Palo Alto Networks unveils Cortex XSIAM 3.0 with AI upgrades
Cortex XSIAM 3.0 aims to move beyond traditional reactive security approaches, offering features such as AI-driven exposure prioritisation and automated remediation that claim to reduce vulnerability noise by up to 99%. The platform is designed to provide consolidated risk visibility across network, endpoint and cloud environments, with integration options for external third-party data sources.
The update also brings enhancements in email security, including large language model (LLM)-powered threat detection, improved incident response workflows, and the ability to automate the removal of malicious emails and isolating of compromised endpoints. The company describes these additions as a response to the changing dynamics of the cybersecurity landscape, which increasingly demands both preventive measures and rapid incident handling within organisations.
Palo Alto Networks stated that Cortex XSIAM has surpassed USD $1 billion in cumulative bookings in the second quarter of the 2025 financial year, making it the company's fastest product to reach this threshold. The platform, first launched three years ago, has been positioned by the company as a central tool for normalising and consolidating cybersecurity data to power analytics and automation without the need for multiple point solutions.
The company recently expanded its cloud security capabilities through the launch of Cortex Cloud, integrating its Cloud Native Application Protection Platform (CNAPP) and Cloud Detection and Response (CDR) features onto the Cortex platform. According to Palo Alto Networks, new features in Cortex XSIAM 3.0 are targeted at addressing a total addressable market in security operations and email and vulnerability management valued at USD $37 billion.
Gonen Fink, Senior Vice President of Products, Cortex at Palo Alto Networks, commented on the product release: "Cortex XSIAM harnesses the power of the world's largest and most comprehensive set of security data to transform our customers' ability to rapidly counter evolving attacks with advanced AI and automation. This expansion of our groundbreaking SecOps platform merges best-in-class reactive with proactive security measures, allowing customers to achieve unprecedented risk reduction across their entire enterprise, from code to cloud to SOC."
The Cortex Exposure Management module is built to deliver a unified view of all exposures by collating data from network, endpoint and cloud scanners, as well as from third-party sources. AI algorithms are employed to prioritise vulnerabilities based on exploitation risk rather than solely on compliance requirements, aiming to eliminate false alarms and focus remediation on threats deemed most urgent.
The platform's automation capabilities are intended to implement new security controls for critical risks across native and integrated security tools, with automated playbooks designed to orchestrate and execute response actions, reducing manual workload and aiming to prevent future incidents.
The Advanced Email Security component is designed to strengthen defences against sophisticated phishing campaigns and other email-based threats, leveraging analytics that identify attacker intent and continuously adapt to emerging tactics. Automated response features include real-time removal of harmful messages, disabling of compromised accounts, and endpoint isolation within existing security workflows. The email module also correlates data across email, identity, endpoint, and cloud sources to provide a holistic view of incident paths for enhanced response measures.
Chris DeBrunner, Vice President of Security Operations at CBTS, said: "The transition to Cortex XSIAM has transformed our SOC operations at CBTS. Previously, we struggled with alert fatigue due to multi-console complexity, multiple data sources, disparate vendors, and labour-intensive tasks. With the consolidation of major security capabilities into one platform, we have achieved remarkable efficiencies. Our incident close-out rate has reached 100%, and we have significantly reduced our median time to resolution (MTTR) from days to, in some cases, seconds. The automation provided by XSIAM has been crucial in managing the alert overwhelm we faced, making our team more effective and less error-prone."
Chase Hymel, Chief Information Security Officer for the State of Louisiana, added: "Discovering the capabilities of Cortex XSIAM was a game-changer for the State of Louisiana. It's helped us to modernise our security infrastructure and set an example for other states to follow. By adopting XSIAM, we have significantly improved threat visibility and response effectiveness. Cortex XSIAM has allowed us to consolidate our security tools into one integrated platform, enhancing our security operations and protecting citizen data effectively. We have reduced MTTR from over 24 hours to under two minutes and automated the resolution of 86% of incidents."
