Check Point® Software Technologies today announced the 2025 Check Point Software Technologies EMEA Partner Award Winners, recognizing outstanding partners across the region who continue to deliver AI‑powered, prevention‑first cyber security outcomes for customers. The winners were honoured during the Check Point Software Technologies EMEA Sales Kickoff event in Vienna, attended by more than 1,000 employees and partners. As the cyber threat landscape across Europe, the Middle East, and Africa continues to accelerate in sophistication — driven by AI‑enhanced attacks, hybrid‑cloud complexity, and increasing regulatory pressure — these top‑performing partners delivered exceptional value, helping organizations strengthen resilience through AI‑powered, prevention‑first security. […]
At Check Point, our partners are more than collaborators. They are the driving force behind our customers’ success, our innovation, and our ability to stay ahead of today’s rapidly evolving cyber threat landscape. This year, we are thrilled to recognize an extraordinary group of partners who demonstrated exceptional performance, growth, technical excellence, and commitment to helping organizations stay secure. These awards celebrate not just results, but leadership, trust, and the relentless pursuit of excellence. We are proud to announce the 2025 Americas Partner Award winners: Partner of the Year: World Wide Technology Latin America Partner of the Year: NTSec Group […]
Palo Alto Networks Unit 42 and AWS Announce Expanded Collaboration, Launching No-Cost Retainer for AWS Security Incident Response available in AWS Marketplace
Speed is everything in today’s security landscape. From Unit 42®’s frontline experience responding to more than 500 incidents last year, we've seen that in nearly one in five incidents, attackers go from initial compromise to data exfiltration in less than an hour. It leaves almost no time to react.
The challenge is compounded by the distributed nature of the modern IT environment; cyberattacks are rarely confined to one location. In fact, 70 percent of incidents now span three or more attack surfaces, from endpoints and networks to multiple cloud environments. This complexity increases vulnerabilities, which is a key reason why 86 percent of major incidents disrupt business operations.
When a breach moves at this speed and crosses complex silos, an enterprise has two immediate, critical needs:
Rapid, integrated expertise to contain the threat at its source within the cloud.
Holistic, end-to-end investigation to determine the full scope of the attack, tracing the attacker's path wherever it leads, across all systems and environments.
The No-Cost Unit 42 IR Retainer Available on AWS Marketplace
Recognizing customers need a faster, more comprehensive incident response strategy in the cloud, Palo Alto Networks Unit 42 is expanding our partnership with Amazon Web Services (AWS) Security Incident Response service. The collaboration introduces a no-cost Unit 42 Incident Response Retainer, which is now available to qualified customers in AWS Marketplace. Our value-added offer provides qualified customers with rapid access to Unit 42’s world-class investigative expertise and dramatically minimizes the critical time between an alert and full containment.
For qualified customers, here's what the no-cost Unit 42 Incident Response Retainer offers:
250 hours of initial Unit 42 Incident Response services at no cost.
A 2-hour response time agreement for incident response.
24/7/365 access to the Unit 42 Incident Response team.
As an AWS Security Incident Response Service Ready partner, this collaboration is designed to deliver seamless, end-to-end incident response and proactive security services. By combining Unit 42’s deep experience in managing complex, legally privileged investigations with the rapid engagement of AWS Security Incident Response, organizations can resolve critical incidents faster and more comprehensively.
Unit 42 also offers preferred pricing to AWS Security Incident Response customers for proactive services through paid retainer offerings, also available in AWS Marketplace.
Hart Rossman, Vice President of Global Services Security, AWS:
When cyberattacks move at cloud speed, customers need immediate access to comprehensive expertise. By integrating Unit 42's end-to-end investigative capabilities with AWS Security Incident Response, we're delivering a unified response that helps customers contain threats faster and minimize business disruption. The no-cost retainer ensures they can activate the full scope of resources they need within minutes, not hours.
Effective response to a cloud breach demands deep technical skill and the ability to manage complexity under pressure. Unit 42 excels at managing high-stakes incidents. By coupling our expertise with AWS Security Incident Response’s capabilities to prepare, respond and recover from security incidents, Unit 42 offers customers a unified defense. Streamlining the entire process, from initial alert to final resolution, allows organizations to get back to business faster and limit operational disruption.
