Reading view

The “Why” Behind NextWave’s New Requirements

Helping Partners Stay Competitive for the Future

Key Takeaways

  • The evolved NextWave Partner Program raises expectations while strengthening enablement, incentives and the Partner Development Fund to support partner growth and reinvestment.
  • Levels and specializations are more closely aligned to next-generation security priorities, helping partners deepen expertise and making partner distinctions more meaningful for customers.
  • These changes help create a more capable partner ecosystem, with deeper capabilities, greater alignment with customer needs, and a stronger foundation to support the future of security.

Cybersecurity partnerships are operating in a more demanding environment. As customers consolidate vendors, modernize security architectures and adopt artificial intelligence (AI) across the enterprise, they’re placing greater expectations on partners to help guide decisions across network, cloud and security operations. They also want clearer evidence that their selected partners have invested in growing the skills and expertise needed to support more integrated and fast-changing security priorities.

The Palo Alto Networks NextWave Partner Program has evolved to help partners meet these heightened expectations. As security delivery becomes broader and more strategic, customers are placing more weight on what a partner’s credentials actually represent. That’s why stronger performance and enablement requirements are part of our reimagined program. The new requirements help partners better understand what they need to build real capability and advance within our program. They also give more substance to the designations customers see when choosing a partner.

Our objective was never simply to raise the standards for engagement in our program. It was to inspire partners at all levels – Registered, Innovator, Platinum and Diamond – to invest deliberately and continuously in learning, so they can deepen their proficiency and earn specializations that will help them stay competitive and build and deliver the future of security.

Why Requirements and Incentives Had to Evolve Together

Raising performance expectations was only part of the work in evolving the NextWave program. We also wanted to give our partners compelling reasons to invest in the capabilities Palo Alto Networks wants to see scale. That meant looking more closely at how standards, specializations and incentives fit together, and how we can help accelerate mutual success.

We are providing our partners with better access, better visibility and better support for learning and enablement. In turn, we are recognizing and rewarding partners for their efforts to develop and maintain the competency, capability and capacity needed to go to market successfully with Palo Alto Networks.

This approach, shaped largely by partner feedback, is designed to make incentives easier to access while still directing partner investment toward deeper specialization and next-gen security capabilities. Program levels and product specializations help define what partners need to do to grow within our program and to excel at selling, supporting or delivering Palo Alto Networks products and services.

The program’s Partner Development Fund adds another dimension to this evolved model. It gives all partners a more deliberate way to reinvest a portion of their earned incentives into the capabilities they need to stay competitive and innovate, including training, certification, workshops, demos and other strategic activities that help strengthen their team’s overall readiness over time. In that sense, the program is both rewarding current performance and driving mutual growth.

Training and Enablement that Move with the Market

As we continue to strengthen our partner program, Palo Alto Networks is refreshing courses, updating certification paths and redesigning training to better reflect the customer needs that partners are helping to address today, including emerging areas like AI security.

Notable improvements:

  • Introduced more online, on-demand learning experiences across all products and across all roles, including sales, technical presales and post-sales professionals.
  • Expanded access to lab environments for hands-on experiences, as well as access to perform demos for customers.
  • Injected AI roleplay into learning experiences to help sales and presales teams improve their ability to educate customers about our products and services while addressing questions or concerns.
  • Instituted a continuous education component that encourages partners to stay current with certifications and other program requirements, so they don’t need to be tested annually.

Our aim with these changes is to keep learning options relevant, practical and easier to engage in and apply in practice. We believe product and services training should help partners deepen expertise, validate skills and stay current as technologies, customer expectations and threats shift. It should also recognize the experience many professionals already bring to the table, with learning paths that are rigorous without being repetitive or unnecessarily burdensome.

Ultimately, the impact of providing more effective enablement for our partners (and outlining clear requirements for advanced specializations and total certified staff for specific partner paths) positively impacts the customer experience through more informed conversations, stronger design guidance and more consistent support across the entire security lifecycle.

A More Focused Program to Help Accelerate Next-Generation Security

Part of what makes the current evolution of the NextWave program so significant is its focus on helping partners build the bench strength they will need to stay competitive as security becomes more platform-driven, AI-influenced and interconnected across domains. The program also encourages bookings tied to next-generation security priorities, helping direct partner investment toward the areas customers are prioritizing most. That focus is especially visible in areas such as Idira®Prisma® SASE, Cortex® Cloud™ and Cortex, where customer demand and program priorities are increasingly aligned.

The benefits of that alignment extend beyond the partner organization. Customers gain access to partners that are better prepared to support more connected security strategies without adding unnecessary complexity. They can work with partners that are building expertise around the technologies and use cases becoming more central to modern enterprise security programs.

