โŒ

Normal view

Received โ€” 19 May 2026 โญ Palo Alto Networks Blog

The โ€œWhyโ€ Behind NextWaveโ€™s New Requirements

14 May 2026 at 15:00

Helping Partners Stay Competitive for the Future

Key Takeaways

  • The evolved NextWave Partner Program raises expectations while strengthening enablement, incentives and the Partner Development Fund to support partner growth and reinvestment.
  • Levels and specializations are more closely aligned to next-generation security priorities, helping partners deepen expertise and making partner distinctions more meaningful for customers.
  • These changes help create a more capable partner ecosystem, with deeper capabilities, greater alignment with customer needs, and a stronger foundation to support the future of security.

Cybersecurity partnerships are operating in a more demanding environment. As customers consolidate vendors, modernize security architectures and adopt artificial intelligence (AI) across the enterprise, theyโ€™re placing greater expectations on partners to help guide decisions across network, cloud and security operations. They also want clearer evidence that their selected partners have invested in growing the skills and expertise needed to support more integrated and fast-changing security priorities.

The Palo Alto Networks NextWave Partner Program has evolved to help partners meet these heightened expectations. As security delivery becomes broader and more strategic, customers are placing more weight on what a partnerโ€™s credentials actually represent. Thatโ€™s why stronger performance and enablement requirements are part of our reimagined program. The new requirements help partners better understand what they need to build real capability and advance within our program. They also give more substance to the designations customers see when choosing a partner.

Our objective was never simply to raise the standards for engagement in our program. It was to inspire partners at all levels โ€“ Registered, Innovator, Platinum and Diamond โ€“ to invest deliberately and continuously in learning, so they can deepen their proficiency and earn specializations that will help them stay competitive and build and deliver the future of security.

Why Requirements and Incentives Had to Evolve Together

Raising performance expectations was only part of the work in evolving the NextWave program. We also wanted to give our partners compelling reasons to invest in the capabilities Palo Alto Networks wants to see scale. That meant looking more closely at how standards, specializations and incentives fit together, and how we can help accelerate mutual success.

We are providing our partners with better access, better visibility and better support for learning and enablement. In turn, we are recognizing and rewarding partners for their efforts to develop and maintain the competency, capability and capacity needed to go to market successfully with Palo Alto Networks.

This approach, shaped largely by partner feedback, is designed to make incentives easier to access while still directing partner investment toward deeper specialization and next-gen security capabilities. Program levels and product specializations help define what partners need to do to grow within our program and to excel at selling, supporting or delivering Palo Alto Networks products and services.

The programโ€™s Partner Development Fund adds another dimension to this evolved model. It gives all partners a more deliberate way to reinvest a portion of their earned incentives into the capabilities they need to stay competitive and innovate, including training, certification, workshops, demos and other strategic activities that help strengthen their teamโ€™s overall readiness over time. In that sense, the program is both rewarding current performance and driving mutual growth.

Training and Enablement that Move with the Market

As we continue to strengthen our partner program, Palo Alto Networks is refreshing courses, updating certification paths and redesigning training to better reflect the customer needs that partners are helping to address today, including emerging areas like AI security.

Notable improvements:

  • Introduced more online, on-demand learning experiences across all products and across all roles, including sales, technical presales and post-sales professionals.
  • Expanded access to lab environments for hands-on experiences, as well as access to perform demos for customers.
  • Injected AI roleplay into learning experiences to help sales and presales teams improve their ability to educate customers about our products and services while addressing questions or concerns.
  • Instituted a continuous education component that encourages partners to stay current with certifications and other program requirements, so they donโ€™t need to be tested annually.

Our aim with these changes is to keep learning options relevant, practical and easier to engage in and apply in practice. We believe product and services training should help partners deepen expertise, validate skills and stay current as technologies, customer expectations and threats shift. It should also recognize the experience many professionals already bring to the table, with learning paths that are rigorous without being repetitive or unnecessarily burdensome.

Ultimately, the impact of providing more effective enablement for our partners (and outlining clear requirements for advanced specializations and total certified staff for specific partner paths) positively impacts the customer experience through more informed conversations, stronger design guidance and more consistent support across the entire security lifecycle.

A More Focused Program to Help Accelerate Next-Generation Security

Part of what makes the current evolution of the NextWave program so significant is its focus on helping partners build the bench strength they will need to stay competitive as security becomes more platform-driven, AI-influenced and interconnected across domains. The program also encourages bookings tied to next-generation security priorities, helping direct partner investment toward the areas customers are prioritizing most. That focus is especially visible in areas such as Idiraยฎ,ย Prismaยฎ SASE, Cortexยฎ Cloudโ„ข and Cortex, where customer demand and program priorities are increasingly aligned.

The benefits of that alignment extend beyond the partner organization. Customers gain access to partners that are better prepared to support more connected security strategies without adding unnecessary complexity. They can work with partners that are building expertise around the technologies and use cases becoming more central to modern enterprise security programs.

This kind of alignment also strengthens the broader ecosystem. It creates a clearer connection between customer needs, partner capabilities and Palo Alto Networks platform strategy. Itโ€™s the value exchange in cybersecurity in action: Ongoing investment in knowledge, skills and services that helps partners grow while giving customers faster time-to-value realization.

What Stronger Program Requirements Mean for Customers

For customers, stronger requirements for our Nextwave program can make partner distinctions more meaningful. A specialization or program level should point to something real, such as training completed, certifications maintained and expertise developed. While those accomplishments donโ€™t guarantee security outcomes, they do provide evidence that a partner has built the depth needed to support more complex environments.

Partner distinctions are also reinforced through an active compliance framework rather than treated as a one-time achievement. Partners have ongoing visibility into their progress and can be recognized immediately throughout the year as they meet requirements. Reviews take place on a defined cycle, and status changes are subject to oversight. Taken together, these elements add credibility to the designations customers see and give them more weight in the partner selection process.

This becomes increasingly important as customers look for security partners that can do more than support a single transaction or product decision. Many are seeking guidance at the architecture stage and during implementation, and expecting continuity as IT environments evolve and new risks emerge. It also raises the level of scrutiny that partner selection deserves:

  • Is a partner specialized in the areas most relevant to the customerโ€™s priorities?
  • Do they have the certifications and technical expertise required to support the solutions being considered?
  • Can they provide the level of guidance, implementation support and ongoing engagement the relationship will require over time?

In a fast-moving security market, questions like these can help customers make more informed decisions about which partners are best equipped to deliver long-term value.

What Partners Should Do Now

Now that weโ€™ve introduced our new program requirements, partners should take stock of whether their certifications, specializations and go-to-market priorities are aligned to where customer demand and the future of security are headed. Steps partners can take:

  • Evaluate your current book of business: Consider where you may be missing growth opportunities because the right specializations arenโ€™t yet in place. Those gaps can affect both business momentum and the ability to earn incentives.
  • Reflect on the current direction of your practice: Which customer conversations are signaling the need for deeper expertise? Which areas of next-generation security are becoming more central to your future? These questions can help guide your next investments by clarifying where your practice needs to build more depth sooner rather than later.
  • Review certifications and specializations with growth in mind: Look at where new specializations could open the door to additional incentives and stronger alignment with customer demand, while ensuring your teamโ€™s existing certifications and specializations remain on track for the next compliance cycle.

Partners that take the time now to assess our new requirements and create a plan to meet them will be better positioned to advance within and benefit from our partner program, while developing the capabilities needed to help build the future of security.

Partners with a designated Palo Alto Networks Channel Business Manager can get detailed data and analysis now on their progress and performance in the Nextwave program, including the status of their certifications and which team members have engaged in training, demos and more. In the second half of 2026, we plan to make the same dashboard capabilities and insights directly available to all partners, so they can understand exactly what they need to do to excel in our program. These red-yellow-green dashboards are simple but powerful tools, and we are eager to put them in our partnersโ€™ hands soon.

Visit the NextWave Partner Portal to learn more.

The post The โ€œWhyโ€ Behind NextWaveโ€™s New Requirements appeared first on Palo Alto Networks Blog.

Beyond the Frontier โ€” Expanding the Ecosystem for Autonomous Defense

13 May 2026 at 21:00

Over the past few weeks, we have reached a critical turning point in cybersecurity. Following the launch of our Frontier AI Defense initiative, weโ€™ve continued testing the latest frontier models (including Anthropicโ€™s Mythos and Claude Opus 4.7, as well as OpenAIโ€™s GPT-5.5-Cyber) as part of the Trusted Access for Cyber program.

The urgency to innovate continues to ramp up. As Lee Klarich recently detailed in his Defender's Guide to the Frontier AI Impact on Cybersecurity, our current landscape is defined by a brief three-to-five-month window to gain a strategic advantage over attackers. To outsmart AI-based exploits, enterprises must decisively address vulnerabilities across their code and stand up the right security stack to enable real-time, automated defenses.

With such a ticking clock in front of us, acting rapidly and at-scale to support our customers is paramount. Today, we exponentially grow our scale of delivery by expanding our Frontier AI Alliance.

Since introducing this initiative, our collaboration with initial partners โ€“ Accenture, Deloitte, IBM, NTT DATA, and PwC โ€“ has already begun changing the defensive math for our customers. This is a moment that calls for radical collaboration across the entire security ecosystem, so today we are proud to welcome a new cohort of strategic partners โ€“ Cognizant, HCLTech, Kyndryl, TCS, Infosys, McKinsey & Company, Orange Cyberdefense, and Wipro โ€“ who will join us in delivering AI readiness at scale.

Frontier AI Alliance

While this expansion significantly increases our reach, this is only the beginning. We are committed to a continuous evolution of this alliance and will be adding more critical partners in the future across the globe to ensure our customers have the most robust defense network possible.

By combining our technology with these partnersโ€™ deep consulting expertise, we are delivering:

  • Machine-Speed Security: Natively integrating Frontier AI to provide real-time, automated defense against autonomous threats.
  • Intelligence-Led Resilience: Leveraging Unit 42ยฎ experts to fast-track the discovery and remediation of exposures at machine speed.
  • Hardened Defenses: Utilizing early access to frontier models from partners like OpenAI and Anthropic to simulate and block attack chains before they hit the mainstream.

The stakes are high. The attack cycle has compressed with the time from initial access to data exfiltration collapsing to just 39 seconds. Machine-speed MTTR (mean time to respond) is no longer an ambitious goal, it is a requirement.

This initiative underscores our commitment to providing every client with integrated, real-time protection.

Discover further details: Palo Alto Networks Frontier AI Defense.

Forward-Looking Statements

This blog contains forward-looking statements that involve risks, uncertainties and assumptions, including, without limitation, statements regarding the benefits, impact, or performance or potential benefits, impact or performance of our products and technologies or future products and technologies. These forward-looking statements are not guarantees of future performance, and there are a significant number of factors that could cause actual results to differ materially from statements made in this blog. We identify certain important risks and uncertainties that could affect our results and performance in our most recent Annual Report on Form 10-K, our most recent Quarterly Report on Form 10-Q, and our other filings with the U.S. Securities and Exchange Commission from time-to-time, each of which are available on our website at investors.paloaltonetworks.com and on the SEC's website at www.sec.gov.ย  All forward-looking statements in this blog are based on information available to us as of the date hereof, and we do not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.

The post Beyond the Frontier โ€” Expanding the Ecosystem for Autonomous Defense appeared first on Palo Alto Networks Blog.

Defender's Guide to the Frontier AI Impact on Cybersecurity: May 2026 Update

13 May 2026 at 18:00

By now, youโ€™ve heard about the latest frontier AI models that are remarkably good at finding vulnerabilities in code and creating potential exploits. So good, in fact, that these models have been significantly limited from general use in an attempt to give defenders time to find and fix vulnerabilities before attackers find and exploit them.

For context, on April 7, 2026, we began testing Anthropicโ€™s Claude Mythos model as a launch partner for Project Glasswing. Our conclusion was clear: The latest models are extraordinarily capable at finding vulnerabilities and changing them into critical exploit paths in near-real-time. In Defender's Guide to the Frontier AI Impact on Cybersecurity, I shared our early findings and recommendations.

Since then, weโ€™ve continued testing the latest frontier AI models, including Anthropicโ€™s Mythos and Claude Opus 4.7 and OpenAIโ€™s GPT-5.5-Cyber as part of the Trusted Access for Cyber program. The big question just a few weeks ago was: โ€œAre we overstating the model capabilities?โ€ With more testing, I can confidently say we werenโ€™t. In fact, these models are likely even better at finding vulnerabilities than we initially realized. Today, weโ€™re providing an update on our ongoing research, our learnings uncovered in the process, and the approach weโ€™re taking to protect our customers.

Find and Fix Before Attackers Find and Exploit

Today, we released our May โ€œPatch Wednesdayโ€ security advisories, our monthly cadence of transparent vulnerability disclosure and remediation. This is the first time where the majority of findings were the result of frontier AI models scanning our code.

  • These are the results of the full, initial scan of over 130 products across all three platforms.
  • As of today, weโ€™ve patched all important vulnerabilities in our SaaS delivered products, and all customer-operated products now have patches available.
  • Todayโ€™s advisory covers 26 CVEs (representing 75 issues) versus our usual volume (typically less than 5 CVEs in a month); none of which are being exploited in the wild. Note, this excludes CyberArk vulnerabilities, which are disclosed in their normal process.