A Unified Front Against Complex Cloud Incidents
The collaboration is designed to solve a critical customer problem: Reduce the time and complexity of responding to incidents that span both AWS resources and the broader enterprise.
The combined offering delivers three key benefits, providing customers with a holistic and agile defense strategy:
Comprehensive Investigation: Unit 42’s expertise enables an investigation across multiple environments, including endpoints, networks and other enterprise data sources, complementing AWS’s incident response technologies and expertise.
Rapid, 24/7 Access to Experts: AWS Security Incident Response provides direct, 24/7 access to the AWS Customer Incident Response Team (CIRT), capable of engaging within minutes. Unit 42 is skilled at serving in the incident command role, coordinating efforts among internal stakeholders, other forensic and recovery vendors, as well as legal counsel.
Response Readiness with No-Cost Retainer: The offering removes the typical administrative and procurement overhead of incident response engagements. The added value ensures qualified customers can activate the full resources of Unit 42 instantly, often at the direction of counsel.
Availability
The Unit 42 Incident Response and proactive service offerings are available in AWS Marketplace today. More information on the partnership will be shared during AWS re:Invent 2025 (December 1-5, 2025).
Strengthening Cyber Resilience Across Northern Europe
Across Northern Europe, organizations are redefining how they work, innovate and compete. From the Netherlands’ smart logistics hubs to Finland’s AI-driven public services and the UK’s digital-first financial sector, this region is setting the global pace for responsible, data-driven transformation.
Yet behind this progress lies a growing challenge: security complexity.
According to the IBM Institute for Business Value (IBV), the average enterprise now manages 83 security tools from 29 vendors, leading to fragmented visibility, slower responses and rising risk exposure. In contrast, 96% of organizations that have unified their security platforms say they now view cybersecurity as a driver of business value, not a barrier to it.
That’s where the IBM and Palo Alto Networks partnership is making an impact. Together they are helping Northern European enterprises simplify, secure and accelerate their digital transformation with unified, AI-powered cybersecurity.
From Fragmented Tools to an Integrated Security Foundation
Northern Europe’s strength lies in its strong culture of trust and transparency, advanced digital infrastructure, as well as progressive regulatory frameworks. But as the EU NIS2 Directive, DORA and the AI Act come into force, achieving both compliance and cyber resilience require board-level oversight.
IBM and Palo Alto Networks are helping organizations lead this change. They combine IBM’s deep consulting and industry expertise with Palo Alto Networks market-leading security platforms and solutions, including Cortex XSIAM®, Cortex® Cloud™ and Prisma® Access. This integrated approach protects innovation, enables compliance efforts, and enhances operational efficiency.
The partnership not only secures organizational estates, but empowers faster decision-making, measurable ROI and sustainable transformation.
Five Capabilities Powering Secure Transformation
Organizations want to strengthen cyber resilience without slowing innovation. IBM and Palo Alto Networks help them do just that, through five connected capabilities that turn complex challenges into measurable outcomes.
1. Unified Security Platform: Simplify and See More
The Challenge: Too many tools, too little visibility.
The Reality: Most enterprises run more than 80 security tools from nearly 30 vendors.
By consolidating with IBM’s unified security approach and the Palo Alto Networks platforms, organizations are cutting total product costs by up to 19.4% and gaining a single, trusted view of their security posture.
The Outcome: Streamlined operations, faster decision-making and improved compliance enablement for frameworks like NIS2, all while reducing the energy footprint of sprawling infrastructure.
2. Cloud Security: Innovate Without the Risk
The Challenge: Cloud transformation introduces new risks and blind spots.
The Reality: 82% of breaches now involve cloud data, and nearly 40% span multiple environments.
IBM and Palo Alto Networks secure the journey from code to cloud to SOC, embedding security early in design and automating protection across environments. IBM’s AI deployment accelerators slash rollout time, while Cortex Cloud™ provides continuous visibility and compliance enablement.
The Outcome: Faster innovation with cloud operations that are secure by design, from day one.
3. Security for AI: Build Trust in Every Algorithm
The Challenge: Rapid AI adoption without consistent oversight.
The Reality: 82% of executives say trustworthy AI is critical to success, yet few have the controls in place.