Cortex XSIAM 3.0's Exposure Management and Advanced Email Security offerings are scheduled for general availability to customers worldwide in the final quarter of the 2025 financial year.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Scoop
a day ago
- Scoop
From Trade Gains To AI Dividends: APEC's Next Growth Play
Cooling Growth, Lingering Risks APEC's growth slowed to 3.5 percent in the first quarter of 2025, down from 3.8 percent a year earlier, reflecting weaker demand and heightened global uncertainty. Early trade gains, driven by businesses rushing to ship goods before new trade restrictions take effect, gave the economy a short-term boost. However, sustained momentum requires consistent reforms and renewed investment in productivity. Regional growth is now projected at 3.0 percent in 2025 and 2.9 percent in 2026, slightly above the May 2025 APEC Regional Trends Analysis forecasts, but trailing behind the rest of the world, which is expected to grow by 3.4 percent in 2026. Despite the emergence of new technologies and the relative resiliency of greenfield investments in productivity-enhancing projects, downside risks are expected to dominate, marked by policy uncertainty, geopolitical tensions, and elevated debt levels as legacy from the pandemic. Central Banks Balance Support and Stability Inflation averaged 2.5 percent across APEC in the second quarter of 2025, lower than a year ago and easing pressure on households and businesses. In response to downside risks, the majority of central banks have trimmed policy rates to help spur economic activity. Other APEC economies have kept their policy rates unchanged, maintaining a cautious stance amid potential price pressures and external shocks. In recent months, oil prices edged higher as energy markets responded to shifting supply dynamics amid geopolitical instability. In contrast, food prices remained broadly stable, reflecting mixed movements across key commodity groups. Trade Gains Reflect Precautionary Activity Merchandise trade in APEC posted solid growth in the first quarter of 2025 as businesses moved shipments forward, hedging against possible new trade restrictions. Export and import values rose by 5.0 percent and 7.7 percent, respectively, while volumes climbed even faster, by 7.0 percent and 7.9 percent. This expansion suggests that early-year trade gains were driven by risk-mitigation strategies rather than a sustained rebound in demand, and may taper off as temporary factors fade. Trade momentum remains highly sensitive to policy developments. Services trade told a different story. Export growth slowed to 6 percent in the first quarter of 2025 from 11 percent a year earlier. Travel services exports contributed to the decline as it decelerated sharply to 9 percent from 30 percent over the same period even as transport and other commercial services increased. Trade policy uncertainty, although easing from earlier peaks as negotiations gain traction and trade deals begin to take shape, has remained well above historical norms. In fact, financial markets reflect amplified investor concerns, with gold prices near record highs and demand for safe-haven assets is strong. Emerging Opportunities: Resilient Greenfield Investments and AI Potential Although FDI inflows have moderated, falling from USD 1,157 billion in 2021 to USD 956 billion in 2024, greenfield investment remains a bright spot. Announced greenfield projects in APEC reached USD 595 billion in 2024, up 56 percent compared to the level in 2021, underscoring investor confidence in new capacity and innovation. Sustained investments in innovation and digitalization signal an ongoing shift toward productivity-enhancing sectors, which bodes well for APEC's growth trajectory. Digital technologies, particularly artificial intelligence (AI), are poised to amplify these gains. Modelling estimates suggest that, when treated as a productivity shock, AI adoption could raise GDP by 1.3 to 3.9 percent. On average, APEC economies already score above global averages on AI readiness, highlighting strong potential to capture digital dividends. Still, digital capacity remains uneven across the region, with persistent gaps in digital skills limiting broader adoption. Closing these gaps will be key to unlocking AI's full economic potential and ensuring that its benefits reach all people, across communities, sectors and economies. Policy Priorities: Strengthening Confidence, Harnessing Digital Gains With growth moderating and uncertainty still elevated, APEC economies must walk a fine line, preserving near-term macroeconomic stability while advancing structural transformation. Tackling current headwinds and fostering innovation to lay the foundation for sustained growth that benefits the entire population will require coordinated policy action across three key areas: Inclusive Structural Reform: Advance labor market reforms and scale up digital skills development to strengthen human capital and ensure that the benefits of AI-driven productivity are widely shared. Adaptive Economic Policy: Maintain flexible macroeconomic frameworks, rebuild fiscal space, and channel investment toward sectors that boost productivity to support adjustment and resilience. Coordinated Regional Cooperation: Use APEC's platform to align responses to shifting global environment, reinforce regional economic stability, and deepen integration through sustained dialogue. As APEC economies navigate persistent global uncertainty, it is important to strike a careful balance between policy responses that yield short-term gains and structural reforms that drive enduring momentum and productivity growth. Regional cooperation is indispensable in today's uncertain environment. APEC as a regional platform must continue to foster open dialogue, align policies, and coordinate responses to shared challenges. Clear direction and consistent collaboration are vital to managing risks and supporting durable, innovation-driven growth.
