Archive for Palo Alto Networks

Newer Entries »

Palo Alto Networks Introduces Cortex Cloud

Posted in Commentary with tags on February 13, 2025 by itnerd

Palo Alto Networks is doubling down on cloud security with the introduction of Cortex® Cloud, the next version of Prisma Cloud, that natively brings together new releases of its best-in-class cloud detection and response (CDR) and industry-leading cloud native application protection platform (CNAPP) capabilities on the unified Cortex platform. The new solution, announced today, equips security teams with significant innovations powered by AI and automation that go beyond traditional “peace time” approaches to cloud security and stop attacks in real-time.

Unit 42® reports reveal that 80% of security exposures were found in cloud attack surfaces, with a 66% increase in threats targeting cloud environments. As cloud adoption and AI usage grow, Cortex Cloud unifies data, automates workflows, and applies AI-driven insights to reduce risk, prevent threats, and stop attacks in real time. Cortex Cloud is designed to ingest and analyze data from third-party tools to provide centralized visibility, AI-driven insights and end-to-end remediation across the entire cloud security ecosystem.

Cortex Cloud delivers on Palo Alto Networks platformization strategy by rearchitecting its cloud security solution on the AI-driven Cortex SecOps platform to deliver a powerful unified user experience with persona-driven dashboards and workflows. Cortex Cloud helps customers achieve superior protection at a significantly lower total cost of ownership and provides additional value and new features including:

  • Application security: Build secure apps and prevent issues in development before they become production issues that attackers can target. Cortex Cloud identifies and prioritizes issues across the entire development pipeline with end-to-end context across code, runtime, cloud and newly introduced third-party scanners.
  • Cloud posture: Improve multi-cloud risk management with new AI-powered prioritization, guided fixes to resolve multiple risks with a single action, and automated remediation. Additionally, Cortex Cloud delivers a single user experience with tight integration across all of Prisma Cloud’s cloud posture capabilities.
  • Cloud runtime: Stop attacks in real time. Cortex Cloud natively integrates the unified Cortex XDR agent, enriched with additional cloud data sources, to prevent threats with advanced analytics – as proven by industry-leading results in the most recent MITRE ATT&CK testing. Our new Cloud Runtime Security offering includes the world’s leading CNAPP capabilities at no additional cost, maximizing adoption of end-to-end cloud security on a single platform.
  • SOC: The preferred SOC platform for enterprise and cloud, expanding beyond what any SIEM can deliver. Cortex Cloud natively integrates cloud data, context and workflows within Cortex XSIAM to significantly reduce the mean time to respond (MTTR) to modern threats with a single, unified SecOps solution.

Customer Delivery

Existing Prisma Cloud customers will experience a seamless upgrade to Cortex Cloud, and will now experience the power of streamlined, real-time cloud security. Existing Cortex XSIAM customers who add Cortex Cloud gain the ability to seamlessly adopt CNAPP capabilities that are native-by-design on the world’s most complete AI-powered, enterprise-to-cloud SecOps platform. Cortex Cloud will be available to customers later in Q3 FY25.

Introducing Cortex Cloud Launch Partners

Eager to roll out the differentiated Cortex Cloud to customers are Palo Alto Networks’ esteemed integration partners: CyberCX, DeloitteIBM and Orange Cyberdefense. Together with each partner, Palo Alto Networks will drive end-to-end SecOps transformation across enterprise and cloud environments, enabling organizations to achieve superior risk reduction, rapid threat prevention and streamlined operational efficiency.

To learn more about Cortex Cloud, the Cortex platform and how Palo Alto Networks is transforming cybersecurity through real-time security, read our blog and register for Cortex’s annual signature event, Symphony 2025.

Leave a comment »

New Research from Unit 42 Reveals DeepSeek is Vulnerable to Jailbreaking

Posted in Commentary with tags on January 31, 2025 by itnerd

Palo Alto Networks’ threat intelligence team, Unit 42, released research revealing that DeepSeek is concerningly vulnerable to jailbreaking and can produce nefarious content with little to no specialized knowledge or expertise.