IBM and Palo Alto Networks help organizations govern and protect their use of AI, securing data pipelines, scanning models and preventing adversarial attacks.
The Outcome: Confident AI adoption aligned to the EU AI Act requirements, where innovation can move forward without compromising data integrity or customer trust.
4. Security Service Edge (SSE): Connect People Securely, Anywhere
The Challenge: Hybrid work models demand reliable secure access everywhere.
The Reality: Human risk, not technology alone, is now the dominant factor in breaches, with 95% of data breaches involving human error, such as insider missteps, credential misuse and careless actions, underscoring how remote and hybrid workers’ behaviors significantly expand exposure.
With Palo Alto Networks Prisma Access and IBM’s consulting expertise, enterprises across Europe are simplifying secure connectivity through a unified zero trust framework.
The Outcome: Simpler, more efficient policy management and stronger protection across hybrid environments, where risk exposure is reduced, visibility is enhanced, and a seamless user experience is delivered.
The Challenge: SOC teams are overwhelmed, missing as many as two thirds of daily alerts due to alert fatigue and limited resources.
The Reality: Over half of organizations report they can’t hire or retain enough skilled analysts, leaving gaps in coverage and consistency.
By combining IBM’s Autonomous Threat Operations Machine (ATOM) with Palo Alto Networks Cortex XSIAM, organizations can streamline and automate core SOC workflows, reducing response times by more than half and enabling analysts to focus on the most critical incidents.
The Outcome: Faster detection, shorter resolution times and a more proactive, resilient security posture. AI-driven automation not only boosts accuracy but can also shorten breach lifecycles by more than 100 days, helping teams defend smarter.
Built for Northern Europe’s Next Decade of Growth
As Northern Europe is a leader in digital innovation, the stakes for cybersecurity have never been higher. Trust, transparency and compliance are not simply checkboxes, but are competitive advantages.
IBM and Palo Alto Networks are helping organizations across the region turn that reality into action. By uniting AI-powered automation, cloud-native security and deep industry expertise, they’re enabling enterprises to move faster, reduce complexity and strengthen resilience. This is achieved while enabling alignment with the region’s evolving frameworks, such as NIS2, DORA and the EU AI Act.
To stay ahead, security can no longer be a fragmented layer sitting outside transformation; it must be the foundation that powers it. With IBM and Palo Alto Networks, organizations gain a unified security platform built for the next decade of digital progress – one that protects every connection, every line of code and every moment of innovation.
Resilient. Compliant. Unified.
That’s the future of cybersecurity in Northern Europe.
The New Frontier of Agentic Development: Accelerating Developer Productivity
The world of software development is undergoing a rapid transformation, driven by the rise of AI agents and autonomous tools. Factory is advancing this shift through agent-native development, a new paradigm where developers focus on high-level design and agents, called Droids, handle the execution. Designed to support work across the software development lifecycle, these agents enable a new mode of development, delivering significant gains in speed and productivity, without sacrificing developer control.
As developer workflows increasingly rely on autonomous development agents, the way software is built evolves. This shift introduces important security considerations, such as prompt injection, sensitive data loss, unsafe URL access and malicious code execution, which, if left unaddressed, can undermine the very benefits these agents offer. Accelerating productivity depends not just on deploying agents, but on deploying them securely. This is where Palo Alto Networks, with its purpose-built AI security platform, Prisma® AIRS™, plays a critical role.
The Productivity Paradox: Where Agents Introduce Risk
Autonomous agents operating across the software development lifecycle accelerate developer productivity, while also introducing a complex, language-driven threat surface that traditional security tools are not equipped to handle. As a result, new risks emerge, such as prompt injection or leaking secrets that extend beyond the visibility and control assumptions of traditional security approaches. Addressing these considerations is essential to preserving the benefits that agentic development provides.
Recognizing this shift, Palo Alto Networks has introduced targeted capabilities to accelerate secure development workflows. These efforts focus on three critical defense areas: preventing prompt injection, blocking sensitive data leaks and enabling robust malicious code detection capabilities, all of which are necessary to secure the full lifecycle of agent-driven systems.
