The Executive Summary for The State of Cloud Native Security 2022 research report offers key insights gleaned from security and DevOps leaders at the forefront of the cloud native ecosystem.
The Palo Alto Networks Unit 42 threat research team has observed more than a 73% increase in the use of Red Team tools such as Cobalt Strike by threat actors (Source: Network Threat Trends report, pg. 18).
This executive summary provides topline findings from the latest Unit 42 Cloud Threat Report, where researchers examined cloud infrastructure threats through the lens of identity and access management (IAM). Analysis from terabytes of data, thousands of cloud accounts, and more than 100,000 GitHub code repositories indicates that identity misconfigurations are prevalent across cloud accounts, representing a significant security risk to organizations.
Learn How to Protect Your Cloud Accounts From IAM Misconfigurations. Cloud is now the dominant platform for enterprise application development. Based on data from the 2020 State of Cloud Native Security Report, up to 64% of enterprise workloads will be in the cloud in just the next 24 months.
Security operations teams can only take full advantage of security orchestration, automation and response (SOAR) tools if their security processes are ready.
In an ongoing effort to shed light on security threats posed by the surge in internet of things (IoT) device deployment, Palo Alto Networks, the global cybersecurity leader, commissioned research company Vanson Bourne to conduct a survey on IoT security practices.
Read the report to better understand the scope of the risks to your enterprise and the steps you can take to develop an effective IoT strategy that prepares your business for the long term.
Nearly all sectors have IoT projects that call for embedding a variety of IoT endpoints into their network infrastructure. This business brief outlines the impact of security challenges on IoT adoption across industry segments and best practice to combat the challenges.
As the modern threat landscape gets more and more sophisticated, security teams need a security solution that cuts through complexity and eliminates silos.
In response to the growing security skills gap and attacker trends, extended detection and response (XDR) tools, machine learning (ML), and automation capability are emerging to improve security operations productivity and detection accuracy.” – Gartner
See the security trends Gartner believes are ripe to disrupt the industry, and get their recommendations on how to improve your organization’s resilience and defenses.
Dark Reading recently surveyed IT and cybersecurity professionals from a variety of businesses and organizations. According to their new report, 94% of enterprises feel the first 24 hours after discovering a cyberattack are the most critical.
They also found that, despite increasing emphasis on the importance of effective and timely incident response, security teams may actually be overconfident in assessing their current IR capabilities.
NSS Labs’ Advanced Endpoint Protection (AEP) Test evaluated the prevention capabilities of leading endpoint security (EPP) products against more than 45,000 attack test cases across all tested products including malware, exploits, blended threats, unknown threats, evasions, handcrafted attacks and resistance to tampering. Cortex XDR received a very strong “AA” rating overall.
Cloud threat researchers uncover vulnerabilities in infrastructure-as-code templates, deep dive into crypto operations and cybercrime trends. Read the full report.
This executive summary highlights key findings from the February 2020 edition of the Unit 42 Cloud Threat Report. Data shows Data shows nearly 200k insecure IaC templates in use, 43% of cloud databases are not encrypted, and 60% of cloud storage services have logging disabled.
This summary for DevOps audiences highlights key findings from the February 2020 edition of the Unit 42 Cloud Threat Report. Data shows nearly 200k insecure IaC templates in use, 26% of insecure Kubernetes® configurations run containers with unrestricted permissions, and 27% of Terraform® SSH (port 22) resources are exposed to the internet.
Learn how consolidating and integrating networking and security functions, as well as unifying management and monitoring with SD-WAN in the branch, can lead to more secure and efficient operations.
Every security team has its own set of security tools, competencies, common use cases and compliance requirements. One of the few common threads that weaves through all these elements is the steps for responding to a security incident. Demisto, now part of Palo Alto Networks, sponsored a study of security professionals around the world to delve deeper into their challenges across the incident response (IR) lifecycle, the tools they use and the capabilities they feel are missing from their tool stacks.
ESG conducted a research survey with the intent to gain insight into the current and future processes involved in securing cloud-native applications, the challenges that arise when securing cloud-native applications, and the product requirements companies will demand as they continue to secure more cloud-native applications.
Gartner’s 2019 Magic Quadrant for Network Firewalls Report recognizes Palo Alto Networks a Leader for the EIGHTH time in a row, with the highest position in ability to execute and furthest in completeness of vision.
This report highlights key learnings from these incidents along with research by Unit 42’s cloud research team to shed light on current and emerging trends. Moreover, it offers tips and best practices to help organizations ensure business-critical data across their public cloud environments – Google Cloud, AWS, and Azure – is secure.
This Unit 42 report highlights key learnings from public cloud security incidents and presents original research from the cloud-focused division of the Unit 42 threat research team.
In 1H 2019, NSS Labs performed an independent test of the Palo Alto Networks PA-5220. This comprehensive testing compared security effectiveness, performance and cost among 12 NGFW products. Palo Alto Networks achieved the highest security effectiveness score and a "Recommended" rating."
NSS Labs performed an independent test of the Palo Alto Networks PA-5220 PAN-OS 8.1.2. The product was subjected to thorough testing at the NSS facility in Austin, Texas, based on the Next Generation intrusion Prevention System (NGIPS) Test Methodology v4 and the NSS Labs Evasion Test Methodology v1.1. Testing was conducted free of charge and NSS did not receive any compensation in return for Palo Alto Network’s participation.
Palo Alto Networks® is focused on securing your business with a prevention-focused architecture you can easily deploy and operate. In its 2018 “Next Generation Firewall Group Test Report,” NSS Labs® recognized this and gave our NGFW a Recommended rating.
In this research report, we present the results of a recent Tech Pro Research survey, asking CBS Interactive’s readers about their current cloud activities, security operations, and priorities. You'll learn how IT departments are planning their implementation of private and hybrid cloud infrastructure, how they're dealing with concerns about insider threats, their perceptions of shadow IT, and how you can protect your organization in a challenging threat landscape.
Credential theft is the oxygen of malicious activity: nearly always there, necessary, but never noticed. According to the 2016 Verizon® Data Breach Report, 63 percent of confirmed data breaches leveraged credentials, and the use of stolen credentials is the most common approach in web-app attacks. Credential theft is a staple in the playbooks of sophisticated attackers, like the Sofacy threat actor group, and unsophisticated attackers alike.