Next-Generation Security Platform
Preventing successful cyber attacks
The end goal of security is to enable your operations to flourish and keep your organization out of the headlines associated with cyber breaches. This means reducing the likelihood of a successful attack. By focusing on preventing successful attacks, the Palo Alto Networks Next-Generation Security Platform reduces cyber security risk so that it is manageable and quantifiable, allowing organizations to compartmentalize their biggest threats and focus on business operations.
Security should not be an impediment to adoption of new mobility, SaaS, public or private cloud technologies that enable productivity. Only a natively integrated security platform, with components across these rapidly evolving enterprise technology environments, can keep pace with modern attackers, who draw no distinction as to the location of their target. Your organization should enjoy the same protection against cyber attacks regardless of how or where your applications and data reside.
Improving security and efficiency
Building security that simply detects threats and requires a manual response is too little, too late, as once your data goes out the door, your risks and costs increase exponentially. Manual remediation does little to reduce risk, is expensive in terms of time and money, and distracts from the identification of true threats. The Palo Alto Networks Next-Generation Security Platform is designed to enable automated prevention of cyber attacks to reduce the increased risks and costs associated with detection and remediation.
The Palo Alto Networks Next-Generation Security Platform protects our digital way of life by safely enabling applications and preventing known and unknown threats across the network, cloud, and endpoints. The native integration of the platform delivers a prevention architecture that can provide superior security at lower total cost of ownership.
Our platform has four major components that enable the prevention of successful cyber attacks:
- Natively integrated technologies that leverage a single-pass prevention architecture to exert positive control based on applications, users, and content to reduce organizational attack surface, that support open communication, orchestration, and visibility, and enable consistent security posture from the network, to the cloud, to the endpoint
- Automated creation and delivery of protection mechanisms against new threats to network, cloud, and endpoint environments
- Extensibility and flexibility that allows for protection of customers as they expand, move off their physical network, or adopt new technologies
Threat intelligence sharing that provides protection by taking advantage of the network effects of a community of comprehensive global threat data to minimize the spread of attacks
Automation Reducing Manual Response
Relying on manual response to confront the increasing volume and sophistication of cyber attacks facing organizations has, unfortunately, led to predictable results, which will only worsen unless prevention becomes automated.
With the Palo Alto Networks Next-Generation Security Platform, the discovery of a new threat triggers the automated creation and delivery of protection mechanisms to network, cloud, and endpoint environments, enabling dynamic policy updates, which allows organizations to scale their defenses with technology, not people.
Extensibility & Flexibility
The Palo Alto Networks Next-Generation Security Platform consistently protects organizations as they grow, and as they move off their physical networks and adopt new technologies to enable organizational agility, such as cloud and SaaS.
Threat Intelligence Sharing
The Palo Alto Networks Next-Generation Security Platform also benefits from the powerful network effect of a growing community of comprehensive global threat data sharing to minimize the spread of attacks and raise the costs to attackers. No one organization will ever see all global threats, but as part of a network, they benefit from collective intelligence. The detection of a new threat in one customer environment sharing threat information triggers the automatic creation and dissemination of prevention mechanisms across the entire network of thousands of customers. As the network grows, the wider protections propagate, limiting the spread of attacks and, consequently, their effectiveness.
Extend Zero Trust to Your Endpoint
With exploit kits readily accessible, even your “good” applications can go “bad.” Therefore, Zero Trust (“never trust, always verify”) should be extended beyond the network. No application or attached device should be trusted – known or unknown. Instead of monitoring for patterns or malicious behaviors, or whitelisting applications, an advanced endpoint protection should persistently enforce the Zero Trust model on your endpoints.
While Traps can harden a system to allow only trusted applications to run, that is just one facet of the approach. Our unique exploit and malware prevention modules ensure those “trusted” applications cannot be exploited. This combination makes for an unparalleled approach to advanced endpoint protection.