The Solution: Securing Agentic Workflows for Acceleration
The solution is designed to convert security challenges directly into deployment confidence, dramatically accelerating productivity. By natively integrating Prisma AIRS within Factory’s Droid Shield Plus, the platform is able to inspect all large language model (LLM) interactions, including prompts, responses and subsequent tool calls, to enable comprehensive security across each interaction with the agent.
Prisma AIRS is a comprehensive platform designed to provide organizations with the visibility and control needed to safeguard AI agents across any environment. The platform continuously monitors agent behavior in real time to detect and prevent threats unique to agent-driven systems.
Droid Shield Plus, powered by Palo Alto Networks
How Security Drives Speed
Embedding security natively into the Factory platform enables two crucial outcomes. To start, it delivers a secure, agent-native development experience for every developer, fostering immediate trust in the integrity of the generated code and documentation. This assurance removes friction often associated with AI-powered workflows, which can accelerate enterprise adoption and scaling of the Factory platform across the organization.
When developers can trust the agents and the integrity of the generated code and documentation, they can innovate faster and deploy with greater confidence. Instead of waiting for security reviews or dealing with fragmentation, security is woven seamlessly into the development lifecycle.
Factory-Prisma AIRS Integration Flow
The integration follows a clear API Intercept design pattern:
• When a user enters a prompt or initiates work in Factory, Prisma AIRS intercepts the workflow. If a malicious prompt is detected, the platform can add logic to coach or block the user.
• Similarly, after the LLM generates code, Prisma AIRS intercepts the generated content. If secrets are detected, the platform again adds logic to coach or block the result before it reaches Factory or the user.
This real-time inspection of prompts and generated code enables development teams to be protected against threats, such as privilege escalation, prompt injection and malicious code execution, without disrupting developer velocity.
Deploy Bravely
Prisma AIRS 2.0 establishes a unified foundation for scalable and secure AI innovation. By combining Factory’s agent-native development platform with the threat detection capabilities of Palo Alto Networks Prisma AIRS, organizations gain a powerful advantage. Together, this approach helps organizations adopt agentic development with confidence by embedding security directly into the development experience.
For enterprises looking to confidently scale AI automation and realize the immense productivity gains offered by Factory’s Droids, integrating Prisma AIRS is the next step. This combined approach enables teams to "Deploy Bravely." To learn more about this strategic partnership and integration, see our latest integration announcement and review the Droid Shield Plus integration documentation.
Key Takeaways for Secure Agentic Development
When adopting Factory with Prisma AIRS, enterprises realize immediate benefits that accelerate their AI strategy:
Specialized Threat Defense
Enterprises gain real-time, targeted protection against agent-specific threats, specifically prompt injection attacks and data leaks, which legacy tools cannot address.
Native, Seamless Security Moving from a fragmented review process to a continuous, automated defense via API Interception, security enables compliance without slowing down development velocity.
Deployment Confidence The native integration transforms security risks into operational assurance, accelerating the large-scale enterprise adoption and scaling of your Factory agent-native automation initiatives.
Artificial intelligence has shifted to being the primary engine for market leadership. To compete, enterprises are shifting from general-purpose computing to AI factories, specialized infrastructures designed to manage the entire lifecycle of AI. However, this transition requires robust security without sacrificing performance and efficiency.
The integrated solution embeds zero trust security directly into the AI infrastructure, providing comprehensive protection without impacting AI performance. By deploying Palo Alto Networks Prisma® AIRS™ Network Intercept directly onto the NVIDIA BlueField and extending to the cloud, Prisma AIRS establishes an essential zero trust governance fabric for the AI factory, enabling enterprises to accelerate innovation while maintaining control.
This critical architectural shift enables optimal AI performance and infrastructure efficiency by offloading security processing to an isolated domain, while leveraging the DPU's hardware acceleration via NVIDIA DOCA to enforce security policies at line speed. The implementation also leverages real-time workload information captured using DOCA Argus, which is then passed to Cortex XSIAM® where it is used for AI-driven responses using the Cortex XSOAR® orchestration platform.
The AI Factory is the new engine for value creation, and securing it is a board-level imperative. The validation of Palo Alto Networks Prisma AIRS accelerated with NVIDIA BlueField within the NVIDIA Enterprise AI Factory enables a new security architecture for the AI era. We are embedding trust directly into the infrastructure, giving leaders the confidence to safeguard their proprietary intelligence and deploy AI bravely.