The new research exposes the security risks of employees using unauthorized third-party LLMs and stresses the need to address these vulnerabilities when integrating open source LLMs into business processes. 

The research reveals: 

  • High bypass/jailbreak rates, highlighting the potential risks of emerging attack vectors that can be used by malicious actors
  • Jailbreak methods can elicit explicit guidance for malicious activities and could greatly accelerate their operations
  • Malicious activities include creating keyloggers—software or hardware designed to record keystrokes on a computer or device—as well as stealing and exfiltrating data, demonstrating the security risks to businesses. 

In addition to the research, the team shared commentary from Sam Rubin, SVP of Consulting and Threat Intelligence of Unit 42, discussing the findings.

Unit 42’s DeepSeek jailbreaking research shows that we can’t always trust that LLMs will work as they intend — they are able to be manipulated. It’s important that companies consider these vulnerabilities when building open source LLMs into business processes. We have to assume that LLM guardrails can be broken and safeguards need to be built in at the organizational level.

And, as organizations look to leverage these models, we have to assume threat actors are doing the same—with the goal of accelerating the speed, scale, and sophistication of cyberattacks. We’ve seen evidence that nation state threat actors are leveraging OpenAI and Gemini to launch attacks, improve phishing lures, and write malware. We expect attacker capabilities will get more advanced as they refine their use of AI and LLMs and even begin to build AI attack agents. 

You can read the research here.

1 Comment »

IBM and Palo Alto Networks Find Platformization is Key to Reduce Cybersecurity Complexity

Posted in Commentary with tags , on January 29, 2025 by itnerd

New global research from the IBM Institute for Business Value (IBV) and Palo Alto Networks, found that surveyed organizations are facing security complexity challenges as they juggle an average of 83 different security solutions from 29 vendors. It also shows 7 out of 10 surveyed companies with a high degree of security platformization report their cybersecurity investments have helped business outcomes such as operational efficiencies and revenue generation.

In the study, “Capturing the cybersecurity dividend: How security platforms generate business value,” more than half (52%) of surveyed executives note fragmentation of security solutions is limiting their ability to deal with cyber threats, but 75% of organizations that have embraced security platformization agree that better integration across security, hybrid cloud, AI, and other technology platforms is crucial. The analysis suggests the trend of adding more solutions to combat evolving security threats is contributing to inefficiency – impacting both performance and the bottom line – while moving to a platformized security approach can help businesses achieve reduced response times and costs without sacrificing security efficacy.

Cybersecurity Complexity is a Daunting Reality
Increased digital interconnectedness expands attack surfaces and can create new cybersecurity vulnerabilities. Cyberattacks are becoming more sophisticated and harder to defend against, while AI is being used by both defenders and attackers, creating a race in cybersecurity capabilities.

In an evolving threat landscape, surveyed executives estimate security fragmentation and complexity costs their organizations an average of 5% of their annual revenue. For a $20 billion annual revenue company, that’s a $1 billion cost to the business in aggregate. Tally the costs of security incidents, lost productivity, failed digital transformations, stalled AI initiatives, loss of customer trust and reputational damage and the numbers add up.

Key insights from surveyed business leaders:

  • 52% of executives say complexity is the biggest impediment to their cybersecurity operations;
  • 80% agree they face pressure to reduce the cost of security, and 41% say security fragmentation has driven up procurement costs;
  • 4 out of 5 non-platform organizations say their security operations cannot effectively deal with the sheer quantity of threats and attacks;
  • 80% of platformization adopters say they have full visibility into potential vulnerabilities and threats; and,
  • For platformized organizations, mean time to identify (MTTI) and mean time to contain (MTTC) security incidents are shorter by an average of 72 and 84 days, respectively.

Enhancing Businesses with Platformization: Unleashing the Power of Digital Transformation
In today’s world, the research finds effective security requires platformization. Consolidating multiple tools into a unified platform not only bolsters security posture but enables organizations to experience nearly 4 times better return on investment (ROI) from their cybersecurity investments, leading to revenue generation and increased operational efficiencies.

