Jump to content

Palo Alto Networks

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by IT Security Guru (talk | contribs) at 10:44, 3 July 2019. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Palo Alto Networks, Inc.
Company typePublic
NYSEPANW
Russell 1000 Component
IndustryNetwork security
Cybersecurity[1]
Cloud Computing[2]
Founded2005; 19 years ago (2005)
Headquarters,
U.S.
Area served
Worldwide
Key people
Nikesh Arora (CEO)
Nir Zuk (Co-founder and CTO)
Rajiv Batra
(Co-founder and VP)
RevenueIncrease US$2.27 billion[3] (2018)
Increase US$−129 million[3] (2018)
Increase US$−148 million[3] (2018)
Total assetsIncrease US$5.82 billion[3] (2018)
Total equityIncrease US$966 million[3] (2018)
Number of employees
Increase 5,348 [4] (2018)
Websitewww.paloaltonetworks.com

Palo Alto Networks, Inc. (NYSE: PANW) an American multinational cybersecurity company with headquarters in Santa Clara, California. Its core products are a platform that includes advanced firewalls and cloud-based offerings that extend those firewalls to cover other aspects of security. The company serves over 60,000 organizations in over 150 countries, including 85 of the Fortune 100.[5] It is home to the Unit 42 threat research team[6] and hosts the Ignite cybersecurity conference.[7] The company's mission statement is "to protect our way of life in the digital age by preventing successful cyberattacks".[5]

Palo Alto Networks is listed 8th in the Forbes Digital 100.[8] In June 2018, former Google and SoftBank executive Nikesh Arora joined the company as Chairman and CEO.[9]

History

Palo Alto Networks was founded in 2005 by Israeli-American Nir Zuk,[10] a former engineer from Check Point and NetScreen Technologies, and was the principal developer of the first stateful inspection firewall and the first intrusion prevention system.[11] When asked why he started Palo Alto Networks, Zuk cited his objective of solving a problem enterprises were facing with existing network security solutions: the inability to safely enable employees to use modern applications, which entailed developing a firewall that could identify and provide fine-grained control of applications.[12]

In 2007 the company produced and shipped its first product, an advanced enterprise firewall, which it branded the world's first "next-generation firewall".[13][14] In 2009, Gartner released a publication defining the next-generation firewall.[15] In contrast to traditional firewalls of the time which relied on simple rules such as port numbers and protocol to block traffic, the authors stated that next-generation firewalls should operate on and inspect all layers of the network stack and be intelligent enough to block threats independently of port numbers or protocols used. In particular, the publication defined this next-generation firewall as containing (in addition to the full capabilities of both traditional firewalls and intrusion prevention systems): Support for in-line deployment without disrupting network operations, application awareness and full stack visibility allowing for fine-grained detection and control of applications, extra-firewall intelligence, and upgrade paths.

Starting in 2011, Gartner began listing Palo Alto Networks as a leader on its enterprise firewall Magic Quadrant.[16] The company debuted on the NYSE in July 20, 2012, raising $260 million with its initial public offering, which was the 4th-largest tech IPO of 2012.[17][18][19]

In 2014, Palo Alto Networks founded the Cyber Threat Alliance with Fortinet, Mcafee, and Symantec, a not-for-profit organization with the goal of improving cybersecurity "for the greater good" by encouraging collaboration between cybersecurity organizations by sharing cyber threat intelligence amongst members.[20][21] By 2018, the organization had 20 members including Cisco, Check Point, Juniper Networks, and Sophos.[22]

The company expanded significantly over the years, offering a wide selection of enterprise cybersecurity services beyond its original next-generation firewall offering, such as Traps endpoint protection and Wildfire malware prevention.[23] In 2017, Palo Alto Networks announced Logging Service, a cloud-based service allowing customers to amass their own data for machine learning and data analytics.[24]

In 2018, the company began opening dedicated cybersecurity training facilities around the world as part of the Global Cyber Range Initiative.[25]

In May 2018, the company announced Application Framework, an open cloud-delivered ecosystem where developers can publish security services as SaaS applications that can be instantly delivered to the company's network of customers.[2]

In 2018 several leaders from high-profile tech companies moved to Palo Alto Networks. In June 2018, former Google Chief Business Officer and SoftBank President Nikesh Arora joined the company as chairman and CEO.[9] His predecessor, Mark McLaughlin, became vice chairman of the board of directors. Arora received a pay package worth about $128 million, making him one of the highest paid executives in the United States.[26] In September 2018 Liane Hornsey, formerly Chief People Officer at Uber, joined Palo Alto Networks as Chief People Officer.[27] In October 2018 Amit Singh, formerly President of Google Cloud, succeeded Mark Anderson as President of Palo Alto Networks.[28]

