Palo Alto Networks Unveils Major Security Enhancements at RSA Conference 2025

Analysis: Palo Alto Networks introduces new security capabilities at RSAC Conference - SiliconANGLE

Analysis: Palo Alto Networks introduces new security capabilities at RSAC Conference Palo Alto Networks Inc. kicked off this week's RSA Conference in San Francisco by introducing new capabilities for its ever-expanding security portfolio. The announcements were focused on its two major platforms: network security and Cortex. Palo Alto Networks has introduced Prisma Access Browser 2.0 into its secure access service edge offering. In late 2023, Palo Alto acquired Talon to jump into the secure enterprise browser market and now it has made the offering part of its SASE stack. Capabilities include: Other new Prisma SASE capabilities include endpoint data loss prevention; integration into Prisma SD-WAN to support new productivity apps and extend enhanced user-to-app performance to the branch; simplifying the information technology experience with a next-generation unified SASE agent; and the addition of Oracle Cloud Infrastructure to extend the global reach of Prisma SASE and deliver cloud resiliency and greater uptime. Secure enterprise browsers aren't new, but the market has been in a bit of a renaissance. Older solutions required users to install a separate browser, where current solutions, such as Prisma Access Browser run in Chrome and Edge making it invisible to the user. Also, with the permanency of remote work, for many organizations, the browser has become the primary workspace. Securing the user and data at the browser brings consistent security to the first line of defense. Palo Alto unveiled the 3.0 version of Cortex XSIAM, the next version of its SecOps platform. Among the new features are proactive exposure management and advanced email security, which enable customers to consolidate more functions onto Cortex with better and faster results, providing a proof point as to the value of platforming their security operations center. Cortex Exposure Management prevent attacks by using AI to analyze the massive amounts of data to prioritize and remediate actions across the attack surface. What's interesting about the release is it changes the role of XSIAM. Palo Alto Chief Executive Nikesh Arora often talks about security tools being designed for "peacetime" or "wartime," with XSIAM being the former. Exposure management adds in element of war time and playing a dual role. Other new capabilities include: Palo Alto expects the new SASE features, Exposure Management, and Advanced Email Security to be generally available in Q4 of fiscal 2025, which ends July 31. Palo Alto also introduced Prisma AIRS (pictured), which is an AI security platform designed to protect the entire enterprise AI ecosystem, including applications, agents, models and data. It addresses both traditional and AI-specific threats, enabling organizations to deploy AI more confidently. Built on the Secure AI by Design portfolio that Palo Alto launched in 2024, Prisma AIRS capabilities include: During RSAC, Palo Alto announced the intent to acquire Protect AI. As the name suggests, the vendor focuses on security AI and machine learning systems. At the event I talked with Anand Oswal, senior vice president and general manager of network security at Palo Alto, about the acquisition. "When the deal does close, Protect AI will become part of the Prisma AIRS team, accelerating our journey to comprehensively secure every app, agent, data set and model," he said, so there's more to come. For Palo Alto, this was a strong set of announcements as it expands the definition and capabilities of its platforms. Almost every security professional I talk to has bought into the concept of the platform but struggle with how to get from where they are today to the future state of a platform. The challenge for Palo Alto, and the other platform vendors, will be to help companies migrate from multivendor, multitool environment and consolidate down to a few platforms. It's what customers want. Now the vendors need to help them get there.