When it comes to AI, a platform approach can also enable an organization to better ingest and analyze data to deliver actionable insights. With 90% of surveyed executives expecting to scale, optimize, or innovate with AI within the next two years, integrating AI into their platforms can play a critical role in advancing their security preparedness. For example, accelerating adoption of agentic AI for security and tapping platformization for fewer investment cycles; or, using platformization to create the common governance needed to deliver the AI capabilities shaping the future.

By adopting a platformization approach, businesses can align technologies, drive innovation, and prioritize security as a core business requirement. Through IBM and Palo Alto Networks’ strategic partnership, the companies are bringing together leading security platforms, AI, and transformation capabilities to help organizations confidently navigate their digital transformation journey, achieve their desired outcomes and drive substantial business value.

Tips for Platformization Success

  • Choose partners that streamline your security mission and trim those that don’t. Critically evaluate current and potential technology, services, and support partners, and make hard decisions about where to double down and when to part ways.
  • Run your playbook. Stage incident response drills to assess where a unified platform can deliver the greatest impact. Take action to improve your incident response capabilities.
  • Help your business get prepared to respond to threats by putting it to the test. Visit a cyber range to prepare business and technical teams to address the latest cyber threats through an immersive, organization-wide business-focused engagement. IBM and Palo Alto Networks now provide a joint Cyber Range experience in Cambridge, Massachusetts, where clients can leverage the facility to support continuous improvement, training, and change management as they transform their security operating models with platformization.

Additional Resources:

Study Methodology
This IBM Institute of Business Value (IBV) research, conducted in collaboration with Oxford Economics and published in partnership with Palo Alto Networks, surveyed 1,000 executives across 21 industries and 18 countries from July through September 2024. The IBM IBV team then analyzed insights and data from respondents to facilitate the creation of a “platformization index,” which measures the extent to which an organization has moved toward security platformization, then used that index to ascertain the relationship between security platformization and security and business outcomes.

The IBM IBV, IBM’s thought leadership think tank, combines global research and performance data with expertise from industry thinkers and leading academics to deliver insights that make business leaders smarter. For more world-class thought leadership, visit: www.ibm.com/ibv.

Leave a comment »

Unit 42 Research Unveils Biggest Attack Surface Risks

Posted in Commentary with tags on August 20, 2024 by itnerd

Recently, Palo Alto Networks released the 2024 Unit 42 Attack Surface Threat Report unveiling the biggest risks facing the growing attack surface and key recommendations for organizations to strengthen their security postures.

Key points from the report:

  • Attack surface change inevitably leads to exposures: Across industries, attack surfaces are always in a state of flux.
    • On average, an organization’s attack surface has over 300 new services every month. 
    • These additions account for nearly 32% of new high or critical cloud exposures for organizations.
  • Opportunities for lateral movement and data exfiltration are abundant: Just 3 categories of exposures – IT and Networking Infrastructure, Business Operations Applications, and Remote Access Services – account for 73% of high-risk exposures across the organizations
    • These can be exploited for lateral movement and data exfiltration.
  • Critical IT and security services are dangerously exposed to the internet: Over 23% of exposures involve critical IT and security infrastructure, opening doors to opportunistic attacks.
    • These include vulnerabilities in application-layer protocols like SNMP, NetBIOS, PPTP, and internet-accessible administrative login pages of routers, firewalls, VPNs, and other core networking and security appliances.
  • Industry Attack Surface Outlook
    • Analysis revealed that the media and entertainment industry experienced the highest rate of new services added, exceeding 7,000 per month. 
    • The telecommunications, insurance, pharma and life sciences sectors also faced substantial increases, with over 1,000 new services added to their attack surfaces. 
    • Critical industries such as financial services, healthcare, and manufacturing saw their attack surfaces add over 200 new services every month. 
    • For the past three years, Unit 42 analysis has consistently identified professional services, healthcare, high technology, finance, manufacturing, wholesale and retail as the top 6 industries to which we’ve provided IR services.

You can read the report here.