It's important to understand this isnโ€™t a one-and-done situation. Weโ€™re now rescanning, applying all our learnings about how to provide the right context and threat intelligence to the models. We intend to fix every vulnerability we find before advanced AI capabilities become widely available to adversaries.

While incredibly powerful, AI models arenโ€™t simply magic. To achieve high-fidelity results, you need to build AI scanning harnesses, leverage context, guardrails and threat intelligence. Weโ€™ve also discovered a variance across models, due to variations in their training. A multimodel approach is required to identify the superset of vulnerabilities. And finally, while the immediate priority is finding and fixing the vulnerabilities that organizations currently have, the longer-term shift is incorporating these models directly into the software development lifecycle. This is the light at the end of the tunnel: A future where software is secure by design.

Four Steps Every Organization Needs to Take Immediately

Regardless of the current restricted access, we believe these capabilities will flow more broadly to other models. We now estimate a narrow three-to-five-month window for organizations to outpace the adversary before AI-driven exploits start to become the new norm. This impending vulnerability deluge demands urgency. Organizations that havenโ€™t put appropriate safeguards in place will face an entirely new class of risk. Hereโ€™s what we recommend:

  1. Find and Fix Vulnerabilities In Your Applications, Products and Code
    Find and fix before attackers find and exploit.
    • Leverage AI models to identify vulnerabilities across all codebase.
    • Apply the same AI scanning to your open-source supply chain, and remediate or mitigate findings.
    • Run accelerated patching tightly coordinated with product and development teams.
  2. Assess, Reduce and Remediate Your Exposure
    Reduce what is reachable by attackers, secure what must be accessible, such as customer-facing applications.
    • Attack surface management products, like Cortex Xpanseยฎ, have never been more critical for finding and reducing exposure.
    • The latest frontier AI models are very adept (with the right AI scanning harness) at evaluating exposures, understanding security misconfigurations and prioritizing attack-path reachability.
    • Audit your supply chain, including AI infrastructure, runtime environments and model dependencies.
  3. Ensure Attack Protections
    Vulnerability exploits are typically just one step of a multi-step attack lifecycle. Ensuring best-in-class protections is now even more important for preventing breaches.
    • Map current sensor coverage to identify critical blind spots in detection, prevention and telemetry.
    • Deploy best-in-class XDR everywhere with an emphasis on real-time ML-based detection and prevention of attacks with all hosts on-premises and cloud included.
    • Deploy Agentic Endpoint Security to secure wide-scale adoption of vibe coding and AI security across the enterprise (e.g. Prisma AIRSยฎ and our recent acquisition of Koi are now a necessity for securing the agentic endpoint).
    • Secure enterprise browsers with AI-based security are a must have for securing where users now do their work.
    • Zero trust and Identity Security are foundational to securing every user and connection, extending to internal segmentation and outbound application connections.
  4. Deploy Real-Time Security Operations
    Autonomous AI-driven attacks will drive attack lifecycles to minutes requiring every SOC to achieve single-digit mean time to detect (MTTD) and mean time to respond (MTTR).
    • Attack detections must be AI/ML-driven to detect even frequently changing and novel attacks at scale.
    • These AI detections must operate against a wide range of first party and third party data sources. A best in class AI SOC must operate on ALL relevant data sources.
    • Automation, both natively integrated and throughout the SOC lifecycle, is necessary to achieve single-digit MTTR. This automation will increasingly be agentic.
    • This must be delivered as a platform to remove seams and gaps created by point solutions.
    • Assess and act as quickly as possible.

Fighting AI with AI โ€” AI Frontier Security Innovations Coming Soon

So far, frontier AI models only find new attacks, not new attack techniques. This means that with the right innovations, we can expand our use of AI to solve the security challenges that organizations are facing, and deliver what our customers need to stay ahead of the ever-evolving threat landscape, including:

  • Reimagining virtual patching with proactive, high-fidelity content updates across network, endpoint and cloud security โ€“ We expect that across open source and technology suppliers there will be a deluge of patches, and virtual patching will provide a mitigation layer necessary to give your teams time to update. We expect to roll out the first phase of capabilities very soon.
  • Enhanced attack preventions, including cyber-LLM trained ML and small language models (SML) and behavior protections โ€“ Early testing with Cortex XDRยฎ and our network security security services, such as WildFireยฎ malware prevention, indicate high protection coverage from the types of attacks created using these new frontier AI models.
  • Using these models to scan our code, applications and even security configurations โ€“ Our intention is to productize these capabilities and incorporate them into our platforms.

Unit 42 โ€” Weโ€™re Here to Help

We recognize that not everyone has the capacity and/or expertise to action all of the recommendations to effectively counter frontier AI-driven risks in the short timeframe mandated by AI innovation. Our Unit 42 Frontier AI Defense service is designed to discover and remediate your current exposure before attackers do, strengthen controls that reduce exposure and contain impact and modernize security operations so teams can detect and respond at machine speed.

This is a pivotal moment for our industry. While the scale of the challenge presented is real, Iโ€™m confident in our ability to solve it. Weโ€™re here to help our customers navigate this transition and ensure that as the landscape continues to evolve, the advantage remains with the defender.

Forward-Looking Statements

This blog contains forward-looking statements that involve risks, uncertainties and assumptions, including, without limitation, statements regarding the benefits, impact, or performance or potential benefits, impact or performance of our products and technologies or future products and technologies. These forward-looking statements are not guarantees of future performance, and there are a significant number of factors that could cause actual results to differ materially from statements made in this blog. We identify certain important risks and uncertainties that could affect our results and performance in our most recent Annual Report on Form 10-K, our most recent Quarterly Report on Form 10-Q, and our other filings with the U.S. Securities and Exchange Commission from time-to-time, each of which are available on our website at investors.paloaltonetworks.com and on the SEC's website at www.sec.gov. All forward-looking statements in this blog are based on information available to us as of the date hereof, and we do not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.

The post Defender's Guide to the Frontier AI Impact on Cybersecurity: May 2026 Update appeared first on Palo Alto Networks Blog.

From WarGames to Cyberwar

13 May 2026 at 15:00

How Nations Hack, Why Attribution Fails, and What AI Changes

Executive Summary:
Code War author Allie Mellen, argues that cyberwarfare must be understood through a human and geopolitical lens to close the knowledge gap between the security community and the public.

Disclaimer:
This post reflects the perspectives shared in the book Code War: How Nations Hack, Spy, and Shape the Digital Battlefield, and does not represent the views of the publisher of this blog.


The summer of 1983, President Reagan watched WarGames at Camp David and couldn't get it out of his head. A week later, he walked into a White House meeting with cabinet members and Congress and launched into a detailed plot summary of a Matthew Broderick movie about a teenager who nearly hacks the world into nuclear war. The room full of defense experts sat uncomfortably, suppressing smirks. Then Reagan turned to General John Vessey, Chairman of the Joint Chiefs, and asked if something like that could actually happen.

Vessey came back a week later with an answer: "Mr. President, the problem is much worse than you think."

Fifteen months after that, Reagan signed a classified presidential directive titled "National Policy on Telecommunications and Automated Information Systems Security" โ€“ the first federal policy of its kind. A movie had done what years of expert warnings hadn't: It made the most powerful person in the world stop and ask the right question.

Allie Mellen, author of Code War: How Nations Hack, Spy, and Shape the Digital Battlefield, loves to tell this story, and it captures exactly why she wrote the book. In a conversation recorded at RSA 2025, Mellen joined Threat Vector host, David Moulton, to talk about nation-state threats, attribution pitfalls, and why the security industry's biggest problem isn't technical.

"They're human stories, and if we can communicate them that way to the general public, then we'll get more people interested in cybersecurity, invested in cybersecurity, and invested in protecting their data."

That gap, between what the security community understands and what everyone else grasps, is the core problem Mellen set out to solve. And in today's geopolitical moment, closing it has never been more urgent.

Every Nation Hacks Differently

One of the central arguments in Code War is that you can't understand a nation's cyber behavior without understanding its history, doctrine and social contract. China, Russia, Iran, North Korea and the U.S. each approach offensive and defensive cyber operations from completely different starting points, and those differences matter enormously to defenders.

China operates with patience. Its attacks tend to be low and slow, focused on long-term espionage rather than loud disruption. But that changes sharply in its own region, where operations targeting Taiwan are aggressive and relentless. Russia, by contrast, is bombastic; they want you to know it was Russia. Its influence operations have been some of the most effective in modern history, studied and imitated by Iran and others.

Interestingly, the very system China built to protect itself has become a liability in one specific domain. Because Chinese operators live behind the Great Firewall, without access to western social media, they lack the cultural fluency that makes Russian disinformation so effective. "They try to use memes, but it's like โ€˜uncanny valleyโ€™," Mellen explains. "They just slightly miss every time and so it doesn't go viral." The walled garden that gives China control over its own population makes it harder to manipulate everyone else's.

Attribution Is a Geopolitical Tool, Not Just a Technical One

Mellen is careful about attribution, and she wants defenders to be too. The standard technical signals (coding language, infrastructure patterns, operational hours) are necessary but not sufficient. Nation-states, especially the U.S., have developed tools specifically designed to mimic other actors' signatures. AI will make that problem significantly worse.

But the bigger issue is motivation. Mellen walks through a case from the Olympics where an attack was initially attributed to North Korea, even though North Korea was actively trying to normalize relations at the time by sending Kim Jong Un's sister to the games. The actual perpetrator was Russian, using a false flag to obscure its involvement. The lesson: Attribution requires asking not just "who has the technical capability?" but "who has the motive right now, given everything happening geopolitically?"

The pitfalls are real:

  • Tools once used exclusively by intelligence agencies are now publicly available, making code signatures unreliable.
  • Working-hours analysis is easy to spoof, especially for sophisticated actors.
  • Government-controlled research in adversarial nations can deliberately skew attribution findings.
  • False flag operations are increasingly sophisticated and harder to disentangle.

Why Your Data Is a Geopolitical Asset

One of the more powerful sections of the conversation centers on a question Mellen hears constantly: why would China care about my data?

Her answer cuts through the dismissiveness. These nations aren't collecting data out of idle curiosity. They're willing to constrain companies for it, invest billions in infrastructure for it, and in some cases, far worse. "Whether you wanna be involved in that system or not, you are involved in that system," she says. "And so you can either choose to take control of your information in that environment, or you can just pretend like it's not your problem."

The historical context she offers is striking. One of the driving forces behind GDPR in the EU was the collective memory of how Nazi Germany used data to target Jewish people during the Holocaust. Europe built privacy protections into law because it had seen what happens when governments gain unrestricted access to population data. That's not an abstract concern. It's a lesson written in history that the rest of the world is still catching up to.

AI Makes Everything Harder

Mellen isn't optimistic about the trajectory. Attribution is about to get much harder. Attacks are about to get much more dynamic. And AI is the reason for both.

She points to research on Chinese state-sponsored actors using AI to orchestrate attacks across the full kill chain, with only a couple of human checkpoints in the loop. The implication isn't just faster attacks. It's more adaptive malware that can adjust to different operating environments, more convincing disinformation that clears the cultural context bar, and reconnaissance-to-exploitation cycles that move faster than most defenders can process.

The constraints that have always slowed sophisticated attackers โ€“ understanding the operating system, identifying vulnerabilities, crafting exploits, mimicking attribution โ€“ all get easier with AI. All of that becomes more dynamic. And most enterprises, Mellen acknowledges, are not yet equipped to respond effectively.

The investment required is in the basics the industry has always struggled to get right, executed now at a pace and scale that demands automation and AI on the defensive side. Fighting AI with AI isn't a vendor talking point. It's the only math that works.

More to Explore

The nation-state threats Mellen describes aren't theoretical. Unit 42 responded to more than 750 major incidents in 2025. See what they found. Download the 2026 Global Incident Response Report.

Listen to the full conversation with Allie Mellen, author of Code War, on the Threat Vector podcast

The post From WarGames to Cyberwar appeared first on Palo Alto Networks Blog.

Idira โ€” Our Journey to Democratize Privilege Controls

12 May 2026 at 15:55

Key Takeaways

  • Built on the Pioneers of PAM (privileged access management): Idiraโ„ข is Palo Alto Networks next-generation identity security platform, extending privileged access controls to every human, machine and AI agent identity in the AI enterprise.
  • Zero Standing Privilege by Default: Idira replaces static, always-on access with dynamic privilege, granted just-in-time on a single control plane.
  • AI-Driven Identity: AI runs natively inside Idira to surface hidden entitlements, unmanaged accounts, recommend least privilege, and remediate to close the gap between attackers who move in 72 minutes and defenders who historically took days.

Since Palo Alto Networks and CyberArk came together in February, customers have been asking me the same question: What does the future of identity security actually look like?

At IMPACT, I got to answer that question.

I am proud to introduce Idiraโ„ข, the next-generation identity security platform from Palo Alto Networks. Idira secures every identity in the AI enterprise (human, machine, AI agent) on a single control plane that discovers risk, applies privilege dynamically, and governs the full lifecycle from first access to last session.

Idira begins with a belief shaped by more than 20 years of working on this problem. Privilege is the most challenging aspect of identity security. For a generation, the industry learned how to manage it well for a small population โ€“ administrators inside the most security-sensitive organizations in the world. That was necessary. But it is no longer enough.

