* [Blog](https://www.paloaltonetworks.com.au/blog)
* [SASE](https://www.paloaltonetworks.com.au/blog/sase/)
* [Product Features](https://www.paloaltonetworks.com.au/blog/sase/category/product-features/)
* ML-powered Threat Protect...

# ML-powered Threat Protection in Prisma Access Secures Hybrid Workforce

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2Fsase%2Fml-powered-threat-protection-in-prisma-access-secures-hybrid-workforce%2F)  
[](https://twitter.com/share?text=ML-powered+Threat+Protection+in+Prisma+Access+Secures+Hybrid+Workforce&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2Fsase%2Fml-powered-threat-protection-in-prisma-access-secures-hybrid-workforce%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com.au%2Fblog%2Fsase%2Fml-powered-threat-protection-in-prisma-access-secures-hybrid-workforce%2F&title=ML-powered+Threat+Protection+in+Prisma+Access+Secures+Hybrid+Workforce&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com.au/blog/sase/ml-powered-threat-protection-in-prisma-access-secures-hybrid-workforce/&ts=markdown)  
\[\](mailto:?subject=ML-powered Threat Protection in Prisma Access Secures Hybrid Workforce)  
Link copied  
By [Don Meyer](https://www.paloaltonetworks.com/blog/author/don-meyer/?ts=markdown "Posts by Don Meyer")  
Oct 04, 2022  
5 minutes  
[Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown)  
[Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)  
[hybrid workforce](https://www.paloaltonetworks.com/blog/tag/hybrid-workforce/?ts=markdown)  
[ML-powered](https://www.paloaltonetworks.com/blog/tag/ml-powered/?ts=markdown)  
[Prisma Access](https://www.paloaltonetworks.com/blog/tag/prisma-access/?ts=markdown)  
[ZTNA 2.0](https://www.paloaltonetworks.com/blog/tag/ztna-2-0/?ts=markdown)

It's clear that where and how we work has forever changed. Work used to be a physical place we all went to be able to get access to all the applications, data, and resources needed to do our jobs, but now it's being done everywhere. Hybrid work has emerged as the accepted standard, empowering employees to work where they feel most productive - home offices, branch offices, corporate offices, and all points in between.

Businesses had to [accelerate their transformation initiatives](https://www.forbes.com/sites/forbestechcouncil/2021/01/15/how-the-pandemic-has-accelerated-cloud-adoption/?sh=340d48cf6621) and embrace a cloud-first approach to make the hybrid workforce a reality. This transformation drove greater business flexibility and agility, but it also exploded an already vast attack surface exposing major gaps in security approaches that were never designed to accommodate the sheer scope of users, applications, and data being anywhere.

Cyber adversaries exploited these security gaps and widened attack surface with a [dramatic increase in cyber attacks](https://www.statista.com/statistics/1258261/covid-19-increase-in-cyber-attacks/). Malicious actors began unleashing a trove of new attacks leveraging speed, precision, and persistence, duping unsuspecting and unsavvy users into willingly giving up their access credentials to gain footholds into corporate networks. Attackers began to use more automated and evasive techniques that easily evaded formerly known "tried-and-true" security practices.

**Whack-a-mole 2.0**

The relentless pace and sophistication of these new and highly evasion-resistant attacks pushed legacy signature and database-based security approaches to the breaking point. The legacy approaches require security teams to identify an alert further down the attack chain. Once identified, the team then performs manual investigation and responses to deliver prevention signatures days after the initial victim had already been compromised. This results in a never-ending game of whack-a-mole where adversaries always seem to have the upper hand.

The time it takes to create new prevention signatures is incongruent with cybercriminal speed and automated attack delivery. To successfully protect hybrid workers against today's threats, secure access solutions must be able to quickly detect and validate unknown threats while operating on live traffic to see and stop attacks as they happen, all without impacting user productivity.

Security teams now have the tools to make this real-time threat detection and eradication happen. [Prisma Access](https://www.paloaltonetworks.com/sase/access) has cloud-delivered, advanced threat prevention capabilities that leverage [deep, inline machine learning](https://www.paloaltonetworks.com/blog/2022/02/inline-deep-learning/). Security teams can now prevent even the most evasive threats just as they try to infiltrate their networks.