5 Big Palo Alto Networks Launches On XSIAM, SASE

The cybersecurity giant unveiled the next version of its SIEM replacement offering with the debut of Cortex XSIAM 3.0, as well as updates to Prisma SASE and AI security and a planned startup acquisition. Palo Alto Networks unveiled major enhancements Monday to two of its key product areas with updates to Cortex XSIAM and Prisma SASE, along with the launch of a new AI security platform and a planned startup acquisition in the segment. XSIAM (extended security intelligence and automation management) aims to offer an AI-powered alternative to traditional SIEM (security information and event management) and is "one of the fastest-growing products in cybersecurity," Palo Alto Networks CEO Nikesh Arora said during a quarterly call in February. [Related: Palo Alto Networks Channel Chief On Why AI, Platformization Go Hand-In-Hand] The cybersecurity giant announced the next version of the platform with the debut of Cortex XSIAM 3.0 as the RSA Conference 2025 got underway Monday. Palo Alto Networks also announced major updates to its secure access service edge platform, Prisma SASE, in connection with RSAC 2025. The Prisma SASE enhancements include the debut of the next version of the company's secure enterprise browser, with the launch of the Prisma Access Browser 2.0. Meanwhile, Palo Alto Networks debuted its new AI security platform, Prisma AIRS, and announced its intention to acquire AI security startup Protect AI. What follows are the details on major Palo Alto Networks launches in XSIAM, SASE and AI security. Cortex Advanced Email Security Major updates in Cortex XSIAM 3.0 include the introduction of "advanced" email security, with capabilities for detecting sophisticated phishing and other email-based threats -- including those enhanced using LLMs. The detection leverages LLM-driven analytics that can "continuously learn from emerging threats," Palo Alto Networks said. The email security capabilities also provide automated removal of malicious emails and disabling of compromised accounts, as well as isolation of affected endpoints, the company said. Additionally, Cortex Advanced Email Security enables detection and response with "complete email context" through correlation of data from email, endpoint, identity and cloud sources, according to Palo Alto Networks. Cortex Exposure Management Other key introductions for XSIAM 3.0 announced by Palo Alto Networks include Cortex Exposure Management, which can "cut vulnerability noise by up to 99 percent" using enhanced prioritization along with automated remediation, the company said. Key capabilities include discovery of risks across network and cloud environments as well as endpoints and third-party sources, according to the vendor. Crucially, the tool deploys AI to "prioritize high-risk, exploitable vulnerabilities with no compensating controls, eliminating false alarms," Palo Alto Networks said in a news release. Prisma SASE Updates With the second-generation version of Palo Alto Networks' Prisma Access Browser, the vendor says the secure enterprise browser now provides "real-time" visibility and access control for GenAI usage to ensure protection of sensitive data. Prisma Access Browser 2.0 also adds new, real-time protections against "evasive and targeted attacks such as AI-generated cloaking and SaaS-hosted phishing attacks," the company said. Other newly added features for Prisma SASE include capabilities in endpoint data loss prevention -- including improvements in discovery of "shadow" data -- and app acceleration with expanded support for productivity apps. Prisma AIRS Palo Alto Networks on Monday debuted its new AI security platform, Prisma AIRS, with capabilities that include AI model scanning for vulnerabilities, with the aim of enabling safe adoption of AI models. Other key capabilities in Prisma AIRS include posture management, AI red teaming and runtime security, the company said. Meanwhile, Palo Alto Networks said that Prisma AIRS will offer security for AI agents, including agents created using no-code/low-code methods. The capabilities will protect against threats to AI agents that include impersonation of identities and manipulation of memory as well as tool misuse, the company said. Protect AI Acquisition Deal Palo Alto Networks announced Monday that it plans to acquire Protect AI, a startup focused on AI security. Terms of the deal were not disclosed. Protect AI brings a focus on AI-SPM (AI Security Posture Management) that aims to provide greater visibility, management and security for AI/ML environments, as well as providing remediation and governance capabilities. In a news release, Palo Alto Networks said that Protect AI has "already established itself as an important player in this increasingly critical new area of security." The planned acquisition will enable the company to "more quickly and comprehensively accelerate its vision for Prisma AIRS," Palo Alto Networks said.