The moment has come to extend that same rigor to every identity, because every identity today carries the power to move the business, or enable an attacker. That is the journey Idira takes us on. From privilege controls for administrators, to privilege controls for every identity.

Attackers Are Not Breaking In. They Are Logging In.

For most of the last two decades, identity security was built on a comfortable assumption: One can maintain a firm divide between a small number of powerful administrators and a much larger number of ordinary users; that is enough to secure the organization. That assumption no longer holds.

Our Chairman and CEO, Nikesh Arora, calls it the โ€œIAM fallacy,โ€ and the data in the 2026 Identity Security Landscape Report makes clear why it is time to retire this assumption.

Based on responses from 2,930 cybersecurity decision-makers worldwide:

  • Machine identities now outnumber humans by 109 to 1. Of those, 79 are AI agents.
  • 91% of organizations already run autonomous agents in production.
  • 90% of organizations suffered an identity-related breach in the past 12 months. 83% of organizations suffered two or more incidents.

The old model is not failing because identity became less important. It is failing because identity and privilege became universal and ubiquitous.

Every major breach I have studied over the last two years follows the same pattern. An attacker steals a credential. They move laterally using standing access that should have expired. They escalate privilege. They reach the data, the infrastructure or the business systems they came for: Okta, MGM, Microsoft. Different industries. Different scales. The same pattern.

One overprivileged identity unlocks the entire enterprise.

And when defenders have a chance to respond, they are already behind and disadvantaged. 97% of practitioners tell us that fragmented tools add 12 hours to every identity incident response time. All while Unit 42ยฎ has observed the fastest attackers move from a first foothold to exfiltration in as little as 72 minutes.

Identity is now the enterprise perimeter. And the perimeter was built for a threat model that no longer exists.

Every Identity Is Privileged โ€” Idiraโ€™s First Fundamental Principle

The premise of Idira is simple. Every identity in your organization is privileged.

Every login, every token, every service account, every workload, every AI agent can trigger a workflow, call an API, or reach sensitive data. Some can create and destroy infrastructures, direct organizational spend, or create new identities. Privilege is no longer reserved for a small class of administrators. It is distributed across the enterprise, quietly and continuously, every second of the day.

The controls that protect privilege cannot be reserved for the few, either.

Idira changes three things from day one.

First, We Discover

Idira continuously finds every identity, every entitlement and every access path across your entire environment: humans, machines, workloads, secrets, certificates and AI agents everywhere โ€“ on the network, in the cloud, on servers and endpoints, in the browser. If someone or something can authenticate, Idira knows it is there, knows what it can reach, and evaluates how much of that access is actually necessary.

Second, We Control

Idira replaces static, always-on accounts attackers rely on with dynamic privileges that exist only in the moment of use. Zero standing privilege moves from aspiration to default, and it applies equally to the administrator logging into production, the developer deploying code, and the AI agent calling a tool. This is the shift to identity-centric active security.

Third, We Govern

Idira automates the identity lifecycle end-to-end. Governance stops being a quarterly compliance exercise and becomes a continuous enforcement loop. The 12-hour fragmentation tax closes.

This is what I mean when I say we are democratizing privilege controls. We are not loosening them. We are extending the strongest privilege controls the industry has ever built to every identity that now carries the weight of the business, without penalizing these identities for the powers they carry.

Already Better Together

Idira is not launching into an empty runway. We have been executing against this roadmap since the day we joined Palo Alto Networks, and the early results give us real confidence in what comes next.

Earlier this year at the RSA Conference, we launched Next-Generation Trust Securityย (NGTS), the first network-native platform to automate certificate lifecycle management and accelerate post-quantum readiness. That matters because 71% of organizations have not yet automated certificate renewal. As public TLS lifetimes compress to 47 days and manual workloads multiply, that gap becomes more than an operational burden. It becomes a business continuity risk.

NGTS closes it in the network itself.

As one of the core platforms of Palo Alto Networks along with Strataยฎ and Cortexยฎ, Idira is providing deep identity integrations across the entire portfolio to enhance platform value for customers. Prismaยฎ Browserโ„ข delivers privileged access directly in the place where enterprise users work. Prisma AIRSโ„ข 3.0 natively integrates with Idira to extend deep identity security and privilege controls to AI agents. Cortex will receive first-party identity signals to sharpen detection and take automatic identity- and privilege-driven response actions when indicators of compromise are detected.

Customers are already seeing the impact. Northern Trust improved password compliance by 137 percent. Panasonic Information Systems rebuilt its security operations around identity. Healthfirst grounded its zero trust program in identity-first controls. PDS Health secured clinical access for more than 900 practices. They had different problems with the same answer.

Different challenges. One answer. One platform. Consistent privilege controls applied to every identity that matters.

AI Makes This Urgent. AI Makes This Possible.

AI has changed the speed, scale and economics of identity risk.

Frontier models have crossed a threshold. Anthropic's Claude Mythos Preview has already identified thousands of zero-day vulnerabilities across the operating systems and browsers that businesses rely on every day. Every exposed secret, every standing admin path, every forgotten service account can now be discovered, validated and weaponized faster than most security teams can respond. 55% of the decision-makers in our 2026 survey named AI-enabled threats as their top identity concern.

Our answer is clear: We fight AI with AI.

If frontier models are rewriting the economics of attack, the only credible response is to rewrite the economics of defense with the same technology.

Idira is how we do that in identity. AI is built into the platform to surface hidden entitlements, identify risky access combinations, recommend the least privilege automatically, and drive surgical remediation. That same intelligence lets attackers find the weakest link in 72 minutes and helps defenders close it in seconds.

When code cannot be patched fast enough, identity becomes the control plane that can still adapt at machine speed.

Same Mission, Stronger Together

For more than two decades, the pioneers of privileged access have management-built controls trusted to safeguard the world's most critical environments. That mission created a category and earned the trust that made today possible.

Idira carries that mission forward and expands it to match the scale of the problem we now face.

This is the first wave, not the last. The roadmap extends privilege controls to workforce identity, advances machine and agentic identity security, and unifies a fragmented market into one platform. We are building it in the open, shaped by the customers in the room with us at IMPACT and by the realities they face every day.

The future of identity security will not be defined by access alone. It will be defined by control. See what Idira is built to deliver.


Forward-Looking Statements

This blog contains forward-looking statements that involve risks, uncertainties and assumptions, including, without limitation, statements regarding the benefits, impact, or performance or potential benefits, impact or performance of our products and technologies or future products and technologies. Any unreleased services, integrations or features (and any services or features not generally available to customers) referenced in this or other press releases or public statements are not currently available (or are not yet generally available to customers) and may not be delivered when expected or at all. Customers who purchase Palo Alto Networks applications should make their purchase decisions based on services and features currently generally available.

The post Idira โ€” Our Journey to Democratize Privilege Controls appeared first on Palo Alto Networks Blog.

Received โ€” 11 May 2026 โญ Palo Alto Networks Blog

A New Era of Security: Frontier AI Defense

7 May 2026 at 23:45

For the last several months, we have had early, unbounded access to the latest frontier AI models. What weโ€™ve seen from that vantage point has made it clear that the window for organizations to get ahead of whatโ€™s coming is shorter than most leaders realize.

We have moved past the era of incremental AI improvements into a threat landscape shift. Our testing has revealed a step-change in capability that demonstrates an intuitive understanding of software vulnerabilities. This is more than faster code generation, it is a shift from AI as an assistant to AI as an autonomous agent capable of discovering and chaining flaws at a scale that most defenders arenโ€™t prepared for.

These capabilities will not stay confined to controlled environments for long. When Mythos first launched, we predicted a six-month window before attackers gained access. We now believe that timeline has accelerated significantly.

To meet this inflection point, defense must operate at the speed of the adversary. That is why Palo Alto Networks has introduced Frontier AI Defense. This initiative unites our AI-native security platforms with Unit 42ยฎ consulting and threat expertise with strategic partners to deliver continuous protection, prioritized risk mitigation and autonomous remediation.

What the Threat Looks Like Now

The latest frontier models, including OpenAIโ€™s GPT-5.5-Cyber, Anthropicโ€™s Mythos and Claude Opus 4.7, and the specialized variants emerging across major labs, represent roughly a 50% improvement in coding efficiency over their predecessors. That number sounds incremental, but in practice, itโ€™s the threshold at which AI crosses from a helpful assistant into an autonomous operator.

Based on our testing and review, we found four key developments that, taken together, redefine the modern threat landscape:

  • Vulnerability Discovery at Scale: Frontier AI is exceptionally effective at identifying vulnerabilities across massive, complex codebases. In our testing, three weeks of model-assisted analysis matched a full year of manual penetration testing, with broader coverage.
  • Exploit Chaining & Synthesis: What is more consequential than individual discovery is the modelsโ€™ ability to think like an attacker. They link multiple lower-severity issues into single, critical exploit paths, seeing full-stack logic, including SaaS and public-facing surfaces, in ways traditional scanners cannot.
  • Attack Cycle Compression: In AI-assisted scenarios, the time from initial access to exfiltration has collapsed to as little as 25 minutes. Detection and response measured in hours is no longer a viable standard; single-digit MTTR (Mean Time to Respond) is the new floor.
  • The Unsupervised Attack Surface: Rapid AI development and decentralized innovation are creating a massive, unsupervised attack surface in real-time. As local AI agents become commonplace, every desktop is now effectively a server, yet most organizations lack visibility into the code their own employees are generating and deploying.

Our Approach

These emerging threats form the foundation of how we have architected our platform response for the agentic era โ€“ Frontier AI Defense. Our approach moves beyond traditional, reactive defense to provide a comprehensive framework built to outpace frontier-AI-enabled attackers. This initiative is defined by:

  • Advanced Access: We leverage early access to frontier AI models to harden defenses and simulate attacks before they reach the mainstream.
  • Intelligence-Led Resilience: Unit 42 experts leverage frontier AI to fast-track discovery and remediation of exposures at machine speed through our Unit 42 Frontier AI Defense service.
  • Unified Global Ecosystem: We provide the scale required for global protection through our Frontier AI Alliance of elite partners, including Accenture, Armadin, Deloitte, IBM, NTT DATA, and PwC.
  • Machine Speed Security: By natively integrating Frontier AI across our platforms, we deliver the automated, real-time defense necessary to counter autonomous threats.

The Window Is Open. It Wonโ€™t Be for Long.

The capabilities we tested under early-access conditions are expected to become widely available over the next several months. Success in this new environment requires adapting your cybersecurity stack before these tools are in the hands of every adversary.

The threat has never been more sophisticated. The window to prepare for this shift is closing. And we're here to help secure your future at the edge of the frontier.

Visit Palo Alto Networks Frontier AI Defenseย to learn more.

The post A New Era of Security: Frontier AI Defense appeared first on Palo Alto Networks Blog.

Nutanix and Palo Alto Networks Integrate for Robust Model Trust

Elevating AI Security

Every AI system you deploy is a potential attack surface. Models and agents can carry embedded backdoors, malicious operators or compromised dependencies. Once running, these artifacts can exfiltrate sensitive data or execute unauthorized code, creating persistent vulnerabilities within the enterprise perimeter. Organizations running AI workloads on Nutanix need security that catches these threats before they reach production.

Nutanix and Palo Alto Networks are excited to announce a purpose-built integration between the Nutanix Enterprise AI and Palo Alto Networks Prisma AIRSยฎ advanced security capabilities, specifically focusing on AI Model Security and AI Red Teaming. This partnership directly addresses the critical need for a secure-by-design approach to AI development, giving customers the confidence to accelerate their AI journey.

Seamless Security Integration on the Nutanix Enterprise AI Platform

The Nutanix Enterprise AI platform provides a unified, scalable and secure foundation for the entire AI lifecycle: from data preparation and model fine-tuning to deployment and management. By integrating cutting-edge AI security tools by Palo Alto Networks directly into this workflow, we enable security checks to become an intrinsic part of the AIOps pipeline.

Nutanix Enterprise AI workflow secured by Palo Alto Networks.
Prisma AIRS integration user flow.

Scanning AI Models for Comprehensive Vulnerability Detection

The Prisma AIRS AI Model Security solution introduces sophisticated model scanning capabilities that are essential for preemptively identifying and mitigating risks.

  • Prisma AIRS Model Security Integration: Automatically scans AI models (e.g., during check-in to a model registry on the Nutanix Enterprise AI platform) for inherent vulnerabilities, policy violations and malicious code. This provides Proactive Risk Mitigation by detecting malicious or vulnerable model artifacts before deployment, helping prevent zero-day exploits and potential data leakage caused by compromised models.
  • Dependency Analysis: Examines all open-source libraries and dependencies used in the model environment for known vulnerabilities and license compliance issues. This enables Supply Chain Security, eliminating risks introduced by third-party components throughout the entire AI deployment lifecycle.
  • Model Supply Chain Threats: The system addresses malicious model artifacts, including deserialization exploits, embedded backdoors, unsafe file formats, unauthorized code execution, untrusted sources and noncompliant licenses. This enables Model Integrity and Governance by validating model safety, provenance, approved formats, license compliance and detecting hidden execution paths before deployment.

AI Red Teaming Your AI Systems for Adversarial Resilience

AI Model Security addresses known issues, but the malicious actors of tomorrow are developing new ways to exploit AI systems. This is where the power of Prisma AIRS AI Red Teaming by Palo Alto Networks comes into play, creating a crucial layer of proactive testing against adversarial attempts. AI Red Teaming involves simulating sophisticated attacks against the AI applicationโ€™s behavior to test its resilience under attack.

