Corporate Blogs

Google Cloud and Palo Alto Networks Deliver Cloud-Native NGFW Service
Google Cloud and Palo Alto Networks are excited to announce the general availability of Google Cloud Next-Generation Firewall (NGFW) Enterprise. Power...
Apr 11, 2024
A Recognized Leader in SSE
Palo Alto Networks is taking charge in cybersecurity; this time it's by being acknowledged as a leader in The Forrester Wave™: Security Service Edge Solutions, Q1 2024 report.
Mar 21, 2024
A Decade of Trust — Meeting the Needs of the DoD
The Department of Defense (DoD) is on a relentless mission to fortify its networks with a comprehensive, no-fail Zero Trust architecture. This approach demands robust security solutions that simultaneously navigate the comple...
Mar 21, 2024
By 
NSTAC’s Cyber Report — Leveraging AI to Measurably Reduce Risk
For over 40 years, the President’s National Security Telecommunications Advisory Committee (NSTAC) has demonstrated a long track record...
Mar 20, 2024
Providing Optimal Cloud Security Outcomes Through StateRAMP
Palo Alto Networks reaches a significant milestone as our commitment to comprehensive security achieves the largest number of StateRAMP marketplace approved cybersecurity offerings.
Mar 19, 2024
See How Our Cloud-Delivered Security Services Provide 357% ROI
Investing in Palo Alto Networks Cloud-Delivered Security Services (CDSS) provided a 357% return on investment (ROI) and net present value (NPV) of $10.04 million over 3 years, alon...
Mar 18, 2024
By 
Let AI Handle the Heavy Lifting in the Modern SOC
“AI’s Impact in Cybersecurity” is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42, with roles in AI research, product management, cons...
Mar 13, 2024
5 Unique Challenges for AI in Cybersecurity
AI tends to be understood as one coherent field of study and application where similar solutions apply for all the use cases. The reality is that applying AI in real-world environm...
Mar 12, 2024

Network Security Blogs

Google Cloud and Palo Alto Networks Deliver Cloud-Native NGFW Service
Google Cloud and Palo Alto Networks are excited to announce the general availability of Google Cloud Next-Generation Firewall (NGFW) Enterprise. Power...
Apr 11, 2024
Unleash Platform Power with Strata Cloud Manager’s Command Center
Every week, we get the privilege of talking to customers and thought leaders across diverse industries, delving into their cybersecurity challenges. A...
Apr 08, 2024
Today, ransomware continues to be the most damaging form of cybercrime for organizations. Palo Alto Networks Unit42 threat research team found that demands ranged anywhere from $3,...
Apr 04, 2024
Getting to Know DNS Hijacking: How Adversaries Continue to Abuse DNS
Accessing a site today should be as straightforward as sending a letter to a trusted friend across the country. Imagine corrupted postal workers swapping out your heartfelt letter...
Apr 03, 2024
VM-Series Virtual Firewalls Top SecureIQLab Cloud Firewall Test
Technology and testing research firm SecureIQLab has published its 2024 Advanced Cloud Firewall (ACFW) security validation report, which shows Palo Al...
Apr 02, 2024
Palo Alto Networks Surveys the State of OT Security
A new report by ABI Research and Palo Alto Networks on the state of operational technology (OT) security found that, within the past year, one in four industrial enterprises said they had to shut down their ope...
Mar 20, 2024
See How Our Cloud-Delivered Security Services Provide 357% ROI
Investing in Palo Alto Networks Cloud-Delivered Security Services (CDSS) provided a 357% return on investment (ROI) and net present value (NPV) of $10.04 million over 3 years, alon...
Mar 18, 2024
Unlocking the Economic Benefit of NGFWs
Cyberthreats are increasing in volume and complexity, making it difficult for network defenders to protect their organizations. Threat actors are evolving their tools and technique...
Mar 11, 2024

SASE Blogs

Prisma Access Unlocks End-to-End IPv6 Network Transformation
Prisma Access, a market-leading security service edge (SSE) component of Palo Alto Networks flagship Prisma SASE solution, is expanding its support fo...
Apr 11, 2024
Entering the Next Chapter of SASE at InterSECt 2024
Change is a fact of life and digital transformation. It comes with how workers access business apps, how organizations operate hybrid w...
Apr 09, 2024
Use RBI as Your Edge over Zero-Day Browser Vulnerabilities
In the current world with employees working from anywhere and most business applications delivered via internet-hosted web applications, web browsers have become an employee’s digi...
Apr 02, 2024
A Recognized Leader in SSE
Palo Alto Networks is taking charge in cybersecurity; this time it's by being acknowledged as a leader in The Forrester Wave™: Security Service Edge Solutions, Q1 2024 report.
Mar 21, 2024
Mobile World Congress Recap: The Convergence of SASE and 5G
A few weeks ago, over 101,000 top decision-makers, inventors, and innovators came together at the world’s largest connectivity event, Mobile World Congress. Leading telcos, global...
Mar 20, 2024
Delivering Agility and Performance with Prisma SD-WAN Innovations
Branches as we know them have fundamentally changed. Organizations are met with new challenges as they fully return to prepandemic work...
Mar 14, 2024
Security for Interconnected SaaS
As organizations adopt hundreds of SaaS platforms, users are interconnecting thousands of third-party applications to critical platforms like Atlassian, Microsoft 365, Salesforce, Google Workspace, and Slack without any overs...
Mar 12, 2024
Forrester Study Reveals SASE-related Impact on Data Security
In today’s dynamic landscape of ever-expanding SaaS applications and data utilization, staying ahead of security threats is paramount for modern enterprises. The 2024 Forrester Con...
Mar 05, 2024

