Corporate Blogs

Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps

Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps

Palo Alto Networks announces Unit 42 Managed XSIAM, a solution that provides 24/7 expert-led defense across every attack surface.
Mar 11, 2025
MITRE ATT&CK Evaluations — Cortex XDR Among Elite in Endpoint Security

MITRE ATT&CK Evaluations — Cortex XDR Among Elite in Endpoint Security

Palo Alto Networks achieves top MITRE ATT&CK 2024 results with 100% detection rates agains...
Feb 19, 2025
Curb Healthcare Costs — Can Cybersecurity Platformization Help?

Curb Healthcare Costs — Can Cybersecurity Platformization Help?

A platformized approach to cybersecurity can help organizations navigate challenges while strengthening resilience, boosting efficiency and managing costs.
Feb 18, 2025
Introducing Cortex Cloud — The Future of Real-Time Cloud Security
2025 — Key Predictions Shaping the Public Sector

2025 — Key Predictions Shaping the Public Sector

2025 Public Sector predictions review cybersecurity in the new administration, with AI dominating headlines and expectations of cyber espionage.
Feb 12, 2025
Driving Innovation Together — Palo Alto Networks 2024 Partner Awards

Driving Innovation Together — Palo Alto Networks 2024 Partner Awards

The 2024 Palo Alto Networks Partner Awards winners embody the spirit of collaboration and customer-centricity.
Feb 06, 2025
10 Cyber Recommendations for the Trump Administration

10 Cyber Recommendations for the Trump Administration

Palo Alto Networks is an integrated national security partner with the Federal Government and has 10 cyber recommendations for the incoming administration.
Feb 03, 2025
DeepSeek’s Rise Shows AI Security Remains a Moving Target

DeepSeek’s Rise Shows AI Security Remains a Moving Target

DeepSeek is an LLM threatening to disrupt current AI market leaders and fundamentally change the economics of AI-powered applications.
Jan 30, 2025

Network Security Blogs

The Rise of Advanced Attacks — What Business Leaders Need to Know

The Rise of Advanced Attacks — What Business Leaders Need to Know

Exfiltration Shield extracts HTTP requests and verify domains in real time, preventing attackers from using trusted domains to exfiltrate data undetec...
Mar 10, 2025
Meet Exfiltration Shield: Prevent Relayed Data Exfiltration Attacks

Meet Exfiltration Shield: Prevent Relayed Data Exfiltration Attacks

Prevent data exfiltration with Exfiltration Shield which stops DNS relay attacks via HTTP headers.
Mar 05, 2025
Enhance Private 5G Security for Industrial Deployments

Enhance Private 5G Security for Industrial Deployments

NTT DATA and Palo Alto Networks have partnered to enhance private 5G security for industrial deployments to empower enterprises.
Mar 05, 2025
Secure Your 5G Business Transformation

Secure Your 5G Business Transformation

5G and AI technology convergence accelerate business transformation in critical infrastructure and governments, enhancing connectivity and intelligence.
Mar 02, 2025
DeepSeek Unveiled — Exposing the GenAI Risks Hiding in Plain Sight

DeepSeek Unveiled — Exposing the GenAI Risks Hiding in Plain Sight

Palo Alto Networks saw a 1,800% increase in DeepSeek traffic, highlighting the need to stay vigilant against new AI tools outpacing security measures....
Feb 28, 2025
Palo Alto Networks Recognized as a Leader in Omdia Market Radar

Palo Alto Networks Recognized as a Leader in Omdia Market Radar

Omdia report includes an evaluation of the OT security market, recommendations for choosing solutions, and analysis of OT cybersecurity platforms.
Feb 24, 2025
CRN 2025 Security 100 List names Palo Alto Networks

CRN 2025 Security 100 List names Palo Alto Networks

Palo Alto Networks made the CRN 2025 Security 100 list for its AI-powered cybersecurity, securing enterprises, streamlining operations and reducing costs.
Feb 18, 2025
DeepSeek’s Rise Shows AI Security Remains a Moving Target

DeepSeek’s Rise Shows AI Security Remains a Moving Target

DeepSeek is an LLM threatening to disrupt current AI market leaders and fundamentally change the economics of AI-powered applications.
Jan 30, 2025