Techday NZ
2 days ago
- Techday NZ
Certes launch quantum-safe technology to nullify stolen data
Certes has announced the availability of a quantum-safe data protection approach that aims to render stolen data useless to attackers. With cybercrime costs predicted to exceed USD $10.5 trillion by the end of 2025, the cybersecurity sector faces growing challenges, especially as quantum computing rapidly evolves. Certes has stated that its solution is designed to address this escalating threat by making intercepted data indecipherable even to powerful quantum-enabled adversaries. The company's analysis compares modern cyberattacks to advanced bank heists, where criminals focus on stealing sensitive data, especially while it is in transit. Traditional security measures, according to Certes, typically aim to keep threat actors out via perimeter defences. However, the firm's new focus is on neutralising the value of any data that is intercepted, protecting it throughout its lifecycle. "You don't stop a heist by just locking the doors; you make sure the robbers leave with nothing they can use. That's exactly what we're doing. Even if attackers gain access, the data is quantum-protected, scrambled, and completely useless to them," said Simon Pamplin, CTO at Certes. Certes reports that more than 80% of data breaches occur during the transmission of data, and 82% take advantage of weaknesses in either perimeter or internal systems. This vulnerability, combined with the increasing sophistication of cybercriminal tactics, means that conventional security postures may become obsolete as quantum computing capabilities advance. The company's patented Data Protection and Risk Mitigation (DPRM) solution is built on quantum-safe algorithms and provides end-to-end data security. This includes data in use, at rest, and in transit. Certes distinguishes its solution from existing tools by focusing on making the data itself secure, rather than relying on the strength of the surrounding network perimeter. Simon Pamplin said, "We're preparing clients for the next era of cybersecurity; one where perimeter defences won't cut it. Quantum resilience is critical, but so is the shift in mindset: it's not just about keeping data safe, but making sure that if cybercriminals ever access it, it's useless to them." Certes extends the analogy of dye packs used by banks to thwart robbers. Just as dye packs make stolen banknotes unusable, Certes aims to ensure that attackers cannot benefit from intercepted data, as it remains encrypted and undecipherable. The firm describes its approach as providing a digital equivalent of a dye pack, neutralising the value of the data even if it is physically stolen. Organisations across several sectors, including finance, healthcare, defence, and government, are currently being advised by Certes on post-quantum data strategies. These measures are intended to protect against both current and future threats as quantum capabilities become more widely available. Certes' expertise is being leveraged to help these institutions safeguard essential assets and remain compliant with evolving security regulations. The company highlights that its technology is in use by over 1,000 clients in nearly 100 countries. Certification standards such as FIPS 140-2 and Common Criteria EAL4+ are in place for its security products, according to company background materials. Certes concludes that though data breaches are becoming more common, organisations now have the means to ensure that any information stolen is effectively rendered valueless, reducing the overall impact and risk associated with inevitable breaches.
