[![Logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown "Palo Alto")[![Logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/brand-strata.svg)](https://www.paloaltonetworks.com/network-security?ts=markdown "Palo Alto Nework security") [Download Ebook](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/Strata_Precision_CDSS_Advaced_Client_Facing_DP2.pdf?ts=markdown "Download this report") * \[\]( "Copy Link")Link copied to clipboard * [](https://twitter.com/intent/tweet?url=https://stage.paloaltonetworks.com/resources/ebooks/strata+revolutionize+your+security+posture+with+cloud+delivered+securiy+services+powered+by+precision+AI&text=:+Prevent+Threats+at+Each+Stage+of+the+Attack+Lifecycle&via=PaloAltoNtwks&hashtags=security "Twitter") * * [Download Ebook](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/Strata_Precision_CDSS_Advaced_Client_Facing_DP2.pdf?ts=markdown "Download") * * [**Next** : Summary Overview](#page_1 "Next: Summary Overview") Revolutionize Your Security Posture with Cloud-Delivered Security Services Powered by Precision AI Prevent Threats at Each Stage of the Attack Lifecycle [Download Ebook](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/Strata_Precision_CDSS_Advaced_Client_Facing_DP2.pdf?ts=markdown "Download this report") [](#page_1) * [**Back** : Home](#hero "Back: Home") * [**Next** : 1. Precision AI from Palo Alto Networks](#page_2 "Next: 1. 1. Precision AI from Palo Alto Networks") ## Summary Overview The cyberthreat landscape is evolving at an unprecedented pace, driven by AI advancements and increasingly sophisticated attack tactics. As adversaries adopt automated tools and advanced evasion techniques, traditional security models are struggling to keep up. For today's IT organizations, this shift underscores the urgent need to adopt advanced, cloud-delivered security services (CDSS) capable of combating these fast-moving and dynamic threats. Attackers now leverage AI-powered tools that dramatically increase the speed, scale, and complexity of cyberattacks. These tools enable highly targeted phishing campaigns, polymorphic malware, and automated vulnerability exploitation, rendering static, signature-based defenses ineffective. Conventional approaches that rely on predefined patterns are no match for zero-day threats and adaptive attack methods. [Palo Alto Networks rises to meet these challenges with Precision AI](https://www.paloaltonetworks.com/)---our proprietary AI system that harnesses rich telemetry and security-specific models to automate detection, prevention, and remediation with industry-leading accuracy. It enables real-time, context-aware threat identification and response, empowering organizations to stay ahead of sophisticated adversaries. Our advanced Cloud-Delivered Security Services (CDSS)---Advanced Threat Prevention, Advanced WildFire® (AWF), Advanced DNS Security (ADNS), and Advanced URL Filtering (AURL)---are all powered by Precision AI®. This unified AI system combines the best of machine learning, deep learning, and generative AI to deliver high-fidelity, trusted outcomes for security teams. Together, these services provide proactive protection across the entire attack lifecycle, stopping known and unknown threats in real time, reducing false positives, and accelerating decision-making with confidence. Palo Alto Networks equips IT leaders with unmatched visibility, agility, and control---enabling them to simplify and automate operations while staying one step ahead of evolving threats. With intelligent, adaptive technology that continuously learns and adapts, organizations can mitigate risk at machine speed, secure complex environments, and maintain business continuity, even in the face of relentless cyberthreats. In a world where cyber resilience is mission-critical, Palo Alto Networks delivers the innovation that keeps you ahead of the curve. Powered by Precision AI, our technology [enables organizations to outpace emerging threats](https://www.paloaltonetworks.com/engage/ela-and-bundle), reduce risk, and maintain business continuity in today's dynamic and unpredictable digital environment. * [**Back** : Summary Overview](#page_1 "Back: Summary Overview") * [**Next** : 3. Revolutionize Network Security with Advanced Security Services Powered by Precision AI](#page_3 "Revolutionize Network Security with Advanced Security Services Powered by Precision AI") ## Precision AI from Palo Alto Networks ### Redefining the future of cybersecurity ![Logo](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/machine_learning.svg) ### Machine Learning Leverages domain expertise through feature engineering, enabling models to generate tailored insights and offer greater control over detection and decision-making. ![Logo](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/deep_learning.svg) ### Deep Learning Automatically identifies complex patterns directly from raw data, delivering advanced capabilities--- when powered by modern computational resources. ![Logo](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/generative_AI.svg) ### Generative AI Creates realistic, human-like content (e.g., text, image, and audio) and aids in data classification for training sets. When Unit 42 is called, our Incident Response team works swiftly to contain threats, investigate incidents, and restore operations. After the crisis, we partner with clients to strengthen their security posture against future attacks. **The Unit 42 mission is clear: protecting the digital world from cyberthreats. Operating 24/7 across the globe,** our team is united by the purpose of stopping threat actors, hunting evolving threats and helping organizations prepare for and recover from even the most sophisticated attacks. This report is organized to guide you through our key findings and actionable insights: * **Emerging Threats and Trends:** A look at what's coming, including the rise of disruption-driven extortion, AI-assisted attacks, cloud and software supply chain-based attacks, nation-state insider threats, and speed. * **Threat Actors Succeed:** Analysis of the most common effective tactics, techniques and procedures, from initial access to impact. * **Recommendations for Defenders:** Practical guidance for executives, CISOs and security teams to fortify their defenses, build resilience and stay ahead of the threat. As you read, consider not just what's happening, but what's next and how your organization can prepare to meet the challenges of an increasingly complex threat environment. ![Logo](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/precision_AI.svg) ## Precision AI Our proprietary AI system leverages the capabilities of machine learning, deep learning, and GenAI with high-fidelity data to train security models to accurately detect and prevent rapidly evolving threats, all in real time. * [**Back** : 2. Precision AI from Palo Alto Networks](#page_2 "Back 2. Precision AI from Palo Alto Networks ") * [**Next** : 4. How Precision AI Fits Within Our Advanced Subscription](#page_4 "Next:") ## Revolutionize Network Security with Advanced Security Services Powered by Precision AI ![Precision section image](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/precision_main.jpg) ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/Detect-white.png) ### Detect and Prevent in Real Time Analyze real network traffic inline and instantly stop known, unknown, and highly evasive threats to prevent patient zero. ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/Fidelity-white.png) ### Improved Accuracy Using High-Fidelity Data Models continuously train on rich threat data from 70K+ active customers and AI-driven threats to identify advanced and never-before-seen threats. ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/Globe-white.png) ### Consistently Delivered Everywhere Comprehensive and real-time protection from all types of threats, delivered consistently via a robust global infrastructure. * [**Back** : 3. Revolutionize Network Security with Advanced Security Services Powered by Precision AI](#page_3 "Back: 1.") * [**Next** : 5. Best-in-Class Security Services to Combat AI-Enabled Threats at Each Stage of the Attack Lifecycle](#page_5 "Next: 5. Best-in-Class Security Services to Combat AI-Enabled Threats at Each Stage of the Attack Lifecycle") ## How Precision AI Fits Within Our Advanced Subscription ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/subscription.jpg) * [**Back** : 4. How Precision AI Fits Within Our Advanced Subscription](#page_4 "Back: 1. Introduction") * [**Next** :6. Why Palo Alto Networks Advanced Security Services for Smarter, Stronger Protection?](#page_6 "Next: 6. ") ## Best-in-Class Security Services to Combat AI-Enabled Threats at Each Stage of the Attack Lifecycle ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/combat.jpg) * [**Back** : 5. Best-in-Class Security Services to Combat AI-Enabled Threats at Each Stage of the Attack Lifecycle](#page_5 "Back: 5. Best-in-Class Security