In 2019 the company announced the K2-Series, a 5G-ready next-generation firewall developed for service providers with 5G and IoT requirements in mind.[29] In February 2019 the company announced Cortex, an AI-based continuous security platform. CEO Nikesh Arora described Cortex as "Application Framework 2.0".[30] References to Application Framework were replaced with Cortex on the Palo Alto Networks website.[23]

Products

Palo Alto Networks offers an enterprise cybersecurity platform which provides network security, cloud security, endpoint protection, and various cloud-delivered security services. Components of the security platform listed on the Palo Alto Networks website include:[31]

  • Next-generation firewalls, offered in multiple forms including:[32]
    • As a physical appliance through the PA series, which includes small form-factor firewalls such as the PA-220 for small business and offices, to the PA-7000 series built for large enterprises and service providers.
    • As a virtualized appliance through the VM series, allowing the firewall to be run as a virtual machine to secure virtualized data centers and private clouds. It is also compatible with public cloud environments such as Amazon Web Services, Microsoft Azure, and Google Cloud.
    • As a streamlined cloud service provided by Palo Alto Networks through GlobalProtect Cloud Service.
  • Panorama, a network security control center that allows customers to manage a fleet of firewalls at an enterprise scale from a single console.[33]
  • Traps advanced endpoint protection. Unlike a traditional antivirus, Traps does not rely on signatures to detect malware. Instead, it focuses on analyzing the behavior of programs to detect zero-day exploits. Threat intelligence is shared with and obtained from Wildfire.[34]
  • Wildfire, a cloud-based threat-analysis service which uses dynamic analysis, static analysis, machine learning, and bare-metal analysis to discover and prevent unknown threats.[35]
  • Logging Service, a cloud-delivered service that enables customers to collect large volumes of log data from their network for machine learning, data analytics, or use by apps in the Application Framework.[36]
  • Application Framework, an open cloud-delivered ecosystem where customers can subscribe to security applications developed by 3rd-party developers or Palo Alto Networks, such as Magnifier™ behavior analytics and AutoFocus™ threat intelligence.[37]
  • Evident, provides continuous security of public cloud infrastructure services and one-button compliance reports, enabling customers to deploy applications with confidence the cloud is configured to meet their organization's security requirements.[38]

Threat research

Unit 42 is the Palo Alto Networks threat intelligence team. They are a group of cybersecurity researchers and industry experts who use data collected by the company's security platform to discover new cyber threats, such as new forms of malware and malicious actors operating across the world.[39] The group runs a popular blog where they post technical reports analyzing active threats and adversaries.[40] Multiple Unit 42 researchers have been named in the MSRC Top 100, Microsoft's annual ranking of top 100 security researchers.[41]

According to the FBI, Palo Alto Networks Unit 42 has helped solve multiple cybercrime cases, such as the Mirai Botnet and Clickfraud Botnet cases,[42] the LuminosityLink RAT case,[43][44] and assisted with “Operation Wire-Wire".[45]

In 2018, Unit 42 discovered Gorgon, a hacking group believed to be operating out of Pakistan and targeting government organizations in the United Kingdom, Spain, Russia, and the United States. The group was detected sending spear-phishing emails attached with infected Microsoft Word documents using an exploit commonly used by cybercriminals and cyber-espionage campaigns.[46]

In September 2018, the Unit 42 discovered Xbash, a ransomware that also performs cryptomining, believed to be tied to the Chinese threat actor "Iron". Xbash is able to propagate like a worm and deletes databases stored on victim hosts.[47] In October, Unit 42 warned of a new cryptomining malware, XMRig, that comes bundled with infected Adobe Flash updates. The malware uses the victim's computer's resources to mine Monero cryptocurrency.[48]

In November 2018, Palo Alto Networks announced the discovery of "Cannon," a trojan being used to target United States and European government entities.[49][50] The hackers behind the malware is believed to be Fancy Bear, the Russian hacking group believed to be responsible for hacking the Democratic National Committee in 2016. The malware communicates with its command and control server with email and uses encryption to evade detection.[51]

Acquisitions

  • Morta Security was acquired for an undisclosed sum in January 2014[52][53]
  • Cyvera was acquired for approximately $200 million in April 2014[54][55]
  • CirroSecure was acquired for an undisclosed sum in May 2015[56]
  • LightCyber was acquired for approximately $100 million in March 2017 [57]
  • Evident.io was acquired for $300 million in cash in March 2018 [58]
  • Secdo was acquired for a undisclosed sum in April 2018 [59]
  • Cloud security company RedLock was acquired for $173 million in October 2018 [60]
  • In February 2019 Palo Alto Networks acquired security orchestration company Demisto for $560 million.[61]
  • In May 2019 Palo Alto Networks acquired container security startup Twistlock for $410 million.[62]
  • In June 2019 Palo Alto Networks acquired serverless security startup PureSec for an undisclosed sum.[63]