Prisma Access protects the hybrid workforce with the [superior security of ZTNA 2.0](https://www.paloaltonetworks.com/engage/ztna-2-0-on-demand) while providing exceptional user experiences from a simple, unified security product. Purpose-built in the cloud to secure at cloud scale, only [Prisma Access with ZTNA 2.0](https://www.paloaltonetworks.com/sase/ztna) provides best-in-class capabilities that dramatically reduce the risk of a data breach while consistently protecting all users, devices, applications, and data everywhere. These ZTNA 2.0 capabilities are now further enhanced with powerful advanced threat prevention capabilities using cutting-edge, deep machine learning to effectively stop unknown attacks in real-time.

**Get the Cloud-Delivered Ability to Stop Unknown Threats with Prisma Access**

Security practitioners can finally turn the tables on adversaries with the new advanced threat prevention capabilities in [Prisma Access](https://www.paloaltonetworks.com/sase/access). Prisma Access now provides:

* **Advanced Threat Prevention Security** . The ML-powered advanced threat prevention security allows Prisma Access to quickly detect and prevent malicious command-and-control communications over SSL, HTTP, and unknown TCP/UDP protocols. It also provides additional visibility into associated malware families, including MITRE ATT\&CK tactics and techniques for preventing unknown attacks using purpose-built ML and inline deep learning models. Prisma Access identifies unknown threats with shared data from the industry's largest enterprise malware analysis community, including threats submitted from networks, endpoints, clouds, and third-party partners. Leveraging our custom-built hypervisor with bare metal analysis, [WildFire](https://www.paloaltonetworks.com/network-security/wildfire) uses various complementary analysis engines that can detect sandbox-evading attacks.
* **Advanced DNS Security**. This capability enhances the leading DNS security capabilities currently available in Prisma Access with inline machine learning that applies automated and real-time protections to disrupt command-and-control callback and other DNS-based attacks. It also prevents security measure bypassing and eliminates the need for independent tools or changes to DNS routing.
* **Advanced URL Filtering**. This feature takes web security to a new level by combining powerful database protections with an ML-powered web security engine that categorizes and blocks new malicious URLs in real-time to provide superior protection against web-based threats, such as phishing, malware, and command-and-control. What's more, industry-leading phishing protection now tackles the most common causes of breaches through fine-grained controls and policy settings that automate security actions based on users, risk ratings, and content categories.

The deep learning and inline ML-powered threat prevention capabilities in Prisma Access are tuned to "learn" how to identify tell-tale signs of threats and what to look for when new threats emerge, providing instant protection for hybrid workforces and hybrid environments without requiring a first victim or manual intervention.

[Schedule your Prisma Access test drive](https://www.paloaltonetworks.com/resources/test-drives?topic=sase) and find out how you can take back the upper hand from your adversaries by deploying ML-powered advanced threat prevention security in Prisma Access. Stop the whack-a-mole game you've been forced to play with signature and database security approaches.

*** ** * ** ***

## Related Blogs

### [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)

[#### SASE Solution: Why A Single Vendor Approach Needs a Next-Gen SD-WAN](https://www.paloaltonetworks.com.au/blog/sase/a-successful-sase-initiative-begins-with-a-next-generation-sd-wan/)

### [Cloud-delivered Security](https://www.paloaltonetworks.com/blog/sase/category/cloud-delivered-security/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Zero Trust Security](https://www.paloaltonetworks.com/blog/category/zero-trust-security/?ts=markdown)

[#### Prisma Access \& Cloud Dynamic User Groups Find Risky Users](https://www.paloaltonetworks.com.au/blog/sase/prisma-access-cloud-dynamic-user-groups-find-risky-users/)

### [Mobile Users](https://www.paloaltonetworks.com/blog/sase/category/mobile-users/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Prisma Access Configures Cloud-Based and On-Prem Authentication](https://www.paloaltonetworks.com.au/blog/sase/improve-cloud-based-on-prem-authentication-posture/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Extending Our SASE Leadership with Next-Gen CASB Innovations](https://www.paloaltonetworks.com.au/blog/2022/08/sase-leadership-with-next-gen-casb-innovations/)

### [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)

[#### Accelerate Mean Time to Resolution with ADEM Segment Wise Insights](https://www.paloaltonetworks.com.au/blog/sase/accelerate-mean-time-to-resolution-with-adem-segment-wise-insights/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Mobile Users](https://www.paloaltonetworks.com/blog/sase/category/mobile-users/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/sase/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Why ZTNA 1.0's Allow-and-Ignore Model Is a Recipe for Disaster](https://www.paloaltonetworks.com.au/blog/2022/05/allow-and-ignore-model-is-a-recipe-for-disaster/)

### Subscribe to Sase Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com.au/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language