Services to Combat AI-Enabled Threats at Each Stage of the Attack Lifecycle") * [**Next** : 7. Next-Gen Security: Adaptive, Intelligent, and Resilient](#page_7 "Next: 7. Next-Gen Security: Adaptive, Intelligent, and Resilient") ## Why Palo Alto Networks Advanced Security Services for Smarter, Stronger Protection? Advanced Threat Prevention ![ADV TP](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/adv-tp-icon.svg) 673M New sessions analyzed every day Prevent evasive C2 and zero-day injection attacks Advanced WildFire ![ADV TP](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/adv-wf-icon.svg) 491M Threats prevented inline every day Prevent known and unknown malware in real time Advanced URL Filtering ![ADV TP](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/adv-url-icon.svg) 3\.8B New URLs analyzed every day Prevent known and unknown phishing attacks in real time Advanced DNS Security ![ADV TP](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/adv-dns-icon.svg) 1\.1B New domains analyzed every day Prevent sophisticated DNS-layer threats, including DNS hijacking, all in real time * [**Back** : 6. Why Palo Alto Networks Advanced Security Services for Smarter, Stronger Protection?](#page_6 "Back: 6. Why Palo Alto Networks Advanced Security Services for Smarter, Stronger Protection?") * [**Next** : 8. Advanced Threat Prevention](#page_8 "Next 8. Advanced Threat Prevention") ## Next-Gen Security: Adaptive, Intelligent, and Resilient Palo Alto Networks advanced security services provide superior protection, adaptability, and intelligence-driven security across the modern threat landscape, unlike traditional security solutions that often rely on static threat intelligence and reactive security measures, leaving organizations vulnerable to rapidly evolving attack techniques, AI-driven threats, and sophisticated adversaries targeting SaaS, cloud environments, and endpoints. We recognize that yesterday's security strategies may be insufficient for today's challenges. That's why we've implemented advanced [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) that leverage AI-powered threat prevention, deep behavioral analysis, and adaptive security models. Our modern approach integrates seamlessly across SASE, NGFW, and Prisma® Access, delivering real-time visibility, automated threat detection, and proactive protection. These next-generation CDSS capabilities empower IT leaders to stay ahead of emerging threats, safeguard critical assets, and maintain a resilient security posture in an ever-evolving digital landscape. * [**Back** : 7. Next-Gen Security: Adaptive, Intelligent, and Resilient](#page_7 "Back: 7. Next-Gen Security: Adaptive, Intelligent, and Resilient") * [**Next** : 9. Advanced Threat Prevention Key Features](#page_9 "Next: 9. Advanced Threat Prevention Key Features") ## Advanced Threat Prevention Prevent Known and Unknown C2 Attacks and Zero-Day Injection Attacks in Real Time Prevent zero-day exploits that use exploitation techniques such as command injection and SQL injection Prevent evasive C2 traffic over web and nonweb protocols, including those derived from popular red team tools (e.g., Cobalt Strike and Empire) Global network of 70K+ customers providing crowdsourced threat intelligence Detection models powered by Precision AI, trained on rich and comprehensive threat data Robust database of signatures for prevention of known exploits, web-based threats, C2, and malware 673M New sessions analyzed every day 512K New malicious sessions prevented every day 28\.2B Threats prevented inline every day * [**Back** : 8. Advanced Threat Prevention](#page_8 "Back: 8. Advanced Threat Prevention") * [**Next** : 10. Advanced WildFire](#page_10 "Next: 10. Advanced WildFire") ## Advanced Threat Prevention Key Features ## Detectors Signature-Based Detection + Snort/Suricata Signature Compatibility Zero-Day Exploit Detection Unknown C2 Detection (Cobalt Strike and Empire) ## Analysis Inline Cloud-Based Threat Analysis Using Trained AI-Powered Models Local Deep Learning Analysis ## Prevention IPS Signatures for Known Threats + Snort/Suricata Signature Compatibility Automated False Positive Checking Regular Content Updates (3Xper week + emergency updates) Real-Time Prevention of Unknown Exploits (including SQL and command injection) Prevention of Unknown Command and Control: • Red Team Tool: Cobalt Strike • Red Team Tool: Empire • Red Team Tool: Sliver • SSL (encrypted traffic analysis without decryption) • HTTP • Unknown