This kind of alignment also strengthens the broader ecosystem. It creates a clearer connection between customer needs, partner capabilities and Palo Alto Networks platform strategy. It’s the value exchange in cybersecurity in action: Ongoing investment in knowledge, skills and services that helps partners grow while giving customers faster time-to-value realization.

What Stronger Program Requirements Mean for Customers

For customers, stronger requirements for our Nextwave program can make partner distinctions more meaningful. A specialization or program level should point to something real, such as training completed, certifications maintained and expertise developed. While those accomplishments don’t guarantee security outcomes, they do provide evidence that a partner has built the depth needed to support more complex environments.

Partner distinctions are also reinforced through an active compliance framework rather than treated as a one-time achievement. Partners have ongoing visibility into their progress and can be recognized immediately throughout the year as they meet requirements. Reviews take place on a defined cycle, and status changes are subject to oversight. Taken together, these elements add credibility to the designations customers see and give them more weight in the partner selection process.

This becomes increasingly important as customers look for security partners that can do more than support a single transaction or product decision. Many are seeking guidance at the architecture stage and during implementation, and expecting continuity as IT environments evolve and new risks emerge. It also raises the level of scrutiny that partner selection deserves:

  • Is a partner specialized in the areas most relevant to the customer’s priorities?
  • Do they have the certifications and technical expertise required to support the solutions being considered?
  • Can they provide the level of guidance, implementation support and ongoing engagement the relationship will require over time?

In a fast-moving security market, questions like these can help customers make more informed decisions about which partners are best equipped to deliver long-term value.

What Partners Should Do Now

Now that we’ve introduced our new program requirements, partners should take stock of whether their certifications, specializations and go-to-market priorities are aligned to where customer demand and the future of security are headed. Steps partners can take:

  • Evaluate your current book of business: Consider where you may be missing growth opportunities because the right specializations aren’t yet in place. Those gaps can affect both business momentum and the ability to earn incentives.
  • Reflect on the current direction of your practice: Which customer conversations are signaling the need for deeper expertise? Which areas of next-generation security are becoming more central to your future? These questions can help guide your next investments by clarifying where your practice needs to build more depth sooner rather than later.
  • Review certifications and specializations with growth in mind: Look at where new specializations could open the door to additional incentives and stronger alignment with customer demand, while ensuring your team’s existing certifications and specializations remain on track for the next compliance cycle.

Partners that take the time now to assess our new requirements and create a plan to meet them will be better positioned to advance within and benefit from our partner program, while developing the capabilities needed to help build the future of security.

Partners with a designated Palo Alto Networks Channel Business Manager can get detailed data and analysis now on their progress and performance in the Nextwave program, including the status of their certifications and which team members have engaged in training, demos and more. In the second half of 2026, we plan to make the same dashboard capabilities and insights directly available to all partners, so they can understand exactly what they need to do to excel in our program. These red-yellow-green dashboards are simple but powerful tools, and we are eager to put them in our partners’ hands soon.

Visit the NextWave Partner Portal to learn more.

The post The “Why” Behind NextWave’s New Requirements appeared first on Palo Alto Networks Blog.

  •  

Beyond the Frontier — Expanding the Ecosystem for Autonomous Defense

Over the past few weeks, we have reached a critical turning point in cybersecurity. Following the launch of our Frontier AI Defense initiative, we’ve continued testing the latest frontier models (including Anthropic’s Mythos and Claude Opus 4.7, as well as OpenAI’s GPT-5.5-Cyber) as part of the Trusted Access for Cyber program.

The urgency to innovate continues to ramp up. As Lee Klarich recently detailed in his Defender's Guide to the Frontier AI Impact on Cybersecurity, our current landscape is defined by a brief three-to-five-month window to gain a strategic advantage over attackers. To outsmart AI-based exploits, enterprises must decisively address vulnerabilities across their code and stand up the right security stack to enable real-time, automated defenses.

With such a ticking clock in front of us, acting rapidly and at-scale to support our customers is paramount. Today, we exponentially grow our scale of delivery by expanding our Frontier AI Alliance.

Since introducing this initiative, our collaboration with initial partners – Accenture, Deloitte, IBM, NTT DATA, and PwC – has already begun changing the defensive math for our customers. This is a moment that calls for radical collaboration across the entire security ecosystem, so today we are proud to welcome a new cohort of strategic partners – Cognizant, HCLTech, Kyndryl, TCS, Infosys, McKinsey & Company, Orange Cyberdefense, and Wipro – who will join us in delivering AI readiness at scale.

Frontier AI Alliance

While this expansion significantly increases our reach, this is only the beginning. We are committed to a continuous evolution of this alliance and will be adding more critical partners in the future across the globe to ensure our customers have the most robust defense network possible.

