Latest Blogs

The Rise of Advanced Attacks — What Business Leaders Need to Know
Announcement, Products and Services

The Rise of Advanced Attacks — What Business Leaders Need to Know

Mar 10, 2025
By 
Enhance Private 5G Security for Industrial Deployments
IoT, Partners, Products and Services

Enhance Private 5G Security for Industrial Deployments

Mar 05, 2025
By  and 
Secure Your 5G Business Transformation
Event, Products and Services

Secure Your 5G Business Transformation

Mar 02, 2025
By 
DeepSeek Unveiled — Exposing the GenAI Risks Hiding in Plain Sight
AI Security, Must-Read Articles, News & Events, Reports, Vulnerability Exposed

DeepSeek Unveiled — Exposing the GenAI Risks Hiding in Plain Sight

Feb 28, 2025
By  and 
​​2025 Unit 42 Incident Response Report — Attacks Shift to Disruption
Announcement, Reports, Unit 42

​​2025 Unit 42 Incident Response Report — Attacks Shift to Disruption

Feb 25, 2025
By 
Palo Alto Networks Recognized as a Leader in Omdia Market Radar
Announcement, IoT Security, Products and Services, Reports

Palo Alto Networks Recognized as a Leader in Omdia Market Radar

Feb 24, 2025
By 

POPULAR BLOGS

Popular Topics

Black Hat
Endpoint protection
AI
Cortex XDR
AI’s Impact in Cybersecurity
Apology

Corporate Blogs

Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps
Playbook of the Week, Product Features, Products and Services, Unit 42

Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps

Palo Alto Networks announces Unit 42 Managed XSIAM, a solution that provides 24/7 expert-led defense across every attack surface.
Mar 11, 2025
By 
MITRE ATT&CK Evaluations — Cortex XDR Among Elite in Endpoint Security
Announcement, News and Events, Products and Services, Reports

MITRE ATT&CK Evaluations — Cortex XDR Among Elite in Endpoint Security

Palo Alto Networks achieves top MITRE ATT&CK 2024 results with 100% detection rates agains...
Feb 19, 2025
By 
Curb Healthcare Costs — Can Cybersecurity Platformization Help?
Healthcare, Partners

Curb Healthcare Costs — Can Cybersecurity Platformization Help?

A platformized approach to cybersecurity can help organizations navigate challenges while strengthening resilience, boosting efficiency and managing costs.
Feb 18, 2025
By   and 
Introducing Cortex Cloud — The Future of Real-Time Cloud Security
Announcement, Application Security, Cloud Security, CNAPP, News and Events, Product Features, Products and Services

Introducing Cortex Cloud — The Future of Real-Time Cloud Security

Cortex Cloud brings the world’s leading CNAPP...
Feb 13, 2025
By 
2025 — Key Predictions Shaping the Public Sector
Government, Points of View, Predictions, Public Sector

2025 — Key Predictions Shaping the Public Sector

2025 Public Sector predictions review cybersecurity in the new administration, with AI dominating headlines and expectations of cyber espionage.
Feb 12, 2025
By 
Driving Innovation Together — Palo Alto Networks 2024 Partner Awards
Announcement, Partners

Driving Innovation Together — Palo Alto Networks 2024 Partner Awards

The 2024 Palo Alto Networks Partner Awards winners embody the spirit of collaboration and customer-centricity.
Feb 06, 2025
By 
10 Cyber Recommendations for the Trump Administration
Government, Public Sector

10 Cyber Recommendations for the Trump Administration

Palo Alto Networks is an integrated national security partner with the Federal Government and has 10 cyber recommendations for the incoming administration.
Feb 03, 2025
By   and 
DeepSeek’s Rise Shows AI Security Remains a Moving Target
AI Security, Company & Culture, Unit 42

DeepSeek’s Rise Shows AI Security Remains a Moving Target

DeepSeek is an LLM threatening to disrupt current AI market leaders and fundamentally change the economics of AI-powered applications.
Jan 30, 2025
By 
See all Corporate blogs

Network Security Blogs

The Rise of Advanced Attacks — What Business Leaders Need to Know
Announcement, Products and Services

The Rise of Advanced Attacks — What Business Leaders Need to Know

Exfiltration Shield extracts HTTP requests and verify domains in real time, preventing attackers from using trusted domains to exfiltrate data undetec...
Mar 10, 2025
By 
Meet Exfiltration Shield: Prevent Relayed Data Exfiltration Attacks
Announcement, Data Security, Products and Services

