Announcing the 11.0 Release of Palo Alto Networks Nova – Industry-Leading PAN-OS
Threat actors are constantly evolving their techniques to avoid detection as they target an ever-increasing volume of vulnerabilities. In 2021, there were more than 11,000 newly published vulnerabilities. Attackers started to scan for these vulnerabilities within 15 minutes of a CVE being announced. In this constant race between attackers and defenders, network security needs to find new ways to stay ahead. With the sophistication of today’s threat landscape, malware is more evasive than ever. It is critical for network security, especially traditional IPS and sandboxing solutions, to continue innovating to stay ahead of emerging threats for which there can be no prior knowledge. Yesterday, Palo Alto Networks announced PAN-OS 11.0 Nova – the next evolution of network security that allows you to stop zero-day malware with zero stress.
The Evolution of Modern Malware
Barriers to accessing state-of-the-art malware have lowered considerably and malware is getting even easier to deploy thanks to “as-a-service” offerings. Attackers now leverage frameworks, such as Cobalt Strike, Metasploit and Sliver, with built-in evasion technology to bypass traditional security with ease. This is a powerful mix with a higher volume of attacks that are significantly more difficult to prevent. In fact, we are seeing attacks that use Cobalt Strike increase by 73% year over year.
Modern malware employs a combination of evasive techniques to avoid detection ranging all the way from staying dormant by sensing the execution environment to performing malicious activity completely in memory. This puts significant strain on network defenders to prevent attacks and rapidly close the gap between detection and prevention.
Zero-Day Exploits on the Rise
Beyond the uptick in volume and sophistication of attacks, there has been a significant increase in the use of zero-day exploits. In fact, we have seen a 100% YoY increase. This is partly due to the rising popularity of injection attacks – one of the top methods used by attackers to gain initial access into a network, according to the Open Web Application Security Project (OWASP) “Top 10 Web Application Security Risks” list. Furthermore, threat actors are able to exploit these vulnerabilities faster than software vendors can patch them, creating a window of exposure where organisations are left vulnerable. Once in, attackers are leveraging popular red team tools, like Cobalt Strike, for further exploitation (e.g., data theft, command–and-control and other malicious activity, such as infrastructure hijacking for crypto-mining). Network security must evolve to prevent further exploitation of known and zero-day vulnerabilities.
Raising the Bar in Network Security
Earlier this year, Palo Alto Networks introduced PAN-OS 10.2 Nebula. Nebula was a monumental leap forward, giving organisations around the world the protection they need and deserve. Nebula enabled organisations to stay ahead of emerging threats by introducing, for the first time, inline deep learning.
By applying deep learning inline, in real-time, on network traffic, we can detect and prevent new threats, including malware variants. Introducing these inline deep learning capabilities in Nebula marked a shift in network security, allowing us to stop unknown attacks as they happen, not just remediate them after the fact.
But, the innovation can’t stop there. Threat actors continue to find new ways to fly under the radar of security defences and penetrate networks. They continue to innovate, change, and adapt. Network security must continue to do the same. It’s time for something new.
Say Hello to Nova
Just like early astronomers believed novae were new stars because of how brightly they lit up the night sky, PAN-OS 11.0 Nova brings about new security innovations that will shine a light on unknown threats. As the newest version of Palo Alto Networks best-in-class PAN-OS®, Nova extends their industry-leading inline deep learning capabilities to stop even more highly evasive, zero-day threats.
Nova not only sets up the foundation for modern day network security by continuously protecting against zero-day threats, but it also raises the bar for how organisations can proactively improve cyber hygiene and simplify security architectures. Nova includes many innovations:
Security Against Zero-Day Threats
- Modern malware is increasingly evasive. Palo Alto Networks’ new Advanced WildFire uses multiple patented detection techniques, including intelligent runtime memory analysis to detect and prevent 26% more evasive malware than traditional sandboxing solutions. By using stealthy techniques, Advanced WildFire has the ability to inspect memory-resident malicious activity at cloud scale and analyse files across 85,000+ customers to deliver protections in near-real time across network, cloud and endpoint. They are able to do this with a cutting-edge infrastructure that spans 10+ cloud locations across the globe for low latency and utilises cloud-delivered detections to analyse 80M+ unique files per day.
- Building on the inline deep-learning capabilities introduced in PAN-OS 10.2 Nebula, Palo Alto Networks are introducing new, cloud-delivered detections in Advanced Threat Prevention to stop 60% more zero-day injection attacks compared to traditional IPS solutions, all in real time. This enhanced service reimagines the Intrusion Prevention System (IPS) with industry-first inline capabilities for stopping zero-day injection attacks.
Simplified and Consistent Security
- Nova introduces natively integrated web proxy capabilities for NGFW customers migrating from legacy on-prem proxy solutions. With a single vendor to support firewall and proxy needs, customers benefit from a single management platform and consistent security across campus locations, branches and mobile users.
- Natively integrated with ML-Powered NGFWs and Prisma SASE, Next-Generation CASB (Cloud Access Security Broker) now includes all-new SaaS Security Posture Management (SSPM) to help find and eliminate dangerous misconfigurations in 60+ enterprise SaaS apps. Customers get near-real-time data protection in modern collaboration apps and suspicious user behavior detection. This protects sensitive data in modern SaaS apps from compromised accounts and insider threats.
Stronger Cyber Posture
- AIOps for NGFW (launched earlier this year to reduce misconfigurations that can lead to security breaches) now processes 29B metrics every month across 50,000 firewalls and proactively shares 24,000 misconfigurations and other issues with customers for resolution every month. With Nova, AIOps is even more proactive. AIOps now guards against violations of best practices and enables remediation of inefficiencies in security policies before committing changes, helping organisations strengthen defenses against cyberattacks.
As George Bernard Shaw once said, “Progress is impossible without change.” Palo Alto Networks have always believed in changing the industry for the better. To learn more about the newest innovations and how they’re pushing the boundaries of network security, register for the Palo Alto Networks launch event, Stop Zero-Day Malware with Zero Stress, on January 31, 2023.
SITC – Your Microsoft Azure partner
As more and more threat actors are revealed, and the threat landscape continues to change and evolve, it can be difficult to identify the best security for your organisation. SITC is well-positioned to help you with that, as a Palo Alto Networks partner we can offer the licensing for their solutions, and additionally, we can provide professional services for your Palo Alto Networks projects – start to finish, planning to implementation and beyond. For all things Palo Alto Networks, look no further than SITC.
Contact Us for more information on the Palo Alto Networks portfolio, to find out what this next-level portfolio can offer you.