At Ignite ’22 cybersecurity conference, Palo Alto Networks looks to capitalize on consolidation

Aiming to alleviate the prices and time-drains CISOs face conserving cloud, community and safety operations facilities (SOCs) safe, Palo Alto Networks made a compelling case at its Ignite ’22 cybersecurity convention to consolidate safety tech stacks. Like CrowdStrike, which is consolidating tech stacks as a progress technique, Palo Alto Networks’ newest monetary outcomes, earnings name and bulletins at Ignite ’22 all mirror an intensifying concentrate on capitalizing on consolidation. 

Palo Alto’s 2022 What’s Subsequent in Cyber survey finds that 77% of C-suite leaders say they’re extremely more likely to cut back the variety of safety options and companies they depend on. Their responses present {that a} typical world enterprise has a mean of 31 cybersecurity apps, companies and instruments, and contracts with 13 totally different distributors. Forty-one p.c of organizations are working with 10 or extra cybersecurity distributors. With safety budgets below higher scrutiny for the enterprise worth they ship, CISOs must drive income to advance their careers. Consolidating duplicate methods helps enhance the accuracy and intelligence an built-in tech stack can present whereas decreasing prices and enhancing cybersecurity’s income contribution. 

Promoting the consolidation imaginative and prescient at Ignite ’22  

Palo Alto Networks has created a compelling imaginative and prescient that places consolidation on the core of its go-to-market technique. “And prospects are literally onto it. They need the consolidation as a result of proper now, prospects are going by the three greatest transformations ever: They’re going to community safety transformation, they’re going by a cloud transformation, and [though] lots of them don’t know … they’re about to go to an SOC transformation,” mentioned Nikesh Arora, Palo Alto Networks chairman and CEO, throughout his keynote.   

Promoting the advantages of consolidating cybersecurity functions and instruments on a single platform is working. The corporate’s fiscal first-quarter income grew 25% yearly to $1.6 billion, and financial first-quarter billings grew 27% yearly to $1.7 billion. “On the middle of our technique is the necessity to drive extra consolidation to get prospects to a greater safety posture. In direction of that finish, we proceed to see massive cross-platform buys and develop our millionaire prospects at a gradual clip,” Arora mentioned on Palo Alto’s current earnings name.

The corporate depends on upselling and cross-selling from its Strata, Prisma Cloud and Cortex platforms, capitalizing on alternatives with prospects and prospects to switch redundant, typically legacy functions, instruments and methods.

Keynotes and senior administration Q&A classes all through Ignite ’22 strengthened this consolidation imaginative and prescient by emphasizing the necessity to safe hybrid, multi-cloud configurations, assist prospects cope with accelerating digital transformation, and acknowledge how “in 5 years SOCs will likely be run utilizing AI,” based on firm founder and CTO Nir Zuk. The intensifying safety panorama is feeding into the consolidation imaginative and prescient, given the proliferation of assaults and the necessity for higher menace intelligence and extra trusted companions on the platform.     

Prisma and Cortex have cybersecurity momentum  

Ignite ’22 supplied proof factors of Palo Alto Networks’ intensive R&D spending on cloud safety and safety operations, together with two of the three platforms the corporate depends on for its product and companies income right now. VentureBeat spoke with a number of CISOs, CIOs and IT leaders at Ignite ’22 to see if the build-out of Prisma Cloud and Cortex is scalable sufficient to deal with prospects’ wants past community safety.  

The safety leaders advised VentureBeat that Prisma’s “shift left” technique, strengthened by the acquisition of Cider Safety, together with Software program Composition Evaluation (SCA), is required to offer the instruments a company wants to supply Software program Payments of Supplies (SBOMs). The aim is to adjust to the White Home’s Government Order 14028, which requires software program distributors to offer an SBOM, and the necessities within the September 14, 2022 memorandum from the director of the Workplace of Administration and Funds (OMB) to the heads of government department departments and businesses. 

“Out-Innovating the Attackers,” the keynote by Lee Klarich, Palo Alto Networks’ chief product officer, was one of the best presentation at Ignite ‘22 as a result of it confirmed how the corporate’s 4,000 devops engineers and product managers are translating pressing challenges prospects face into merchandise. An instance of how efficient the product group is at innovating might be seen in Prisma Cloud’s new bulletins, seen within the slide beneath from Lee’s presentation. SCA and the Cider Safety acquisition are desk stakes for securing software program provide chains.

