If 2025 proved anything, it’s that no one wins alone in cybersecurity. AI-driven threats accelerated, and environments grew more complex while enterprises pushed hard for simplicity, integrated protection and security outcomes that deliver measurable results and meaningful value.

In response, we saw our partners around the globe lean into integration, treat AI as a built-in advantage and use the strength of our ecosystem as a force multiplier. The result: What could have been a disruptive year instead became one defined by growth and learning across our partner community.

Now, those lessons are guiding how Palo Alto Networks plans to partner with even greater precision in 2026. We remain a channel-first company that’s all-in on our ecosystem and united with our partners in a shared purpose to protect our customers’ digital future. But we also intend to double down in several areas in the year ahead, and we’re asking our partners to join us in doing the same.

1. Simplifying Security Through Integration

One message from customers that came through loud and clear in 2025 is that complexity is the enemy of resilience. Many enterprises are grappling with tool sprawl – multiple consoles, disconnected policies and overlapping investments that slow down their teams when speed and agility matter most.

The partners who delivered some of the most transformative results for organizations this year were those who chose integration over complexity and collaboration over siloed tools. With a laser focus on simplifying security, they were able to help customers:

• Consolidate fragmented point tools onto a unified security platform.
• Align visibility across the network, cloud and security operations center (SOC), so teams can respond faster.
• Build architectures with zero trust and AI-powered detection at the core.

We saw this simplifying-security trend through integration across our ecosystem. Partners unified cloud security and detection workflows through Cortex^® Cloud™ and Cortex. Teams modernized network architectures with tighter integration across our platform. We expect this activity to only accelerate in the coming year as our cloud security offerings continue to evolve.

When we innovate together, customers gain stronger defenses and a faster time-to-value. That’s why Palo Alto Networks has invested so heavily in platformization. When you connect our capabilities across network security, cloud security and security operations (wrapping them with your consulting, delivery and managed services) customers can experience something fundamentally better. With fewer gaps and clearer signals, they can build a security posture that’s built for the speed of modern threats.

In 2026, deep integration will remain a cornerstone of how we partner with precision. We’ll continue aligning our portfolio, programs and joint engagement model, so you can build offerings that reduce complexity for customers and create stronger differentiation for your business.

2. Making AI a Built-in Advantage

At Palo Alto Networks, our approach to AI in cybersecurity is straightforward. We believe AI must be embedded, not bolted on. It has to live in the data, analytics and workflows your teams rely on every day. That’s the thinking behind Precision AI^®, and it’s why we built AI capabilities into our platform’s core.

Partners who treated AI as a platform capability rather than a standalone tool delivered some of the strongest outcomes for customers in 2025. They were able to meet customers’ needs and deliver business outcomes in a single, unified approach. They helped organizations:

• Detect and respond to threats faster with AI-assisted analytics.
• Use automation to streamline change, investigation and response workflows.
• Tie AI to tangible outcomes, such as reduced risk, higher productivity and a better user experience.

In 2026, we’ll double down on AI across the platform and invest in the tools, content and enablement you need to bring those capabilities to life. Our focus is on making it easier for you to build AI-powered services that are repeatable and aligned to the outcomes customers expect.

Upcoming program changes reflect that intent. We’ll promote next-generation security as a growth engine and invest in ways that strengthen partner profitability across consulting services, resale, quality delivery, technical support and managed security services.

3. Ensuring Our Ecosystem Can Be a Growth Engine for Everyone

As AI raised the bar for both attackers and defenders in 2025, the partners who leaned into platformization and outcome-driven services were the ones who helped customers stay ahead of the curve. Those successes are now shaping how we strengthen and scale the partner ecosystem in 2026.

Our ecosystem isn’t just a route to market; it’s intended to be an economic engine for everyone involved. This year, many partners grew their business by building practices around our platform and aligning their services with where customers needed the most support: strategy, implementation, optimization, ongoing operations. We saw especially strong momentum from partners’ expansions:

• Consulting and advisory services around zero trust and AI-driven transformation.
• Resale opportunities centered on platform consolidation and next-generation security.
• Quality delivery and technical support that keep deployments reliable and current.
• Managed security services that give customers 24/7 protection and expert oversight.

These achievements reflect the value exchange at the heart of our ecosystem. Palo Alto Networks invests in platformization, AI and enablement, while our partners bring delivery expertise, regional insight and service innovation. Together, we create outcomes neither of us could deliver alone.

In 2026, we plan to build on that momentum and drive even greater partner profitability. Program evolutions will focus on growth across the full lifecycle, from initial design and implementation to long-term operation and optimization. We’re also expanding collaboration with our technology alliances to build new joint offerings and solution plays that the ecosystem can take to market together.

When we combine our platform, your expertise and the capabilities of our Alliance partners, then customers gain more paths to adopt next-generation security with confidence, and you gain more opportunities to develop differentiated, high-value practices.