By combining our technology with these partners’ deep consulting expertise, we are delivering:

  • Machine-Speed Security: Natively integrating Frontier AI to provide real-time, automated defense against autonomous threats.
  • Intelligence-Led Resilience: Leveraging Unit 42® experts to fast-track the discovery and remediation of exposures at machine speed.
  • Hardened Defenses: Utilizing early access to frontier models from partners like OpenAI and Anthropic to simulate and block attack chains before they hit the mainstream.

The stakes are high. The attack cycle has compressed with the time from initial access to data exfiltration collapsing to just 39 seconds. Machine-speed MTTR (mean time to respond) is no longer an ambitious goal, it is a requirement.

This initiative underscores our commitment to providing every client with integrated, real-time protection.

Discover further details: Palo Alto Networks Frontier AI Defense.

Forward-Looking Statements

This blog contains forward-looking statements that involve risks, uncertainties and assumptions, including, without limitation, statements regarding the benefits, impact, or performance or potential benefits, impact or performance of our products and technologies or future products and technologies. These forward-looking statements are not guarantees of future performance, and there are a significant number of factors that could cause actual results to differ materially from statements made in this blog. We identify certain important risks and uncertainties that could affect our results and performance in our most recent Annual Report on Form 10-K, our most recent Quarterly Report on Form 10-Q, and our other filings with the U.S. Securities and Exchange Commission from time-to-time, each of which are available on our website at investors.paloaltonetworks.com and on the SEC's website at www.sec.gov.  All forward-looking statements in this blog are based on information available to us as of the date hereof, and we do not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.

The post Beyond the Frontier — Expanding the Ecosystem for Autonomous Defense appeared first on Palo Alto Networks Blog.

  •  

Idira — Our Journey to Democratize Privilege Controls

Key Takeaways

  • Built on the Pioneers of PAM (privileged access management): Idira™ is Palo Alto Networks next-generation identity security platform, extending privileged access controls to every human, machine and AI agent identity in the AI enterprise.
  • Zero Standing Privilege by Default: Idira replaces static, always-on access with dynamic privilege, granted just-in-time on a single control plane.
  • AI-Driven Identity: AI runs natively inside Idira to surface hidden entitlements, unmanaged accounts, recommend least privilege, and remediate to close the gap between attackers who move in 72 minutes and defenders who historically took days.

Since Palo Alto Networks and CyberArk came together in February, customers have been asking me the same question: What does the future of identity security actually look like?

At IMPACT, I got to answer that question.

I am proud to introduce Idira™, the next-generation identity security platform from Palo Alto Networks. Idira secures every identity in the AI enterprise (human, machine, AI agent) on a single control plane that discovers risk, applies privilege dynamically, and governs the full lifecycle from first access to last session.

Idira begins with a belief shaped by more than 20 years of working on this problem. Privilege is the most challenging aspect of identity security. For a generation, the industry learned how to manage it well for a small population – administrators inside the most security-sensitive organizations in the world. That was necessary. But it is no longer enough.

The moment has come to extend that same rigor to every identity, because every identity today carries the power to move the business, or enable an attacker. That is the journey Idira takes us on. From privilege controls for administrators, to privilege controls for every identity.

Attackers Are Not Breaking In. They Are Logging In.

For most of the last two decades, identity security was built on a comfortable assumption: One can maintain a firm divide between a small number of powerful administrators and a much larger number of ordinary users; that is enough to secure the organization. That assumption no longer holds.

Our Chairman and CEO, Nikesh Arora, calls it the “IAM fallacy,” and the data in the 2026 Identity Security Landscape Report makes clear why it is time to retire this assumption.

Based on responses from 2,930 cybersecurity decision-makers worldwide:

  • Machine identities now outnumber humans by 109 to 1. Of those, 79 are AI agents.
  • 91% of organizations already run autonomous agents in production.
  • 90% of organizations suffered an identity-related breach in the past 12 months. 83% of organizations suffered two or more incidents.

The old model is not failing because identity became less important. It is failing because identity and privilege became universal and ubiquitous.

Every major breach I have studied over the last two years follows the same pattern. An attacker steals a credential. They move laterally using standing access that should have expired. They escalate privilege. They reach the data, the infrastructure or the business systems they came for: Okta, MGM, Microsoft. Different industries. Different scales. The same pattern.

One overprivileged identity unlocks the entire enterprise.

And when defenders have a chance to respond, they are already behind and disadvantaged. 97% of practitioners tell us that fragmented tools add 12 hours to every identity incident response time. All while Unit 42® has observed the fastest attackers move from a first foothold to exfiltration in as little as 72 minutes.

Identity is now the enterprise perimeter. And the perimeter was built for a threat model that no longer exists.

Every Identity Is Privileged — Idira’s First Fundamental Principle

The premise of Idira is simple. Every identity in your organization is privileged.

Every login, every token, every service account, every workload, every AI agent can trigger a workflow, call an API, or reach sensitive data. Some can create and destroy infrastructures, direct organizational spend, or create new identities. Privilege is no longer reserved for a small class of administrators. It is distributed across the enterprise, quietly and continuously, every second of the day.

