Prioritizing Impact: A Practical Framework for XDR Success
Learn practical XDR implementation strategies from security experts. Reduce alert fatigue, expand beyond EDR, and measure real security impact with proven frameworks.
Security Operations
Security Operations
Must-Read Articles
Product Features
Use-Cases
News and Events
Partner Integrations
Playbook of the Week
Partners Are Fueling Innovation with Cortex XSIAM and Prisma SASE
Solution providers voted us #1 – Cortex XSIAM is CRN’s 2025 Product of the Year and Prisma SASE is a 2025 Tech Innovator.
Introducing the Cortex MCP Server
This blog introduces the new Cortex MCP, bringing real-time intelligence from XSIAM data to your preferred LLM application.
Stop Alert Fatigue: Fine-Tune Cortex XDR Analytics for Zero-Noise Security
Cortex XDR lets you fine-tune analytics rules and customize alert severity for zero-noise security and prioritized threat triage.
Introducing Malicious LDAP Query Protection for Cortex ITDR
Introducing Malicious LDAP Query Protection for Cortex ITDR. Get real-time, autonomous prevention to stop Active Directory reconnaissance attacks and ...
More Blogs
Displaying 1—16 of
548 results
Sort By:
Shai-Hulud 2.0: How Cortex Helps Protect Against the Resurgent npm Worm
Shai-Hulud 2.0 exposes the fragility of software supply chains. Learn how the npm worm spreads through developer ecosyst...
Cortex ITDR: Cyber Threats in Microsoft Teams and Their Detection
A blog that demonstrates how PANW Cortex XSIAM provides detections on attacks within Microsoft Teams
Our CIO on Why Security Must Be Built Into AI from Day One
Palo Alto Networks CIO shares how the company transformed IT and development with AI, emphasizing that security must be integrated from day one.
What’s New in Cortex
The latest release of Cortex delivers autonomous SOC capabilities with Agentic AI, Federated Search, attack surface controls with AI detections, and more.
Reframing Vulnerability Management in an Age of Overload
Overwhelmed by vulnerability alerts? Learn how the Cortex Vulnerability Risk Score (CVRS) cuts through the noise, reducing alerts by up to 99% to find true risks.
Tracking Down Malicious Communication with Advanced XDR Detection Tactics
Learn how Palo Alto Networks uses Precision AI and XDR to detect C2 communications and data exfiltration through advanced classification and diverse d...
Securing Shadow AI with Cortex Xpanse
Rapid AI adoption creates "Shadow AI" and hidden risks. See how Cortex Xpanse discovers unmanaged AI infrastructure to secure your complete attack surface.
Transform Your SOC with Cortex XSIAM: Lessons From a Zombie Infestation
Like zombies, cyber threats need vulnerable hosts. Learn how Cortex XSIAM unifies your SOC to detect, respond, and prevent attacks before they spread....
The Agentic AI Platform for the Agentic Workforce of the Future
Introducing Cortex AgentiX, the Agentic AI platform for the autonomous enterprise, delivering an AI agent workforce for security and IT.
The Data Digestion Revolution: Why Cortex XDL is the Foundation of Modern S...
Discover how Cortex XDL's intelligence-first approach transforms raw security data into actionable threat intelligence at enterprise scale
Forrester TEI: Unlock 257% ROI with Cortex XSIAM
AI-driven SecOps platform delivered 257% ROI, cut breach risk 60%, and consolidated tools for significant savings. Learn more about Palo Alto Networks Cortex XSIAM.
SIEM Replacement Made Easy (Yes, Really!)
Deploy Cortex XSIAM in 3 months or less with AI-powered migration tools. Replace your SIEM faster with automated onboarding and ready-to-use analytics.
Breaking Down Security Silos: How XDL Powers Advanced Threat Operations
Learn how Cortex XDL unifies vulnerability management and email security through shared intelligence to stop coordinated attacks at enterprise scale.
How Cortex Defends Against Microsoft SharePoint "ToolShell" Exploits
Cortex defends against the new "ToolShell" attack chain, which exploits vulnerabilities to achieve full remote code execution without requiring creden...
Real-World Email Attacks Detected by Cortex Advanced Email Security
Discover how unified email security stops brand impersonation, credential harvesting, and localized phishing attacks using AI and cross-domain analysi...
The Case Files of Detective Aems: A Study in Digital Deduction
Discover how AI-powered email security defeats sophisticated phishing, BEC attacks, and brand impersonation through contextual analysis and unified th...
More Blogs
Displaying 1—16 of
500 results
Sort By:
Announcement, Application Security, Cloud Security, CNAPP, News and Events, Product Features, Products and Services
Introducing Cortex Cloud — The Future of Real-Time Cloud Security
Cortex Cloud brings the world’s leading CNAPP onto the #1 SecOps platform, delivering real-time protection — for the fir...
A Leader in the 2024 Gartner Magic Quadrant for EPP
Palo Alto Networks was named a leader in endpoint protection platforms by Gartner for Cortex XDR.
Introducing XSIAM 3.0
XSIAM is expanding from reactive response to proactive defense, transforming exposure management and email security with unified data, AI and automation.
Forrester Names Palo Alto Networks a Leader in XDR
Palo Alto Networks was named a leader in extended detection and response platforms by Forrester for Cortex XDR.
Cortex Email Security Module: Defending Against Evolving Email Threats
Discover how Cortex Email Security Module detects sophisticated phishing attacks through AI-powered analysis, cross-domain correlation, and automated ...
MITRE ATT&CK Evaluations — Cortex XDR Among Elite in Endpoint Security
Palo Alto Networks achieves top MITRE ATT&CK 2024 results with 100% detection rates against evolving AI-powered cyber threats.
A Deep Dive Into Malicious Direct Syscall Detection
This blog explains how attackers use direct syscalls to overcome most EDR solutions, by first discussing the conventional Windows syscall flow and how most EDR solutions monitor those calls.
Automating Response to Suspicious Process Executions
This playbook automates the investigation and response to suspicious process executions triggered by a scheduled task.
Forrester Names Palo Alto Networks a Leader in Attack Surface Management
Palo Alto Networks was named a leader in attack surface management by Forrester for Cortex Xpanse.
NL2XQL: Turning Natural Language into Powerful Cybersecurity Querying
NL2XQL transforms natural language into powerful XQL queries, making cybersecurity investigations accessible to all security teams without requiring d...
Automating Response to Unauthorized Scheduled Task Executions
Discover how Cortex XSIAM automates detection and response to malicious scheduled tasks that reference external HTTP/FTP sources for improved security...
Automating Response to Unauthorized Tor Logins
The A Successful Login from Tor playbook in Cortex XSIAM enhances security teams’ ability to detect and respond to unauthorized access attempts using Tor. By automating identity verification, automated remediat...
Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps
Palo Alto Networks announces Unit 42 Managed XSIAM, a solution that provides 24/7 expert-led defense across every attack surface.
Detecting Threats with Microsoft Graph Activity Logs
Discover how Microsoft Graph API is used as an attack vector by threat actors through a real-world attack scenario. Find out why monitoring Microsoft Graph activity logs is important and how Cortex delivers tai...
Creating an Automated Workflow for Account Lockout Resolution
This playbook automates and speeds up response to excessive user account lockouts, which could indicate a credential-based attack.
Flexible Security Data Management with Cortex XSIAM & Cribl
Cortex XSIAM now integrates with Cribl to help security teams route high-quality data, fuel AI-driven operations, and detect threats fast with full vi...
Subscribe to Security Operations Blogs!
Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.