The iQSG Business Development team recently completed training on Palo Alto Networks security strategy entering 2019.
With the acquisition of a few companies in the last year, Palo Alto has positioned themselves as a leading Security company, not just a provider of the best next gen firewall.
Let's review...
Palo Alto Core Competencies
- Latest version of PAN-OS is 8.1
- Offer both physical and virtual firewalls
- Unit 42 Threat Research Team
- Augment NextGen Firewall offering with security subscriptions
- Zero Day malware detection via WildFire
- Global Protect VPN
- URL & content filtering
- SSL Decryption
Palo Alto acquires Evident.io
- Acquisition was completed in March of 2018
- Evident.io is a leader in cloud services infrastructure protection
- New offering is simply called Evident
- Agentless, leverages existing cloud control APIs for integration
- Continuous monitoring of infrastructure services
- Monitors public cloud storage services
- Provides for real-time compliance monitoring and reporting
Palo Alto acquires RedLock
- Acquisition was completed in October of 2018
- RedLock is a cloud threat defense company
- Utilize machine learning to deliver real-time risk status for the cloud
- Allows for Sec-Ops to keep up with Dev-Ops
- Continuous compliance monitoring and reporting
- Works with and across major public cloud vendors, AWS, Azure, GCP
- Makes context-based recommendations
- RedLock Query language for scripting and automation
AutoFocus Threat Intelligence
- oReduces the time involved in threat investigations
- oProvides access to billions of samples collected from WildFire
- oCombines automated analysis with human analysis from Unit 42
- oCombines in-house and 3rd party threat intelligence feeds
- oImproves the speed and precision of incident response
Magnifier Behavioral Analytics
- Continuously profiles user and device behavior
- Applies cloud scale machine learning to detect behavioral deviations
- Utilizes PAN Logging Service to ship logs to the cloud
- Reduces response time to security events
- Detects external attacks as well as insider threats
- Helps with security best practices by reporting on risky user behavior