Palo Alto Networks Bolsters SASE Capabilities for Modern Workplace

Unveils Prisma Access Browser 2.0, the world's only SASE-native secure browser, perfect for the perimeterless, cloud-first world Palo Alto Networks® (NASDAQ: PANW), the global cybersecurity leader, today announced its latest advancements in Prisma® SASE, the industry's most comprehensive secure access service edge (SASE) solution, including the unveiling of Prisma Access Browser 2.0, the world's only SASE-native secure browser. Prisma Access Browser 2.0, along with Endpoint Data Loss Prevention (DLP) and expanded cloud presence with Oracle Cloud Infrastructure (OCI), are new Prisma SASE capabilities designed to secure generative AI (GenAI) usage, improve user experience and enhance operational resilience in the modern workplace. Eighty-five percent of work today is happening in browsers, leading to potential data exposure and monitoring gaps. Palo Alto Networks 2025 Unit 42 Incident Report found that almost half (44%) of security incidents involved malicious activities initiated or enabled through employees' browsers, such as phishing, URL redirect abuse and malware downloads. "A secure browser extends SASE protection to where knowledge workers spend most of their time, securing third-party access, supporting BYOD, and reducing an organization's reliance on legacy infrastructure like VDI," said John Grady, principal analyst at Enterprise Strategy Group, now part of Omdia. "Palo Alto Networks unique approach of integrating its Prisma Access Browser with Prisma SASE helps organizations extend the same protection from advanced threats, user experience monitoring, and GenAI app protection from the network into the browser, ensuring users are protected, efficient, and productive." Uniquely the combination of Prisma SASE with Prisma Access Browser delivers safe, fast, policy-driven access to everything the modern workforce needs -- without compromising experience or security. To further enable enterprises to browse securely from any device or any location, Prisma Access Browser 2.0 includes the following new capabilities: Safely enabling GenAI use and protecting data in real time: Prisma Access Browser 2.0 now helps secure GenAI adoption with real-time visibility, access control and user coaching to accurately secure sensitive data at the last mile (e.g., clipboard, print, screenshots, typing), with LLM-powered context-based classification preventing unintentional leaks or breaches. Defending against new sophisticated web attacks: Prisma Access Browser 2.0 delivers new protection powered by Precision AI® to detect evasive and targeted attacks such as AI-generated cloaking and SaaS-hosted phishing attacks in real time. This includes attacks such as evasive AI-generated code and malicious injections into compromised websites, which cannot be reliably detected outside of the browser. Delivering a reimagined user experience: Prisma Access Browser 2.0 delivers maximum performance for modern web and SaaS applications, yet still provides users with the ability to easily launch legacy infrastructure such as VDI applications from the same browser for a unified experience. "In the AI-first era, safeguarding customer data and intellectual property is paramount," said Aathir Ahad, CISO, Wipro Limited. "Prisma Access Browser aligns with our Zero Trust strategy and our commitment to leveraging advanced technologies for rapid threat prevention, enhanced user experience, and robust data & privacy protection." "Secure browsers are absolutely essential for the modern workforce because today's work is increasingly remote, cloud-based, and data-intensive," said Anand Oswal, SVP and GM of Network Security, Palo Alto Networks. "This shift demands a unified, modern approach to security -- a SASE natively integrated secure browser -- that uniquely safeguards productivity, helps ensure resilience, and does so with a seamless user experience, making it the optimal choice for securing today's dynamic work environments." Additional new advanced features to Palo Alto Networks Prisma SASE include: Endpoint Data Loss Prevention (DLP) -- to improve shadow data discovery and data classification accuracy as well as provide proactive measures against insider threats to safeguard sensitive information. Extend App Acceleration to Branch -- to expand support for new productivity apps and extend enhanced user-to-app performance to the branch with integration into Prisma SD-WAN. Next-Generation Unified SASE Agent -- to simplify the IT experience with a unified, next-generation agent for SASE use cases. Oracle Cloud Infrastructure (OCI) -- to broaden the global reach of Prisma SASE and build on the ability to deliver cloud resiliency and industry-leading uptime. "Our long-standing collaboration with Palo Alto Networks helps organizations across the world securely accelerate their cloud journey," said Karan Batta, senior vice president, Oracle Cloud Infrastructure. "By leveraging OCI to run Prisma SASE globally, Palo Alto Networks can provide its customers with operational resiliency, high performance, and an exceptional user experience. In addition, Prisma SASE helps our customers protect their OCI environments against emerging and sophisticated cyber threats." Join Palo Alto Networks Chairman and CEO Nikesh Arora for a live virtual event: "Hello Tomorrow," and discover what's next in AI and cybersecurity. The announced new SASE features will be generally available in Q4 FY25. Learn more about these and other industry-leading SASE innovations, and register to attend InterSECt 2025 from June 24-26. Follow Palo Alto Networks on X (formerly Twitter), LinkedIn, Facebook and Instagram. About Palo Alto Networks As the global cybersecurity leader, Palo Alto Networks (NASDAQ: PANW) is dedicated to protecting our digital way of life via continuous innovation. Trusted by organizations worldwide, we provide comprehensive AI-powered security solutions across network, cloud, security operations and AI, enhanced by the expertise and threat intelligence of Unit 42. Our focus on platformization allows enterprises to streamline security at scale, ensuring protection fuels innovation. Discover more at www.paloaltonetworks.com.

Palo Alto Networks Cortex XSIAM Delivers Industry's First AI-Driven SecOps Platform to Span Proactive and Reactive Security

