Corporate Blogs

The Case for Multidomain Visibility

The Case for Multidomain Visibility

Get key insights from the 2025 Unit 42 Global Incident Response Report. Defend against complex, multidomain cyberattacks with unified visibility, AI-powered detection and identity ...
Oct 01, 2025
By 
Salesforce-Connected Third-Party Drift Application Incident Response

Salesforce-Connected Third-Party Drift Application Incident Response

Companies were impacted by a Salesloft Drift data breach. Our investigation reveals exfiltrated data includes business contact and sale...
Sep 02, 2025
Securing the AI Before Times

Securing the AI Before Times

The cybersecurity landscape is being reshaped by AI, requiring a fundamental rethinking of our approach to cyber resilience and a new security framework.
Aug 28, 2025
A Leader in the First Gartner Magic Quadrant for Hybrid Mesh Firewall

A Leader in the First Gartner Magic Quadrant for Hybrid Mesh Firewall

Palo Alto Networks named a Leader in the 2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall in its inaugural report
Aug 27, 2025
Palo Alto Networks Named a Leader in WW Incident Response Services

Palo Alto Networks Named a Leader in WW Incident Response Services

Palo Alto Networks is positioned as a Leader in the IDC MarketScape: Worldwide Incident Response 2025 Vendor Assessment.
Aug 25, 2025
By 
What Is a Hybrid Mesh Firewall and Why It Matters

What Is a Hybrid Mesh Firewall and Why It Matters

Palo Alto Networks Strata Network Security Platform delivers AI-powered, unified hybrid me...
Aug 25, 2025
The Challenge of Cybersecurity Frenemies and Collaboration

The Challenge of Cybersecurity Frenemies and Collaboration

Michael Sikorski discusses how cybersecurity relies on "frenemies" building cultural bridges to collaborate against shared threats, as attackers already do.
Aug 20, 2025
Value Exchange in Cybersecurity

Value Exchange in Cybersecurity

Working with our partners, we're on a shared mission to deliver better security outcomes. Consider the strength of a vendor's partnerships.
Aug 19, 2025

Network Security Blogs

Red Teaming Your AI Before Attackers Do

Red Teaming Your AI Before Attackers Do

Learn why traditional security fails against unique AI threats like prompt injection, and how continuous AI red teaming is vital for secure deployment.
Oct 01, 2025
The Modern Firewall for the Enterprise of Connected Devices

The Modern Firewall for the Enterprise of Connected Devices

The Palo Alto Networks hybrid mesh firewall delivers unified security, visibility & control for users, workloads & connected devices enterprise-wide.
Sep 30, 2025
From Chaos to Command: An Organization's Journey to Master Multicloud

From Chaos to Command: An Organization's Journey to Master Multicloud

How organizations can master multicloud security by moving from chaos to command with a unified framework to discover, deploy, protect, and operationalize.
Sep 29, 2025
Cloud NGFW for Azure by Palo Alto Networks | Scalable FWaaS Security

Cloud NGFW for Azure by Palo Alto Networks | Scalable FWaaS Security

Get scalable, fully managed security for Azure. New auto scaling and AppInsights integration lets you balance speed, scale, and security.
Sep 25, 2025
When Hidden Flaws Surface: Securing AI at Runtime

When Hidden Flaws Surface: Securing AI at Runtime

Is your AI chatbot secure? With every prompt, new attack vectors emerge. Learn how runtime security protects your AI from evolving threats in real time.
Sep 23, 2025
Enterprise & Branch Security with Palo Alto Networks New NGFWs

Enterprise & Branch Security with Palo Alto Networks New NGFWs

Get the latest details on the 14 new NGFWs Palo Alto Networks released to secure data centers, enterprise branches and remote locations.
Sep 22, 2025
Protecting the Utility Grid’s Digital Ecosystem, from Core to Edge to AI

Protecting the Utility Grid’s Digital Ecosystem, from Core to Edge to AI

Securing private 4G & 5G networks helps utilities enable critical service continuity & maintain community safety and trust.
Sep 17, 2025
Securing the Future of AI

Securing the Future of AI

Discover how Palo Alto Networks Prisma AIRS provides end-to-end AI security, protecting models, agents, apps and data across the entire AI lifecycle.
Sep 17, 2025

