• Blog
  • Security Operations

Security Operations

Security Operations

Must-Read Articles
Product Features
Use-Cases
News and Events
Partner Integrations
Playbook of the Week
Palo Alto Networks Helps Secure Black Hat Asia 2025
Announcement, Event, News and Events

Palo Alto Networks Helps Secure Black Hat Asia 2025

Palo Alto Networks secures Black Hat Asia 2025 with pride. Our NOC and SOC involvement ensures uninterrupted conference experience for attendees.
Mar 19, 2025
By  and
Automating Response to Suspicious Process Executions
Playbook of the Week, Unkategorisiert

Automating Response to Suspicious Process Executions

This playbook automates the investigation and response to suspicious process executions triggered by a scheduled task.
Mar 20, 2025
By 
Automated Rapid Response to Suspicious Remote Scheduled Task Creation
Playbook of the Week

Automated Rapid Response to Suspicious Remote Scheduled Task Creation

This playbook automates the identification and remediation of persistent threats that leverage scheduled tasks to execute malicious payloads across endpoints.
Mar 13, 2025
By 
Automating Response to Suspicious SaaS Access From a Tor Exit Node
Playbook of the Week

Automating Response to Suspicious SaaS Access From a Tor Exit Node

This playbook shows how a SecOps team can use Cortex XSIAM to automate and speed response to suspicious SaaS access alerts involving a Tor exit node.
Mar 06, 2025
By 
Introducing Cortex Cloud — The Future of Real-Time Cloud Security
Announcement, Application Security, Cloud Security, CNAPP, News and Events, Product Features, Products and Services

Introducing Cortex Cloud — The Future of Real-Time Cloud Security

Cortex Cloud brings the world’s leading CNAPP onto the #1 SecOps platform, delivering real-time protection — for the fir...
Feb 13, 2025
By 
Demystifying Impossible Traveler Detection
Product Features, Uncategorized, Use-Cases

Demystifying Impossible Traveler Detection

Discover how Impossible Traveler Detection in Cortex XDR identifies suspicious logins from distant locations in a short time, and how to address challenges like VPN impacts and reduce false positives in complex...
Feb 12, 2025
By 
Deloitte’s Cloud Migration Success: Transforming SecOps with Cortex XSOAR
Must-Read Articles, News and Events, Partner Integrations

Deloitte’s Cloud Migration Success: Transforming SecOps with Cortex XSOAR

For years, Deloitte's Cybersecurity Center had leveraged Cortex XSOAR on-premises to drive automation across its portfolio. Building on this success,...
Feb 06, 2025
By 
Automating Response to Unauthorized User Privilege Escalations Using PowerShell Commands
Playbook of the Week

Automating Response to Unauthorized User Privilege Escalations Using PowerS...

Automating response to unauthorized privilege escalation activity such as a user being added to local administrator group using a PowerShell command
Feb 05, 2025
By 
New Cortex Detectors for macOS Address Stealers and Malicious AppleScript
Announcement, Must-Read Articles, Product Features, Use-Cases

New Cortex Detectors for macOS Address Stealers and Malicious AppleScript

Cortex releases new detection analytics targeting macOS stealers and malicious applescript
Feb 04, 2025
By 
What’s New in Cortex: The Latest Innovations for the World’s #1 SecOps Platform (Feb ’25 Release)
Announcement, Must-Read Articles, News and Events

What’s New in Cortex: The Latest Innovations for the World’s #1 SecOps Plat...

Cortex SOC platform introduces new enhancements and features across the entire portfolio including a brand new integration with Prisma Access Browser,...
Feb 04, 2025
By 
Must-Read Articles, Product Features, Uncategorized

Detecting Threats with Microsoft Graph Activity Logs

Discover how Microsoft Graph API is used as an attack vector by threat actors through a real-world attack scenario. Find out why monitoring Microsoft Graph activity logs is important and how Cortex delivers tai...
Feb 02, 2025
By 
DeepSeek’s Rise Shows AI Security Remains a Moving Target
AI Security, Company & Culture, Unit 42

DeepSeek’s Rise Shows AI Security Remains a Moving Target

DeepSeek is an LLM threatening to disrupt current AI market leaders and fundamentally change the economics of AI-powered applications.
Jan 30, 2025
By 
The Dark Side of AI in Cybersecurity — AI-Generated Malware
Must-Read Articles, Points of View, Products and Services

The Dark Side of AI in Cybersecurity — AI-Generated Malware

Bar Matalon and Rem Dudas shed light on their groundbreaking research into AI-generated malware and predictions for the future of AI in cybersecurity....
May 15, 2024
By 
Introducing the New Cortex Shellcode AI Protection: A Precision AI-Driven Module
Must-Read Articles, News and Events, Product Features

Introducing the New Cortex Shellcode AI Protection: A Precision AI-Driven M...

Discover Palo Alto Networks' new Cortex Shellcode AI Protection Module. Learn how Precision AI™ detects and prevents elusive shellcode attacks in real...
Jul 03, 2024
By 
AI Powers Sabre's Enhanced Threat Detection & Response
Company & Culture, Customer Spotlight, Must-Read Articles, Product Features, Products and Services, Use-Cases

AI Powers Sabre's Enhanced Threat Detection & Response

Precision AI by Palo Alto Networks helps security teams trust AI outcomes using security-specific models to automate det...
May 28, 2024
By 
Creating a Security Program with Less Complexity and More Visibility
Company & Culture, Products and Services, Unit 42

Creating a Security Program with Less Complexity and More Visibility

Our 2024 Incident Response Report shows how vulnerabilities go unpatched, and critical resources sit exposed.
May 23, 2024
By 
Playbook of the Week: Automating Management of XDR Identity Analytics Alerts
Playbook of the Week, Uncategorized

Playbook of the Week: Automating Management of XDR Identity Analytics Alert...

Playbook that automates management of XDR identity analytics alerts for speedier response to identity threats.
Mar 07, 2024
By 
What’s Next in Cortex - New Wave of Innovations in Cortex (June 2024 Release)
Announcement, Must-Read Articles, News and Events, Product Features

What’s Next in Cortex - New Wave of Innovations in Cortex (June 2024 Releas...

Discover the latest innovations in Cortex products: XSIAM 2.3, XDR 3.11, Xpanse 2.6, and XSOAR 8.7. Enhance SecOps efficiency and threat prevention
Jul 02, 2024
By 
A Deep Dive Into Malicious Direct Syscall Detection
Must-Read Articles, Non classifié(e), Product Features

A Deep Dive Into Malicious Direct Syscall Detection

This blog explains how attackers use direct syscalls to overcome most EDR solutions, by first discussing the conventional Windows syscall flow and how most EDR solutions monitor those calls.
Feb 13, 2024
By  and
AI in Cyber Is Here to Stay — How to Weather This Sea Change
Must-Read Articles, Points of View, Products and Services

AI in Cyber Is Here to Stay — How to Weather This Sea Change

AI is transforming cybersecurity, automating tasks and enabling better custom threat detection. AI impacts jobs and cloud services.
May 22, 2024
By 

Subscribe to Security Operations Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

Get the latest news, invites to events, and threat alerts