Keeping Customers at the Center

At the heart of every partner collaboration is the customer, of course. Everything we build, integrate and advance together starts and ends with protecting them. This year, ecosystem alignment delivered measurable impact for our customers across industries. When partners lead with integrated solutions anchored in our platform, organizations saw visible improvements:

• Faster deployment of secure solutions.
• Reduced complexity with unified visibility.
• Greater confidence in defending against today’s AI-driven threats.

We saw this firsthand in joint wins across cloud security transformations, zero trust modernization and AI-assisted threat detection. When our ecosystem moves together, customers can move faster, operate more securely and achieve meaningful outcomes. Customer success is the foundation of everything we do as a partner-led organization, and it will remain our North Star in 2026.

Partnering with Precision in 2026 and Beyond

What we learned and achieved together in 2025 points us toward a clear focus for 2026 to advance ecosystem-led innovation, so we can deliver outcomes that matter most to our customers.

With that mission in mind, we will focus on the following four priorities:

• Deeper Integration – Expanding API partnerships and strengthening interoperability across the platform.
• Co-Innovation – Enabling partners to build solutions tailored to industry needs and use cases.
• Empowered Enablement – Investing in learning, automation and AI capabilities that fuel differentiated, profitable services.
• Simplified Engagement – Streamlining programs and tools, so that partnering with us is faster and more rewarding.

These priorities highlight the real strength of our ecosystem: How platformization, AI and partner expertise come together to enable what we could not build alone.

Finally, to our partners and customers, thank you. Your trust, collaboration and commitment push us to innovate boldly and continuously. As we enter the new year, I’m excited about what we’ll build together. When we align our AI-powered platform, our partner programs and your expertise in delivery, services and managed security, we can deliver something far greater than a set of solutions.

We’re a powerful team that’s not just defending against what’s next; we’re defining the future of cybersecurity. And together, we’re unstoppable.

Partners, join us in shaping the next chapter of secure, AI-powered innovations. Connect with your Channel Business Manager to align on 2026 opportunities, upcoming program updates and ways we can elevate customer outcomes together. Visit the partner portal to learn more.

---

Key Takeaways

• Integration beats complexity.
  Unifying technology, data and expertise drove the strongest outcomes in 2025, helping partners reduce risk and accelerate time-to-value for customers.
• AI is a built-in advantage.
  By tapping into AI embedded across our cybersecurity platform, partners can address security and business outcomes simultaneously and deliver repeatable, profitable, AI-powered services.
• The partner ecosystem is a growth engine, and together, we’re unstoppable.
  Our 2026 priorities focus on deeper integration, coinnovation, empowered enablement and simplified engagement that drive partner profitability and stronger customer outcomes.

The post Partnering with Precision in 2026 appeared first on Palo Alto Networks Blog.

From Fragmented Fences to Cohesive Control

The attack surface for today’s enterprises is incredibly heterogeneous and dynamic. Applications and data are in constant motion, spanning public clouds, private data centers and edge locations. Users connect from anywhere.

For security leaders, this environment has led to an explosion in not only operational complexity, but in many cases, uncertainty. ​​Together, Nutanix and Palo Alto Networks enable security to finally match the speed and scale of these dynamic hybrid cloud environments.

The security ecosystem has become vast and complex. Point solutions accumulate to address specific gaps, yet each adds another interface, another policy language and another integration to manage. However well intentioned, this sprawl can lead directly to fractured visibility, overlapping tools and operational fatigue.

Elevate Perimeter Protection to Defense-in-Depth

Enterprises today face unprecedented security complexity as hybrid and multicloud environments become the new normal. Currently, 94% of enterprises use some form of cloud service, while 89% report having a multicloud strategy in place. This distributed reality means security is paramount: while managing cloud spending is the number one operational challenge (82% overall), security remains a major concern, affecting 79% of all organizations.

Hybrid cloud adoption offers agility, but it also introduces distinct security challenges that strain traditional approaches. Adversaries have taken notice. Hybrid and multicloud environments are prime targets because they connect sensitive data, privileged accounts and critical systems across public, and on-premises infrastructure. Perimeter-based security models, built for static networks and centralized data centers, cannot keep pace in a world where apps and data continuously move between platforms.

Defense-in-depth has become essential for addressing the inherent dynamism of today’s environments. Network visibility is required to monitor and contain east-west traffic and lateral movement of threats inside cloud environments. Identity controls must verify every user, device and interaction across a distributed workforce. Data protection must follow sensitive information as it traverses multiple clouds, data centers and edge locations.

Yet managing these protections as distinct layers is no longer viable. Each cloud provider introduces its own native security controls. Each additional tool adds another interface and another policy set to maintain. Defense-in-depth only achieves its purpose when its layers are fully unified, providing consistent control enforcement from the edge to the core, comprehensive visibility across traffic, and essential data protections for all workloads, wherever they reside.

Freedom of Choice Without Fragmentation

Hybrid environments span public clouds, private infrastructure, SaaS ecosystems and legacy on-premises systems. No single vendor can realistically cover that entire landscape, and forcing security into a single closed ecosystem risks creating gaps where those environments meet.

The answer lies in an open ecosystem approach that allows organizations to assemble best-of-breed capabilities rather than being locked into a single provider’s stack.