SASE Blogs

Prisma Browser Innovations: AI-Powered Security for Enterprise Work

Prisma Browser Innovations: AI-Powered Security for Enterprise Work

Protect your enterprise with AI-powered Prisma Browser to stop web threats, enforce password policies & secure all apps beyond SSO.
Oct 01, 2025
Why Securing Web Sessions is the Missing Link in Zero Trust

Why Securing Web Sessions is the Missing Link in Zero Trust

Identity has become the new battleground. In a world where work happens everywhere and applications live in the cloud, passwords, passwordless authentication, and even MFA can no l...
Sep 17, 2025
Prisma SASE a Leader in Forrester Wave: Secure Access Service Edge

Prisma SASE a Leader in Forrester Wave: Secure Access Service Edge

Forrester has named Palo Alto Networks a Leader in its newly released report, The Forrester Wave™: Secure Access Service Edge Solutions, Q3 2025.
Sep 11, 2025
Prisma SASE 4.0: Powering the AI-Ready Enterprise

Prisma SASE 4.0: Powering the AI-Ready Enterprise

Prisma SASE 4.0 powers the AI-ready enterprise with AI-powered threat protection, frictionless data security and unified, intelligent o...
Sep 04, 2025
The End of Data Leaks: Modern Data Security Begins in the Browser

The End of Data Leaks: Modern Data Security Begins in the Browser

See how Prisma Access Browser provides a proactive, intelligent and user-centric approach that ensures sensitive data is protected in t...
Deliver a Best-of-Breed Application Experience with Prisma SD-WAN

Deliver a Best-of-Breed Application Experience with Prisma SD-WAN

Prisma SD-WAN provides the automation, intelligence, and deep insight needed to deliver secure and reliable application experiences.
Aug 28, 2025
Raising the Bar for Endpoint Security: Prisma Access Browser & IGEL

Raising the Bar for Endpoint Security: Prisma Access Browser & IGEL

Prisma Access & IGEL address the modern challenges of a browser-first workspace with a unified solution that secures work from endpoint to cloud.
Aug 27, 2025
Why Your AI Agent Needs a Performance Review

Why Your AI Agent Needs a Performance Review

CxOs need to unlock the true potential of AI without the fear of a friendly AI agent accidentally bringing down the house.
Aug 13, 2025

Cloud Security Blogs

Beyond Shift Left: Why Application Security Needs Smart Context

Beyond Shift Left: Why Application Security Needs Smart Context

Application security posture management (ASPM) turns scans into context, prioritizes risk, and embeds guidance in developer workflows to prevent produ...
Sep 26, 2025
The Expanding API Attack Surface

The Expanding API Attack Surface

API security for cloud-native teams: discover every API, prioritize risk with context, and enable real-time protection without slowing developers.
Sep 24, 2025
How Auto-Remediation Shifts the Odds in Cloud Security

How Auto-Remediation Shifts the Odds in Cloud Security

CNAPP autoremediation streamlines cloud security by cutting alert noise, enforcing guardrails, and driving faster, safer outcomes for teams.
Sep 17, 2025
Breakdown: Widespread npm Supply Chain Attack Puts Billions of Weekly Downloads at Risk

Breakdown: Widespread npm Supply Chain Attack Puts Billions of Weekly Downl...

npm supply chain attack exposed billions of downloads to risk. Learn how malicious packages spread and how to prevent threats with Cortex Cloud.
Sep 10, 2025
Accelerate Secure Development by Automating Delivery of a Compliant Cloud Infrastructure

Accelerate Secure Development by Automating Delivery of a Compliant Cloud I...

Cortex Cloud and HashiCorp Terraform integration secures cloud infrastructure by default, enabling fast, compliant provisioning and reduced risk.
Sep 09, 2025
Taking Cloud Security from Visibility to Prevention with eBPF

Taking Cloud Security from Visibility to Prevention with eBPF

eBPF delivers real-time cloud security with deep visibility, stability, and speed—enabling Cortex to protect workloads w...
Aug 27, 2025
Why Self-Managed AI Models Are Blind Spots and What to Do About It

Why Self-Managed AI Models Are Blind Spots and What to Do About It

Understand the real AI security risks of running self-managed models, from hidden deployments to supply chain threats, and how to effectively monitor ...
Aug 18, 2025
Microsoft Entra Permissions Management to Retire: Why the Time for a Vendor-Neutral CIEM Is Now

Microsoft Entra Permissions Management to Retire: Why the Time for a Vendor...