References

  1. ^ PCmag (2018-01-26). "Millions of PCs targeted by cryptocurrency-mining malware". Fox News. Retrieved 2018-03-11.
  2. ^ a b "Application Framework - Palo Alto Networks". paloaltonetworks.com. 2018. Retrieved 2018-09-15.
  3. ^ a b c d e "PANW Income Statement - Palo Alto Networks, Inc. Stock". Yahoo Finance. Retrieved 2018-09-12.
  4. ^ PCmag (2018). "Palo Alto Networks SEC Filings". Fox News. Retrieved 2018-09-13.
  5. ^ a b "About Us - Palo Alto Networks". paloaltonetworks.com. 2018. Retrieved 2018-09-12.
  6. ^ "Unit 42 Twitter". twitter.com. 2018. Retrieved 2018-09-12.
  7. ^ "Ignite Conference Twitter". twitter.com. 2018. Retrieved 2018-09-12.
  8. ^ "Forbes Releases Digital 100". forbes.com. 2018-06-02. Retrieved 2018-11-27.
  9. ^ a b "What to Expect of Google and Softbank Star Nikesh Arora, Palo Alto Network's New CEO". fortune.com. 2018-06-02. Retrieved 2018-09-15.
  10. ^ Blacharski, Dan (2010-04-05). "How I Got Here: Nir Zuk, CTO, Palo Alto Networks". ITworld. Retrieved 2018-03-11.
  11. ^ Leyden, John (22 October 2010). "US and UK gov cyber defences = big boys' trough-slurp". The Register. Retrieved 8 September 2014.
  12. ^ "The Entrepreneur Questionnaire: Nir Zuk, Founder and CTO of Palo Alto Networks". Greylock Partners. Retrieved 8 September 2014.
  13. ^ Vance, Ashlee (20 October 2011). "Building a Firewall for the Facebook Generation". Bloomberg Businessweek. Retrieved 8 September 2014.
  14. ^ "Next Generation Firewall: The Enterprise Story". NSS Labs. 2013. Retrieved 2018-10-26.
  15. ^ Pescatore, John; Young, Greg, Defining the Next Generation Firewall (PDF), retrieved 2 December 2012
  16. ^ "Palo Alto Networks Recognized as a Leader in Gartner Magic Quadrant for Enterprise Network Firewalls Seven Times in a Row". PR Newswire. 8 October 2018. Retrieved 27 November 2018.
  17. ^ Savitz, Eric (20 July 2012). "Kayak, Palo Alto Networks IPOs Off To Strong Debuts". Forbes. Retrieved 8 September 2014.
  18. ^ Owens, Jeremy (20 July 2012). "Palo Alto Networks stunning IPO a good sign for some tech niches". Mercury News. Retrieved October 3, 2018.
  19. ^ "The 10 largest tech IPOs of 2012". VentureBeat. 31 December 2012. Retrieved 26 October 2018.
  20. ^ Albanesius, Chloe (February 13, 2015). "Obama Wants Tech Firms to Alert Feds to Cyber Threats". PC Magazine. Retrieved March 13, 2015.
  21. ^ "Who We Are - Cyber Threat Alliance". Retrieved October 3, 2018.
  22. ^ "Membership - Cyber Threat Alliance". Retrieved October 3, 2018.
  23. ^ a b "Palo Alto Networks". 2019. Retrieved March 9, 2019.
  24. ^ "Palo Alto Networks Announces Availability of New Cloud-Based Logging Service". markets.businessinsider. 2017-09-27. Retrieved 2018-03-11.
  25. ^ Aasha Bodhani, ITP Net. "Palo Alto Networks introduces global Cyber Range initiative." Jan 16, 2018. Retrieved Feb 6, 2018.
  26. ^ "Ex-SoftBank COO Awarded $128 Million to Lead Palo Alto Networks". Bloomberg. 2018-06-04. Retrieved 2018-09-15.
  27. ^ "Palo Alto Networks hire former Uber HR exec". Silicon Valley Business Journal. 2018-09-25. Retrieved 2019-03-09.
  28. ^ "Palo Alto Networks names Google's Amit Singh as new president". ZDNet. 2018-10-16. Retrieved 2018-10-26.
  29. ^ "Palo Alto Networks Introduces Fastest-Ever Next-Generation Firewall and Integrated Cloud-Based DNS Security Service to Stop Attacks". PR Newswire. 2019-02-12. Retrieved 2019-03-09.
  30. ^ "Edited Transcript of PANW earnings conference call or presentation 26-Feb-19 9:30pm GMT". 26 February 2019. Retrieved March 9, 2019.
  31. ^ "Security Operating Platform - Palo Alto Networks". 2018. Retrieved September 13, 2018.