Meet Exfiltration Shield: Prevent Relayed Data Exfiltration Attacks

Prevent data exfiltration with Exfiltration Shield which stops DNS relay attacks via HTTP headers.
Mar 05, 2025
By  and 
Enhance Private 5G Security for Industrial Deployments
IoT, Partners, Products and Services

Enhance Private 5G Security for Industrial Deployments

NTT DATA and Palo Alto Networks have partnered to enhance private 5G security for industrial deployments to empower enterprises.
Mar 05, 2025
By  and 
Secure Your 5G Business Transformation
Event, Products and Services

Secure Your 5G Business Transformation

5G and AI technology convergence accelerate business transformation in critical infrastructure and governments, enhancing connectivity and intelligence.
Mar 02, 2025
By 
DeepSeek Unveiled — Exposing the GenAI Risks Hiding in Plain Sight
AI Security, Must-Read Articles, News & Events, Reports, Vulnerability Exposed

DeepSeek Unveiled — Exposing the GenAI Risks Hiding in Plain Sight

Palo Alto Networks saw a 1,800% increase in DeepSeek traffic, highlighting the need to stay vigilant against new AI tools outpacing security measures....
Feb 28, 2025
By  and 
Palo Alto Networks Recognized as a Leader in Omdia Market Radar
Announcement, IoT Security, Products and Services, Reports

Palo Alto Networks Recognized as a Leader in Omdia Market Radar

Omdia report includes an evaluation of the OT security market, recommendations for choosing solutions, and analysis of OT cybersecurity platforms.
Feb 24, 2025
By 
CRN 2025 Security 100 List names Palo Alto Networks
Announcement, Strata Network Security Platform

CRN 2025 Security 100 List names Palo Alto Networks

Palo Alto Networks made the CRN 2025 Security 100 list for its AI-powered cybersecurity, securing enterprises, streamlining operations and reducing costs.
Feb 18, 2025
By 
DeepSeek’s Rise Shows AI Security Remains a Moving Target
AI Security, Company & Culture, Unit 42

DeepSeek’s Rise Shows AI Security Remains a Moving Target

DeepSeek is an LLM threatening to disrupt current AI market leaders and fundamentally change the economics of AI-powered applications.
Jan 30, 2025
By 
See all Network Security blogs

SASE Blogs

Why Weak MFA Is as Dangerous as Having No MFA
Product Features, Products and Services, Use-Cases

Why Weak MFA Is as Dangerous as Having No MFA

Get a deeper understanding of MFA risks and how to address them with Palo Alto Networks SaaS Security Posture Management.
Mar 05, 2025
By  and 
Secure Your 5G Business Transformation
Event, Products and Services

Secure Your 5G Business Transformation

5G and AI technology convergence accelerate business transformation in critical infrastructure and governments, enhancing connectivity and intelligence.
Mar 02, 2025
By 
Service Providers Can Seize the 5G Opportunity with Prisma SASE 5G
News & Events, Partner Integrations, Partners, Products and Services

Service Providers Can Seize the 5G Opportunity with Prisma SASE 5G

Prisma SASE 5G provides industry-leading security for enterprises connected to service pro...
Mar 02, 2025
By   and 
DeepSeek Unveiled — Exposing the GenAI Risks Hiding in Plain Sight
AI Security, Must-Read Articles, News & Events, Reports, Vulnerability Exposed

DeepSeek Unveiled — Exposing the GenAI Risks Hiding in Plain Sight

Palo Alto Networks saw a 1,800% increase in DeepSeek traffic, highlighting the need to sta...
Feb 28, 2025
By   and 
Seamless Service Provider Network Attach with Prisma SASE
News & Events, Partner Integrations, Partners, Products and Services

Seamless Service Provider Network Attach with Prisma SASE

Prisma SASE now enables seamless network attach and deep network integration with service provider partner core and transport networks....
Feb 27, 2025
By   and 
Omdia Report Reinforces Need to Browse Bravely
Announcement, News & Events

Omdia Report Reinforces Need to Browse Bravely

New report sheds light on the shifting workforce cybersecurity dynamics, explores persistent challenges & presents actionable solutions.
Feb 14, 2025
By 
The New Cybersecurity Duo: Prisma Access Browser and Its Extension
Product Features, Products and Services