Kevin Deierling, senior vice president of Networking at NVIDIA said:
AI is transforming every industry and security must evolve to protect AI factories. To be scalable, security must be distributed and embedded within the AI infrastructure. This is achieved with NVIDIA BlueField running Palo Alto Networks Prisma AIRS to deliver robust, runtime security for the AI factory, with optimal AI performance and efficiency.
Deploy AI Bravely with a Future-Proof Foundation
The Future of Secure AI Factories
In addition to deploying Palo Alto Networks Prisma AIRS on NVIDIA BlueField in a distributed model, it’s essential to maintain a centralized Hyperscale Security Firewall (HSF) cluster at the ingress and egress points of the AI factory to enforce a defense-in-depth strategy. Beyond network segmentation, individual workloads can selectively route traffic through hyperscale clusters to detect advanced application-layer threats and prevent lateral movement. These hyperscale firewall clusters scale elastically with demand, delivering session resiliency and the high availability required for critical AI operations.
This architecture fundamentally improves the Total Cost of Ownership (TCO) for AI infrastructure. By isolating security functions on BlueField, enterprises enable 100% of host computing resources to be dedicated to AI applications. This elimination of resource contention allows the AI Factory to maximize token throughput and capital efficiency.
This validated design is the blueprint for immediate efficiency. It provides a seamless path for enterprises to shift from general-purpose clusters to secure AI factory infrastructure without costly overhauls. More importantly, this collaboration establishes an unparalleled roadmap for future-proofing your investment. By securing operations with the high-performance NVIDIA BlueField-3 today, the architecture is inherently ready for the next generation, NVIDIA BlueField-4. This forward compatibility helps AI factories immediately handle gigascale demands, scaling up to 6X the compute power and doubling the bandwidth when BlueField-4 becomes available.
The inclusion of the Palo Alto Networks Prisma AIRS platform in the NVIDIA Enterprise AI Factory Validated Design bolsters enterprise AI security. By establishing the zero trust governance fabric of Prisma AIRS runtime security on NVIDIA BlueField, organizations gain a comprehensive defense. Proprietary and sensitive data is secured throughout the entire stack, and models are protected from adversarial threats, such as prompt injection attacks. With Prisma AIRS, the world's most comprehensive AI security platform, leaders gain the confidence to innovate and deploy AI bravely. This validated design is the essential blueprint for securely accelerating your market leadership without compromising security.
Join our "How to Secure the AI Factory" breakout session at NVIDIA GTC 2026, March 16-19, in San Jose, CA to hear more about this transformative solution and accelerate your AI innovation securely.
If 2025 proved anything, it’s that no one wins alone in cybersecurity. AI-driven threats accelerated, and environments grew more complex while enterprises pushed hard for simplicity, integrated protection and security outcomes that deliver measurable results and meaningful value.
In response, we saw our partners around the globe lean into integration, treat AI as a built-in advantage and use the strength of our ecosystem as a force multiplier. The result: What could have been a disruptive year instead became one defined by growth and learning across our partner community.
Now, those lessons are guiding how Palo Alto Networks plans to partner with even greater precision in 2026. We remain a channel-first company that’s all-in on our ecosystem and united with our partners in a shared purpose to protect our customers’ digital future. But we also intend to double down in several areas in the year ahead, and we’re asking our partners to join us in doing the same.
1. Simplifying Security Through Integration
One message from customers that came through loud and clear in 2025 is that complexity is the enemy of resilience. Many enterprises are grappling with tool sprawl – multiple consoles, disconnected policies and overlapping investments that slow down their teams when speed and agility matter most.
The partners who delivered some of the most transformative results for organizations this year were those who chose integration over complexity and collaboration over siloed tools. With a laser focus on simplifying security, they were able to help customers:
Consolidate fragmented point tools onto a unified security platform.
Align visibility across the network, cloud and security operations center (SOC), so teams can respond faster.
Build architectures with zero trust and AI-powered detection at the core.
We saw this simplifying-security trend through integration across our ecosystem. Partners unified cloud security and detection workflows through Cortex® Cloud™ and Cortex. Teams modernized network architectures with tighter integration across our platform. We expect this activity to only accelerate in the coming year as our cloud security offerings continue to evolve.
