Palo Alto Networks, Inc. is an American multinational

cybersecurity Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and networks from thr ...

company with headquarters in

Santa Clara, California Santa Clara ( ; Spanish language, Spanish for "Clare of Assisi, Saint Clare") is a city in Santa Clara County, California. The city's population was 127,647 at the 2020 United States census, 2020 census, making it the List of cities and towns i ...

. The core product is a platform that includes advanced firewalls and

cloud-based Cloud computing is "a paradigm for enabling network access to a scalable and elastic pool of shareable physical or virtual resources with self-service provisioning and administration on-demand," according to International Organization for ...

offerings that extend those firewalls to cover other aspects of security. The company serves over 70,000 organizations in over 150 countries, including 85 of the

Fortune Fortune may refer to: General * Fortuna or Fortune, the Roman goddess of luck * Luck * Wealth * Fate * Fortune, a prediction made in fortune-telling * Fortune, in a fortune cookie Arts and entertainment Film and television * ''The Fortune'' (19 ...

100. It is home to the Unit 42 threat research team and hosts the Ignite cybersecurity conference. It is a partner organization of the

World Economic Forum The World Economic Forum (WEF) is an international non-governmental organization, international advocacy non-governmental organization and think tank, based in Cologny, Canton of Geneva, Switzerland. It was founded on 24 January 1971 by German ...

. In June 2018, former

Google Google LLC (, ) is an American multinational corporation and technology company focusing on online advertising, search engine technology, cloud computing, computer software, quantum computing, e-commerce, consumer electronics, and artificial ...

and

SoftBank is a Japanese multinational Investment company, investment holding company headquartered in Minato, Tokyo, that focuses on investment management. The group primarily invests in companies operating in technology that offer goods and services ...

executive

Nikesh Arora Nikesh Arora (born February 9, 1968) is an Indian-American business executive. He has been the chairman and chief executive officer of the American cybersecurity company Palo Alto Networks since June 2018. Arora was formerly a senior executiv ...

joined the company as

Chairman The chair, also chairman, chairwoman, or chairperson, is the presiding officer of an organized group such as a board, committee, or deliberative assembly. The person holding the office, who is typically elected or appointed by members of the gro ...

and

CEO A chief executive officer (CEO), also known as a chief executive or managing director, is the top-ranking corporate officer charged with the management of an organization, usually a company or a nonprofit organization. CEOs find roles in variou ...

History

Palo Alto Networks was founded in 2005 by Nir Zuk, a former

engineer Engineers, as practitioners of engineering, are professionals who Invention, invent, design, build, maintain and test machines, complex systems, structures, gadgets and materials. They aim to fulfill functional objectives and requirements while ...

from

Check Point Check Point Software Technologies Ltd. is an Israeli multinational provider of software and combined hardware and software products for IT security, including network security, endpoint security, cloud security, mobile security, data security ...

and

NetScreen Technologies NetScreen Technologies was an American technology company that was acquired by Juniper Networks for US$4 billion stock for stock in 2004. NetScreen Technologies developed ASIC-based Internet security systems and appliances that delivered high pe ...

. Zuk, an

Israel Israel, officially the State of Israel, is a country in West Asia. It Borders of Israel, shares borders with Lebanon to the north, Syria to the north-east, Jordan to the east, Egypt to the south-west, and the Mediterranean Sea to the west. Isr ...

i native, began working with computers during his mandatory military service in the Israeli Defense Forces in the early 1990s and served as head of software development in

Unit 8200 Unit 8200 (, ''Yehida shmone matayim'' "Unit eight two-hundred") is an Israeli Intelligence Corps unit of the Israel Defense Forces responsible for clandestine operation, collecting signal intelligence (SIGINT) and code decryption, counteri ...

, a branch of the Israeli Intelligence Corps. The company debuted on the

NYSE The New York Stock Exchange (NYSE, nicknamed "The Big Board") is an American stock exchange in the Financial District, Manhattan, Financial District of Lower Manhattan in New York City. It is the List of stock exchanges, largest stock excha ...

on July 20, 2012, raising $260 million with its

initial public offering An initial public offering (IPO) or stock launch is a public offering in which shares of a company are sold to institutional investors and usually also to retail (individual) investors. An IPO is typically underwritten by one or more investm ...