  32. ^ "Next-Generation Firewalls - Palo Alto Networks". 2018. Retrieved September 13, 2018.
  33. ^ "Panorama - Palo Alto Networks". 2018. Retrieved September 13, 2018.
  34. ^ "Traps - Advanced Endpoint Protection - Palo Alto Networks". 2018. Retrieved September 13, 2018.
  35. ^ "Wildfire Malware Analysis - Palo Alto Networks". 2018. Retrieved September 14, 2018.
  36. ^ "Logging Service - Palo Alto Networks". 2018. Retrieved September 13, 2018.
  37. ^ "Application Framework - Palo Alto Networks". 2018. Retrieved September 13, 2018.
  38. ^ "Evident - Palo Alto Networks". 2018. Retrieved September 13, 2018.
  39. ^ "Unit 42 FAQs". 2018. Retrieved November 28, 2018.
  40. ^ "Unit 42 Archives". 2018. Retrieved November 28, 2018.
  41. ^ "Four Unit 42 Vulnerability Researchers Make MSRC Top 100 for 2018". 16 August 2018. Retrieved November 28, 2018.
  42. ^ "Hackers' Cooperation with FBI Leads to Substantial Assistance in Other Complex Cybercrime Investigations". 18 September 2018. Retrieved 28 November 2018.
  43. ^ "Creator of remote access tool LuminosityLink sent behind bars". 17 October 2018. Retrieved 28 November 2018.
  44. ^ "Stanford Man Sentenced to 30 Months for Computer Intrusion Crimes". 15 October 2018. Retrieved 28 November 2018.
  45. ^ "Business E-Mail Compromise (BEC) Task Force in Los Angeles Announces Local Arrests as the Department of Justice Announces the Results of "Operation Wire-Wire" Including 74 Charged in Bec Schemes Internationally". 11 June 2018. Retrieved 28 November 2018.
  46. ^ "Hacking group combines spear-phishing with mass malware campaign". 2 August 2018. Retrieved 28 November 2018.
  47. ^ "Chinese-speaking cybercrime group launches destructive malware family". 18 September 2018. Retrieved 28 November 2018.
  48. ^ "Hack Brief: Fake Adobe Flash Installers Come With A Little Malware Bonus". 12 October 2018. Retrieved 28 November 2018.
  49. ^ "Russian hacking tool gets extra stealthy to target US, European computers". 20 October 2018. Retrieved 28 November 2018.
  50. ^ "Russia's Elite Hackers May Have New Phishing Tricks". 20 October 2018. Retrieved 28 November 2018.
  51. ^ "Sofacy Continues Global Attacks and Wheels Out New 'Cannon' Trojan". 20 October 2018. Retrieved 28 November 2018.
  52. ^ Rao, Leena (6 January 2014). "Palo Alto Networks Buys Cyber Security Startup Founded By Former NSA Engineers, Morta". TechCrunch. Retrieved 8 September 2014.
  53. ^ "Palo Alto Networks® Acquires Morta Security". Palo Alto Networks. 6 January 2014. Retrieved 8 September 2014.
  54. ^ Rao, Leena (24 March 2014). "Palo Alto Networks Buys Cyber Security Company Cyvera For $200M". TechCrunch. Retrieved 8 September 2014.
  55. ^ "Palo Alto Networks® Completes Acquisition of Cyvera". Palo Alto Networks. 10 April 2014. Retrieved 8 September 2014.
  56. ^ King, Rachel (27 May 2015). "Palo Alto Networks acquires cybersecurity company CirroSecure". Zdnet. Retrieved 27 May 2015.
  57. ^ "Palo Alto Networks acquires LightCyber".
  58. ^ "Palo Alto Networks Closes Acquisition of Evident.io". Palo Alto Networks. Mar 26, 2018.
  59. ^ "Palo Alto Networks Closes Acquisition of Secdo". Palo Alto Networks. Apr 24, 2018.
  60. ^ "Palo Alto Networks to acquire RedLock for $173 M to beef up cloud security". TechCrunch. October 3, 2018.
  61. ^ "Palo Alto Networks to acquire Demisto for $560M". TechCrunch. February 19, 2019.
  62. ^ "Palo Alto Networks to acquire container security startup Twistlock for $410M". TechCrunch. Retrieved 2019-05-30.
  63. ^ "Palo Alto Networks to acquire Twistlock, PureSec". ZDNet. Retrieved 2019-06-13.