The controls that protect privilege cannot be reserved for the few, either.

Idira changes three things from day one.

First, We Discover

Idira continuously finds every identity, every entitlement and every access path across your entire environment: humans, machines, workloads, secrets, certificates and AI agents everywhere – on the network, in the cloud, on servers and endpoints, in the browser. If someone or something can authenticate, Idira knows it is there, knows what it can reach, and evaluates how much of that access is actually necessary.

Second, We Control

Idira replaces static, always-on accounts attackers rely on with dynamic privileges that exist only in the moment of use. Zero standing privilege moves from aspiration to default, and it applies equally to the administrator logging into production, the developer deploying code, and the AI agent calling a tool. This is the shift to identity-centric active security.

Third, We Govern

Idira automates the identity lifecycle end-to-end. Governance stops being a quarterly compliance exercise and becomes a continuous enforcement loop. The 12-hour fragmentation tax closes.

This is what I mean when I say we are democratizing privilege controls. We are not loosening them. We are extending the strongest privilege controls the industry has ever built to every identity that now carries the weight of the business, without penalizing these identities for the powers they carry.

Already Better Together

Idira is not launching into an empty runway. We have been executing against this roadmap since the day we joined Palo Alto Networks, and the early results give us real confidence in what comes next.

Earlier this year at the RSA Conference, we launched Next-Generation Trust Security (NGTS), the first network-native platform to automate certificate lifecycle management and accelerate post-quantum readiness. That matters because 71% of organizations have not yet automated certificate renewal. As public TLS lifetimes compress to 47 days and manual workloads multiply, that gap becomes more than an operational burden. It becomes a business continuity risk.

NGTS closes it in the network itself.

As one of the core platforms of Palo Alto Networks along with Strata® and Cortex®, Idira is providing deep identity integrations across the entire portfolio to enhance platform value for customers. Prisma® Browser™ delivers privileged access directly in the place where enterprise users work. Prisma AIRS™ 3.0 natively integrates with Idira to extend deep identity security and privilege controls to AI agents. Cortex will receive first-party identity signals to sharpen detection and take automatic identity- and privilege-driven response actions when indicators of compromise are detected.

Customers are already seeing the impact. Northern Trust improved password compliance by 137 percent. Panasonic Information Systems rebuilt its security operations around identity. Healthfirst grounded its zero trust program in identity-first controls. PDS Health secured clinical access for more than 900 practices. They had different problems with the same answer.

Different challenges. One answer. One platform. Consistent privilege controls applied to every identity that matters.

AI Makes This Urgent. AI Makes This Possible.

AI has changed the speed, scale and economics of identity risk.

Frontier models have crossed a threshold. Anthropic's Claude Mythos Preview has already identified thousands of zero-day vulnerabilities across the operating systems and browsers that businesses rely on every day. Every exposed secret, every standing admin path, every forgotten service account can now be discovered, validated and weaponized faster than most security teams can respond. 55% of the decision-makers in our 2026 survey named AI-enabled threats as their top identity concern.

Our answer is clear: We fight AI with AI.

If frontier models are rewriting the economics of attack, the only credible response is to rewrite the economics of defense with the same technology.

Idira is how we do that in identity. AI is built into the platform to surface hidden entitlements, identify risky access combinations, recommend the least privilege automatically, and drive surgical remediation. That same intelligence lets attackers find the weakest link in 72 minutes and helps defenders close it in seconds.

When code cannot be patched fast enough, identity becomes the control plane that can still adapt at machine speed.

Same Mission, Stronger Together

For more than two decades, the pioneers of privileged access have management-built controls trusted to safeguard the world's most critical environments. That mission created a category and earned the trust that made today possible.

Idira carries that mission forward and expands it to match the scale of the problem we now face.

This is the first wave, not the last. The roadmap extends privilege controls to workforce identity, advances machine and agentic identity security, and unifies a fragmented market into one platform. We are building it in the open, shaped by the customers in the room with us at IMPACT and by the realities they face every day.

The future of identity security will not be defined by access alone. It will be defined by control. See what Idira is built to deliver.


Forward-Looking Statements

This blog contains forward-looking statements that involve risks, uncertainties and assumptions, including, without limitation, statements regarding the benefits, impact, or performance or potential benefits, impact or performance of our products and technologies or future products and technologies. Any unreleased services, integrations or features (and any services or features not generally available to customers) referenced in this or other press releases or public statements are not currently available (or are not yet generally available to customers) and may not be delivered when expected or at all. Customers who purchase Palo Alto Networks applications should make their purchase decisions based on services and features currently generally available.

The post Idira — Our Journey to Democratize Privilege Controls appeared first on Palo Alto Networks Blog.

  •  
❌