  • Continuous AI assessment: Onboard an LLM model, application and agent, then start scanning in less than 10 minutes. Use documented APIs to integrate into CI/CD pipelines to trigger automated red teaming whenever versions are updated. Connect AI endpoints securely via an outbound web socket channel to eliminate the need for routing changes, while maintaining the option for IP allowlisting, if preferred. Your team controls access. This reduces technical setup overheads and empowers you to keep your assessment current.
  • Contextual Vulnerability Insights: Prisma AIRS profiles your LLM model, application or agent and informs the Red Teaming Agent to design relevant attack objectives. The Red Teaming Agent is trained on over 50 techniques and simulates attack prompts to achieve those objectives. This reduces noise and lets you focus on actual business relevant risk.
  • Comprehensive Threat Coverage: Prisma AIRS uses a library of over 750 attacks to evaluate your defensibility. Both the library and the red teaming agent are updated and trained on a constant basis to keep up with the AI threat landscape. This stress tests your AI system thoroughly, so your system is defensible to known and unknown threats.
Nutanix Enterprise AI dashboard preview.
Unified Security Dashboard for AI Model Security and AI Red Teaming being made available in Nutanix Enterprise AI.

Securing the Future of Enterprise AI โ€” The Nutanix and Palo Alto Networks Integration

This integration between the scalable, high-performing Nutanix Enterprise AI platform and the advanced security intelligence of Palo Alto Networks offers measurable value to AI-driven organizations:

  1. Accelerated Time-to-Trust โ€“ By automating critical security checks as part of the MLOps process on the Nutanix Enterprise AI platform, teams can deploy models faster, knowing they have been rigorously vetted by a leading security partner.
  2. Simplified Compliance and Governance โ€“ The joint solution provides a verifiable record of security testing (scanning and red teaming), making it simpler to demonstrate adherence to internal governance standards and external regulatory mandates.
  3. End-to-End AI Security Posture โ€“ Customers gain a holistic view of security, from the unified AI infrastructure layer managed by Nutanix, to the network security enforced by Palo Alto Networks. This visibility now extends critically into the AI models themselves, completing the security posture by unlocking controlled access to vendor models, so protection is enforced seamlessly.
  4. Cost and Resource Efficiency โ€“ Integrating security tools within the existing AI platform streamlines workflows. Data Scientists and ML Engineers can trigger red teaming simulations and scanning directly within their familiar Nutanix environments, reducing the need for dedicated, siloed security teams to manually test every model.

The partnership between Nutanix and Palo Alto Networks is a commitment to building a more secure future for enterprise AI. With this integration, you can bring LLM models into your environment without fear. Malicious code and hidden backdoors are blocked before they ever reach you. Your endpoints stay continuously protected, with coverage across over 50 attack techniques and the contextual risks that come with agentic AI. When you're evaluating a model or an endpoint, the risk picture is right there inside NAI โ€“ no context-switching, no guesswork. And a custom security dashboard gives you a single place to see where you stand. The result is AI you can actually trust at the core of your lifecycle, so your teams can build faster without trading off security for speed.

Key Takeaways

A "Secure-by-Design" AI Pipeline: The partnership between Nutanix and Palo Alto Networks is a commitment to building a more secure future for enterprise AI. The integration enables advanced level AI security in AIOps workflow. By embedding Prisma AIRS directly into the Nutanix Enterprise AI platform, organizations can automate model scanning and vulnerability detection during the initial check-in phase, authorizing only validated, secure models to reach production.

Proactive Defense via AI Model Security and AI Red Teaming: The solution provides a dual-layer defense: AI Model Security preemptively blocks hidden backdoors, malicious code and supply chain threats in third-party artifacts, while AI Red Teaming uses autonomous agents for contextual discovery to generate new attack scenarios and have over 750 sophisticated adversarial attack scenarios. This enables resilience against both known vulnerabilities and emerging zero-day AI exploits.

Unified Governance and Operational Efficiency: The partnership consolidates security and visibility into a single custom dashboard within the Nutanix environment. This unified view allows Security and AI teams to manage risk while having continuous assessments and compliance records significantly accelerating the time to trust.

Next Steps

For more information, visit the Palo Alto Networks partner directory or contact your local sales representatives to learn more about a trial run.

The post Nutanix and Palo Alto Networks Integrate for Robust Model Trust appeared first on Palo Alto Networks Blog.

39 Seconds โ€” That's How Long It Takes to Lose Your Data

6 May 2026 at 15:00

Not hours. Not days. It takes thirty-nine seconds from initial access to data exfiltration.

That stat, pulled from Unit 42ยฎ research, isn't hypothetical. It's what defenders are up against right now, while most organizations are still building security teams around manual detection and response workflows that were never designed to operate at machine speed.

Wendi Whitmore, Chief Security Intelligence Officer at Palo Alto Networks, put it plainly in a recent conversation on the Threat Vector podcast, recorded live at RSA this year:

If you're applying a manual detection and response capability, you are going to be beat by the attacker every day.

It's the kind of sentence that should make security budgets move faster.

The Threat Landscape Doesn't Wait for Organizational Consensus

Whitmore has spent nearly 25 years tracking nation-state actors, and she's unequivocal about what's changed. The adversaries today aren't just better funded and more sophisticated. They're faster, and increasingly AI-powered.

Consider what's converging right now:

Chinese nation-state groups like Volt Typhoon and Salt Typhoon have been operating with near-surgical patience inside critical infrastructure, leveraging existing administrative tools to avoid detection. Volt Typhoon is focused on military prepositioning in power grids, water systems and telecommunications. Salt Typhoon has been systematically collecting intelligence from those same networks. Neither group announces itself with novel malware. They disappear into environments using the tools already there.

Meanwhile, threat actors tied to Iran are operating with entirely different objectives: tactical disruption and destruction. And financially motivated cybercriminal groups are automating ransomware campaigns at a pace that has compressed attack timelines from weeks to minutes.

Every CISO is being asked to defend against all of them simultaneously, while also managing their organization's AI expansion, and doing it without adding headcount.

Speed Is the New Perimeter

When Whitmore references the 39-second exfiltration window, she's pointing at something structural, not just alarming. It reflects how completely the attacker's operational tempo has shifted.

The 72-minute data breach figure from Unit 42 Incident Response data is equally striking: From initial access to full data theft in the time it takes to sit through a decent movie. A 400-times year-over-year increase in exfiltration speed isn't a trend. It's a fundamental change in the physics of an attack.

"There is no way that we are going to defeat these adversaries if we are working at manual speed," Whitmore explained. The answer isn't just more analysts. It's fighting AI with AI, letting machines handle the volume and velocity, so humans can focus on the problems that actually require human judgment.

Two Sides of the Same AI Problem

Here's where the conversation gets more nuanced and more important.

Most of the AI-in-security conversation focuses on the offensive side: adversaries using generative AI to craft convincing phishing lures, accelerate reconnaissance and automate attack sequences. That's real, and it's accelerating.

But Whitmore raised the other half of the problem, one that gets far less attention: The attack surface that organizations are creating by deploying AI without securing it.

Innovation of AI doesn't so far outpace the security of AI.

This is the outcome she wants to see. Right now, that's not what's happening. Business pressure to deploy AI quickly is outrunning the security architecture required to protect it. Every new AI deployment touching production data, cloud APIs and enterprise systems expands the attack surface. Shadow AI, prompt injection, model poisoning: These are not future threat vectors. They're present tense.

The distinction Whitmore draws is useful: AI for cybersecurity (faster detection, automated response, reduced analyst burden) needs to advance in parallel with cybersecurity for AI (securing the models, prompts and data pipelines that organizations are building on). One without the other creates exactly the kind of asymmetry attackers will exploit.

Visibility Is Where It Starts

Whether the conversation is about defending against nation-state actors or securing AI deployments, Whitmore keeps returning to the same foundation of visibility.

Not complexity. Not more tools. Visibility is a single, unified view of what's happening across endpoints, networks, cloud and AI systems, thatโ€™s fast enough to matter when the window is measured in seconds, not days.

For SOC teams, that means being able to detect and contain a threat before a compromise of one system becomes an enterprise-wide event. For CISOs thinking about AI governance, it means understanding what's being deployed, what's being prompted, and where the data is going before an incident surfaces for them.

The organizations Whitmore sees succeeding aren't the ones with the largest security budgets. They're the ones with the clearest picture of their environment, and the architecture to act on it in real time.

The Win Looks Different Now

Perhaps the most important reframe in the conversation is that the objective is no longer to prevent every attack. That goal is not achievable against adversaries operating at AI speed with nation-state resources.

The win is resilience. Detecting fast and containing fast. Keeping one compromised endpoint from becoming an enterprise-wide breach.

That shift in framing, from prevention to rapid recovery, has significant implications for how security teams are built, how AI is integrated into workflows, and how CISOs make the case for investment to leadership that still thinks in terms of keeping attackers out.

The adversaries already know the perimeter is gone. The question is whether your defense strategy has caught up.

Want to Dig in More?

Listen to the full interview here.

The Unit 42 2026 Global Incident Response Report goes deep on the threat trends shaping how modern attacks unfold. If you want the data behind the headlines, start here. Download the Report โ†’

The post 39 Seconds โ€” That's How Long It Takes to Lose Your Data appeared first on Palo Alto Networks Blog.

The Dangerous Momentum of Autodownload Phishing

5 May 2026 at 23:10

Modern phishing campaigns are no longer trying to convince users. They are trying to outrun them. By forcing an automatic progression from click to download, attackers eliminate the moment of hesitation entirely by forcing files to download instantly using trusted cloud platforms like Dropbox and Google Drive.

Detecting when these legitimate SaaS auto-download features are being weaponized is an immense challenge for traditional defenses. This is exactly where Cortexยฎ Email Security steps in. By combining deep static analysis with advanced behavioral intelligence, the module can distinguish in this attack between a benign file share and a malicious, forced-momentum trigger.

This technical detection is vital because while the autodownload method is the primary cause of infection, its effectiveness relies on a clever strategy, using a wide range of changing social engineering lures. By alternating between lures like 'Invoices' or 'Quotes,' attackers rotate their themes to catch a wider variety of victims. This strategy allows attackers to convert trusted email links into rapid, dangerous file executions that effectively evade standard security measures.

How Forced Momentum Drives Auto-Downloads

The core of this attack leverages the infrastructure of real SaaS providers to eliminate the user's preview buffer. Typically, cloud sharing directs users to a webpage for file examination. In this campaign, however, forced-download parameters (such as ?dl=1 on Dropbox) are used instead. To ensure the victim executes the file once it lands on their machine, attackers hide the danger behind "visual anchors." By using double extensions like PDF and .EXE, the threat actor exploits default settings in certain operating systems that hide known extensions. The user's eyes stop at the familiar ".PDF" or ".ZIP," leading them to believe the file is a harmless document rather than a malicious executable.

When the targeted victim clicks the link in the email, it triggers an immediate file download in the browser, effectively bypassing any intermediary steps.

Attack Flow: From Email to Execution

  • The Bait: A highly personalized email arrives, using a trusted cloud link (like Dropbox) to lower the victim's guard.
  • The Trap: Clicking the link skips the usual "preview" screen and instantly drops a file onto the victim's computer.
  • The Disguise: The file is cleverly named to look like a safe PDF or document, hiding its true identity as a harmful program.
  • The Lock: In many cases, the attacker ensures only the intended victim can open the file, preventing security tools from scanning it first.
  • The Takeover: Once the victim opens the file, the attacker gains remote access to the system.
Attack flow chart, from email to execution.
Multi-step attack flow, starting from targeted phishing email, to bypass security and establish persistence.

The Library of Lures Strategy

To fuel the autodownload machine, attackers employ a flexible strategy by switching between various social engineering themes. This spear phishing campaign targets specific inboxes, such as "Orders," to exploit professional routines. Some common lures found in this campaign include:

  • Financial Urgency โ€“ Fake "Invoices" or "Receipts" that induce anxiety. These often set close-day payment deadlines, pressuring recipients to click quickly.
  • Business Operations โ€“ "Quote Requests" or "Purchase Orders" that exploit professional habits.
  • Deceptive Naming โ€“ Concealing the download as a safe document, using display text like "invoice.pdf" in the email body to hide the underlying Dropbox URL.

Government Domain Impersonation

Attackers often leverage high-authority lures designed to paralyze a user's critical thinking. In one sophisticated wave, we observed threats impersonating a government entity by exploiting the high-reputation, official government domain. By borrowing the reputational authority associated with official infrastructure, the attacker successfully maneuvered an "Unidentified Payment Notice" past standard "Untrusted Sender" filters. To the recipient, the email carries the weight of a sanctioned document. Fearing legal or financial ramifications, they feel a heightened sense of urgency to click "View Invoice" to resolve the issue immediately.

Employee Impersonation

When government authority isnโ€™t the angle, attackers shift to impersonating internal staff. In one case, the senderโ€™s display name was spoofed to match a real employee in the target organization. Attackers rely on a โ€œMomentum of Trustโ€ tied to familiar names to overwhelm user judgment. Even when a generic Gmail address is used, users, especially those on mobile devices, rarely pause to check the underlying headers.