This flexibility empowers security teams to adapt to the unique requirements of each environment while still operating through a unified security model. Policies can be applied consistently, intelligence can be shared across layers, and protections can move in step with workloads, regardless of platform. In short, this model can effectively support freedom of choice while relieving the operational burden of managing hybrid and multicloud security.

A Unified Security Layer Across Every Environment

Open ecosystems solve the problem of choice. What remains is the challenge of bringing those best-of-breed capabilities together into a solution that is coherent and scalable.

To transform defense-in-depth from a conceptual framework into a practical system aligned to the realities of hybrid and multicloud deployments, this unified layer should be built on core capabilities:

• Inline visibility for east-west traffic within virtualized and cloud environments, enabled by deploying next-generation firewalls directly inside virtual private networks:
  This approach inspects workload-to-workload traffic, identifies anomalous behavior and stops lateral movement before it spreads.
• Consistent policy enforcement across public cloud, private data centers and edge locations through a centralized management plane:
  A single set of policies should be authored once and pushed everywhere, assuring a consistent security posture across all clouds and environments.
• Abstraction of security intent from network coordinates through tag-driven automation, an approach that allows security policies to be expressed in terms of workload attributes (rather than IPs or locations):
  These protections follow workloads automatically as they move. Through integration with orchestration pipelines, this approach aligns controls with rapid application rollouts in CI/CD workflows, all without manual reconfiguration.

With these core capabilities, security can finally catch up to the fluidity promised by hybrid cloud operating models.

Explore how Palo Alto Networks and Nutanix, work together to make this unified vision a reality, including joint offerings, like Palo Alto Networks secured Nutanix clusters with VM-Series Firewalls for AWS^® and Microsoft^® Azure.

The post Untangling Hybrid Cloud Security appeared first on Palo Alto Networks Blog.

We’re excited to announce a new release that integrates Wiz Cloud Security Vulnerability Findings to ThreatConnect! This new capability will help customers prioritize vulnerabilities based on assets under the purview of Wiz Cloud Security. The combination of Wiz Cloud Security visibility and the vulnerability data across the numerous sources effectively improves the overall security posture of our customers.

Stop Drowning in Vulnerability Noise

Your security team likely faces thousands of vulnerabilities daily. This integration solves a critical problem: knowing which vulnerabilities actually matter to YOUR cloud environment right now.

This integration directly addresses the need to highlight vulnerabilities based on aggregated Wiz issue findings. By aggregating these issues findings and overlapping them with our vulnerability data, the customer Threat Intelligence (TI) team will be able to prioritize their efforts more efficiently.

Instead of treating all vulnerabilities equally you’ll instantly see which ones affect your actual cloud assets, so your team stops wasting time on theoretical risks and focuses on real exposures in your environment.

We’ve focused on providing key data points that matter most, including:

Correlated Vulnerability Data

We’ve established a one-to-one relationship between a Wiz Vulnerability-Finding and a ThreatConnect Case. You will have a single TC Case for each vulnerability, which will include details such as the CVE (Common Vulnerabilities and Exposures) to leverage the broad set of Vulnerability data across the sources ThreatConnect has access to.

What this means for you:

• A single source of truth – No jumping between Wiz and ThreatConnect trying to connect the dots
• Enriched threat intelligence with all the context you need

Aggregated Severity Metrics: Each TC Case will now include aggregated metrics based on Wiz’s issue severity counts (critical, high, medium, low, and informational). These metrics will include the sum of total issues, the maximum count for each severity, and the average count per severity.

What this means for you:

• Actionable intelligence at a glance
• Faster, smarter prioritization through quick understanding of the scope of a vulnerability
• Understanding the blast radius – how many assets are affected and how severely

Direct Links to Wiz: The TC Case will contain “Source URL” attributes, with each one linking back to the specific finding within the Wiz UI. 

What this means for you:

• A clear and direct path to investigate the details of each vulnerability finding

The Bottom Line

• Reduced Risk: Patch what matters first, based on real-world exposure in your cloud environment
• Time Savings: Your security analysts spend less time correlating data and more time fixing problems
• Better Resource Allocation: Leverage data about vulnerability trends and severity patterns to make informed staffing and tooling decisions
• Compliance & Reporting: Demonstrate that you’re prioritizing vulnerabilities based on actual risk, not just CVSS scores

This isn’t just another integration—it’s about transforming vulnerability management from a reactive checklist into a strategic, risk-based security operation.

It coincides well with the release of ThreatConnect 7.11, which introduces Threat Actor Profiles and Actionable Search v3 to help our customers streamline the vulnerability management process, making it easier to identify, prioritize, and remediate security risks – representing significant step forward in enhancing our customers’ security operations.

You can find the documentation in our public knowledge base.

The post Wiz Integration Helps ThreatConnect Customers Act Faster and Reduce Vulnerability Noise appeared first on ThreatConnect.

Mike Perez // At BHIS, a few of our customers have come to us very recently with the “risk du jour”; no, not the Cash for Creds program Beau highlighted but […]

The post Risky Business appeared first on Black Hills Information Security, Inc..