Modern SIEM Journeys: Notes from the Migration Trail
Energy, finance and insurance SOCs cut alert noise 75% and MTTR 98% by moving from legacy SIEM to Cortex XSIAM’s unified, AI-driven security platform.
Security Operations
Security Operations
Must-Read Articles
Product Features
Use-Cases
News and Events
Partner Integrations
Playbook of the Week
Beyond the Label: How AI-Driven Explanations Supercharge Malware Detection
Go beyond 'malicious' or 'benign'. Learn how Palo Alto Networks uses AI explanations to enhance the development of our malware detection to get more accurate verdicts.
Inside a Modern Cloud Attack — How to Catch It with Cortex CDR
Learn how Cortex CDR detects modern cloud attacks like Scattered Spider's identity-driven campaigns across Okta, AWS & Office 365 with real-time behav...
Across the Logs and Into Cortex XSIAM
Learn how Cortex XSIAM streamlines SIEM migration with 1000+ connectors, 10,000+ detectors & native automation. Complete traditional SIEM upgrade in 3 months
Rapid Response to CVE-2025-31324: Mitigating SAP NetWeaver Visual Composer ...
Protect against SAP NetWeaver's critical CVE-2025-31324 vulnerability with Cortex XSIAM's automated detection and response playbook for identifying an...
More Blogs
Displaying 1—16 of
501 results
Sort By:
Cybersecurity Challenges in the Energy and Utilities Sector
IBM and Palo Alto Networks are collaborating to address five key security challenges and their solutions.
Cortex XDR Named 2025 Gartner Customers’ Choice for Endpoint Security
98% of reviewers recommend Palo Alto Networks industry-leading security, Cortex XDR, as Gartner Customers' Choice for Endpoint Protection Platforms.
Cortex Cloud — Unified Efficiency, Now with Dual FedRAMP Authority
Cortex Cloud achieved FedRAMP High and Moderate authorizations since its Feb 2025 launch, highlighting its secure cloud commitment.
What’s New for Cortex and Cortex Cloud (Apr ‘25)
Discover cutting-edge advancements in security ops with the latest Cortex releases. New features enhance threat prevention, platform coverage, automation, and attack surface tests for streamlined and robust sec...
Playbook Creation Reimagined: The Intuitive Approach to Security Automation
Continuing to innovate on our market-leading SOAR to simplify security operations, ensure ease of use in the adoption of automation.
No More Guessing: Accurate AI Security with Palo Alto Networks
Learn how our rigorous evaluation techniques ensure that Palo Alto Networks’ precision AI solutions deliver the accuracy and reliability you need.
Flexible Security Data Management with Cortex XSIAM & Cribl
Cortex XSIAM now integrates with Cribl to help security teams route high-quality data, fuel AI-driven operations, and detect threats fast with full vi...
Introducing XSIAM 3.0
XSIAM is expanding from reactive response to proactive defense, transforming exposure management and email security with unified data, AI and automation.
Cortex Email Security Module: Defending Against Evolving Email Threats
Discover how Cortex Email Security Module detects sophisticated phishing attacks through AI-powered analysis, cross-domain correlation, and automated ...
Bruce Byrd on Public-Private Partnerships in Cybersecurity
Bruce Byrd offers strategic insights on cybersecurity evolution including public-private partnerships and AI impact.
NL2XQL: Turning Natural Language into Powerful Cybersecurity Querying
NL2XQL transforms natural language into powerful XQL queries, making cybersecurity investigations accessible to all security teams without requiring d...
Creating an Automated Workflow for Account Lockout Resolution
This playbook automates and speeds up response to excessive user account lockouts, which could indicate a credential-based attack.
Automating Response to Unauthorized Scheduled Task Executions
Discover how Cortex XSIAM automates detection and response to malicious scheduled tasks that reference external HTTP/FTP sources for improved security...
Automating Response to Unauthorized Tor Logins
The A Successful Login from Tor playbook in Cortex XSIAM enhances security teams’ ability to detect and respond to unauthorized access attempts using Tor. By automating identity verification, automated remediat...
Automating Response to Suspicious Process Executions
This playbook automates the investigation and response to suspicious process executions triggered by a scheduled task.
Palo Alto Networks Helps Secure Black Hat Asia 2025
Palo Alto Networks secures Black Hat Asia 2025 with pride. Our NOC and SOC involvement ensures uninterrupted conference experience for attendees.
More Blogs
Displaying 1—16 of
499 results
Sort By:
Announcement, Application Security, Cloud Security, CNAPP, News and Events, Product Features, Products and Services
Introducing Cortex Cloud — The Future of Real-Time Cloud Security
Cortex Cloud brings the world’s leading CNAPP onto the #1 SecOps platform, delivering real-time protection — for the fir...
A Leader in the 2024 Gartner Magic Quadrant for EPP
Palo Alto Networks was named a leader in endpoint protection platforms by Gartner for Cortex XDR.
Introducing XSIAM 3.0
XSIAM is expanding from reactive response to proactive defense, transforming exposure management and email security with unified data, AI and automation.
Forrester Names Palo Alto Networks a Leader in XDR
Palo Alto Networks was named a leader in extended detection and response platforms by Forrester for Cortex XDR.
Cortex Email Security Module: Defending Against Evolving Email Threats
Discover how Cortex Email Security Module detects sophisticated phishing attacks through AI-powered analysis, cross-domain correlation, and automated ...
MITRE ATT&CK Evaluations — Cortex XDR Among Elite in Endpoint Security
Palo Alto Networks achieves top MITRE ATT&CK 2024 results with 100% detection rates against evolving AI-powered cyber threats.
A Deep Dive Into Malicious Direct Syscall Detection
This blog explains how attackers use direct syscalls to overcome most EDR solutions, by first discussing the conventional Windows syscall flow and how most EDR solutions monitor those calls.
Automating Response to Suspicious Process Executions
This playbook automates the investigation and response to suspicious process executions triggered by a scheduled task.
Forrester Names Palo Alto Networks a Leader in Attack Surface Management
Palo Alto Networks was named a leader in attack surface management by Forrester for Cortex Xpanse.
NL2XQL: Turning Natural Language into Powerful Cybersecurity Querying
NL2XQL transforms natural language into powerful XQL queries, making cybersecurity investigations accessible to all security teams without requiring d...
Automating Response to Unauthorized Scheduled Task Executions
Discover how Cortex XSIAM automates detection and response to malicious scheduled tasks that reference external HTTP/FTP sources for improved security...
Automating Response to Unauthorized Tor Logins
The A Successful Login from Tor playbook in Cortex XSIAM enhances security teams’ ability to detect and respond to unauthorized access attempts using Tor. By automating identity verification, automated remediat...
Announcing Unit 42 Managed XSIAM — Redefining 24/7 Managed SecOps
Palo Alto Networks announces Unit 42 Managed XSIAM, a solution that provides 24/7 expert-led defense across every attack surface.
Detecting Threats with Microsoft Graph Activity Logs
Discover how Microsoft Graph API is used as an attack vector by threat actors through a real-world attack scenario. Find out why monitoring Microsoft Graph activity logs is important and how Cortex delivers tai...
Creating an Automated Workflow for Account Lockout Resolution
This playbook automates and speeds up response to excessive user account lockouts, which could indicate a credential-based attack.
Flexible Security Data Management with Cortex XSIAM & Cribl
Cortex XSIAM now integrates with Cribl to help security teams route high-quality data, fuel AI-driven operations, and detect threats fast with full vi...
Subscribe to Security Operations Blogs!
Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.