Internal Trust Amplification ("Human Relay")

The most effective aspect of this campaign occurs through Internal Laundering, where the threat shifts from external suspicion to a trusted internal message. This was observed when a Finance Department employee received a "Quote Analysis" file and, believing it to be a valid inquiry, mistakenly forwarded the link to the Procurement department.

At that stage, the attack no longer depended on deception, it propagated through trusted human workflows. These various tactics illustrate the sophistication and adaptability of phishing campaigns and highlight the importance of vigilance in email security.

How We Uncovered a Single Threat Actor

Although the lures appeared diverse, a deeper technical analysis revealed that they were all orchestrated by a single, coordinated threat actor.

By mapping the campaign, we uncovered a significant pattern: Each autodownload link pointed to a different file hash to evade signature detection, but all unique executables were ultimately associated with the same parent installer hash.

The file was identified as a specific Remote Monitoring and Management (RMM) executable, an administrative software used to manage computers remotely. Because RMM tools are legitimate, they often trigger fewer alerts than traditional Trojans. This allows the attacker to maintain persistent access under the guise of โ€œauthorizedโ€ system activity.

How Cortex Email Security Addresses the Threat

To defend against a campaign that emphasizes speed and rotation, behavioral analysis is essential.

The Cortexยฎ Email Security Module addresses this threat:

  • Advanced URL Analysis โ€“ Detection of forced-download parameters, combined with delivery of high-risk files via URLs.
  • Deep Metadata Correlation โ€“ Correlating sender identity with behavioral anomalies to flag threats that traditional scanners might overlook.
  • LLM-Based Intent Analysis โ€“ Classifying phishing themes (invoice, payment, quote) despite variation.

The security engine triggers an alert by synthesizing LLM analysis with real-time email telemetry, global threat intelligence and behavioral signals.

Securing the Click

The combination of autodownload links and rotating lures is crafted to exploit user momentum and the "psychology of trust."

This campaign represents a shift from deception to acceleration. Attackers no longer need perfect lures, they only need to remove friction. Defenders must evolve accordingly, focusing not only on what a link is, but on what it forces a user to do.

Palo Alto Networks Cortex Advanced Email Security was built for this evolution. By moving beyond static file analysis to identify the behavioral "red flags" of autodownloads and forced-momentum URLs, we provide the visibility needed to stop these attacks before they reach the device.

The module examines email metadata, content, and behavior to uncover hidden malicious intent and sophisticated impersonation, including AI-crafted threats. By assigning precise risk scores to every detection, the system filters out the noise, allowing analysts to move past alert fatigue and focus on the most critical threats first.

Indicators of compromise discovered during this research are detailed on Unit 42โ€™s GitHib instance.


FAQs

  1. Why is the "Auto-Download" parameter so effective? It removes the "moment of doubt." By bypassing the preview page, the attacker forces the file onto the computer instantly, prompting the user to "Open" it out of habit.
  2. How does the use of rotating lures benefit the attacker? It maximizes both psychological and technical success. People have different "blind spots" (e.g., finance professionals are likely to click on invoices), and variety increases the chances of finding a template that can bypass specific customers' security filters.
  3. Why might a sandbox fail to catch the malicious file? Because the link was "Identity-Bound." To the scanner, the link appeared to lead to a harmless error page (cloaking), resulting in a false negative.

Cloaking involves showing different content to security scanners than what is presented to the victim. By using Identity-Bound access, the file only reveals itself to the intended target.

The post The Dangerous Momentum of Autodownload Phishing appeared first on Palo Alto Networks Blog.

Enhancing AI-Driven Defense with Anthropicโ€™s Claude Opus 4.7

30 April 2026 at 19:00

As Frontier AI crosses new thresholds, the landscape for both attackers and defenders is shifting. At Palo Alto Networks, we are committed to ensuring defenders maintain the advantage.

To deliver this critical edge, our Unit 42 Frontier AI Defense will now leverage Anthropicโ€™s Claude Security, powered by Opus 4.7. By integrating one of the worldโ€™s most advanced AI models, we are empowering our customers to outpace automated threats. Through Frontier AI Defense, organizations can rapidly assess their security posture, remediate vulnerabilities and harden their infrastructure against next-generation, AI-driven attacks.

We are utilizing Claude Securityโ€™s deep technical reasoning to enable our customers to find and fix vulnerabilities with unprecedented speed. This includes:

  1. AI-Driven Exposure Analysis โ€“ย Identifying complex exploit chains that turn minor findings into critical risks.
  2. Scalable Application Analysis โ€“ย Performing deep-stack code reviews at a scale and depth previously unavailable.
  3. Agentic Defense โ€“ย Powering autonomous workflows that detect and remediate threats at machine speed, backed by human oversight.

Palo Alto Networks is also participating in Anthropic's Cyber Verification Program, which credentials security teams for legitimate defensive use of frontier models.

The threat timeline is accelerating. Within months, AI-driven attack capabilities will become a standard fixture of the threat landscape. Palo Alto Networks is dedicated to ensuring our global customers are equipped with the modern frontier AI models necessary to stay secure both today and tomorrow.

The post Enhancing AI-Driven Defense with Anthropicโ€™s Claude Opus 4.7 appeared first on Palo Alto Networks Blog.

Unit 42 Expands Frontier AI Defense with Armadin Partnership

Frontier AI is changing what is possible for attackers. To meet this escalating threat, Palo Alto Networks is teaming up with Armadin, the new offensive security company founded by Kevin Mandia. This partnership expands our newly introduced Unit 42 Frontier AI Defense service, scaling our ability to identify and remediate AI-driven exposures, and accelerating protection across the enterprise.

Over the past few weeks, weโ€™ve spoken with hundreds of CISOs who universally feel the urgency on the frontlines. Security leaders need to know exactly where they stand against the AI-driven attacks happening right now, and the ones coming in the next six months.

Expanding Frontier AI Defense โ€” The External AI Hyperattack Assessment

For organizations seeking to actively pressure-test their perimeter, this partnership introduces an autonomous, AI-driven offensive assessment of your external attack surface.

This added layer identifies real attack paths and proves exploitability across internet-facing assets. The platform begins with passive discovery, validating publicly exposed assets, cloud resources and secrets. Next, Armadin deploys a coordinated swarm of autonomous AI attack agents, operating at machine speed across your external footprint.

These agents execute active reconnaissance, launch attacks and exploit vulnerabilities in parallel, using over 50,000 templates. Upon initial access, the swarm simulates post-exploitation behavior to demonstrate impact, logging every attack chain as decision-grade evidence of exploitable risk.

Decision-Grade Proof of Exploitable Risk

With this added layer of autonomous simulation, Unit 42 Frontier AI Defense provides an even more rigorous, pressure-tested view of an organization's external attack surface. This allows our experts to accurately simulate the tradecraft of the most capable, AI-equipped threat actors, compressing complex attack lifecycles from days into minutes.

AI may change what is possible for attackers, but in the hands of defenders, it becomes a decisive advantage. This partnership is another important step in making sure that advantage stays with the defenders.

A member of Project Glasswing and OpenAIโ€™s Trusted Access for Cyber (TAC) program, Palo Alto Networks remains the only company equipped to deliver this strategic level of partnership through Unit 42 Frontier AI Defense and the Frontier AI Alliance, driven to integrate cutting-edge technologies into our products and services.

Get started with Unit 42 Frontier AI Defense today.

The post Unit 42 Expands Frontier AI Defense with Armadin Partnership appeared first on Palo Alto Networks Blog.

Securing and Governing AI Agents At Scale Through A Unified AI Gateway

29 May 2026 at 10:00

Palo Alto Networks Completes Acquisition of Portkey

We are pleased to announce that Palo Alto Networks has officially completed the acquisition of Portkey.ย 

We are moving from vision to reality by integrating Portkeyโ€™s pioneering AI Gateway directly into the fabric of the Palo Alto Networks product portfolio. Prisma AIRS AI Gateway will provide a unified vantage point to secure and govern AI agents at scale, offering a mission-critical control plane to identify, authenticate and authorize every agentic interaction in real time.ย ย 

We are delivering the industryโ€™s most comprehensive security and unified control framework for the agentic enterprise, enabling our customers to scale autonomous AI workloads with complete confidence.

The era of the AI Enterprise has arrived. Today, 81% of enterprises are piloting the use of AI agents or have fully implemented AI agent solutions. We aren't just talking about smart chatbots. We are talking about autonomous agents that execute.

By leveraging APIs and MCP servers, these agents navigate complex workflows, access sensitive data and make real-time, business-critical decisions. The question is no longer if companies will adopt AI agents, but how to securely operationalize them without putting the brakes on innovation.ย 

The Challenge: Expanding Attack Surfaces

AI agents are creating a new and largely invisible attack surface. The risk is not just their independence, but the lack of visibility and accountability. Without a centralized enforcement layer for operational and security controls, every team that deploys an agent may unintentionally expose the enterprise to unauthorized data access and heightened security risks.

To solve this, Palo Alto Networks is redefining security for the agentic era. We recently introduced Prisma AIRSโ„ข 3.0, the industryโ€™s first platform to secure the entire agentic AI lifecycle. Portkey's acquisition accelerates that momentum.

The Prisma AIRS AI Gateway: From Chaos to Controlย 

Portkey's AI Gateway will be integrated into Prisma AIRS to deliver the unified control plane that enterprises need to operationalise and secure AI apps and agents at scale.

Moving from โ€œchaos to controlโ€ requires a centralized approach to governance. Currently, many AI initiatives are hindered by fragmented security and a lack of oversight. The AI Gateway solves this by providing a unified vantage point where organizations can enforce consistent policies across all models and agents, ensuring every interaction is identified, authenticated and authorized in real time within a single governing framework.

The Prisma AIRS AI Gateway will establish a mission-critical control plane for the agentic enterprise, enabling teams to move autonomous workloads from development into at-scale production with confidence. With operational features like a unified API to LLMs, an agent registry, semantic routing and caching, the AI Gateway equips enterprises with complete control in one platform. By serving as a centralized enforcement point at the center of Prisma AIRS for all agent traffic, the AI Gateway will provide critical security functions, including Agent Artifact scanning, automated Red Teaming and Runtime Security needed to monitor behavior, route requests and mitigate risks in real time. Crucially, the AI Gateway will reinforce Agent Identity Security via Idira (formerly CyberArk), applying strict protocols to ensure every autonomous action is authenticated and governed by least-privilege controls.

Our vision is for the Prisma AIRS AI Gateway to serve as the industry blueprint for enterprises in the agentic era. By making security a foundational component of the operational lifecycle, we are empowering enterprises to build and govern an AI ecosystem that is secure by design.

ย 

Secure All Agents with the Prisma AIRS AI Gateway

ย 

Why Portkey? The Pioneer in AI Gateways

  • Battle-Tested: Portkeyโ€™s AI Gateway is already supporting the demands of the modern enterprise, at scale, with several Fortune 500 customers, processing trillions of tokens per month with the low latency that is required for agent-to-agent communication. This ensures that agentic security does not come at the cost of developer speed or application performance.ย 
  • Architectural Simplicity: Portkey offers plug-and-play capabilities with just three lines of code required to implement the AI Gateway. The AI Gateway, powered by unified APIs, also provides secure access to over 3,000 LLMs, MCP servers and agents, giving enterprises a flying start to building and executing with AI agents.
  • Better Together: Palo Alto Networks and Portkeyโ€™s joint vision is to make Prisma AIRS the most ubiquitous platform for AI security. With exceptional AI security by Palo Alto Networks combined with Portkeyโ€™s AI Gateway, we will offer a comprehensive AI Security platform.

Prisma AIRS comprehensive AI App and agent security platform.

Whatโ€™s Next?

The era of AI Enterprises is here. Weโ€™re making sure it is secure by design. The complexity of managing agents and securing them has long created friction in enterprises. With the integration of Portkey into Prisma AIRS, we will remove the trade-off between agent autonomy and authority. We are ensuring that as businesses accelerate into the era of autonomous agents, the security architecture isnโ€™t just keeping up, it is setting the pace.ย 

Learn more about Prisma AIRS - the worldโ€™s most comprehensive AI security platform.

Forward-Looking Statements

This blog contains forward-looking statements that involve risks, uncertainties, and assumptions, including, but not limited to, statements regarding the anticipated benefits and impact of the acquisition of Portkey on Palo Alto Networks, Portkey and their customers. There are a significant number of factors that could cause actual results to differ materially from statements made in this blog, including, but not limited to: risks related to disruption of management time from ongoing business operations due to the acquisition and the integration of Portkey and other recent acquisitions; our ability to effectively operate Portkey's operations and business, integrate Portkeyโ€™s business and products into our products, and realize the anticipated synergies in the transaction in a timely manner or at all; changes in the fair value of our contingent consideration liability associated with acquisitions; developments and changes in general market, political, economic and business conditions; failure of our platformization product offerings; risks associated with managing our growth; risks associated with new product, subscription and support offerings; shifts in priorities or delays in the development or release of new product or subscription or other offerings or the failure to timely develop and achieve market acceptance of new products and subscriptions, as well as existing products, subscriptions and support offerings; failure of our product offerings or business strategies in general; defects, errors, or vulnerabilities in our products, subscriptions or support offerings; our customersโ€™ purchasing decisions and the length of sales cycles; our ability to attract and retain new customers; developments and changes in general market, political, economic, and business conditions; our competition; our ability to acquire and integrate other companies, products, or technologies in a successful manner; our debt repayment obligations; and our share repurchase program, which may not be fully consummated or enhance shareholder value, and any share repurchases which could affect the price of our common stock.