Microsoft Entra Permissions Management retirement leaves multicloud identities exposed. Discover why a vendor-neutral CIEM is essential and how Cortex...
Aug 15, 2025

Security Operations Blogs

Defending against Phantom Taurus with Cortex

Defending against Phantom Taurus with Cortex

New APT threat actor, Phantom Taurus, is targeting global organizations. Learn more about how Cortex defends, prevents and responds to malware suite, NET-STAR.
Sep 30, 2025
The Case for Multidomain Visibility

The Case for Multidomain Visibility

Get key insights from the 2025 Unit 42 Global Incident Response Report. Defend against complex, multidomain cyberattacks with unified v...
Oct 01, 2025
By 
The Ransomware Speed Crisis

The Ransomware Speed Crisis

There is a ransomware speed crisis. Attacks have accelerated 100x faster since 2021. Discover why traditional security fails and build AI-powered defenses.
Sep 24, 2025
Cortex XDR is the Only Endpoint Security Market Leader to Achieve 99% in Both Threat Prevention and Response in AVC EPR

Cortex XDR is the Only Endpoint Security Market Leader to Achieve 99% in Bo...

Palo Alto Networks Cortex XDR achieves 99% in both threat prevention & response in AV-Comparatives 2025 EPR test - the only endpoint se...
Sep 23, 2025
Raising the Bar for Incident Response

Raising the Bar for Incident Response

Unit 42 is now NCSC Enhanced Level CIR assured, proving our commitment to exceed the highest global standards for incident response and trust.
Sep 18, 2025
SCCM: Enterprise Backbone or Attack Vector? Part 2

SCCM: Enterprise Backbone or Attack Vector? Part 2

Learn how attackers exploit Microsoft SCCM infrastructure through LDAP, WMI enumeration & detection strategies to secure enterprise env...
Sep 17, 2025
SCCM: Enterprise Backbone or Attack Vector?

SCCM: Enterprise Backbone or Attack Vector?

Learn how attackers exploit Microsoft SCCM infrastructure through LDAP, WMI enumeration & detection strategies to secure enterprise env...
Sep 16, 2025
Palo Alto Networks and MITRE ATT&CK® Evaluations: Enterprise 2025

Palo Alto Networks and MITRE ATT&CK® Evaluations: Enterprise 2025

To further accelerate innovation for our customers, Palo Alto Networks will not participate in the 2025 MITRE ATT&CK® Evaluations after two years of leading results.
Sep 12, 2025

Unit 42 Threat Research

company article

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-...

We detail the observed limited activity regarding authentication bypass vulnerability CVE-2024-0012 affecting specific versions of PAN-OS software, and include ...
November 22, 2024
By  Unit 42
company article

TOTOLINK X6000R: Three New Vulnerabilities Uncovered

Researchers identified vulnerabilities in TOTOLINK X6000R routers: CVE-2025-52905, CVE-2025-52906 and CVE-2025-52907. We discuss root cause and impact....
October 1, 2025
company article

Phantom Taurus: A New Chinese Nexus APT and the Discovery of the ...

Phantom Taurus is a previously undocumented Chinese threat group. Explore how this group's distinctive toolset lead to uncovering their existence....
September 30, 2025
company article

Threat Insights: Active Exploitation of Cisco ASA Zero Days

CVE-2025-20333, CVE-2025-20362 and CVE-2025-20363 affect multiple Cisco products, and are being exploited by a threat actor linked to the ArcaneDoor campaign. ...
September 26, 2025
company article

Bookworm to Stately Taurus Using the Unit 42 Attribution Framewor...

We connect Bookworm malware to Chinese APT Stately Taurus using our attribution framework, enhancing our understanding of threat group tradecraft....
September 24, 2025
company article

"Shai-Hulud" Worm Compromises npm Ecosystem in Supply Chain Attac...

Self-replicating worm “Shai-Hulud” has compromised hundreds of software packages in a supply chain attack targeting the npm ecosystem. We discuss scope and ...
September 23, 2025
By  Unit 42
company article

Operation Rewrite: Chinese-Speaking Threat Actors Deploy BadIIS i...

SEO poisoning campaign "Operation Rewrite” uses a malicious IIS module called BadIIS to redirect users to unwanted websites....
September 22, 2025
company article

Myth Busting: Why "Innocent Clicks" Don't Exist in Cybersecurity

Unit 42 explores how innocent clicks can have serious repercussions. Learn how simply visiting a malicious site can expose users to significant digital dangers....
September 16, 2025

Subscribe to the Newsletter!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.