Cloud Native Security Blogs

Why Healthcare Needs a Code-to-Cloud Security Platform
The adoption of cloud infrastructure for application modernization is a significant trend, and healthcare is no different. However, the sensitive nature of health data, combined with the healthcare sector's inc...
Apr 11, 2024
Redshift Security: Attack Surface Explained
In our previous two posts, Access and Data Flows and Data Backups and Encryption, we discussed security best practices to implement least-privileged access on Redshift and reduce t...
Apr 05, 2024
Find and Fix XZ Utils in Just a Few Clicks
By now you’ve likely heard about the vulnerability in XZ Utils Data Compression Library that impacted multiple Linux distributions (CVE-2024-3094) and read the threat brief Palo Alto Networks Unit 42 posted.
Redshift Security: Data Backups and Encryption Best Practices
In this blog post, second in a series, we focus on risks that come from a misconfigured Redshift, like encryption, backups and logs. We’ll explore sec...
Apr 02, 2024
Prisma Cloud DSPM Wins in Cloud-Native Data Security
The 2024 Globee Security Awards Gives Top Honors to Prisma Cloud Data Security Posture Management (DSPM) Solution in Multiple Categories
Mar 27, 2024
Redshift Security: Access and Data Flows Explained
This blog post is the first in a series that exposes security risks, possible attack vectors, and how to hunt and prevent them using data detection and response (DDR).
Mar 26, 2024
A CIEM Leader and Outperformer
GigaOm named Prisma Cloud a Leader in Cloud Security Posture Management (CSPM), Container Security, and now Cloud Infrastructure Entitlement Management (CIEM).
Mar 20, 2024
An Incident Response Framework for Cloud Data Security
How do you respond to a security incident? In some cases, the answer might be ‘block first, ask questions later.’ That was common a decade ago in the centralized IT infrastructure....
Mar 20, 2024

Security Operations Blogs

Playbook of the Week: Prisma Cloud Compute - Compliance Alert v2
Maintaining compliance with regulations and security standards is paramount for organizations in today's dynamic and ever-evolving cybersecurity landscape. However, simply receivin...
Apr 11, 2024
Playbook of the Week: Streamlining Suspicious Data Upload Alert Investigations
Data exfiltration refers to the unauthorized transfer of sensitive or confidential information from a network or system to an external location. This covert activity often occurs s...
Apr 05, 2024
The Power of AI Assistants and Advanced Threat Detection
One short-term prediction from Spisak is the emergence of AI-powered cybersecurity “assistants,” which he envisions will serve as co-pilots to defenders, boosting their efficiency...
Apr 04, 2024
On Credible and Cyber-Contextual Labeling
Machine learning (ML) powered methods are rapidly taking over the cybersecurity medium, performing a variety of complex tasks, including detection, prevention, and prioritization. Albeit not required by all methods, accurate...
Apr 04, 2024
AI, Cybersecurity and the Rise of Large Language Models
Artificial intelligence (AI) plays a crucial role in both defending against and perpetrating cyberattacks, influencing the effectiveness of security measures and the evolving natur...
Apr 02, 2024
Witnessing a Revolution in Cybersecurity with AI
“AI’s Impact in Cybersecurity” is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42, with roles in AI research, product management, cons...
Mar 27, 2024
Let AI Handle the Heavy Lifting in the Modern SOC
“AI’s Impact in Cybersecurity” is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42, with roles in AI research, product management, cons...
Mar 13, 2024
5 Unique Challenges for AI in Cybersecurity
AI tends to be understood as one coherent field of study and application where similar solutions apply for all the use cases. The reality is that applying AI in real-world environm...
Mar 12, 2024

Unit 42 Threat Research

company article
We detail Operation MidnightEclipse, a campaign exploiting command injection vulnerability CVE-2024-3400, and include protections and mitigations....
April 12, 2024
By  Unit 42
company article
Muddled Libra now actively targets CSP environments and SaaS applications. Using the MITRE ATT&CK framework, we outline observed TTPs from incident response....
April 9, 2024
company article
We describe the characteristics of malware-initiated scanning attacks. These attacks differ from direct scanning and are increasing according to our data....
company article
An overview of CVE-2024-3094, a vulnerability in XZ Utils, and information about how to mitigate....
March 30, 2024
By  Unit 42
company article
Unit 42 researchers discovered CVE-2024-1313, a broken object level authorization (BOLA) vulnerability in open-source data visualization platform Grafana. ...
March 27, 2024
company article
We analyze the actions of two separate Chinese APTs — including Stately Taurus — that targeted ASEAN-affiliated entities through different methods....
March 26, 2024
By  Unit 42
company article
We unravel the details of two large-scale StrelaStealer campaigns from 2023 and 2024. This email credential stealer has a new variant delivered through zipped J...
company article
Iran-linked APT Curious Serpens is using a new backdoor, FalseFont, to target the aerospace and defense industries through fake job recruitment....
March 21, 2024

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.