Capability Domains met by Palo Alto Networks

Identify Malicious Content

Palo Alto Networks implements an inline network enforcement point to identify malicious content and implement controls around it. Our solution identifies and provides protection against malware, malicious hosted content, phishing websites, and malicious exploit code. Along with inline network protections, we can scan SaaS providers and hosted cloud storage providers to determine if malicious content is stored in these environments.

Perform Network & System Monitoring

The Palo Alto Networks platform inspects all application, threat, and content traffic and ties it to a user, regardless of location or device type. These become integral components of your security policy. Built-in reporting functions let administrators correlate anomalies and isolate unidentified traffic. Administrators can spotlight and control high-risk network activities and block communications bound for rogue command-and-control servers.

Cortex XDR uses behavioral analytics and machine learning to analyze information stored in Cortex Data Lake (which tracks hundreds of behavioral attributes), and then uses this information to determine normal behavior and build user and device profiles. The combination of Cortex XDR, Cortex Data Lake, and Panorama network security management delivers an economical cloud-based logging solution for zero-hardware cloud scale, available anywhere.

Prisma Cloud continually monitors cloud environments to detect misconfigurations (e.g., exposed cloud storage), advanced network threats (e.g., cryptojacking, data exfiltration), potentially compromised accounts (e.g., stolen access keys), and vulnerable hosts, and then correlates configuration data with user behavior and network traffic to provide actionable alerts around misconfigurations and threats.

IoT Security AI-powered lifecycle management uses behavioral analysis to establish a baseline of typical behavior, and then draws on its IoT behavioral repository to automatically identify and classify connected devices. Its comprehensive risk assessment alerts to any device acting outside of its normal activity.