, which was the 4th-largest tech IPO of 2012. It remained on the NYSE until October 2021 when the company transferred its listing to

Nasdaq The Nasdaq Stock Market (; National Association of Securities Dealers Automated Quotations) is an American stock exchange based in New York City. It is the most active stock trading venue in the U.S. by volume, and ranked second on the list ...

. In 2014, Palo Alto Networks founded the Cyber Threat Alliance with Fortinet,

McAfee McAfee Corp. ( ), formerly known as McAfee Associates, Inc. from 1987 to 1997 and 2004 to 2014, Network Associates Inc. from 1997 to 2004, and Intel Security Group from 2014 to 2017, is an American proprietary software company focused on online ...

, and

NortonLifeLock Gen Digital Inc. (formerly Symantec Corporation and NortonLifeLock Inc.) is a multinational software company co-headquartered in both Prague, Czech Republic (European Union, EU) and Tempe, Arizona (United States, USA). The company provides comp ...

, a

not-for-profit A not-for-profit or non-for-profit organization (NFPO) is a Legal Entity, legal entity that does not distribute surplus funds to its members and is formed to fulfill specific objectives. While not-for-profit organizations and Nonprofit organ ...

organization with the goal of improving cybersecurity "for the greater good" by encouraging

organizations to collaborate by sharing cyber threat intelligence among members. By 2018, the organization had 20 members including

Cisco Cisco Systems, Inc. (using the trademark Cisco) is an American multinational digital communications technology conglomerate corporation headquartered in San Jose, California. Cisco develops, manufactures, and sells networking hardware, s ...

Juniper Networks Juniper Networks, Inc. is an American multinational corporation headquartered in Sunnyvale, California. The company develops and markets networking products, including Router (computing), routers, Network switch, switches, network management so ...

, and

Sophos Sophos Limited is a British security software and hardware company. It develops and markets managed security services and cybersecurity software and hardware, such as managed detection and response, incident response and endpoint security s ...

. In 2018, the company began opening cybersecurity training facilities around the world as part of the ''Global Cyber Range Initiative''. In May 2018, the company announced ''Application Framework'', an open cloud-delivered ecosystem where developers can publish security services as

SaaS Software as a service (SaaS ) is a cloud computing service model where the provider offers use of application software to a client and manages all needed physical and software resources. SaaS is usually accessed via a web application. Unlike oth ...

applications that can be instantly delivered to customers. In 2019, the company announced the K2-Series, a 5G-ready next-generation firewall developed for service providers with 5G and IoT requirements. In February 2019, the company announced Cortex, an AI-based continuous security platform.

Acquisitions

* January 2014: Morta Security * April 2014: Cyvera for approximately $200 million * May 2015: CirroSecure * March 2017: LightCyber for approximately $100 million * March 2018: Cloud Security company Evident.io for $300 million. This acquisition created the Prisma Cloud division. * April 2018: Secdo * October 2018: RedLock for $173 million * February 2019: Demisto for $560 million * May 2019: Twistlock for $410 million * June 2019: PureSec for $47 million * September 2019: Zingbox for $75 million * November 2019: Aporeto, Inc. for $150 million * April 2020: CloudGenix, Inc. for $420 million * August 2020: Crypsis Group for $265 million * December 2020: Expanse for $1.25 billion (initially announced for $800 million in November 2020). * February 2021: Bridgecrew for $156 million * November 2022: Cider Security for $300 million. * October 2023: Announced its intent to acquire Dig Security for $400 million * November 2023: Talon Cyber Security for $625 million * December 2023: Dig Security for $400 million

Threat research

Unit 42 is the Palo Alto Networks threat intelligence and security consulting team. They are a group of cybersecurity researchers and industry experts who use data collected by the company's security platform to discover new cyber threats, such as new forms of malware and malicious actors operating across the world. The group runs a popular

blog A blog (a Clipping (morphology), truncation of "weblog") is an informational website consisting of discrete, often informal diary-style text entries also known as posts. Posts are typically displayed in Reverse chronology, reverse chronologic ...

where they post

technical report A technical report (also scientific report) is a document that describes the process, progress, or results of technical or scientific research or the state of a technical or scientific research problem. It might also include recommendations and ...

s analyzing active threats and adversaries. Multiple Unit 42 researchers have been named in the MSRC Top 100, Microsoft's annual ranking of top 100 security researchers. In April 2020, the business unit consisting of Crypsis Group which provided digital forensics, incident response, risk assessment, and other consulting services merged with the Unit 42 threat intelligence team. According to the

FBI The Federal Bureau of Investigation (FBI) is the domestic Intelligence agency, intelligence and Security agency, security service of the United States and Federal law enforcement in the United States, its principal federal law enforcement ag ...

