Threat actors who pursue the most effective means to circumvent existing endpoint security measures rely on exploits, especially those that leverage unknown software vulnerabilities (commonly referred to as “zero-day exploits”). Embedded in specially crafted data files and content, such as Adobe® PDF and Microsoft® Word documents, zero-day exploits subvert legitimate applications to carry out nefarious activities. Their ability to evade traditional antivirus solutions, and a lack of vendor security patches, often leave organizations with little in terms of preventive measures against zero-day exploits, which generally serve as the initial stage of a targeted attack.
This paper provides a list of the Top 10 Zero-Day Exploits of 2015, offers several possible conclusions based on the types of exploits and their associated cybercrime campaigns, and discusses three particularly effective zero-day exploits in brief case studies.
The paper then introduces the reader to a technical solution that prevents security breaches which leverage zero-day exploits, including the Top 10 Zero-Day Exploits of 2015 that are listed in this document, without prior knowledge of the application vulnerabilities which they exploit. The solution safely enables organizations to continue the use of their applications regardless of the existence of zero-day exploits, the discovery of application vulnerabilities, or the deployment of security patches.
In this paper we will explore the adoption of IPv6, outline security considerations and concerns, and cover the support of IPv6 on the Palo Alto Networks next-generation firewall. Regardless of where you appear on the spectrum for IPv6 adoption, making the switch to the next-generation platform provides tremendous benefit by enabling organizations to implement security services, control errant and unmonitored usage of IPv6, provide a path to consistently secure traffic, and ease migration.
Today's networks are under attack from a new breed of threats and malware. These threats are highly evasive, capable of persisting in your network for long periods of time, and skilled at avoiding traditional antivirus and IPS technologies. This paper provides background on these challenges and introduces WildFire: Palo Alto Networks new solution to detect and stop targeted and unknown threats attacking your network.
This 3rd party test validates the performance of the PA-7050 when security services are enabled when classifying and inspecting applications – not just protocols – that are commonly found on corporate networks. Executed by Network Test, a well-known testing facility, using Breaking Point test tools, this report is the first-ever next-generation firewall performance test that extends beyond the use of a single protocol.
The Australian Signals Directorate (ASD) plays a lead role in protecting Australia’s critical infrastructure from cyber intrusions that pose real and present threats to Australia’s national security. ASD has recommended 35 and mandated that four of the mitigation strategies be implemented in every government agency.
Advanced Persistent Threats (APTs) represent a unique threat to government data. APTs are increasingly formidable and ferocious.
Agencies can no longer depend on virus scanning software. They can no longer simply patrol their digital perimeter. Adversaries lurk until they can sneak undetected past traditional security measures to infiltrate networks – and the problem is growing worse.
This whitepaper, written by a SANS analyst, provides the latest research regarding social networking applications, explains the benefits and risks they bring to corporate networks, and provides a recommendation for defining a secure social networking policy.
This Securosis whitepaper analyzes the disruption happening at the enterprise perimeter, the various technical architectures capable of addressing the new requirements, and deployment considerations for optimal security, availability, and performance. The whitepaper also guides you through advanced firewall features such as IPS, content filtering, and anti-malware.
Palo Alto Networks was recognized as a leader. And according to Gartner, vendors in the leaders quadrant "lead the market in offering new safeguarding features, providing expert capability, rather than treating the firewall as a commodity, and having a good track record of avoiding vulnerabilities in their security products."
Governments around the world are undergoing change. Whether reducing their data center footprints, virtualizing existing services to reduce costs and “go green”, or advancing security to thwart today’s advanced attacks in the field or at home, governments have different requirements of their cybersecurity solutions today. Palo Alto Networks® provides some of today’s most innovative, advanced, and flexible cybersecurity options available to meet today’s government requirements.
Defense in Depth does not mean more security tools. The key to thwarting advanced attacks in today’s government networks is to reduce the attack surface to increase visibility to what matters: the anomalies in your network, across the kill chain.