Evolves industry-leading capabilities with AI-driven Cortex Exposure management and Advanced Email Security Palo Alto Networks® (NASDAQ: PANW), the global cybersecurity leader, today unveiled Cortex XSIAM® 3.0, the next evolution of its industry-leading SecOps platform, bolstered with proactive exposure management and advanced email security, enabling customers to further consolidate on Cortex for significantly better, faster and more cost-effective security operations. Three years ago, Palo Alto Networks anticipated the future of security operations by introducing Cortex XSIAM, which consolidates and normalizes all cybersecurity data to fuel advanced, real-time analytics and automation, making disjointed point products obsolete. The best-selling platform surged past $1 billion cumulative bookings in FY25 Q2, making it our fastest offering to reach this milestone. Earlier this year, Palo Alto Networks doubled down on cloud security with the introduction of Cortex Cloud, converging its industry-leading CNAPP and CDR capabilities on the unified Cortex platform. Cortex XSIAM 3.0 continues its relentless disruption of the security operations market by upending decades-old approaches to vulnerability management and email security. It further expands the scope of the SOC from reactive to proactive security to prevent breaches before they happen, in addition to its current powerful incident response capabilities. These new XSIAM innovations will help customers modernize legacy offerings across a total TAM of $37 billion. Gonen Fink, SVP of Products, Cortex at Palo Alto Networks: "Cortex XSIAM harnesses the power of the world's largest and most comprehensive set of security data to transform our customers' ability to rapidly counter evolving attacks with advanced AI and automation. This expansion of our groundbreaking SecOps platform merges best-in-class reactive with proactive security measures, allowing customers to achieve unprecedented risk reduction across their entire enterprise, from code to cloud to SOC." Cortex XSIAM 3.0 will enable customers to stop attacks at scale using AI-driven threat defense with Cortex Exposure Management and Advanced Email Security. Cortex Exposure Management: Cut vulnerability noise by up to 99% with AI-driven prioritization and automated remediation spanning the entire enterprise: See every exposure: Uncover risks with a unified solution spanning native network, endpoint and cloud scanners -- extended with integration from any third-party source. Cut alert noise based on actual risk, not compliance: Use AI to prioritize high-risk, exploitable vulnerabilities with no compensating controls, eliminating false alarms. Close the loop with industry-leading automation to prevent future attacks: Seamlessly create new protections for critical risks in native network, endpoint and cloud security solutions. Automate remediation across first- and third-party tools with playbook automation. Cortex Advanced Email Security: Stop sophisticated email-based attacks missed by other solutions, with advanced AI and automation: Outsmart GenAI-powered threats: Detect advanced phishing and email-based threats based on attacker intent with LLM-powered analytics that continuously learn from emerging threats. Stop attacks in real time with built-in automation: Automatically remove malicious emails, disable compromised accounts, and isolate affected endpoints with best-in-class workflow automation. Extend industry-leading detection and response with complete email context: Correlate email, identity, endpoint and cloud data for unparalleled visibility into the full attack path for effective incident response. Chris DeBrunner, VP of Security Operations, CBTS: "The transition to Cortex XSIAM has transformed our SOC operations at CBTS. Previously, we struggled with alert fatigue due to multi-console complexity, multiple data sources, disparate vendors, and labor-intensive tasks. With the consolidation of major security capabilities into one platform, we have achieved remarkable efficiencies. Our incident close-out rate has reached 100%, and we have significantly reduced our median time to resolution (MTTR) from days to, in some cases, seconds. The automation provided by XSIAM has been crucial in managing the alert overwhelm we faced, making our team more effective and less error-prone." Chase Hymel, CISO, State of Louisiana: "Discovering the capabilities of Cortex XSIAM was a game-changer for the State of Louisiana. It's helped us to modernize our security infrastructure and set an example for other states to follow. By adopting XSIAM, we have significantly improved threat visibility and response effectiveness. Cortex XSIAM has allowed us to consolidate our security tools into one integrated platform, enhancing our security operations and protecting citizen data effectively. We have reduced MTTR from over 24 hours to under two minutes and automated the resolution of 86% of incidents." Availability: Exposure Management and Advanced Email Security are expected to be generally available to customers globally in FY25 Q4. For more details on Cortex XSIAM 3.0, read our blog here. Register to attend: On Tuesday, April 29, 2025, from 2:30-4:30 p.m. PDT, join Palo Alto Networks Chairman and CEO Nikesh Arora for a virtual event: Hello Tomorrow, and dive into how innovations in AI-driven SecOps are redefining security from the inside out. Don't miss the launch event: Register for a one-hour virtual event June 4-5, 2025, to be among the first to see Cortex XSIAM 3.0 in action. About Palo Alto Networks As the global cybersecurity leader, Palo Alto Networks (NASDAQ: PANW) is dedicated to protecting our digital way of life via continuous innovation. Trusted by organizations worldwide, we provide comprehensive AI-powered security solutions across network, cloud, security operations and AI, enhanced by the expertise and threat intelligence of Unit 42. Our focus on platformization allows enterprises to streamline security at scale, ensuring protection fuels innovation. Discover more at www.paloaltonetworks.com.