Lively assault floor administration (ASM) is now on the Cortex platform  

Xpanse Lively ASM goals to assist safety groups not simply actively discover but in addition proactively repair their recognized and unknown internet-connected dangers. Xpanse Lively ASM equips organizations with automation to offer them an edge over attackers. “Whereas the basic want for assault floor administration hasn’t modified, right now’s menace panorama is far totally different. Organizations want an energetic protection system that operates sooner than attackers can,” mentioned Matt Kraning, chief know-how officer of Cortex for Palo Alto Networks.

“Because the chief and pioneer within the ASM market, we understand that prospects want full, correct and well timed discovery and remediation of dangerous exposures of their internet-connected methods. With Xpanse Lively ASM, we give defenders the power to see their exposures immediately and shut them down mechanically, with no human labor required.”

Xpanse Lively ASM supplies the next:

• Lively Discovery: Attackers use frequent, automated probes to seek out weak and uncovered belongings. Organizations want instruments that give them the identical visibility. The Lively Discovery module refreshes its internet-scale database a number of instances each day and makes use of supervised machine studying (ML) to map these vulnerabilities precisely. This helps a company get an outside-in view of its community — the identical view attackers have.

• Lively Studying: Xpanse repeatedly processes discovery information, mapping new information to the individuals liable for every system. The Lively Studying module repeatedly analyzes and maps the streamed discovery information to grasp and prioritize prime dangers in actual time. Consequently, prospects can keep forward of attackers by closing down the riskiest exposures shortly.

• Lively Response: Whereas instantaneous discovery of vulnerabilities and exposures can provide safety groups a practical threat image, figuring out points isn’t sufficient. Automated remediation is essential to staying forward of attackers. It saves response time within the SOC by eliminating the guide step of making a ticket for analysts, who should then spend hours of guide effort monitoring down the proprietor of the affected system and resolving the vulnerability. True automation is fixing the end-to-end remediation course of with out human intervention. Lively Response contains native embedded computerized remediation capabilities that use Lively Discovery information and Lively Studying evaluation to mechanically shut down exposures earlier than they permit threats right into a community. It executes ASM-specific playbooks to triage, deactivate and restore vulnerabilities mechanically.

The Xpanse Lively Response module contains built-in end-to-end remediation playbooks. These playbooks mechanically remove essential dangers, akin to uncovered Distant Desktop Protocol (RDP) servers and insecure OpenSSH situations, with none guide labor.

Following remediation, Lively Response mechanically verifies that remediation was profitable by scanning belongings, compiling audited actions and inserting investigation particulars into clear dashboards and studies.

The $100 billion market cap stays elusive  

For Palo Alto Networks to be the primary cybersecurity firm to achieve a $100 billion market capitalization, as CEO Nikesh Arora has predicted in an interview, there are a number of challenges the corporate should first overcome to realize aggressive parity. 

Most noticeable at Ignite ’22 was the necessity for extra companions to be exhibiting Palo Alto’s options and higher enthusiasm for companion options on the a part of Palo Alto Networks’ prospects. To achieve a $100 billion market cap, channel and know-how companions should ship extra income globally, not simply within the U.S.    

Second, regardless of the brand new merchandise that capitalize on the corporate’s evolving machine studying experience as Xpanse Lively ASM does, Palo Alto Networks nonetheless isn’t displaying that it has AI and ML embedded in its DNA. Contemplate CrowdStrike’s fast improvements in ML, with Menace Graph, Asset Graph, Falcon Uncover for IoT and lots of services and products launched simply this 12 months.

Devops is one among Palo Alto Networks’ strongest areas right now, based mostly on what was offered at Ignite ’22. To achieve that $100 billion market cap, it wants to satisfy its imaginative and prescient of operating an SOC on AI in 5 years or much less whereas specializing in utilizing ML as a devops pressure multiplier throughout all product methods.

Companions wanted

Palo Alto Networks additionally introduced a zero-trust community entry (ZTNA) partnership with Google. Palo Alto’s Prisma Entry will staff with BeyondCorp Enterprise from Google Cloud to allow customers to work collectively securely and seamlessly on totally different units from totally different areas. Nevertheless, this gave the impression to be extra a validation of labor the 2 corporations have already completed collectively than one thing basically new.

With zero belief dominating practically each dialog right now, the shortage of companion bulletins was a missed alternative to generate extra curiosity in Palo Alto Networks’ companion base. Paradoxically, if Palo Alto opened up ZTNA gross sales alternatives to companions extra, it may make important good points towards its $100 billion market cap aim.

As Nikesh mentioned within the keynote, “the one means you may get zero belief safety is thru Palo Alto.” Offering companions with a chance to revenue from that technique would energize the world of the corporate that should scale essentially the most to achieve that market cap aim.