Additional risks and uncertainties that could affect our financial results are included under the captions "Risk Factors" and "Management's Discussion and Analysis of Financial Condition and Results of Operations" in our Quarterly Report on Form 10-Q filed with the SEC on February 18, 2026, which is available on our website at investors.paloaltonetworks.com and on the SEC's website at www.sec.gov. Additional information will also be set forth in other filings that we make with the SEC from time to time. All forward-looking statements in this blog are based on information available to us as of the date hereof, and we do not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.

The post Securing and Governing AI Agents At Scale Through A Unified AI Gateway appeared first on Palo Alto Networks Blog.

Received โ€” 23 April 2026 โญ Palo Alto Networks Blog

Palo Alto Networks and Google Cloud

22 April 2026 at 18:00

Expand Strategic Collaboration to Secure the AI Enterprise

The transition from generative AI to agentic AI represents one of the most significant shifts in the history of enterprise technology. As organizations move from simple chatbots to autonomous agents that can execute business processes, the attack surface isn't just changing, it's exploding.

At Google Cloud Next 2026 in Las Vegas, Palo Alto Networks is proud to announce a series of groundbreaking integrations with Google Cloud. These innovations are designed to do more than just monitor the new AI-driven landscape; they are built to secure it by design. AI deployment is currently outpacing AI governance. By embedding our security platform into Google Cloudโ€™s infrastructure, we are giving todayโ€™s enterprises the foundation to become the autonomous organizations of tomorrow.

Here is a look at the four major milestones of our partnership being unveiled this week.

Secure AI Agents with Google Cloud + Prisma AIRS

As autonomous AI agents become the new enterprise standard, security can no longer be an afterthought; it must be architectural. By integrating Prisma AIRSโ„ข natively with Google Cloud Gemini Enterprise Agent Platform, we provide the proactive defenses required to govern complex agentic workflows. This integration ensures that as you scale your autonomous workforce, your security scales with it, providing comprehensive operational integrity without hindering the speed of innovation.

We are delivering capabilities across three critical pillars:

  • Protecting Agent-Specific Runtime Risks: In an agentic ecosystem, the primary risk is unauthorized or a destructive action taken by the AI agents themselves. Prisma AIRS secures the "agent-to-tool" interface, preventing poisoned context from triggering malicious scripts or destructive actions. The solution monitors agent execution in real-time, so agents cannot leak sensitive credentials or tool schemas, maintaining the boundary between agents and their access to enterprise data.
  • Securing the GenAI Application Surface: Modern AI applications and agents require a secure-by-design approach. Prisma AIRS AI Runtime Securityโ„ข provides prevention of more than 30 adversarial prompt injection and jailbreak techniques, as well as malicious code and URLs within LLM outputs. Prisma AIRS utilizes over 1,000 predefined patterns out of the box and ML-powered Enterprise DLP to stop sensitive data leakage.
  • Enforcing Enterprise AI Safety and Grounding: Trust in AI is built on the consistency and safety of its output. Prisma AIRS allows organizations to define safety policies in natural language and filter toxic content across eight distinct categories to protect brand reputation. Using contextual grounding, Prisma AIRS can prevent misleading outputs that contradict internal RAG data, keeping agents tied to real facts.

This integration ensures that as you scale your autonomous workforce, your security posture scales with it, providing operational integrity without hindering the speed of innovation.

Security-as-Code for Prisma AIRS Integration with Application Design Center (ADC)

The traditional bolt-on approach to security is no longer viable in a cloud-first world. Google Cloudโ€™s Application Design Center (ADC) is revolutionizing how applications are built, using an intuitive canvas and natural language via Gemini Code Assist.

Palo Alto Networks is announcing that it will be published as a template within the Application Design Center, providing more capabilities to engineering teams:

  • Drag-and-Drop Security โ€“ Visually "snap" VM-Series firewalls and Prisma AIRS AI protections directly into network flows.
  • AI-Driven Architecture โ€“ Use natural language prompts to generate secure-by-default, multiregion architectures.
  • Simultaneous Deployment โ€“ Deploy entire application stacks and security services in a single, unified workflow, ensuring protection is present from the very first minute of deployment.

Zero-Day Protection at Scale with Advanced Malware Sandboxing for Google Cloud NGFW Enterprise

The battle against malware has shifted to the cloud. Modern attacks are faster, more evasive and capable of bypassing traditional defenses.

That is why we are excited to announce Advanced WildFireยฎ, powered by Palo Alto Networks, natively integrated into Google Cloud NGFW Enterprise, delivering AI-driven malware prevention directly within Google Cloud environments.

This integration embeds inline sandboxing and real-time threat intelligence directly into Google Cloudโ€™s distributed firewall to stop advanced and unknown threats before they impact workloads, enabling:

  • Secure Detonation โ€“ Suspicious files are safely executed in a controlled sandbox environment to uncover hidden and unknown threats.
  • Inline Traffic Inspection โ€“ Inbound and outbound traffic is analyzed in real time to prevent lateral movement of malicious payloads across cloud environments.
  • AI-Driven Threat Prevention โ€“ Leverages global threat intelligence by Palo Alto Networks to block zero-day threats before they compromise workloads.

With Advanced WildFire embedded directly into Google Cloud NGFW Enterprise, organizations can extend consistent protection across their cloud infrastructure while maintaining operational simplicity.

Cloud NGFW Enterprise Advanced Malware Sandboxing will be available in Public Preview soon.

Defining the Future with the Google Cloud Marketplace

Palo Alto Networks has joined the Google Cloud Marketplace Agent-as-a-Service as a launch partner to introduce the Prisma AIRS Model Security agent. Operating as an Agent-as-a-Service, this solution scans AI models for vulnerabilities and policy noncompliance before they reach production.

Available in the Agent Gallery inside Gemini Enterprise, this marketplace offering runs entirely within the customerโ€™s own Google Cloud environment, providing both new and existing Prisma AIRS users a seamless and simple deployment experience inside Gemini Enterprise.

Securing AI Innovation at Scale

The collaboration between Palo Alto Networks and Google Cloud is built on a shared vision: Security should be an accelerator for innovation, not a bottleneck. As we look toward the future of the AI-powered enterprise, our commitment remains to provide the most robust, platform-driven security for every workload, every agent and every interaction.

Want to see these integrations in action? Contact your Palo Alto Networks representative to learn more about how we are securing the future of the cloud together. If youโ€™re attending Google Cloud Next 2026, join us at these sponsored sessions:

The post Palo Alto Networks and Google Cloud appeared first on Palo Alto Networks Blog.

Scaling AI Agents with Confidence

22 April 2026 at 17:59

The Google Cloud and Palo Alto Networks Partnership

As AI agents move into business-critical environments, they are transforming everything from security operations to internal workflows. However, scaling these AI applications introduces unprecedented hurdles for security executives, from detecting "shadow AI" and unsanctioned usage to governing complex nonhuman identities across multimodel environments.

To overcome these challenges, organizations need more than just tools; they need a layered architecture built on a foundation of platformization. The long-standing partnership between Palo Alto Networks and Google Cloud provides this essential framework, offering customers:

  • Integrated Security Ecosystems: Seamlessly manage the full agent lifecycle with visibility and observability across your entire AI infrastructure.
  • Jointly Engineered Solutions: Leverage over 80 co-engineered integrations designed to eliminate the tradeoff between a cloud-native experience and best-in-class security.
  • Proven Scale and Performance: Benefit from a partnership that has already delivered impactful, AI-driven solutions to protect joint customers from evolving threats.

Google Cloud Marketplace enables customers to discover, try, buy and use industry-leading applications that have been validated to run on Google Cloud. Palo Alto Networks has closed $2.4 billion in GCP bookings, helping address evolving customer needs, such as simplified procurement and seamless deployment.

Kevin Ichhpurani, President, Global Partner Ecosystem at Google Cloud:

Weโ€™re pleased to celebrate Palo Alto Networks as our Global Technology Partner of the Yearโ€ฆ Palo Alto Networks has consistently delivered impactful, AI-driven security solutions that help Google Cloud customers better protect their organizations from evolving threats.

The extensive, long-standing collaboration between Palo Alto Networks and Google Cloud includes jointly engineered offerings, built on 80 solution integrations that help customers build, run and secure AI-enhanced cloud infrastructure and applications with end-to-end protection.

Palo Alto Networks Wins 2026 Global Technology Google Cloud Partner of the Year Award

At Google Cloud Next, Palo Alto Networks has been recognized with four 2026 Google Cloud Partner of the Year awards. By partnering with Google Cloud, we help customers securely leverage the power of the cloud and AI-driven growth with comprehensive cloud-native security offerings. Wins included the following:

  • Global Technology
  • Marketplace: Technology
  • Marketplace: Security
  • Security: Artificial Intelligence

These Partner of the Year Awards underscore our expanding partnership with Google Cloud. We share a mutual dedication to improve cloud, network security and AI observability, as well as the progress weโ€™ve made in protecting our joint customers from todayโ€™s and tomorrowโ€™s cyberthreats.

By combining our industry-leading security engineering with Google Cloudโ€™s industry-leading cloud infrastructure and services, weโ€™re providing advanced protection for every stage of a customerโ€™s digital journey. We want customers to feel secure from the formative steps of lifting workloads into the cloud, to expanding digital innovation across platforms, to reaching new levels of business scale and velocity.

Protecting these journeys requires alignment and modernization of infrastructure (lift and shift), applications (refactoring) and user access models (zero trust). It requires an advanced AI drive security operations transformation across all IT domains, leveraging machine learning and sophisticated models to minimize human interventions and unguarded sides.

Our relationship with Google Cloud is based on a deep engineering relationship, yielding integrated solutions that help customers achieve better digital outcomes. Our partnership can help your organization eliminate tradeoffs between a cloud-native experience and best-in-class security. We have more than 80 co-engineered integrations, helping to improve and protect hybrid workers, cloud migrations and application modernization efforts.

We remain committed to our goals of outpacing cyberthreats, helping customers at every stage of their cloud journey, and creating a world where tomorrow is more secure than today.

Whether youโ€™re just beginning your cloud journey or managing complex transformational projects, our jointly engineered, AI-driven solutions are designed to deliver seamless, scalable security. Explore the dynamic partnership between Palo Alto Networks and Google Cloud. Join us at Google Cloud Next '26 in Las Vegas from April 22-24 to discover how to secure your development lifecycle from code to cloud.

The post Scaling AI Agents with Confidence appeared first on Palo Alto Networks Blog.

Palo Alto Networks Joins DNS-OARC as a Platinum Member

Palo Alto Networks recently joined the DNS-OARC community as a Platinum Member. Together, our organizations share a commitment to advancing collaboration in research and operational excellence across the global DNS ecosystem. DNS is critical to both internet infrastructure and security, and this collaboration facilitates the sharing of real-world insights among researchers and practitioners.

Our Contribution

We help organizations secure their digital environment with a comprehensive portfolio of cybersecurity solutions spanning Network, Cloud, Security Operations, AI and Identity. Trusted by more than 70,000 customers worldwide and informed by Unit 42ยฎ Threat Intelligence, their AI-driven platforms help organizations reduce complexity, modernize with confidence, and securely enable innovation.

As a Platinum Member, our subject matter experts will actively participate in the DNS-OARC community by engaging in discussions and contributing to research on evolving DNS threats and network challenges. The growing intersection of DNS and security makes access to intelligence and experience increasingly important. It strengthens the communityโ€™s ability to respond to emerging challenges and improves resilience across the internet.

Through our participation, our customers will gain stronger protection informed by community-driven intelligence and real-world operational insight. These learnings are continuously integrated into our threat intelligence and security capabilities. Our participation signals our support for DNS-OARCโ€™s mission of fostering open dialogue and shared learning across the DNS ecosystem. This collaboration helps bridge DNS operations with broader security practices, improving coordination between operators, researchers and security practitioners.

Our Commitment to the DNS-OARC and Global Communities

Collaboration between our organizations strengthens the connection among DNS operations and modern security practices by bringing together operational insight and a global community dedicated to advancing the internetโ€™s resilience.

For the DNS-OARC community, our commitment enhances knowledge sharing around evolving DNS threats, large-scale network operations and practical approaches to emerging challenges.

For organizations and customers, it reinforces a stronger alignment between DNS infrastructure and security, expands access to community-driven intelligence and supports more resilient, well-informed defenses.

Tong Zhao, Senior Manager of DNS Security Engineering, Palo Alto Networks:

We recognize the critical role of DNS-OARC in DNS operations and research. The teams from Palo Alto Networks believe that our DNS-OARC membership aligns perfectly with our goals. We are eager to participate in and contribute to the DNS community.

Our partnership with the DNC-OARC highlights the value of open collaboration in helping both the community and its participants stay ahead of an increasingly complex threat landscape. To learn more about how our expertise and insights support DNS-OARCโ€™s mission to improve the security and stability of the internetโ€™s DNS, visit DNS-OARC.

The post Palo Alto Networks Joins DNS-OARC as a Platinum Member appeared first on Palo Alto Networks Blog.