The New Cybersecurity Duo: Prisma Access Browser and Its Extension

Get a closer look at how Prisma Access Browser & the Prisma Access Browser Extension provide comprehensive, enterprise-wide security.
Feb 11, 2025
By 
Prisma SD-WAN FedRAMP Authorization for a Zero Trust Government Branch
Announcement, News & Events, SD-WAN

Prisma SD-WAN FedRAMP Authorization for a Zero Trust Government Branch

Prisma SD-WAN has achieved FedRAMP High Authorization, making it available for U.S. governmental agencies to connect & secure their bra...
Feb 10, 2025
By   and 
See all SASE blogs

Cloud Security Blogs

Cloud Runtime Security Without Tradeoffs
CDR, Cloud Runtime Security, Cloud Security

Cloud Runtime Security Without Tradeoffs

Cortex Cloud’s agentless scanning provides seamless visibility, while agent-based security delivers real-time monitoring and cloud runtime protection.
Mar 11, 2025
By  and 
Introducing Cortex Cloud — The Future of Real-Time Cloud Security
Announcement, Application Security, Cloud Security, CNAPP, News and Events, Product Features, Products and Services

Introducing Cortex Cloud — The Future of Real-Time Cloud Security

Cortex Cloud brings the world’s leading CNAPP onto the #1 SecOps platform, delivering real-time protection — for the fir...
Feb 13, 2025
By 
Prisma Cloud: The Industry’s Only FedRAMP High Authorized CNAPP
Announcement

Prisma Cloud: The Industry’s Only FedRAMP High Authorized CNAPP

FedRAMP bestows the first CNAPP with FedRAMP High authorization, making Prisma Cloud the only CNAPP to hold FedRAMP High certification.
Dec 19, 2024
By 
GigaOm Names Prisma Cloud a Leader in Software Supply Chain Security
Announcement, AppSec, CI/CD

GigaOm Names Prisma Cloud a Leader in Software Supply Chain Security

Secure your software supply chain with Prisma® Cloud, the top-ranked leader in GigaOm's Radar, offering end-to-end protection for cloud-native applications.
Dec 17, 2024
By 
Forecasting the 2025 Cloudscape
Cloud Security, Points of View, Predictions

Forecasting the 2025 Cloudscape

Discover 2025 cloud security trends, predictions on AI-driven threats, market consolidation, data security in CNAPPs, and more from Prisma Cloud leaders.
Dec 05, 2024
By 
Complying with OWASP Top 10 for LLM Applications and NIST AI 600-1
AI Security, AI Security Posture Management

Complying with OWASP Top 10 for LLM Applications and NIST AI 600-1

AI applications require rigorous AI security that complies with standards like OWASP Top 10 LLM application risks and NIST AI 600-1 to ensure safe dep...
Dec 04, 2024
By 
Deploying Secure LLM and RAG Applications with Amazon Bedrock and Prisma Cloud
AI Security, AI Security Posture Management, DSPM

Deploying Secure LLM and RAG Applications with Amazon Bedrock and Prisma Cl...

Generative AI advancements enable powerful applications but introduce risks, requiring comprehensive security measures throughout the application life...
Dec 03, 2024
By 
Discover, Protect and Respond with AWS and Prisma Cloud
Announcement, Partners, Products and Services

Discover, Protect and Respond with AWS and Prisma Cloud

The complex landscape of cloud services, particularly in multi-cloud environments, poses significant security challenges for organizations. Unmanaged cloud resources, human error, misconfigurations and the incr...
Nov 22, 2024
By  and 
See all Cloud Security blogs

Security Operations Blogs

Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps
Playbook of the Week, Product Features, Products and Services, Unit 42

Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps

Palo Alto Networks announces Unit 42 Managed XSIAM, a solution that provides 24/7 expert-led defense across every attack surface.
Mar 11, 2025
By 
Automating Response to Suspicious SaaS Access From a Tor Exit Node
Playbook of the Week

Automating Response to Suspicious SaaS Access From a Tor Exit Node

This playbook shows how a SecOps team can use Cortex XSIAM to automate and speed response to suspicious SaaS access alerts involving a Tor exit node.
Mar 06, 2025
By 
Playbook of the Week, Uncategorized