SASE Blogs

Why Weak MFA Is as Dangerous as Having No MFA

Why Weak MFA Is as Dangerous as Having No MFA

Get a deeper understanding of MFA risks and how to address them with Palo Alto Networks SaaS Security Posture Management.
Mar 05, 2025
Secure Your 5G Business Transformation

Secure Your 5G Business Transformation

5G and AI technology convergence accelerate business transformation in critical infrastructure and governments, enhancing connectivity and intelligence.
Mar 02, 2025
Service Providers Can Seize the 5G Opportunity with Prisma SASE 5G

Service Providers Can Seize the 5G Opportunity with Prisma SASE 5G

Prisma SASE 5G provides industry-leading security for enterprises connected to service pro...
Mar 02, 2025
DeepSeek Unveiled — Exposing the GenAI Risks Hiding in Plain Sight

DeepSeek Unveiled — Exposing the GenAI Risks Hiding in Plain Sight

Palo Alto Networks saw a 1,800% increase in DeepSeek traffic, highlighting the need to sta...
Feb 28, 2025
Seamless Service Provider Network Attach with Prisma SASE

Seamless Service Provider Network Attach with Prisma SASE

Prisma SASE now enables seamless network attach and deep network integration with service provider partner core and transport networks....
Feb 27, 2025
Omdia Report Reinforces Need to Browse Bravely

Omdia Report Reinforces Need to Browse Bravely

New report sheds light on the shifting workforce cybersecurity dynamics, explores persistent challenges & presents actionable solutions.
Feb 14, 2025
The New Cybersecurity Duo: Prisma Access Browser and Its Extension

The New Cybersecurity Duo: Prisma Access Browser and Its Extension

Get a closer look at how Prisma Access Browser & the Prisma Access Browser Extension provide comprehensive, enterprise-wide security.
Feb 11, 2025
Prisma SD-WAN FedRAMP Authorization for a Zero Trust Government Branch

Prisma SD-WAN FedRAMP Authorization for a Zero Trust Government Branch

Prisma SD-WAN has achieved FedRAMP High Authorization, making it available for U.S. governmental agencies to connect & secure their bra...
Feb 10, 2025

Cloud Security Blogs

Cloud Runtime Security Without Tradeoffs

Cloud Runtime Security Without Tradeoffs

Cortex Cloud’s agentless scanning provides seamless visibility, while agent-based security delivers real-time monitoring and cloud runtime protection.
Mar 11, 2025
Introducing Cortex Cloud — The Future of Real-Time Cloud Security

Introducing Cortex Cloud — The Future of Real-Time Cloud Security

Cortex Cloud brings the world’s leading CNAPP onto the #1 SecOps platform, delivering real-time protection — for the fir...
Feb 13, 2025
Prisma Cloud: The Industry’s Only FedRAMP High Authorized CNAPP

Prisma Cloud: The Industry’s Only FedRAMP High Authorized CNAPP

FedRAMP bestows the first CNAPP with FedRAMP High authorization, making Prisma Cloud the only CNAPP to hold FedRAMP High certification.
Dec 19, 2024
GigaOm Names Prisma Cloud a Leader in Software Supply Chain Security

GigaOm Names Prisma Cloud a Leader in Software Supply Chain Security

Secure your software supply chain with Prisma® Cloud, the top-ranked leader in GigaOm's Radar, offering end-to-end protection for cloud-native applications.
Dec 17, 2024
Forecasting the 2025 Cloudscape

Forecasting the 2025 Cloudscape

Discover 2025 cloud security trends, predictions on AI-driven threats, market consolidation, data security in CNAPPs, and more from Prisma Cloud leaders.
Dec 05, 2024
Complying with OWASP Top 10 for LLM Applications and NIST AI 600-1

Complying with OWASP Top 10 for LLM Applications and NIST AI 600-1

AI applications require rigorous AI security that complies with standards like OWASP Top 10 LLM application risks and NIST AI 600-1 to ensure safe dep...
Dec 04, 2024
Deploying Secure LLM and RAG Applications with Amazon Bedrock and Prisma Cloud

Deploying Secure LLM and RAG Applications with Amazon Bedrock and Prisma Cl...

