The company debuted on the
NYSE on July 20, 2012, raising $260 million with its
initial public offering, which was the 4th-largest tech IPO of 2012.[15][16][17] It remained on the NYSE until October 2021 when the company transferred its listing to
Nasdaq.[18][19]
In 2014, Palo Alto Networks founded the Cyber Threat Alliance with
Fortinet,
McAfee, and
NortonLifeLock, a
not-for-profit organization with the goal of improving cybersecurity "for the greater good" by encouraging
cybersecurity organizations to collaborate by sharing cyber threat intelligence among members.[20][21] By 2018, the organization had 20 members including
Cisco,
Check Point,
Juniper Networks, and
Sophos.[22]
In 2018, the company began opening cybersecurity training facilities around the world as part of the Global Cyber Range Initiative.[25]
In May 2018, the company announced Application Framework, an open
cloud-delivered ecosystem where developers can publish security services as
SaaS applications that can be instantly delivered to customers.[2]
In June 2018, former Google
Chief Business Officer and
SoftBankPresidentNikesh Arora joined the company as chairman and CEO.[11] His predecessor, Mark McLaughlin, became vice chairman of the
board of directors. Arora received a pay package worth about $128 million, making him one of the highest-paid executives in the United States.[26] In September 2018 Liane Hornsey, formerly
Chief People Officer at
Uber, joined Palo Alto Networks as Chief People Officer.[27] In October 2018, Amit Singh, formerly
President of
Google Cloud, succeeded Mark Anderson as President of Palo Alto Networks.[28] In August 2021, William (BJ) Jenkins succeeded Singh as president, with Singh assuming the role of
Chief Business Officer.[29][better source needed]
In 2019, the company announced the K2-Series, a
5G-ready next-generation firewall developed for service providers with 5G and
IoT requirements.[30][better source needed] In February 2019, the company announced Cortex, an
AI-based continuous security platform.[31] In 2022, the company was also listed in the Gartner Magic Quadrant for Network Firewalls, also marking the 11th consecutive year of the company being listed.[32]
Palo Alto Networks offers an enterprise cybersecurity platform that provides
network security,
cloud security,
endpoint protection, and various cloud-delivered security. Components of the security platform listed on the Palo Alto Networks website include:[57]
Next-generation firewalls, running PAN-OS,[58] offered in multiple forms including:[59]
As a physical appliance through the PA series, which includes small form-factor firewalls such as the PA-220 for small businesses and offices, to the PA-7000 series built for large enterprises and service providers.
As a streamlined cloud service provided by Palo Alto Networks through GlobalProtect Cloud Service.
Panorama, a network security control center that allows customers to manage a fleet of firewalls at an enterprise scale from a single console.[60]
Traps, advanced endpoint protection. Unlike traditional
antivirus, Traps does not rely on signatures to detect malware. Instead, it focuses on analyzing the behavior of programs to detect
zero-day exploits. Threat intelligence is shared with and obtained from Wildfire.[61]
In 2019, Palo Alto Networks reorganized its SaaS offerings under the Cortex branding.[63]
Cortex Data Lake – Cortex data lake is a cloud-delivered log aggregation service for Palo Alto Networks devices located in on-premise networks, directly from endpoints, or cloud-based products such as Prisma Access. This data lake information is then fed into the Hub apps that provide analysis, response, and other added services.[64]
Hub – Hub is an open cloud-delivered ecosystem where customers can subscribe to security applications developed by 3rd-party developers or Palo Alto Networks. Some applications from Palo Alto Networks such as
XDR (analytics) and Auto Focus (threat intelligence) are Cortex-branded apps on Hub.[65]
Cortex XDR –
XDR is the primary tool for data analysis from Palo Alto Networks that leverages modern threat detection and response capabilities on the centralized data collected in the Cortex Data Lake.[66]
AutoFocus – This service provides threat intelligence to enhance the
analytic capabilities of the hub applications as an external source of relevant security information.
Cortex XSOAR – Integrating its acquisition of Demisto into the Cortex cloud suite, XSOAR is the Security Orchestration And Response component responsible for automation and integration with other security and network systems for the automation of incident response and intelligence gathering processes.
Prisma Access – Prisma Access is the Palo Alto Networks offering for moving the enterprise network monitoring and analysis functions into the cloud. It is the most comprehensive SASE solution of its kind, secures access, protects users and applications, and controls data for remote users and locations.
Prisma Cloud – Prisma Cloud secures any cloud environment and all compute form factors used to build and run cloud-native applications, including multi- and hybrid-clouds environments. It addresses the majority of cloud security use cases a customer might have, such as cloud and data security posture, containers, serverless function, and code scanning. It is Palo Alto Networks' cloud-native security solution that integrates with
DevOpscontinuous integration and continuous development (CI/CD) processes for a more holistic control of the security life-cycle of cloud assets.[67][68]
Threat research
Unit 42 is the Palo Alto Networks threat intelligence and security consulting team. They are a group of cybersecurity researchers and industry experts who use data collected by the company's security platform to discover new cyber threats, such as new forms of malware and malicious actors operating across the world.[69] The group runs a popular
blog where they post
technical reports analyzing active threats and adversaries.[70] Multiple Unit 42 researchers have been named in the MSRC Top 100,
Microsoft's annual ranking of top 100 security researchers.[71] In April 2020, the business unit consisting of Crypsis Group which provided digital forensics, incident response, risk assessment, and other consulting services merged with the Unit 42 threat intelligence team.[72]
According to the
FBI, Palo Alto Networks Unit 42 has helped solve multiple
cybercrime cases, such as the
Mirai Botnet and Clickfraud Botnet cases,[73] the LuminosityLink
RAT case,[74][75] and assisted with "Operation Wire-Wire".[76]
In 2018, Unit 42 discovered
Gorgon, a hacking group believed to be operating out of Pakistan and targeting government organizations in the United Kingdom, Spain, Russia, and the United States. The group was detected sending
spear-phishing emails attached to infected
Microsoft Word documents using an exploit commonly used by cybercriminals and
cyber-espionage campaigns.[77]
In September 2018, Unit 42 discovered Xbash, a
ransomware that also performs
cryptomining, believed to be tied to the
Chinese threat actor "Iron". Xbash is able to propagate like a
worm and deletes databases stored on victim hosts.[78] In October, Unit 42 warned of a new crypto mining malware, XMRig, that comes bundled with infected
Adobe Flash updates. The malware uses the victim's computer's resources to mine
Monero cryptocurrency.[79]