The AI Ecosystem Edge โ€” Introducing Our Frontier AI Alliance

17 April 2026 at 21:00

Acting swiftly with intent, together with Accenture, Deloitte, IBM, NTT DATA and PwC

With the imminent release of unbounded frontier models, the barrier to entry for sophisticated cyberattacks has vanished. Anthropicโ€™s Mythos represents a 50% leap in coding capability over previous models. Itโ€™s a leap that, as Lee Klarich stated, translates into autonomous agents capable of both surfacing a massive surge of vulnerabilities and exploiting them faster than weโ€™ve ever seen or imagined.

In this new era, business continuity requires more than just better tools; it requires a unified ecosystem of experts capable of orchestrating a defense that matches this new pace of attack.

As we drive the industry standard for addressing these emerging risks with our Unit 42ยฎ Frontier AI Defense, weโ€™ve united an alliance of global transformation leaders, starting with Accenture, Deloitte, IBM, NTT DATA and PwC, and will continue to scale these alliances to ensure every enterprise has a rapid path to AI resilience.

Frontier AI Alliance: Palo Alto Networks, Accenture, Deloitte, IBM, NTT Data, pwc.

By combining the worldโ€™s most advanced AI security platform with deep industry expertise, we are delivering the security assessment and rapid protection needed to help customers stop emerging threats and keep their business resilient.

Rex Thexton,
Chief Technology Officer, Accenture Cybersecurity:

As AI-driven attacks accelerate to machine speed, organizations must rethink how they protect critical assets. Together with Palo Alto Networks, we're helping clients automate protection and reduce risk. By enabling an autonomous defense posture that detects and responds in minutes, we can empower organizations to scale their AI innovation with confidence.

Deborah Golden,
principal, Deloitte:

As AI-driven threats accelerate, our mission is to help clients move even faster. By combining Deloitte's implementation experience with Palo Alto Networks' AI blueprint, we are rapidly delivering more complete security coverage to clients with near-real-time responsiveness, turning potential vulnerabilities into a foundation for resilient innovation.

Mark Hughes,
Global Managing Partner of Cybersecurity Services, IBM Consulting:

In an environment where frontier models let attackers move faster than ever, organizations need defenses that can keep up. Joining the Frontier AI Alliance strengthens our commitment to helping organizations prepare for this new class of agentic, machine speed threats. IBM Autonomous Security plus Palo Alto Networks technologies bring together interoperable, vendor-agnostic digital workers that operate across an organization's full security stack, enabling security programs to act as a system rather than a collection of disconnected tools.

Sandip Gupta,
Head of Global Strategic Alliances, NTT DATA:

Frontier AI is reshaping the economics of cyber defense. As threat actors move faster and operate with greater automation, organizations need a more resilient and adaptive approach to protecting business continuity. Through the Frontier AI Alliance, NTT DATA is combining Palo Alto Networks' innovation with its global cybersecurity solutions and deep industry experience to help clients close critical security gaps, reduce complexity and strengthen resilience against AI-powered threats.

Morgan Adamski,
Principal and Cyber, Data, & Technology Risk Leader, PwC:

As AI-enabled cyber risk accelerates in both speed and scale, organizations cannot remediate issues fast enough through traditional approaches. Palo Alto Networks Unit 42 Frontier AI Defense combines Palo Alto Networks innovation in vulnerability discovery with PwC's expertise to prioritize what matters, accelerate remediation, and build governance and resilience frameworks that operate at machine speed.

01/05

By engaging directly with Palo Alto Networks, or working with our partners through the Frontier AI Alliance, our customers can move past the complexity of building an AI-ready defense from scratch and gain:

  • Accelerated Immunity: Go from a high-exposure state to a hardened posture using a prevalidated AI Defense Blueprint, delivering coverage in weeks, not years.
  • On-Demand Expertise: Our partners provide the specialized prompting and verification required to make the latest AI Frontier models work for the defender.
  • Operational Resilience: While Unit 42 provides the Frontier AI Exposure Analysis, our ecosystem partners provide the boots on the ground to remediate those findings and leverage our product portfolio to deliver AI-readiness to your enterprise.

The threat of Mythos-class models is imminent, but the path to resilience is clear. Whether you are looking for an immediate strategic assessment or a deep operational overhaul, the Frontier AI Alliance is ready to move at the speed of your business.

The post The AI Ecosystem Edge โ€” Introducing Our Frontier AI Alliance appeared first on Palo Alto Networks Blog.

Defender's Guide to the Frontier AI Impact on Cybersecurity

17 April 2026 at 15:51

The release of the newest frontier AI models marks a turning point for cybersecurity. Palo Alto Networks has conducted early testing of the latest frontier AI models, including Anthropicโ€™s Mythos model as part of Project Glasswing and OpenAIโ€™s latest models as part of Trusted Access for Cyber program. The conclusion is clear: They are extraordinarily capable at finding vulnerabilities and generating corresponding exploits.

This generational improvement in coding ability directly translates to a significant advance in vulnerability discovery and exploit generation. These capabilities, however guardrailed, will not stay contained. Similar advances will appear across other major AI labs, Chinese models, and open source models. Attackers will find the seams in those guardrails. They will use advanced AI to discover zero-day vulnerabilities at scale, generate exploits in near real time, and develop autonomous attack agents unlike anything the industry has faced.

Within six months, advanced AI models with deep cybersecurity capabilities will become commonplace. Organizations that have not put appropriate safeguards in place will face an entirely new class of risk across their enterprise and critical infrastructure.

Frontier AI: A Quantum Leap in Code Fluency

As you have probably already seen, the latest unbounded models like Mythos represent roughly a 50% improvement in coding efficiency over Anthropicโ€™s previous leading model. Palo Alto Networks has had early access to unbounded models and weโ€™ve been able to leverage this vast improvement in coding to a quantum leap in scanning and offensive capability.

Hundreds of our best security engineers have been assessing these capabilities and developing best practices for using it effectively. The results revealed several core truths:

  • Vulnerability discovery at scale: Frontier AI is exceptionally effective at identifying vulnerabilities in code. In less than three weeks, it accomplished the equivalent of a full yearโ€™s worth of penetration testing effort.
  • Attack path determination: Perhaps more impressive than finding individual vulnerabilities, Frontier AI excels at vulnerability chaining, combining multiple lower-severity issues into critical-level exploit paths. For example, linking two medium-severity and one low-severity vulnerability into a single critical exploit.
  • Full-stack logic analysis: Frontier AI can analyze the full exposure surface of applications, including SaaS and public-facing platforms, identifying logic-based vulnerabilities that traditional tools miss.

Impacts on the Cyber Landscape

Attackers have been using LLMs for years, but based on our testing of frontier AI models, there are three key areas where they will have a significant impact on the cybersecurity landscape:

  1. The Vulnerability Deluge: Frontier AI models will dramatically accelerate the rate at which vulnerabilities are discovered, by defenders and attackers alike. This will be particularly acute in open source and critically, the flood of patches that follows will itself create risk. Every patch that is not applied immediately becomes a known, targetable vulnerability. Organizations will need to accelerate and automate their patching programs, rethink how they prioritize and apply patches, and ensure best-in-class protections are in place to mitigate vulnerability until they can be remediated.
  2. Rise of Inside-Out Attacks: Recent supply chain attacks on tools like LiteLLM and Trivy demonstrate a growing pattern where attacks land adversaries inside an organizationโ€™s infrastructure, bypassing multiple conventional attack steps and reducing the number of prevention opportunities available to defenders. The rapid deployment of AI infrastructure has made this problem more acute as the AI supply chain, including runtime environments, communication infrastructure, and model dependencies, is often insufficiently protected. While open source usage and patching practices must become significantly more robust, organizations will need structural containment of potential attacks through zero trust, identity modernization, outbound connection restrictions and lateral movement protections.
  3. Faster AI-Assisted Attack Cycles: I expect the most consequential shift with frontier AI models is the move from AI-assisted to AI-driven attacks. Attackers will build autonomous attack agents that dramatically compress attack cycle times. What once took days or weeks of skilled manual effort will soon be executed in minutes. This democratization of advanced attack capabilities means that defenders must match that speed with near-real-time detection and response, which is only possible with extensive AI and automation throughout security operations. Organizations whose Mean Time to Detection and Mean Time to Response are not measured in low single-digit minutes will be outpaced.

The Defenders Guide: Assessment, Protection, Platformization

The framework for defending against AI-driven threats is not completely new, but the standard for execution must be absolute. Organizations that are โ€œmostly protectedโ€ are effectively unprotected. What follows is a phased approach โ€“ assessment, protection and platformization โ€“ that organizations should pursue in parallel to close gaps before attackers exploit them.

Assessment: Every organization should use the latest AI models to assess its entire code and application landscape and build a comprehensive asset and exposure inventory.

Key priorities:

  • Leverage AI models to identify vulnerabilities across your codebase, applications and infrastructure before attackers do.
  • Evaluate exposure with full context, including how vulnerabilities chain together to form critical exploit paths.
  • Audit your open source supply chain, including AI infrastructure, runtime environments and model dependencies.
  • Map your current sensor coverage. Detection, prevention and telemetry gaps represent critical blind spots.

Protect & Remediation: Remediating and reducing exposure is table-stakes. What in the past may have been difficult due to cross-organizational friction of finding and fixing at pace should now be accelerated with the c-suite attention of these new AI models. But this must go further and extend to comprehensive deployment of best-in-class attack prevention capabilities where the new standard is 100% coverage and optimization.

  • XDR everywhere, with emphasis on real-time ML-based detection and prevention of attacks; all hosts on prem and cloud included.
  • Agentic endpoint security to secure wide-scale adoption of vibe coding and AI security across the enterprise (e.g. Prisma AIRS and our recent acquisition of Koi is now a necessity for securing the agentic endpoint).
  • With an average of 85% of work now happening in the browser, secure enterprise browsers with real-time security become a must-have for attack prevention.
  • Zero trust and identity security are foundational to securing every user and every connection.

Real-Time Security Operations: With attack cycle times shrinking rapidly, the legacy approach to security operations simply doesnโ€™t work. Disparate tools analyzing data in silos overlaid with manual processes must be replaced with AI and automation throughout. Cortex XSIAM, our AI-driven SOC platform, is what I consider to be the gold standard for how to take a next-generation approach to deliver MTTD and MTTR in single digit minutes.

  • Attack detections must be AI/ML driven to detect even frequently-changing and novel attacks at scale.
  • These AI detections must operate against a wide range of 1st party and 3rd party data sources โ€“ a best in class AI SOC must operate on ALL relevant data sources.
  • Automation both natively integrated and throughout the SOC lifecycle is necessary to achieve single digit MTTR; this automation will increasingly be agentic.
  • This must be delivered as a platform to remove the seams and gaps between point solutions.

Weโ€™re Here to Help

Achieving this level of resilience requires the right platforms and the right expertise.

To help you navigate this shift, we are introducing Unit 42 Frontier AI Defense. This new offering is designed to discover and remediate your current exposure before attackers do, strengthen controls that reduce exposure and contain impact and modernize operations so teams can detect and respond at machine speed.

This is the moment weโ€™ve been preparing for. The threat has never been more sophisticated, but the path forward has never been clearer, and weโ€™re here to partner with you on what comes next.

The post Defender's Guide to the Frontier AI Impact on Cybersecurity appeared first on Palo Alto Networks Blog.

Introducing Unit 42 Frontier AI Defense

17 April 2026 at 15:13

Frontier AI models have given the security industry a preview of what comes next. As they become weaponized, attackers will automate the discovery and chaining of vulnerabilities in near real-time โ€“ compressing timelines, increasing scale and outpacing human-led defense.

Zero-day discovery at scale, immediate exploitation, defense-in-depth evasion, systemic supply chain exposure, autonomous attack execution.

Until now, defenders have had time to detect activity, investigate signals and contain threats before exposures were chained into full attacks. AI is quickly closing this window.

Defending against AI-driven threats means engineering a resilient architecture that limits how easily attackers can exploit discovered weaknesses, that contains the blast radius when they do, and enables faster response at scale. It also means using AI to accelerate the security program itself, from vulnerability discovery and code review to triage, remediation and incident response.

The transition should cover three areas. First, discover and remediate your current exposure before attackers do. Second, strengthen controls that reduce exposure and contain impact. Third, modernize operations so teams can detect and respond in real-time.

To help organizations make this shift, Palo Alto Networks is launching Unit 42ยฎ Frontier AI Defense.

Powered by the latest AI models, Unit 42 Frontier AI Defense helps organizations answer a critical question: Are your defenses ready for AI-powered attacks?

Unit 42 Frontier AI Defense combines three core components delivered by expert consultants, coupled with 6 months of complimentary access to Cortexยฎ XDR, Cortex Xpanseยฎ and Koi Agentic Security.

Frontier AI Exposure Analysis: Identify and validate the exposures most likely to be chained into real attacks before attackers weaponize them.

Actions

    • Use the latest frontier models, Unit 42 offensive security expertise, threat telemetry and Unit 42 Threat Intelligence to assess your environment.
    • Identify the vulnerabilities, misconfigurations and posture gaps most likely to be exploited across infrastructure, applications, code, identity and cloud.
    • Validate the attack paths most likely to matter in real-world attacks.

Outputs

    • A prioritized view of vulnerabilities and attack paths that matter most
    • Clear actions to fix the exposures that matter first

Autonomous Security Blueprint: Benchmark current capabilities and define the changes required for machine-speed defense.