Techday NZ
2 days ago
- Techday NZ
Palo Alto Networks launches quantum-ready & AI security suite
Palo Alto Networks has introduced new security solutions aimed at helping enterprises address risks associated with quantum computing, multicloud strategies, and artificial intelligence. The company is providing a suite of enhancements within its network security platform, focusing on quantum readiness, simplified cloud network security, and the expansion of artificial intelligence capabilities. These updates are available to all customers using the latest version of the company's software. Quantum readiness Palo Alto Networks' latest release includes a Quantum Readiness Dashboard, which offers organisations visibility into their cryptographic posture. It also introduces what the company describes as the industry's first cipher translation, able to upgrade applications to quantum-safe encryption even if the applications themselves do not natively support such standards. Additionally, 14 new models of fifth-generation Next-Generation Firewalls have been launched, specifically designed to handle post-quantum cryptography efficiently. "The quantum threat to encryption is no longer theoretical; it's an inevitability that demands action now. With these latest innovations that cover the entire quantum readiness lifecycle, we are pioneering the defense for this new era. Every Palo Alto Networks customer that uses our latest software will be able to accelerate their journey to becoming quantum safe, with the intelligence and infrastructure needed to proactively secure their most critical assets from tomorrow's threats, today." This statement from Anand Oswal, Senior Vice President and General Manager of Network Security at Palo Alto Networks, underlines the company's approach to managing emerging cyber risks presented by quantum computing advances. Addressing the multicloud and AI landscape The updated suite offers a cloud network and AI risk assessment tool. This feature is designed to provide continuous risk identification for cloud and AI assets, identifying areas with weak or missing controls and allowing organisations to make informed decisions about improving their security posture. Firewalls and Prisma AIRS instances can now be deployed automatically, securing organisations' multicloud environments more efficiently. The management of these deployments is consolidated in the updated Strata Cloud Manager, which allows organisations to automate security deployment as well as scale protections on demand. Industry perspectives Pete Finalle, Research Manager, Security and Trust Team at IDC, commented on the security challenges that modern enterprises face as technological environments become more complex: "The increased urgency to achieve quantum readiness, coupled with the proliferation of multicloud environments and rapid advancements in AI, has created a complex and fragmented security landscape for the modern enterprise. This has created blind spots and inconsistent policies for businesses striving to establish a resilient zero trust architecture. Palo Alto Networks proactively addressing quantum computing threats with 'crypto agility' is a key differentiator. Additionally, highly scalable software firewalls with complete deployment automation and native microsegmentation address critical visibility and operational challenges in network security." The enhancements also aim to eliminate operational silos by centralising network security functions, allowing visibility and enforcement across multicloud deployments. Automatic scaling and integrated load balancing remove the need for additional point products, streamlining cloud operations for IT teams. Customer feedback End users such as the National Basketball Association (NBA) and travel technology provider Sabre commented on their experiences and expectations. "We aim to deliver secure, high-performance digital experiences - from real-time game analytics to fan engagement - that build trust with our community. As we expand our multicloud infrastructure, we rely on Palo Alto Networks innovative platform to support this vision. With this latest update, we gain a unified platform that empowers us to rapidly scale services, protect critical digital assets and stay ahead of evolving threats, making Palo Alto Networks our trusted partner for securing the future of the game," said Mehdi Lahrech, Senior Manager, Hybrid Cloud Networking, NBA. Scott Moser, Senior Vice President and Chief Information Security Officer at Sabre, also highlighted the heightened importance of security in their sector: "Our vision at Sabre is to power the global travel industry by providing innovative software and technology solutions, and we can't be distracted or slowed down by cyberthreats. With the threat landscape being radically changed by AI-powered attackers, complex global architectures and the huge shifts coming with quantum computing, we need a cybersecurity partner with a powerful vision and a proven ability to execute. This announcement is just another milestone that proves why Palo Alto Networks is our partner of choice for cybersecurity." Software availability The new features, including quantum readiness tools and cloud protection enhancements, are available as a software upgrade to PAN-OS 12.1 Orion. Follow us on: Share on:
