security analyst with more data in one place than was previously possible.

Cortex XDR replaces a series of fragmented endpoint tools, bringing a unified approach to endpoint security across more than 500 endpoints. The AI-driven platform gathers and integrates security data from any source, prevents advanced threats, and automates investigations. “Our parent company, TiL, has a Red Team, which conducts regular penetration testing. We’re proud of the fact that Cortex XDR is impenetrable. It’s continually up to date on the latest threats,” says Antonio.

Multiterminais’ technology consulting partner, Brainwalk played a vital role in this cybersecurity strategy, bringing innovation and expert advice across 10 years of engagement. “Brainwalk recommended we use Cortex XDR. Their team is always thinking ahead – recommending new ideas to keep us in front of threats,” Antonio explains. “When the pandemic hit, for example, within hours, Brainwalk deployed GlobalProtect with multifactor authentication to enable remote working.”


Uninterrupted shipping operations

This innovative cybersecurity platform is transforming Multiterminais’ service reliability and agility, with the following benefits:

  • Uninterrupted shipping operations: By securing its data, people, and processes, Multiterminais ensures the continuous flow of container operations and trade across Brazil and around the world.
  • Reduced costs: 100% availability ensures 100% shipping operations, avoiding the cost of an outage (Rodrigues estimates that system downtime could cost the company “six figures per day”).
  • The ability to work from anywhere: aFlexible secure remote access for all users everywhere drives productivity. During the pandemic, for example, Brainwalk deployed a secure GlobalProtect mobile working solution to thousands of people in just a few hours using best-in-class protection from Palo Alto Networks ML-Powered NGFWs.
  • Reduced volume of alerts: Using Cortex XDR, Multiterminais has reduced the volume of alerts by 80%. This frees the SOC team to shift from repetitive manual security operations to strategic added value tasks.
  • Increased security agility: Using the unified Palo Alto Networks platform, Multiterminais reduced their MTTD from an average of 8 hours to 30 minutes (a 93% reduction). The MTTR dropped by 90%.
  • Improved SOC productivity: Antonio explains, “The reduction in the SOC workload in identifying and circumventing threats enables the team to work more on prevention. When an event is detected, more attention is given to resolving the event.”


Our vast infrastructure is closely monitored 24/7 by the Palo Alto Networks platform. Proactive, automated cybersecurity helps ensure every ship, every aircraft, and every truck using Multiterminais’ services operates on schedule.

- Antonio Rodrigues
Chief Information Officer