UDP • Unknown TCP Exfiltration Shield to Prevent DNS Relay Attacks ## Visualization \& Reporting MITRE ATT\&CK Technique ID Mapping * [**Back** : 9. Advanced Threat Prevention Key Features](#page_9 "Back: 1. Introduction") * [**Next** : 11. Advanced WildFire Key Features](#page_11 "Next 11. Advanced WildFire Key Features") ## Advanced WildFire Prevent Known and Unknown File-Based Malware in Real Time Defeat 26% more malware than traditional sandboxes, using intelligent runtime memory analysis (IRMA) Turn detection to prevention 180X faster than competitors, resulting in 99.5% reduction in systems infected 28X larger than the go-to threat intelligence source with over 99% detection of known and unknown malware Global network of 70K+ active customers providing crowdsourced threat intelligence 10 regional clouds and 17 international certifications to meet data and network latency requirements 450K New malicious files prevented every day 99% Detection of known and unknown malware 77M New files analyzed every day * [**Back** : 10. Advanced WildFire](#page_10 "Back:10. Advanced WildFire") * [**Next** : 12. Advanced URL Filtering](#page_12 "Next: 12. Advanced URL Filtering") ## Advanced WildFire Key Features ## Analysis Static and Dynamic Analysis Inline Cloud-Based Analysis Using Trained AI-Powered Models Advanced Dynamic Analysis ## Detectors 25+ Patented Detection Techniques Customer Hypervisor Stealthy Observation Intelligent Runtime Memory Analysis Memory-Resident Malware Detection Automated Unpacking Dependency Emulation Malware Family Fingerprinting Locale-Specific Malware Detection ## Prevention Inline Protection 90M+ File Signatures 5-Minute Signature Updates Inline Machine Learning on NGFW Real-Time Prevention of Zero-Day Malware ## Visualization \& Reporting XML-Formatted Reports MAEC-Formatted Reports MITRE ATT\&CK Technique ID Mapping * [**Back** : 11. Advanced WildFire Key Features](#page_11 "Back: 1. Introduction") * [**Next** : 13. Advanced URL Filtering Key Features](#page_13 "Next: 3. How Threat Actors Succeed: Common Effective TTPs") ## Advanced URL Filtering Ensure Safe Access to the Web and Stop Known and Unknown Phishing Attacks in Real Time Analyze real user web traffic inline instead of static web crawler data to detect evasive and targeted attacks 40% more threats prevented than traditional filtering databases Detection models powered by Precision AI continuously trained on billions of transactions for more accurate detection Stop up to 88% of malicious sites at least 48 hours before competitors Global network of 70K+ customers and third-party databases providing crowdsourced threat intelligence 7M+ Unique URL scans per day with content analysis 88% Malicious URLs prevented 48 hrs before competitors 351M New and unique URLs analyzed per day * [**Back** : 12. Advanced URL Filtering](#page_12 "Back: 1. Introduction") * [**Next** : 14. Advanced DNS Security](#page_14 "") ## Advanced URL Filtering Key Features ## Analysis Crawler-Based Offline Web-Traffic Analysis Offline Analysis of URL Strings Offline Analysis of Web Content Real-Time Analysis of URL Strings Real-Time Analysis of Web Content Cloud-Based Inline Deep Learning Analysis Cloud-Native Service Designed to Expand Capabilities Over Time ## Advanced Detection \& Prevention Capabilities Meddler-in-the-Middle Phishing SaaS-Hosted Phishing LLM-Generated Phishing Legitimate Compromised URL Discovery Single-Use Link URL Discovery Cloaked URL Discovery ## Prevention Leverages PAN-DB (signature database) Real-Time Protection from Known Web-Based Attacks Real-Time Protection from Unknown Web-Based Attacks Real-Time Protection from Evasive Web-Based Attacks * [**Back** : 13. Advanced URL Filtering Key Features](#page_13 "Back: 1. Introduction") * [**Next** : 15. Advanced DNS Security Key Features](#page_15 "") ## Advanced DNS Security Prevent Sophisticated DNS-Layer Threats, Including DNS Hijacking, All in Real Time Detection models powered by Precision AI continuously train for faster and more accurate detection, identifying threats 6X faster than public databases Industry-first detections provide over 2X more DNS-layer threat coverage than competitors Real-time analysis of DNS response to prevent DNS hijacking of legitimate domains, using logging for insights and fine-grained DNS policy controls Automated DNS configuration management to proactively block access to misconfigured domains Global network of 70K+ customers and third-party databases providing crowdsourced