When we innovate together, customers gain stronger defenses and a faster time-to-value. That’s why Palo Alto Networks has invested so heavily in platformization. When you connect our capabilities across network security, cloud security and security operations (wrapping them with your consulting, delivery and managed services) customers can experience something fundamentally better. With fewer gaps and clearer signals, they can build a security posture that’s built for the speed of modern threats.
In 2026, deep integration will remain a cornerstone of how we partner with precision. We’ll continue aligning our portfolio, programs and joint engagement model, so you can build offerings that reduce complexity for customers and create stronger differentiation for your business.
2. Making AI a Built-in Advantage
At Palo Alto Networks, our approach to AI in cybersecurity is straightforward. We believe AI must be embedded, not bolted on. It has to live in the data, analytics and workflows your teams rely on every day. That’s the thinking behind Precision AI®, and it’s why we built AI capabilities into our platform’s core.
Partners who treated AI as a platform capability rather than a standalone tool delivered some of the strongest outcomes for customers in 2025. They were able to meet customers’ needs and deliver business outcomes in a single, unified approach. They helped organizations:
Detect and respond to threats faster with AI-assisted analytics.
Use automation to streamline change, investigation and response workflows.
Tie AI to tangible outcomes, such as reduced risk, higher productivity and a better user experience.
In 2026, we’ll double down on AI across the platform and invest in the tools, content and enablement you need to bring those capabilities to life. Our focus is on making it easier for you to build AI-powered services that are repeatable and aligned to the outcomes customers expect.
Upcoming program changes reflect that intent. We’ll promote next-generation security as a growth engine and invest in ways that strengthen partner profitability across consulting services, resale, quality delivery, technical support and managed security services.
3. Ensuring Our Ecosystem Can Be a Growth Engine for Everyone
As AI raised the bar for both attackers and defenders in 2025, the partners who leaned into platformization and outcome-driven services were the ones who helped customers stay ahead of the curve. Those successes are now shaping how we strengthen and scale the partner ecosystem in 2026.
Our ecosystem isn’t just a route to market; it’s intended to be an economic engine for everyone involved. This year, many partners grew their business by building practices around our platform and aligning their services with where customers needed the most support: strategy, implementation, optimization, ongoing operations. We saw especially strong momentum from partners’ expansions:
Consulting and advisory services around zero trust and AI-driven transformation.
Resale opportunities centered on platform consolidation and next-generation security.
Quality delivery and technical support that keep deployments reliable and current.
Managed security services that give customers 24/7 protection and expert oversight.
These achievements reflect the value exchange at the heart of our ecosystem. Palo Alto Networks invests in platformization, AI and enablement, while our partners bring delivery expertise, regional insight and service innovation. Together, we create outcomes neither of us could deliver alone.
In 2026, we plan to build on that momentum and drive even greater partner profitability. Program evolutions will focus on growth across the full lifecycle, from initial design and implementation to long-term operation and optimization. We’re also expanding collaboration with our technology alliances to build new joint offerings and solution plays that the ecosystem can take to market together.
When we combine our platform, your expertise and the capabilities of our Alliance partners, then customers gain more paths to adopt next-generation security with confidence, and you gain more opportunities to develop differentiated, high-value practices.
Keeping Customers at the Center
At the heart of every partner collaboration is the customer, of course. Everything we build, integrate and advance together starts and ends with protecting them. This year, ecosystem alignment delivered measurable impact for our customers across industries. When partners lead with integrated solutions anchored in our platform, organizations saw visible improvements:
Faster deployment of secure solutions.
Reduced complexity with unified visibility.
Greater confidence in defending against today’s AI-driven threats.
We saw this firsthand in joint wins across cloud security transformations, zero trust modernization and AI-assisted threat detection. When our ecosystem moves together, customers can move faster, operate more securely and achieve meaningful outcomes. Customer success is the foundation of everything we do as a partner-led organization, and it will remain our North Star in 2026.
Partnering with Precision in 2026 and Beyond
What we learned and achieved together in 2025 points us toward a clear focus for 2026 to advance ecosystem-led innovation, so we can deliver outcomes that matter most to our customers.
With that mission in mind, we will focus on the following four priorities:
Deeper Integration – Expanding API partnerships and strengthening interoperability across the platform.