, Palo Alto Networks Unit 42 has helped solve multiple

cybercrime Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or Computer network, networks. It has been variously defined as "a crime committed on a computer network, especially the Internet"; Cyberc ...

cases, such as the

Mirai Botnet Mirai (from the Japanese word for "future", 未来) is malware that turns networked devices running Linux into remotely controlled bots that can be used as part of a botnet in large-scale network attacks. It primarily targets online consumer dev ...

and Clickfraud Botnet cases, the LuminosityLink

RAT Rats are various medium-sized, long-tailed rodents. Species of rats are found throughout the order Rodentia, but stereotypical rats are found in the genus ''Rattus''. Other rat genera include '' Neotoma'' (pack rats), '' Bandicota'' (bandicoo ...

case, and assisted with "Operation Wire-Wire". In 2018, Unit 42 discovered Gorgon, a hacking group believed to be operating out of Pakistan and targeting government organizations in the United Kingdom, Spain, Russia, and the United States. The group was detected sending spear-phishing emails attached to infected

Microsoft Word Microsoft Word is a word processor program, word processing program developed by Microsoft. It was first released on October 25, 1983, under the name Multi-Tool Word for Xenix systems. Subsequent versions were later written for several other platf ...

documents using an exploit commonly used by cybercriminals and

cyber-espionage Cyber espionage, cyber spying, or cyber-collection is the act or practice of obtaining secrets and information without the permission and knowledge of the holder of the information using methods on the Internet, networks or individual computers th ...

campaigns. In September 2018, Unit 42 discovered Xbash, a

ransomware Ransomware is a type of malware that Encryption, encrypts the victim's personal data until a ransom is paid. Difficult-to-trace Digital currency, digital currencies such as paysafecard or Bitcoin and other cryptocurrency, cryptocurrencies are com ...

that also performs cryptomining, believed to be tied to the Chinese threat actor "Iron". Xbash is able to propagate like a

worm Worms are many different distantly related bilateria, bilateral animals that typically have a long cylindrical tube-like body, no limb (anatomy), limbs, and usually no eyes. Worms vary in size from microscopic to over in length for marine ...

and deletes databases stored on victim hosts. In October, Unit 42 warned of a new crypto mining malware, XMRig, that comes bundled with infected

Adobe Flash Adobe Flash (formerly Macromedia Flash and FutureSplash) is a mostly discontinuedAlthough it is discontinued by Adobe Inc., for the Chinese market it is developed by Zhongcheng and for the international enterprise market it is developed by Ha ...

updates. The malware uses the victim's computer's resources to mine Monero cryptocurrency. In November 2018, Palo Alto Networks announced the discovery of "Cannon", a

trojan Trojan or Trojans may refer to: * Of or from the ancient city of Troy * Trojan language, the language of the historical Trojans Arts and entertainment Music * '' Les Troyens'' ('The Trojans'), an opera by Berlioz, premiered part 1863, part 18 ...

being used to target United States and European government entities. The hackers behind the malware are believed to be

Fancy Bear Fancy Bear is a Russian cyber espionage group. American cybersecurity firm CrowdStrike has stated with a medium level of confidence that it is associated with the Russian military intelligence agency GRU. The UK's Foreign and Commonwealth Offic ...

, the Russian hacking group believed to be responsible for hacking the Democratic National Committee in 2016. The malware communicates with its command and control server with

email Electronic mail (usually shortened to email; alternatively hyphenated e-mail) is a method of transmitting and receiving Digital media, digital messages using electronics, electronic devices over a computer network. It was conceived in the ...

and uses

encryption In Cryptography law, cryptography, encryption (more specifically, Code, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the inf ...

to evade detection.

References

External links

* {{NASDAQ-100 2005 establishments in California 2012 initial public offerings Companies based in Santa Clara, California Companies listed on the Nasdaq Companies formerly listed on the New York Stock Exchange Computer companies of the United States Computer hardware companies Computer security companies Networking companies of the United States Networking hardware companies Technology companies based in the San Francisco Bay Area Technology companies established in 2005