Generative AI advancements enable powerful applications but introduce risks, requiring comprehensive security measures throughout the application life...
Dec 03, 2024
Discover, Protect and Respond with AWS and Prisma Cloud

Discover, Protect and Respond with AWS and Prisma Cloud

The complex landscape of cloud services, particularly in multi-cloud environments, poses significant security challenges for organizations. Unmanaged cloud resources, human error, misconfigurations and the incr...
Nov 22, 2024

Security Operations Blogs

Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps

Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps

Palo Alto Networks announces Unit 42 Managed XSIAM, a solution that provides 24/7 expert-led defense across every attack surface.
Mar 11, 2025
Automating Response to Suspicious SaaS Access From a Tor Exit Node

Automating Response to Suspicious SaaS Access From a Tor Exit Node

This playbook shows how a SecOps team can use Cortex XSIAM to automate and speed response to suspicious SaaS access alerts involving a Tor exit node.
Mar 06, 2025
By 

Automating Response to Credential Dumping Attacks

Automated playbook designed to detect, contain and remediate credential dumping activity.
Feb 27, 2025
Cortex Xpanse Protects Against Malicious Domain Takeover Techniques

Cortex Xpanse Protects Against Malicious Domain Takeover Techniques

Malicious domain takeovers have become an increasing concern for businesses as attackers exploit vulnerabilities by gaining unauthorize...
Feb 26, 2025
By 
Automating Response to Unauthorized User Account Creation

Automating Response to Unauthorized User Account Creation

This playbook automates incident response actions to identify, investigate, and remediate unauthorized hidden user account creation.
Feb 20, 2025
MITRE ATT&CK Evaluations — Cortex XDR Among Elite in Endpoint Security

MITRE ATT&CK Evaluations — Cortex XDR Among Elite in Endpoint Security

Palo Alto Networks achieves top MITRE ATT&CK 2024 results with 100% detection rates agains...
Feb 19, 2025
Democratize Threat Hunting with Cortex Copilot

Democratize Threat Hunting with Cortex Copilot

Discover how Cortex Copilot democratizes threat hunting by enabling analysts to investigate security incidents with AI-powered guidance. Learn how a new threat hunter uncovered a p...
Feb 19, 2025
By 

SSO Password Spray Playbook

Learn how to detect and prevent SSO password spray attacks with our comprehensive security playbook. Automate response and strengthen authentication security.
Feb 13, 2025

Unit 42 Threat Research

company article

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-...

We detail the observed limited activity regarding authentication bypass vulnerability CVE-2024-0012 affecting specific versions of PAN-OS software, and include ...
November 22, 2024
By  Unit 42
company article

Multiple Vulnerabilities Discovered in a SCADA System

We identified multiple vulnerabilities in ICONICS Suite, SCADA software used in numerous OT applications. This article offers a technical analysis of our findin...
March 7, 2025
company article

The Next Level: Typo DGAs Used in Malicious Redirection Chains

A graph intelligence-based pipeline and WHOIS data are among the tools we used to identify this campaign, which introduced a variant of domain generation algori...
March 6, 2025
company article

Beneath the Surface: Detecting and Blocking Hidden Malicious Traf...

A topological analysis and case studies add nuance to a study of malicious traffic distribution systems. We compare their use by attackers to benign systems....
March 5, 2025
By  Zhanhao Chen ,   Daiping Liu ,   Wanjin Li ,   Fan Fei
company article

Uncovering .NET Malware Obfuscated by Encryption and Virtualizati...

Malware authors use AES encryption and code virtualization to evade sandbox static analysis. We explore how this facilitates spread of Agent Tesla, XWorm and mo...
March 3, 2025
company article

JavaGhost’s Persistent Phishing Attacks From the Cloud

Unit 42 reports on phishing activity linked to the threat group JavaGhost. These attacks target organizations’ AWS environments....
February 28, 2025
company article

Squidoor: Suspected Chinese Threat Actor’s Backdoor Targets Globa...

We analyze the backdoor Squidoor, used by a suspected Chinese threat actor to steal sensitive information. This multi-platform backdoor is built for stealth....
February 27, 2025
company article

RustDoor and Koi Stealer for macOS Used by North Korea-Linked Thr...

Koi Stealer and RustDoor malware were used in a campaign linked to North Korea. This activity targeted crypto wallet owners....
February 26, 2025

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.