Actions

    • Assess current-state capabilities across attack surface, identity, software supply chain, zero trust containment, as well as real-time detection and response.
    • Identify where AI-powered threats create the greatest exposure and where current controls are most likely to fail.
    • Define the technical and operational changes required to close those gaps.

Outputs

    • A clear blueprint for immediate action
    • A prioritized roadmap to reduce exposure, strengthen containment and modernize security for the AI era

Agentic Defense Transformation: Implement the prioritized architecture, control and operating changes needed to modernize defenses for AI-driven threats.

Actions

    • Implement the architectural, operational and control changes required to defend against AI-driven threats.
    • Modernize exposure management, harden the software supply chain, and advance zero trust architecture.
    • Build response capabilities that can keep pace with autonomous attacks.

Outputs

    • Accelerated implementation of the changes that matter most
    • A more modern security architecture, built to reduce exposure and improve containment

The Window Is Still Open, for Now

AI is the biggest security inflection point since enterprises moved to the cloud. Organizations that act now will be the ones that are ready. Those that wait will be forced to respond under maximum pressure on the worst possible day.

Frontier AI is changing what is possible for attackers. In the hands of defenders, it can become a decisive advantage.

Human-speed security is no longer enough. A modern security approach is required. Get started with Unit 42 Frontier AI Defense today.

*The complimentary offer is not available to public sector customers or current Cortex XDR, Cortex Xpanse or Koi customers.

The post Introducing Unit 42 Frontier AI Defense appeared first on Palo Alto Networks Blog.

Securing the UKโ€™s Digital Future

16 April 2026 at 10:00

Our Commitment to Data Autonomy and National Resilience

The United Kingdom has established itself as a leading global cyber power. Over the last decade, Palo Alto Networks has been proud to work alongside British institutions to protect the digital borders of a highly innovative economy. As UK organisations navigate an evolving threat landscape and adopt transformative technologies, like AI, the need for security partners who understand British operational realities has never been greater.

The Path to Digital Autonomy, Resilience and Control

Organisations today require more than a technology provider. They need a partner that understands the specific legal frameworks and strategic priorities of the British landscape. We are reaffirming our deep commitment to the UK, safeguarding British data as a core part of national resilience, even as both technology and cyber adversaries evolve.

The targeting of UK infrastructure is a daily operational reality. According to our Unit 42 2026 Global Incident Response Report, attackers are moving at unprecedented speed, with exfiltration speeds for the fastest attacks quadrupling in 2025. Identity weaknesses played a material role in almost 90% of Unit 42ยฎ investigations, as attackers increasingly exploit stolen credentials and fragmented identity systems to escalate privileges and move laterally. These threats span across all sectors, from NHS patient data to local government systems and energy networks.

UK organisations need partners who understand their unique requirements. While our broader European commitments provide a strong foundation, we recognise that the UK requires a dedicated focus across data protection, critical infrastructure security and public-private collaboration. This includes a deep-rooted local presence, aligning our operations with national standards of protection to support British ingenuity and ambition.

Control Over Your Data

Genuine data control requires two things: understanding exactly how and under which laws your information is handled and having the technical capabilities to enforce that control.

For UK customers, we provide the capability to host data within UK-based infrastructure, ensuring that critical data can be stored in regions that align with UK data protection requirements. Additionally, for applicable products and services, we offer Bring Your Own Encryption Keys (BYOK) capabilities, giving you direct control over the encryption protecting your data.

Our agreements are built to comply with UK GDPR requirements and include the necessary protections for any cross-border data transfers. But beyond contractual obligations, we operate on a fundamental principle: Your data serves only the purpose for which youโ€™ve engaged us.

How we handle different data categories:

1. Customer and Personal Data Are Processed Only to Serve You

We process your Customer Data and Personal Data exclusively to deliver the services you have purchased. This includes the content of your communications and files uploaded for support. The purpose is singular: delivering the security and protection youโ€™ve contracted us to provide.

2. Systems Data Is Used to Enhance Functionality and Collective Defence

To provide effective security, our products generate Systems Data, which includes technical logs, performance metrics and threat indicators. This information serves three main purposes: ensuring the day-to-day functionality of your services, enabling our teams to provide expert technical support and troubleshooting, and powering our global threat research capabilities.

When a new threat is detected against a specific UK sector, our entire network receives updated protection within minutes. This allows British organisations to benefit from global threat intelligence. We handle Systems Data in ways that preserve your operational privacy, ensuring the intelligence value comes from understanding threat patterns, not identifying individual organisations.

For detailed technical information on how we categorise and handle data, see our Customer Data, Personal Data and Systems Data whitepapers.

Transparency in Practice

We publish a biannual Transparency Report detailing all government and law enforcement data requests we receive. This isnโ€™t simply about compliance. Itโ€™s about providing UK organisations with verifiable evidence of how we handle requests, enabling informed risk assessment and governance oversight. For more information, please visit the Privacy Section in our Trust Center.

Securing Critical National Infrastructure

The UKโ€™s 13 sectors of Critical National Infrastructure represent the backbone of society. These sectors require security solutions built with an understanding of their unique threat models, from the specific requirements of an NHS trust to the challenges facing an energy provider.

We currently serve hundreds of UK public sector organisations across government, health and critical infrastructure sectors, which include the UK Government, UK Home Office and the Ministry of Justice.

Operational Resilience

For the UKโ€™s most critical services, operational resilience is paramount. Our security platforms are designed for high availability and reliability, helping organisations maintain continuous protection even during disruptions.

Trust and Transparency

Palo Alto Networks is deeply integrated into the UKโ€™s security ecosystem, ensuring our solutions exceed national benchmarks for resilience and transparency.

We hold Cyber Essentials Plus certification and align with the NCSC Cloud Security Principles, providing assurance to customers that we adhere to the highest security protocols to protect their most critical assets. As a Software Security Ambassador and a committed supporter of the NCSC Telecom Vendor Assessment, we are committed to enhancing the security of the UKโ€™s telecommunications and software supply chains.

Beyond compliance, our Unit 42 team serves as an NCSC-assured Cyber Incident Response (CIR) Enhanced Level provider, offering specialised incident support to help UK organisations navigate and recover from the most complex incidents. For customers with specific requirements, particularly in defence and national security, we can provide support from personnel in countries with compatible security standards and legal frameworks. We are committed to the Telecommunications Security Act (TSA) Code of Practice, supporting the resilience of the UKโ€™s public telecommunications networks.

Strengthening Local Expertise with National Impact

Our investment in the UK extends across our people, infrastructure and local expertise. Operating from our London hub, we remain deeply connected to the communities we serve and make a direct and indirect contribution to the UK economy. Our UK-based teams span engineering, threat research, professional services, policy and security strategy, and have a deep understanding of the UK market and the requirements of our customers. We also partner with NCSC CyberFirst and others on developing the next generation of cyber talent, and our Cyber Academy Program partners with universities and colleges all over the UK to train the next generation of cyber defenders.

A Partnership Built on Trust and Verifiable Commitments

The UKโ€™s digital autonomy increasingly depends on its ability to secure both cyber infrastructure and the emerging AI economy. This requires partnerships that serve the UKโ€™s long-term national interests, grounded in trusted institutions, local expertise and transparency that enables commitments to be verified, not simply asserted.

We recognise that the UKโ€™s cyber landscape is shaped by its legal framework, strategic priorities and threat environment. From protecting critical infrastructure to enabling the secure adoption of AI, organisations across the UK need to trust their security partner to deliver on their commitments. Palo Alto Networks is committed to maintaining and increasing that trust through verifiable action, transparency, accountability and an enduring partnership.

To learn more about our comprehensive commitment to digital trust, privacy and security, visit the Palo Alto Networks Trust Center.

The post Securing the UKโ€™s Digital Future appeared first on Palo Alto Networks Blog.

Announcing ADEM Universal Agent

Delivering Exceptional Branch Experience for Modern Distributed Enterprises

In modern enterprises, the "network perimeter" is a relic of the past. As organizations scale globally to support home offices, satellite branches and third-party clouds, the challenge has shifted. Now the onus is on optimizing the end-to-end digital experience. And to maintain that edge, enterprises must operate at machine speed, supported by agentic autonomous operations. They must make sure that every user, regardless of their location or underlying hardware, experiences uninterrupted performance, seamless security and peak user experience from โ€œDay 0โ€ to keep pace with the speed of business.

To meet this demand, we are proud to announce the general availability of the Autonomous Digital Experience Management Universal Agent, or ADEM Universal Agent, for Prismaยฎ Access customers. This breakthrough marks a significant milestone in our mission to automate deployment and operations by unifying fragmented infrastructure and providing the flexibility to deploy, using infrastructure hardware of your choice.

Continued Data Gap Is a Roadblock for Agentic Operations

Organizations are shifting toward "best-of-breed" architectures to operate at machine speed, but they often lack the unified telemetry required for automated operations. Any tool built on top of this architecture to enhance the digital experience is only as effective as the data it consumes. Traditional monitoring tools often lack the precise data and contextual correlation needed to drive agentic resolution. In this siloed landscape, three critical gaps have emerged:

  • Data Entropy: Fragmented data is inconsistent and leads to unreliable automation. Without unified data, automated workflows become unreliable and risky to execute at scale.
  • Hardware Dependency: Traditional monitoring agents often require specific hardware platforms, which can severely limit deployment speed and the ability to adapt to diverse customer infrastructures.
  • Blind Spots: Data entropy and hardware dependency have resulted in data gaps, and therefore visibility gaps at the edge, and as a result, automated systems cannot pinpoint root causes, leaving IT teams trapped in manual troubleshooting.

To operate at machine speed, enterprises need more than visibility. They need a unified, high-fidelity data engine to create the foundation of fail-safe autonomous operations for a stellar digital experience.

The Universal Agent Contributes to a Unified Data Engine for Agentic Autonomy

The ADEM Universal Agent is a hardware-agnostic solution that can be deployed on any branch site connecting to Prisma Access. It can be hosted on virtual machines or Docker containers, regardless of the underlying infrastructure. ADEM Universal Agent transforms branch experiences by providing a unified data engine for agentic operations:

  • Deploy Anywhere and Monitor Everywhere
    The Universal Agent can be deployed at any branch site connected to Prisma Access, enabling IT teams to run synthetic tests from the branch regardless of underlying infrastructure hardware.
  • Bridge the Gap Between Vendor-Locked Silos and Machine-Speed Operations
    The Universal Agent aggregates disparate environment data into key metrics geared toward agentic operations, enabling IT teams to move beyond fragmented troubleshooting, toward unified, proactive governance of their entire IT footprint.
  • Accelerate Troubleshooting with Granular Path Analysis
    When a user in a remote branch reports a slowdown, IT teams need more than a "red/green" status light. The Universal Agent provides a granular path analysis, delivering a hop-by-hop visualization with both overlay and underlay tunnel metrics, enabling them to quickly pinpoint bottlenecks.

Thus, by mapping the entire path from the Universal Agent to the target application, IT teams can pinpoint exactly where the friction lies.

  • Is it a local network issue?
  • An ISP (internet service provider) bottleneck?
  • A bottleneck at a handoff between providers?
  • Is the application's own network at fault?
Universal Agent example.
ADEM Universal Agent at a glance.

The Universal Agent Offers Inherent Security and Operational Simplicity

To help ensure that organizations can maintain peak performance and security amidst a constant stream of changes, the Universal Agent is built on a foundation of robust features:

  • Native Integration with Prisma Access for Accelerated Troubleshooting
    The Universal Agent is natively integrated with Prisma Access and automatically discovers the POP (Point of Presence) location and IP infrastructure where the branch site is connected to monitor overlay and underlay, hop-by-hop, ISP health, all the way to the application to deliver precise root-cause analysis.
From the Universal Agent to the network node.
Native integration with Prisma Access.
  • Simplified Deployment at Scale
    IT teams can deploy and manage multiple agents at scale with just a few clicks from the Strataโ„ข Cloud Manager Platform. Through our autonomous AI operations platform, we leverage enriched telemetry to watch the network and proactively manage it all from a unified platform.
Dashboard of Access Experience Management
Bulk deployment of Universal Agent with just a few clicks.
  • Comprehensive Full-Stack Visibility
    We utilize a single agent per branch site to deliver deep visibility into both overlay and underlay tunnel metrics. This granular path analysis allows IT teams to pinpoint network bottlenecks using hop-by-hop visualizations from the Universal Agent all the way to the target application.
Application Performance Metrics
Hop-by-hop visualization with overlay and underlay tunnel metrics.

The Universal Agent Optimizes End-to-End Digital Experience with Unified Operations

The launch of the ADEM Universal Agent represents a fundamental shift in how we architect the distributed enterprise, from moving beyond managing data gaps into agentic, machine-speed orchestration. Natively integrated with Prisma Access, the Universal Agent synthesizes disparate network data across multiple branch sites into a unified, vendor-agnostic ecosystem. By eliminating the 'noise' of traditional monitoring, it provides the deterministic precision and real-time context required to fuel agentic autonomous operations, enabling every automated action to be accurate, impactful and optimized for a flawless digital experience.

Ready to gain complete application experience from all branch sites and remote users? Watch our announcement video below to see the Universal Agent in action. Visit the ADEM webpage for more information or request a demo.

The post Announcing ADEM Universal Agent appeared first on Palo Alto Networks Blog.

โŒ