Co-Innovation – Enabling partners to build solutions tailored to industry needs and use cases.
Empowered Enablement – Investing in learning, automation and AI capabilities that fuel differentiated, profitable services.
Simplified Engagement – Streamlining programs and tools, so that partnering with us is faster and more rewarding.
These priorities highlight the real strength of our ecosystem: How platformization, AI and partner expertise come together to enable what we could not build alone.
Finally, to our partners and customers, thank you. Your trust, collaboration and commitment push us to innovate boldly and continuously. As we enter the new year, I’m excited about what we’ll build together. When we align our AI-powered platform, our partner programs and your expertise in delivery, services and managed security, we can deliver something far greater than a set of solutions.
We’re a powerful team that’s not just defending against what’s next; we’re defining the future of cybersecurity. And together, we’re unstoppable.
Partners, join us in shaping the next chapter of secure, AI-powered innovations. Connect with your Channel Business Manager to align on 2026 opportunities, upcoming program updates and ways we can elevate customer outcomes together. Visit the partner portal to learn more.
Key Takeaways
Integration beats complexity. Unifying technology, data and expertise drove the strongest outcomes in 2025, helping partners reduce risk and accelerate time-to-value for customers.
AI is a built-in advantage. By tapping into AI embedded across our cybersecurity platform, partners can address security and business outcomes simultaneously and deliver repeatable, profitable, AI-powered services.
The partner ecosystem is a growth engine, and together, we’re unstoppable.
Our 2026 priorities focus on deeper integration, coinnovation, empowered enablement and simplified engagement that drive partner profitability and stronger customer outcomes.
The attack surface for today’s enterprises is incredibly heterogeneous and dynamic. Applications and data are in constant motion, spanning public clouds, private data centers and edge locations. Users connect from anywhere.
For security leaders, this environment has led to an explosion in not only operational complexity, but in many cases, uncertainty. Together, Nutanix and Palo Alto Networks enable security to finally match the speed and scale of these dynamic hybrid cloud environments.
The security ecosystem has become vast and complex. Point solutions accumulate to address specific gaps, yet each adds another interface, another policy language and another integration to manage. However well intentioned, this sprawl can lead directly to fractured visibility, overlapping tools and operational fatigue.
Elevate Perimeter Protection to Defense-in-Depth
Enterprises today face unprecedented security complexity as hybrid and multicloud environments become the new normal. Currently, 94% of enterprises use some form of cloud service, while 89% report having a multicloud strategy in place. This distributed reality means security is paramount: while managing cloud spending is the number one operational challenge (82% overall), security remains a major concern, affecting 79% of all organizations.
Hybrid cloud adoption offers agility, but it also introduces distinct security challenges that strain traditional approaches. Adversaries have taken notice. Hybrid and multicloud environments are prime targets because they connect sensitive data, privileged accounts and critical systems across public, and on-premises infrastructure. Perimeter-based security models, built for static networks and centralized data centers, cannot keep pace in a world where apps and data continuously move between platforms.
Defense-in-depth has become essential for addressing the inherent dynamism of today’s environments. Network visibility is required to monitor and contain east-west traffic and lateral movement of threats inside cloud environments. Identity controls must verify every user, device and interaction across a distributed workforce. Data protection must follow sensitive information as it traverses multiple clouds, data centers and edge locations.
Yet managing these protections as distinct layers is no longer viable. Each cloud provider introduces its own native security controls. Each additional tool adds another interface and another policy set to maintain. Defense-in-depth only achieves its purpose when its layers are fully unified, providing consistent control enforcement from the edge to the core, comprehensive visibility across traffic, and essential data protections for all workloads, wherever they reside.
Freedom of Choice Without Fragmentation
Hybrid environments span public clouds, private infrastructure, SaaS ecosystems and legacy on-premises systems. No single vendor can realistically cover that entire landscape, and forcing security into a single closed ecosystem risks creating gaps where those environments meet.
The answer lies in an open ecosystem approach that allows organizations to assemble best-of-breed capabilities rather than being locked into a single provider’s stack.
