Katana VentraIP

Palo Alto Networks

Palo Alto Networks, Inc. is an American multinational cybersecurity company with headquarters in Santa Clara, California. The core product is a platform that includes advanced firewalls and cloud-based offerings that extend those firewalls to cover other aspects of security. The company serves over 70,000 organizations in over 150 countries, including 85 of the Fortune 100.[6] It is home to the Unit 42 threat research team[7] and hosts the Ignite cybersecurity conference.[8] It is a partner organization of the World Economic Forum.[9]

Company type

2005 (2005)

Nir Zuk

Worldwide

PA 220, 4x0, 8x0, 32x0, 34x0, 54x0, 70x0, VM, CN firewall series[3]
Prisma SASE[4] Prisma Cloud, Cortex XDR, Cortex Xpanse, Cortex XSOAR, Cortex XSIAM

Increase US$6.89 billion (2023)

Increase US$387 million (2023)

Increase US$440 million (2023)

Increase US$14.5 billion (2023)

Increase US$1.75 billion (2023)

13,948 (2023)

In 2018, Palo Alto Networks was listed 8th in the Forbes Digital 100.[10] In June 2018, former Google and SoftBank executive Nikesh Arora joined the company as Chairman and CEO.[11]

January 2014: Morta Security[34]

[33]

April 2014: Cyvera for approximately $200 million[36]

[35]

May 2015: CirroSecure

[37]

March 2017: LightCyber for approximately $100 million

[38]

March 2018: Cloud Security company Evident.io for $300 million. This acquisition created the Prisma Cloud division.

[39]

April 2018: Secdo

[40]

October 2018: RedLock for $173 million

[41]

February 2019: Demisto for $560 million

[42]

May 2019: Twistlock for $410 million

[43]

June 2019: PureSec for $47 million[45]

[44]

September 2019: Zingbox for $75 million

[46]

November 2019: Aporeto, Inc. for $150 million

[47]

April 2020: CloudGenix, Inc. for $420 million

[48]

August 2020: Crypsis Group for $265 million

[49]

November 2020: Palo Alto Networks announced its intent to acquire Expanse for $800 million.

[50]

February 2021: Bridgecrew for $156 million

[51]

November 2022: Cider Security for $300 million.

[52]

October 2023: Announced its intent to acquire Dig Security for $400 million[54]

[53]

November 2023: Talon Cyber Security for $625 million

[55]

December 2023: Dig Security for $400 million

[56]

Next-generation firewalls

[58]

Panorama, a network security control center that allows customers to manage a fleet of firewalls at an enterprise scale from a single console.

[60]

Traps, advanced endpoint protection. Unlike traditional , Traps does not rely on signatures to detect malware. Instead, it focuses on analyzing the behavior of programs to detect zero-day exploits. Threat intelligence is shared with and obtained from Wildfire.[61]

antivirus

Wildfire, a cloud-based threat-analysis service that uses , static analysis, machine learning, and bare-metal analysis to discover and prevent unknown threats.[62]

dynamic analysis

Threat research[edit]

Unit 42 is the Palo Alto Networks threat intelligence and security consulting team. They are a group of cybersecurity researchers and industry experts who use data collected by the company's security platform to discover new cyber threats, such as new forms of malware and malicious actors operating across the world.[69] The group runs a popular blog where they post technical reports analyzing active threats and adversaries.[70] Multiple Unit 42 researchers have been named in the MSRC Top 100, Microsoft's annual ranking of top 100 security researchers.[71] In April 2020, the business unit consisting of Crypsis Group which provided digital forensics, incident response, risk assessment, and other consulting services merged with the Unit 42 threat intelligence team.[72]


According to the FBI, Palo Alto Networks Unit 42 has helped solve multiple cybercrime cases, such as the Mirai Botnet and Clickfraud Botnet cases,[73] the LuminosityLink RAT case,[74][75] and assisted with "Operation Wire-Wire".[76]


In 2018, Unit 42 discovered Gorgon, a hacking group believed to be operating out of Pakistan and targeting government organizations in the United Kingdom, Spain, Russia, and the United States. The group was detected sending spear-phishing emails attached to infected Microsoft Word documents using an exploit commonly used by cybercriminals and cyber-espionage campaigns.[77]


In September 2018, Unit 42 discovered Xbash, a ransomware that also performs cryptomining, believed to be tied to the Chinese threat actor "Iron". Xbash is able to propagate like a worm and deletes databases stored on victim hosts.[78] In October, Unit 42 warned of a new crypto mining malware, XMRig, that comes bundled with infected Adobe Flash updates. The malware uses the victim's computer's resources to mine Monero cryptocurrency.[79]


In November 2018, Palo Alto Networks announced the discovery of "Cannon", a trojan being used to target United States and European government entities.[80][81] The hackers behind the malware are believed to be Fancy Bear, the Russian hacking group believed to be responsible for hacking the Democratic National Committee in 2016. The malware communicates with its command and control server with email and uses encryption to evade detection.[82]

Edit this at Wikidata

Official website

Google