Automating Response to Credential Dumping Attacks

Automated playbook designed to detect, contain and remediate credential dumping activity.
Feb 27, 2025
By 
Cortex Xpanse Protects Against Malicious Domain Takeover Techniques
Product Features, Uncategorized, Use-Cases

Cortex Xpanse Protects Against Malicious Domain Takeover Techniques

Malicious domain takeovers have become an increasing concern for businesses as attackers exploit vulnerabilities by gaining unauthorize...
Feb 26, 2025
By 
Automating Response to Unauthorized User Account Creation
Playbook of the Week

Automating Response to Unauthorized User Account Creation

This playbook automates incident response actions to identify, investigate, and remediate unauthorized hidden user account creation.
Feb 20, 2025
By 
MITRE ATT&CK Evaluations — Cortex XDR Among Elite in Endpoint Security
Announcement, News and Events, Products and Services, Reports

MITRE ATT&CK Evaluations — Cortex XDR Among Elite in Endpoint Security

Palo Alto Networks achieves top MITRE ATT&CK 2024 results with 100% detection rates agains...
Feb 19, 2025
By 
Democratize Threat Hunting with Cortex Copilot
Must-Read Articles, Product Features, Use-Cases

Democratize Threat Hunting with Cortex Copilot

Discover how Cortex Copilot democratizes threat hunting by enabling analysts to investigate security incidents with AI-powered guidance. Learn how a new threat hunter uncovered a p...
Feb 19, 2025
By 
Playbook of the Week

SSO Password Spray Playbook

Learn how to detect and prevent SSO password spray attacks with our comprehensive security playbook. Automate response and strengthen authentication security.
Feb 13, 2025
By 
See all Security Operations blogs

Unit 42 Threat Research

company article
High Profile Threats Vulnerabilities

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-...

We detail the observed limited activity regarding authentication bypass vulnerability CVE-2024-0012 affecting specific versions of PAN-OS software, and include ...
November 22, 2024
By  Unit 42
company article
Threat Research Vulnerabilities

Multiple Vulnerabilities Discovered in a SCADA System

We identified multiple vulnerabilities in ICONICS Suite, SCADA software used in numerous OT applications. This article offers a technical analysis of our findin...
March 7, 2025
By  Asher Davila ,   Malav Vyas
company article
DNS Threat Research

The Next Level: Typo DGAs Used in Malicious Redirection Chains

A graph intelligence-based pipeline and WHOIS data are among the tools we used to identify this campaign, which introduced a variant of domain generation algori...
March 6, 2025
By  Reethika Ramesh ,   Janos Szurdi
company article
DNS Threat Research

Beneath the Surface: Detecting and Blocking Hidden Malicious Traf...

A topological analysis and case studies add nuance to a study of malicious traffic distribution systems. We compare their use by attackers to benign systems....
March 5, 2025
By  Zhanhao Chen ,   Daiping Liu ,   Wanjin Li ,   Fan Fei
company article
Malware Threat Research

Uncovering .NET Malware Obfuscated by Encryption and Virtualizati...

Malware authors use AES encryption and code virtualization to evade sandbox static analysis. We explore how this facilitates spread of Agent Tesla, XWorm and mo...
March 3, 2025
By  Lee Wei Yeong
company article
Business Email Compromise Cloud Cybersecurity Research Threat Research

JavaGhost’s Persistent Phishing Attacks From the Cloud

Unit 42 reports on phishing activity linked to the threat group JavaGhost. These attacks target organizations’ AWS environments....
February 28, 2025
By  Margaret Kelley
company article
Malware Threat Research

Squidoor: Suspected Chinese Threat Actor’s Backdoor Targets Globa...

We analyze the backdoor Squidoor, used by a suspected Chinese threat actor to steal sensitive information. This multi-platform backdoor is built for stealth....
February 27, 2025
By  Lior Rochberger ,   Tom Fakterman
company article
Cybercrime Malware Threat Research

RustDoor and Koi Stealer for macOS Used by North Korea-Linked Thr...

Koi Stealer and RustDoor malware were used in a campaign linked to North Korea. This activity targeted crypto wallet owners....
February 26, 2025
By  Adva Gabay ,   Daniel Frank
See all Unit 42 threat research

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

Get the latest news, invites to events, and threat alerts