CIO Influence
CIO Influence News Security

Palo Alto Networks Takes Aim At Cyber Attacks with the Expansion of Unit 42’s Digital Forensics & Incident Response Service Globally

Palo Alto Networks Takes Aim At Cyber Attacks with the Expansion of Unit 42's Digital Forensics & Incident Response Service Globally

Palo Alto Networks, the global cybersecurity leader, announced the expansion of its Unit 42 Digital Forensics and  Incident Response Service. The Global Digital Forensics and Incident Response service combines depth of incident response experience with the breadth of AI-powered solutions, including Cortex XDR and Xpanse, and Prisma Cloud, to equip enterprises to respond immediately and recover faster than most any digital forensics and incident response (DFIR) service in the market.

To help organizations better respond to complex threats, Palo Alto Networks’ unique knowledge of security and a deep understanding of advanced attacker behavior enables Unit 42 to undertake a rigorous investigation with rapid response.  According to Wendi Whitmore, senior vice president of Palo Alto Networks Unit 42, “No other security vendor in the industry can match Palo Alto Networks’ telemetry or our breadth of products to stop attacks in real-time. We analyze data from thousands of customers globally, generating over 500 billion daily events. This massive dataset enables responders to contextualize threats and respond effectively. Coupled with our expertise in cloud threats, SOC automation, and network security, this advanced intelligence helps companies recover and emerge stronger than before.”

CIO INFLUENCE: Ascend.io Launches Solution in Partnership with Snowflake, Enabling Cost Savings for Data Teams

Unit 42 specializes in cyber DFIR and responds to thousands of customer events annually from ransomware incidents to the rising cloud attacks. Backed by a global team of incident responders, threat intelligence experts, and consultants, Unit 42 has handled some of the largest data breaches in history.

According to the recent Unit 42 Cloud Threat report, more than 60% of organizations take over four days to resolve security issues, while threat actors typically exploit a misconfiguration or vulnerability within hours. Unit 42 recently engaged with a large enterprise customer after a zero-day vulnerability allowed an authentication bypass and remote code execution (RCE) exploit. The threat actor leveraged the vulnerability to drop web shells and launch a crypto miner onto the client’s unpatched CRM system hosted on a popular cloud service provider (CSP). Through unauthorized access, the threat actor stole a CSP credential that provided access to sensitive databases, which they made publicly available on the Internet. As part of the investigation, Unit 42 leveraged Cortex XDR to ingest the CSP CloudTrail logs for rapid threat hunting and analysis and Prisma Cloud to assess the client’s CSP environment. Using Prisma Cloud, Unit 42 assisted the client in remediating the CSP misconfigurations and implementing security best practices during the incident, in real-time, improving their security posture overall.

CIO INFLUENCE: Anglicare Leverages Ribbon and Switch Connect for Voice Consolidation and Path for Microsoft Teams Deployment

The Unit 42 Digital Forensics and Incident Response Service includes

CIO INFLUENCE: Datometry Releases Driver Integration for BigQuery, Further Future-Proofing Its Customers’ Investments

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

Demand for IT and Business Services in the Americas Climbs to Record High in Q3, ISG Index Finds

CIO Influence News Desk

IDG CIO Think Tank on 5G in the Enterprise Delivers Deep Insights into the Future of 5G at Work

CIO Influence News Desk

The IoT Community Announces Red Hat as a Diamond-level Corporate Member in its Elite IoT Ecosystem

CIO Influence News Desk