This flexibility empowers security teams to adapt to the unique requirements of each environment while still operating through a unified security model. Policies can be applied consistently, intelligence can be shared across layers, and protections can move in step with workloads, regardless of platform. In short, this model can effectively support freedom of choice while relieving the operational burden of managing hybrid and multicloud security.
A Unified Security Layer Across Every Environment
Open ecosystems solve the problem of choice. What remains is the challenge of bringing those best-of-breed capabilities together into a solution that is coherent and scalable.
Consistent policy enforcementacross public cloud, private data centers and edge locations through a centralized management plane:
A single set of policies should be authored once and pushed everywhere, assuring a consistent security posture across all clouds and environments.
Abstraction of security intent from network coordinates through tag-driven automation, an approach that allows security policies to be expressed in terms of workload attributes (rather than IPs or locations):
These protections follow workloads automatically as they move. Through integration with orchestration pipelines, this approach aligns controls with rapid application rollouts in CI/CD workflows, all without manual reconfiguration.
With these core capabilities, security can finally catch up to the fluidity promised by hybrid cloud operating models.
Explore howPalo Alto Networks and Nutanix, work together to make this unified vision a reality, including joint offerings, like Palo Alto Networks secured Nutanix clusters with VM-Series Firewalls for AWS® and Microsoft® Azure.
We’re excited to announce a new release that integrates Wiz Cloud Security Vulnerability Findings to ThreatConnect! This new capability will help customers prioritize vulnerabilities based on assets under the purview of Wiz Cloud Security. The combination of Wiz Cloud Security visibility and the vulnerability data across the numerous sources effectively improves the overall security posture of our customers.
Stop Drowning in Vulnerability Noise
Your security team likely faces thousands of vulnerabilities daily. This integration solves a critical problem: knowing which vulnerabilities actually matter to YOUR cloud environment right now.
This integration directly addresses the need to highlight vulnerabilities based on aggregated Wiz issue findings. By aggregating these issues findings and overlapping them with our vulnerability data, the customer Threat Intelligence (TI) team will be able to prioritize their efforts more efficiently.
Instead of treating all vulnerabilities equally you’ll instantly see which ones affect your actual cloud assets, so your team stops wasting time on theoretical risks and focuses on real exposures in your environment.
We’ve focused on providing key data points that matter most, including:
Correlated Vulnerability Data
We’ve established a one-to-one relationship between a Wiz Vulnerability-Finding and a ThreatConnect Case. You will have a single TC Case for each vulnerability, which will include details such as the CVE (Common Vulnerabilities and Exposures) to leverage the broad set of Vulnerability data across the sources ThreatConnect has access to.
What this means for you:
A single source of truth – No jumping between Wiz and ThreatConnect trying to connect the dots
Enriched threat intelligence with all the context you need
Aggregated Severity Metrics: Each TC Case will now include aggregated metrics based on Wiz’s issue severity counts (critical, high, medium, low, and informational). These metrics will include the sum of total issues, the maximum count for each severity, and the average count per severity.
What this means for you:
Actionable intelligence at a glance
Faster, smarter prioritization through quick understanding of the scope of a vulnerability
Understanding the blast radius – how many assets are affected and how severely
Direct Links to Wiz: The TC Case will contain “Source URL” attributes, with each one linking back to the specific finding within the Wiz UI.
What this means for you:
A clear and direct path to investigate the details of each vulnerability finding
The Bottom Line
Reduced Risk: Patch what matters first, based on real-world exposure in your cloud environment
Time Savings: Your security analysts spend less time correlating data and more time fixing problems
Better Resource Allocation: Leverage data about vulnerability trends and severity patterns to make informed staffing and tooling decisions
Compliance & Reporting: Demonstrate that you’re prioritizing vulnerabilities based on actual risk, not just CVSS scores
This isn’t just another integration—it’s about transforming vulnerability management from a reactive checklist into a strategic, risk-based security operation.
It coincides well with the release of ThreatConnect 7.11, which introduces Threat Actor Profiles and Actionable Search v3 to help our customers streamline the vulnerability management process, making it easier to identify, prioritize, and remediate security risks – representing significant step forward in enhancing our customers’ security operations.
You can find the documentation in our public knowledge base.
Mike Perez // At BHIS, a few of our customers have come to us very recently with the “risk du jour”; no, not the Cash for Creds program Beau highlighted but […]
Login