Leave a comment »

Palo Alto Networks Cloud Security Report Is Out

Posted in Commentary with tags on May 15, 2024 by itnerd

Today, Palo Alto Networks released its global 2024 State of Cloud Native Security Report. Some highlights:

Impact of AI on the Application Lifecycle: 100% of survey respondents—a first-ever unanimous response —are embracing AI-assisted application development. However, the #1 concern in cloud security right now is the unforeseen vulnerabilities and exploits introduced by AI-generated code. More than 2 in 5 security professionals (43%) predict AI-powered threats will evade traditional detection techniques to become a more common threat vector.

Security is a Roadblock: 84% of respondents say that security processes cause delays to their project timelines. In fact, security is a gating factor hindering software releases, according to 86% of respondents. 

Security/Developer Relationship: 92% of respondents agree that conflicting priorities for DevOps and cloud SecOps hinders efficient development and deployment. More alarmingly, 71% say that rushed deployments have introduced security vulnerabilities. 52% of respondents cited conflict between DevOps and SecOps as a significant source of stress. 

Consolidation Continues: According to respondents, they use an average of 16 cloud security tools from an average of 14 different vendors. 91% of respondents say the number of point tools used creates blind spots that affect their abilities to prioritize risk and prevent threats. To this point, 98% of respondents want to reduce the number of cloud security tools in use.

You can view the full report HERE.

Leave a comment »

Palo Alto Networks Launches Private 5G Security Solutions with Partner Ecosystem

Posted in Commentary with tags on February 27, 2024 by itnerd

Palo Alto Networks today announced end-to-end private 5G security solutions and services in collaboration with leading Private 5G partners. Bringing together Palo Alto Networks® enterprise-grade 5G Security and Private 5G partner integrations and services allows organizations to easily deploy, manage, and secure networks throughout their entire 5G journey. The launch addresses the need and desire for validated 5G integrations and furthers Palo Alto Networks strategic vision of an integrated, ecosystem approach to safeguard 5G deployments.

The speed, reliability, and flexibility of 5G networks are essential to national infrastructure and mission-critical environments; however, the massive amounts of data transmitted across 5G networks provide a target for threat actors seeking to exploit vulnerabilities. C-Level executives agree – in a recent Palo Alto Networks study, almost 70% of executives identified 5G-connected devices as a growing threat vector in operational technology (OT). With 5G also expected to contribute $1 trillion to the global economy in 2030, there is urgency to better protect today’s more complex networks, cloud-native solutions, and distributed environments to facilitate this growth.  

Fueled by a convergence of AI, Zero Trust, regulatory, and compliance mandates, Palo Alto Networks 5G Security helps organizations protect themselves against the latest threats, ensuring comprehensive security across evolving network landscapes. Combining industry-leading security solutions with disruptive Private 5G partner technologies and services enables customers to build security into their networks from the ground up, protecting the entire 5G infrastructure and mission-critical traffic it carries.

Palo Alto Networks Private 5G partners are vetted via lab testing and have proven success with customers with Private 5G networks. Initial Private 5G partners include Celona, Druid, Ataya, NETSCOUT, NVIDIA, and NTT DATA.

  • Celona, Druid, Ataya: Organizations building new private 5G networks with these partners can easily secure radio networks through integrations with Palo Alto Networks 5G Security.
  • NETSCOUT: Pervasive, packet-level network visibility will combine at scale with Palo Alto Networks 5G Security, helping security teams gain deep visibility to make intelligent policy decisions.
  • NVIDIA: Scalable 5G security ensures that AI-powered applications are optimized for speed, security, traffic accuracy, and data isolation to maintain data sovereignty and achieve multi-terabit, cost-effective security for mobile networks.
  • NTT DATA: An innovative and complete technology stack, network infrastructure capabilities, and trusted IT consulting and global system integration services help customers quickly and easily deploy, manage, and secure their private 5G networks.

See what Palo Alto Networks has in store for 5G at Mobile World Congress Barcelona, Hall 4 #4D55.

Leave a comment »

Newer Entries »