2025 Unit 42 Global Incident Response Report

Expert insights and recommendations from leaders in incident response.

Explore findings

Read the blog

UNIT 42 RETAINER

A day in the life:
The empowered CISO.

See what it’s like leveraging 24/7 visibility and guidance.

Take the tour

Prepared for attacks.
Positioned for the future.

We know who they are. You’ll know what to do.
For cybersecurity expertise, turn to Unit 42.

Learn more

FORRESTER REPORT

Palo Alto Networks: A Leader in cybersecurity IR services.

Recognized for innovative IR offerings, cloud IR expertise and threat intelligence capabilities.

Get the report

Read the blog

To take down an attack,
team up with experts.

For years, Unit 42 has been teaming up with security teams to take down cyber attacks from every angle. This means our incident response experts are available 24/7 to help you not only stop an attack, but prevent the next one too. As experts in the Palo Alto Networks tools you've already invested in, our threat-informed incident response approach is like no other, enabling us to contain and eradicate threats in record time.

Learn more Under attack?

WHY UNIT 42

Intelligence driven. Response ready.

As the threat landscape changes and attack surfaces expand, security strategies must evolve. Our world-renowned incident response team and security consulting experts will guide you before, during and after an incident with an intelligence-driven approach.

Connect with us

Assess
Transform
Respond

Assess your security controls

Proactively assess and test your controls against real-world threats targeting your organization, then communicate your security risk posture to your board and key stakeholders.

Learn more

SERVICES:

Transform your security strategy

Improve your business resilience with a threat-informed approach to breach preparedness and tighter alignment across your people, processes, technology and governance.

Learn more

SERVICES:

Respond in record time

Deploy Unit 42^® incident response experts to quickly investigate, eradicate and remediate even the most advanced attacks, working in partnership with your cyber insurance carrier and legal teams.

Learn more

SERVICES:

Unit 42 threat-informed incident response methodology

WHAT SETS US APART

World-renowned security experts, always in your corner

As threats escalate, we act as your cybersecurity partner to advise and strengthen your security strategies. Our team of incident responders, security consultants and threat researchers help you prepare for and respond to the most challenging threats.

Learn more

200+

THREAT RESEARCHERS

Our team is made up of threat analysts, threat hunters, and experts in reverse engineering, malware analysis, and threat modeling. Together, they inform our incident response and cyber risk management services to keep you ahead of the changing threat landscape.

1k+

INCIDENT RESPONSE ENGAGEMENTS A YEAR

With their experience, expertise and unique tooling, our Incident Response and Digital Forensics Services can help your team respond in record time.

30M

MALWARE SAMPLES PER DAY ANALYZED

Our 10+ years of historical malware analysis – growing by over 30 million samples per day – help us stay ahead of adversaries and better protect you.

Explore our threat research

Unit 42’s threat research puts threats into context, helping security teams determine how best to defend against future attacks and enhancing the threat protection capabilities of Palo Alto Networks products and services.

View all blogs

Explore customer stories

Discover how Unit 42 security consultants and incident responders are helping our customers before, during and after an incident.

View all customer stories

Leveling up security maturity with Unit 42 incident response expertise.

See the Asante Health Systems case study

Unit 42 secures medical device manufacturer after network breach.

See how our IR team sprang into action

Government eradicates ransomware threat and reinstates critical services.

See how our Unit 42 experts took action

Boyne Resorts achieves game-changing SOC improvements with Cortex XSIAM and Unit 42 MDR.

See the Boyne Resorts case study

Restoring a software and services provider’s cloud environment after a breach.

See the Lapsus$ cloud breach case study

Multinational organization enhances defenses by stress testing its cybersecurity program.

Read the cyber risk management case study

LATEST EVENTS & WEBINARS

Browse all

RELATED RESOURCES

See all resources

2023 Unit 42 Ransomware and Extortion Report

Download the latest multi-extortion trends and insights to keep your organization protected.

A Threat-Informed Approach to Sustainable Cyber Resilience

See how to achieve cyber resiliency by moving from a reactive to a proactive security strategy.

Unit 42 Retainer

Learn how having our IR experts on speed dial as an extension of your team through the Unit 42 Retainer reduces the time it takes to respond to new incidents.

Go from reactive to proactive

Our consultants serve as your trusted advisors to assess and test your security controls, transform your security strategy with an intelligence-informed approach, and respond to incidents in record time.

2025 Unit 42 Global Incident Response Report

Expert insights and recommendations from leaders in incident response.

A day in the life: The empowered CISO.

See what it’s like leveraging 24/7 visibility and guidance.

Prepared for attacks.Positioned for the future.

Palo Alto Networks: A Leader in cybersecurity IR services.

To take down an attack, team up with experts.

Intelligence driven. Response ready.

As the threat landscape changes and attack surfaces expand, security strategies must evolve. Our world-renowned incident response team and security consulting experts will guide you before, during and after an incident with an intelligence-driven approach.

Assess your security controls

SERVICES:

Transform your security strategy

SERVICES:

Respond in record time

SERVICES:

Unit 42 threat-informed incident response methodology

World-renowned security experts, always in your corner

THREAT RESEARCHERS

INCIDENT RESPONSE ENGAGEMENTS A YEAR

MALWARE SAMPLES PER DAY ANALYZED

Explore our threat research

Unit 42’s threat research puts threats into context, helping security teams determine how best to defend against future attacks and enhancing the threat protection capabilities of Palo Alto Networks products and services.

Explore customer stories

Discover how Unit 42 security consultants and incident responders are helping our customers before, during and after an incident.

Leveling up security maturity with Unit 42 incident response expertise.

Unit 42 secures medical device manufacturer after network breach.

Government eradicates ransomware threat and reinstates critical services.

Boyne Resorts achieves game-changing SOC improvements with Cortex XSIAM and Unit 42 MDR.

Restoring a software and services provider’s cloud environment after a breach.

Multinational organization enhances defenses by stress testing its cybersecurity program.

The State of Cybersecurity Incident Response

Navigate the threat of AI-powered cyberattacks: Critical takeaways from the 2024 Unit 42 Threat Frontier Report.

2024 Incident Response Report Webinar

The Ransomware Landscape: Threats Driving the SEC Rule and Other Regulations

RELATED RESOURCES

2023 Unit 42 Ransomware and Extortion Report

A Threat-Informed Approach to Sustainable Cyber Resilience

Unit 42 Retainer

Go from reactive to proactive

THANK YOU!

Get the latest news, invites to events, and threat alerts

Products and Services

Company

Popular Links

A day in the life:
The empowered CISO.

Prepared for attacks.
Positioned for the future.

To take down an attack,
team up with experts.