Raising the Bar for Incident Response
Unit 42 is now NCSC Enhanced Level CIR assured, proving our commitment to exceed the highest global standards for incident response and trust.
Security Operations
Security Operations
Must-Read Articles
Product Features
Use-Cases
News and Events
Partner Integrations
Playbook of the Week
SCCM: Enterprise Backbone or Attack Vector? Part 2
Learn how attackers exploit Microsoft SCCM infrastructure through LDAP, WMI enumeration & detection strategies to secure enterprise environments.
SCCM: Enterprise Backbone or Attack Vector?
Learn how attackers exploit Microsoft SCCM infrastructure through LDAP, WMI enumeration & detection strategies to secure enterprise environments.
Palo Alto Networks and MITRE ATT&CK® Evaluations: Enterprise 2025
To further accelerate innovation for our customers, Palo Alto Networks will not participate in the 2025 MITRE ATT&CK® Evaluations after two years of leading results.
Why Integrated File Integrity Monitoring Matters for Elevating Your Securit...
Strengthen security & compliance with integrated File Integrity Monitoring (FIM). Learn how Cortex FIM provides real-time detection of unauthorized ch...
More Blogs
Displaying 1—16 of
520 results
Sort By:
Security Operations Under Fire Inside Black Hat's NOC
Palo Alto Networks secures Black Hat's NOC, managing billions of threat events with AI-driven automation, multivendor integration and rapid crisis response.
The Challenge of Cybersecurity Frenemies and Collaboration
Michael Sikorski discusses how cybersecurity relies on "frenemies" building cultural bridges to collaborate against shared threats, as attackers already do.
Cortex XDR Is the Only Endpoint Security Market Leader Certified in Both AV...
Cortex XDR is the only endpoint security market leader certified in both AV-Comparative EDR Detection and Anti-Tampering tests, proving superior threat detection.
SE Labs Awards Palo Alto Networks AAA Rating and 100% Prevention Against Ra...
SE Labs awards Palo Alto Networks Cortex XDR a perfect 100% accuracy rating and AAA grade for ransomware protection with zero false positives.
Think You Have Visibility? Think Again.
Discover how Cortex XDR & XSIAM's Data Stitching and Smart Grouping unify security data, streamline SecOps, and accelerate threat investigations.
Security by Design — UX and AI in Modern Cybersecurity
Nelson Lee reveals how thoughtful design and emerging AI technologies are reshaping cybersecurity operations from the ground up.
What’s New for Cortex (July ‘25)
The latest release of Cortex harnesses AI to deliver more proactive security, expand visibility, and streamline workflows.
How Apps and Your Phone Can Expose Your Life Without Permission
Security challenges encompass the entire ecosystem of apps, services and IoT devices that modern consumers use without understanding the data exposure...
Disrupting Legacy Vulnerability Management
Introducing the general availability of Cortex Exposure Management, a groundbreaking solution that will redefine traditional vulnerability management.
Cortex Advanced Email Security – Built for Today’s AI Threats
Cortex Advanced Email Security uses AI to stop sophisticated phishing, BEC, and GenAI-powered attacks that bypass traditional email security solutions...
A Leader in the 2025 Gartner Magic Quadrant for EPP — 3 Years Running
Redefining endpoint security with Cortex XDR a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platf...
Why Diverse Cloud Environments Require Flexible Security
Can multicloud environments rely on one CSP to secure all their cloud environments?
Global Reach — The New Scale of Chinese Cyberthreats
David Moulton and Wendi Whitmore of Palo Alto Networks, put today's threat landscape in stark historical perspective as they discuss Chinese cyberthreats.
Cloud Infrastructure Entitlement Management, Cloud Workload Protection, CSO Perspective, Must-Read Articles
The Next Wave of Cybersecurity
Traditional cloud security fails against real-time attacks. Protect with a unified approach: best-in-class CDR combined with industry-leading CNAPP.
Baby Tigers Bite — The Hidden Risks of Scaling AI Too Fast
AI systems scale from prototypes to production environments, as do the risks. Is your organization planning for the AI baby tiger or full-grown AI pre...
Modern SIEM Journeys: Notes from the Migration Trail
Energy, finance and insurance SOCs cut alert noise 75% and MTTR 98% by moving from legacy SIEM to Cortex XSIAM’s unified, AI-driven security platform.
More Blogs
Displaying 1—16 of
500 results
Sort By:
Announcement, Application Security, Cloud Security, CNAPP, News and Events, Product Features, Products and Services
Introducing Cortex Cloud — The Future of Real-Time Cloud Security
Cortex Cloud brings the world’s leading CNAPP onto the #1 SecOps platform, delivering real-time protection — for the fir...
A Leader in the 2024 Gartner Magic Quadrant for EPP
Palo Alto Networks was named a leader in endpoint protection platforms by Gartner for Cortex XDR.
Introducing XSIAM 3.0
XSIAM is expanding from reactive response to proactive defense, transforming exposure management and email security with unified data, AI and automation.
Forrester Names Palo Alto Networks a Leader in XDR
Palo Alto Networks was named a leader in extended detection and response platforms by Forrester for Cortex XDR.
Cortex Email Security Module: Defending Against Evolving Email Threats
Discover how Cortex Email Security Module detects sophisticated phishing attacks through AI-powered analysis, cross-domain correlation, and automated ...
MITRE ATT&CK Evaluations — Cortex XDR Among Elite in Endpoint Security
Palo Alto Networks achieves top MITRE ATT&CK 2024 results with 100% detection rates against evolving AI-powered cyber threats.
A Deep Dive Into Malicious Direct Syscall Detection
This blog explains how attackers use direct syscalls to overcome most EDR solutions, by first discussing the conventional Windows syscall flow and how most EDR solutions monitor those calls.
Automating Response to Suspicious Process Executions
This playbook automates the investigation and response to suspicious process executions triggered by a scheduled task.
Forrester Names Palo Alto Networks a Leader in Attack Surface Management
Palo Alto Networks was named a leader in attack surface management by Forrester for Cortex Xpanse.
NL2XQL: Turning Natural Language into Powerful Cybersecurity Querying
NL2XQL transforms natural language into powerful XQL queries, making cybersecurity investigations accessible to all security teams without requiring d...
Automating Response to Unauthorized Scheduled Task Executions
Discover how Cortex XSIAM automates detection and response to malicious scheduled tasks that reference external HTTP/FTP sources for improved security...
Automating Response to Unauthorized Tor Logins
The A Successful Login from Tor playbook in Cortex XSIAM enhances security teams’ ability to detect and respond to unauthorized access attempts using Tor. By automating identity verification, automated remediat...
Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps
Palo Alto Networks announces Unit 42 Managed XSIAM, a solution that provides 24/7 expert-led defense across every attack surface.
Detecting Threats with Microsoft Graph Activity Logs
Discover how Microsoft Graph API is used as an attack vector by threat actors through a real-world attack scenario. Find out why monitoring Microsoft Graph activity logs is important and how Cortex delivers tai...
Creating an Automated Workflow for Account Lockout Resolution
This playbook automates and speeds up response to excessive user account lockouts, which could indicate a credential-based attack.
Flexible Security Data Management with Cortex XSIAM & Cribl
Cortex XSIAM now integrates with Cribl to help security teams route high-quality data, fuel AI-driven operations, and detect threats fast with full vi...
Subscribe to Security Operations Blogs!
Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.