On October 3, 2018, we announced the intent to acquire RedLock®, a public cloud security analytics company, which will extend our public cloud security leadership.

Discover and classify cloud resources and applications

Detect threats and vulnerabilities in your public cloud automatically

Prioritize risks; investigate and remediate threats

Multi-cloud security analytics

The acquisition of RedLock will add critical security analytics capabilities across multi-cloud environments to our extensive cloud security offering. The security analytics capability utilizes an innovative AI-driven approach that correlates disparate security data sets. RedLock provides comprehensive visibility, threat detection and rapid response across an organization’s entire public cloud environment.

Prioritizes risks, investigates incidents, remediates threats




RedLock correlates disparate data sets, including resource configurations, user activities, network traffic, host vulnerabilities/activities and threat intelligence to provide the necessary context on risks. This contextual understanding of the public cloud reduces incident response time from weeks to seconds.

Risk prioritization

Helps you prioritize remediation for the riskiest resources first, with risk scores determined for every cloud resource, based on the severity of business risks, violations and anomalies.

Threat investigation

Allows for quick investigations of current or past issues and analysis of downstream impact. For example, you can search for all databases that were receiving traffic from suspicious IP addresses last month and subsequently drill down on each resource to determine connections to other resources.

Rapid response

Enables you to quickly respond to an issue, based on contextual alerts. You can perform auto-remediation, orchestrate policy, or send alerts via email or to third-party tools, such as Slack®, Demisto® and Splunk®.

Audit trail

provides you with a DVR-like capability to view time-serialized activity for any given resource. You can review the history of changes for a resource and better understand the root cause of an incident – past or present.

Unique combination: continuous monitoring + compliance assurance + security analytics


Palo Alto Networks® already provides the broadest security offering for multi-cloud environments with inline, host-based and API-based security, bolstered by the acquisition of Evident.io® in March 2018.


Customers will get cloud security analytics and advanced threat detection from RedLock with continuous security and compliance monitoring from Evident in a single offering in the future. The new offering will help security teams respond faster to the most critical threats by replacing manual investigations with automated reports, threat prioritization and remediation.