threat intelligence 2X More threat coverage than next competitor 7\.7M New malicious domains prevented every day 2\.06B Threats prevented inline every day * [**Back** : 14. Advanced DNS Security](#page_14 "") * [**Next** : 16. Best-in-Class Security Requires Rich,Comprehensive Data](#page_16 "Next: 3. How Threat Actors Succeed: Common Effective TTPs") ## Advanced DNS Security Key Features ## Analysis Inline Cloud-Based Analysis Using Trained AI-Powered Models Real-Time Inspection of All Types of DNS Traffic (DoT, DoH, plain-text) Real-Time Inspection of DNS Request Data Real-Time Inspection of DNS Response Data Auto-Discovery and Monitoring of Customer's Public-Facing Domains Tailored DNS Traffic Profiling for Improved Logging and Policy Controls ## Advanced Detection \& Prevention Capabilities Strategically Aged Domains Random and Dictionary DGA Newly Registered Domains DNS Misconfigurations Nonresolvable Domains DNS Spoofing Compromised DNS Registrar DNS Cache Poisoning DNS Injection ## Prevention Leverages Signatures in PAN-DB for Protection Against Known Threats Security-Enforced Transparency Irrespective of DNS Resolvers Real-Time Protection of Know and Unknown DNS-Layer Threats Real-Time Protection of Network-Based DNS Hijacking Attacks Proactively Block Access to Misconfigured Domains * [**Back** : 15. Advanced DNS Security Key Features](#page_15 "Back 15. Advanced DNS Security Key Features") * [**Next** : 17. Natively Integrated into a Unified Platform](#page_17 "Next: 17. Natively Integrated into a Unified Platform") ## Best-in-Class Security Requires Rich,Comprehensive Data Inline Analysis of Real User Traffic Provides Rich Data Each day we analyze up to 5\.43B new events\* Detect Never-Before-Seen Threats Each day we identify up to 8\.95M new attacks\* Prevention Must Happen Inline Each day we block up to 30\.9B attacks inline\* \*Daily average for month of Jan. 2025 AI trained on shared threat data from 70K active customers creates the network effect of patient zero prevention everywhere. * [**Back** : 16. Best-in-Class Security Requires Rich, Comprehensive Data](#page_16 "Back: 1. Introduction") * [**Next** :18. Prevent Attacks at Each Stage with Advanced Security Solutions](#page_18 "Next: 6. ") ## Best-in-Class Security Services to Combat AI-Enabled Threats at Each Stage of the Attack Lifecycle ![](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/ir-report-2/section_17-min.jpg) * [**Back** : 17. Natively Integrated into a Unified Platform](#page_17 "Back: 17. Natively Integrated into a Unified Platform") ## Prevent Attacks at Each Stage with Advanced Security Solutions AI That Thinks Ahead. Protection That Goes Beyond. IT leaders must prioritize solutions that deliver real-time, AI-driven threat detection and response to safeguard digital assets and maintain operational resilience. To address these challenges, the proposed solution needs to emphasize leveraging Precision AI-driven technologies---including machine learning, deep learning, and generative AI---for real-time threat detection and response. Adopting a robust, cloud-delivered, AI-enhanced security framework can support IT leaders in establishing a scalable, agile, and resilient security posture capable of defending against an ever-evolving threat landscape. This proactive approach surpasses the limitations of traditional reactive defenses, ensuring comprehensive protection in an era where the speed and complexity of cyberattacks continue to escalate. It delivers confidence by enabling proactive threat identification at every stage of the attack lifecycle---from initial access and lateral movement to data exfiltration--- ensuring robust defense against sophisticated threats. For more information, [contact](https://start.paloaltonetworks.com/secure-your-enterprise-contact-us) your local Palo Alto Networks representative to schedule a customized [Security Lifecycle Review (SLR)](https://start.paloaltonetworks.com/security-lifecycle-review-risk-assessment). Discover how our Cloud-Delivered Security Services (CDSS) can help prevent threats at every stage of the attack lifecycle---while delivering a [357% ROI over three years](https://start.paloaltonetworks.com/forrester-tei-cdss). © 2025 [Palo Alto Networks,](https://www.paloaltonetworks.com/) Inc. All Rights Reserved. [Privacy](https://www.paloaltonetworks.com/legal/privacy) | [Terms of Use](https://www.paloaltonetworks.com/legal/terms-of-use) | [Contact Us](https://www.paloaltonetworks.com/company/contact-us)