Palo Alto Networks is present in 30 markets with 42 products. Palo Alto Networks has 4161 reviews with an overall average rating of 4.5.
AI Security Testing
AI security testing (AI‑ST) uncovers vulnerabilities and exposures in AI‑enabled systems and applications by applying specialized assessments tailored to the unique risks of machine learning and generative AI. It includes offensive techniques such as automated generation and execution of adversarial prompts, as well as AI component scanning across model repositories, libraries, frameworks, and notebooks. AI‑ST also evaluates model behavior under manipulation, edge cases, and failure modes to identify issues like data leakage, bias, or unsafe outputs. By proactively detecting weaknesses before deployment, AI‑ST helps organizations strengthen resilience, reduce security incidents, and maintain trust in AI‑driven products. Typical users include security teams, AI/ML engineers, red‑teamers, DevSecOps practitioners, and risk or compliance groups responsible for safeguarding AI applications.
Palo Alto Networks has 1 product in AI Security Testing market
AI Security and Anomaly Detection
AI Security and Anomaly Detection is a market focused on providing runtime protection and monitoring for AI applications, particularly those using generative models like large language models (LLMs). These solutions detect and mitigate risks such as prompt injection, hallucinations, toxicity, biased outputs, data leakage, and performance drift. Delivered as cloud-native modules via APIs or embedded within applications, they offer real-time visibility into content and security anomalies. The market supports compliance with emerging regulations, enables centralized oversight across multiple AI deployments, and helps organizations safeguard their brand and decision-making processes from faulty or malicious AI behavior.
Palo Alto Networks has 1 product in AI Security and Anomaly Detection market
AI Usage Control
AI usage control (AI-UC) is a technology to discover the use of third-party AI and enforce the security policies of an organization. Key capabilities include enforcing granular data-sharing policies, automatically detecting and cataloging all AI tools (including shadow AI), and moderating content by filtering sensitive data in real time. AI-UC defines and enforces usage policies, inspects content for sensitive data, assesses risk, and raises alerts on anomalies. AI-UC is primarily delivered as a cloud-based service and may include multiple local inspection points. Typical users of AI Usage Control (AI-UC) are security, compliance, and IT teams, including CISOs, data privacy officers, and risk managers. Many current discovery tools treat AI applications as any other application. ignoring unique risks and integrations of AI in an organization's environment. AI usage control provides fine-grained categorization and intent-based policies, enabling safe adoption of third-party applications while mitigating security risks.
Palo Alto Networks has 1 product in AI Usage Control market
Application Security Posture Management (ASPM) Tools
Application security posture management (ASPM) tools continuously manage application risk through collection, analysis and prioritization of security issues from across the software life cycle. They ingest data from multiple sources, maintain an inventory of all software within an organization, correlate and analyze findings for easier interpretation, triage and remediation. They enable the enforcement of security policies and facilitate the remediation of security issues while offering a comprehensive view of risk across applications.
Palo Alto Networks has 1 product in Application Security Posture Management (ASPM) Tools market
CPS Protection Platforms
Gartner defines cyber-physical systems (CPS) protection platforms as products that discover, categorize, map and protect CPS in production or mission-critical environments outside of enterprise IT. They do so by analyzing or interacting with industrial/industry-specific protocols and operational network traffic. They understand physical process asset behavior and do not interfere with CPS operations. They can be delivered from the cloud, on-premises or in a hybrid form. Gartner defines CPS as engineered systems that orchestrate sensing, computation, control, networking and analytics to interact with the physical world (including humans). When secure, they enable safe, real-time, reliable, resilient and adaptable performance.
Palo Alto Networks has 2 products in CPS Protection Platforms market
CPS Secure Remote Access
Gartner defines the cyber-physical systems (CPS) secure remote access products market as products that enable employees, contractors or original equipment manufacturers (OEMs) to safely and securely operate, maintain or update CPS remotely. These products provide a robust mechanism to verify remote users’ authenticity and authorization, enforce granular access policies for both users and systems, ensure secure communications, and track the integrity of user actions. Organizations can deploy these products in cloud, on-premises or in a hybrid environment.
Palo Alto Networks has 1 product in CPS Secure Remote Access market
Cloud Investigation and Response Automation (CIRA)
Cloud Investigation and Response Automation (CIRA) is a technology that leverages advanced analytics, artificial intelligence (AI), and automation to enhance the detection, investigation, and response to security incidents within cloud environments. It provides real-time insights into potential threats, automates the collection and analysis of forensic data, and uses machine learning (ML) algorithms for proactive threat detection. CIRA tools integrate seamlessly with existing Security Operations (SecOps) technologies to improve an organization’s overall security posture.
Palo Alto Networks has 1 product in Cloud Investigation and Response Automation (CIRA) market
Cloud Security Posture Management Tools
Cloud security posture management tools help in the identification and remediation of risks across cloud infrastructures, including Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS). These tools continuously assess the security posture across multi-cloud environments by maintaining a current inventory of the cloud assets for proactive analysis and risk assessment to detect any misconfigurations. Once these misconfigurations are identified, security controls are developed and implemented. CSPM solutions also integrate with DevOps tools, streamlining the incident response process and ensuring continuous compliance with regulatory requirements and security frameworks by providing visibility of the cloud environment’s security posture.
Palo Alto Networks has 1 product in Cloud Security Posture Management Tools market
Cloud Web Application and API Protection
Gartner defines cloud web application and API protection (WAAP) as a category of security solutions designed to protect web applications and APIs from different types of attacks, irrespective of the hosting location. Typically delivered as a service, cloud WAAP is a consolidation of multiple capabilities offered as a series of security modules and designed to protect against a broad range of runtime attacks. Core capabilities are web application firewalls (WAFs), distributed denial of service (DDoS) mitigation, protection against advanced API attacks and automated (bot) traffic management. A cloud WAAP solution must incorporate all four core capabilities within the same offering.
Palo Alto Networks has 1 product in Cloud Web Application and API Protection market
Cloud-Native Application Protection Platforms
Cloud-native application protection platforms (CNAPPs) are a unified and tightly integrated set of security and compliance capabilities, designed to protect cloud-native infrastructure and applications. CNAPPs incorporate an integrated set of proactive and reactive security capabilities, including artifact scanning, security guardrails, configuration and compliance management, risk detection and prioritization, and behavioral analytics, providing visibility, governance and control from code creation to production runtime. CNAPP solutions use a combination of API integrations with leading cloud platform providers, continuous integration/continuous development (CI/CD) pipeline integrations, and agent and agentless workload integration to offer combined development and runtime security coverage.
Palo Alto Networks has 1 product in Cloud-Native Application Protection Platforms market
Data Loss Prevention
Gartner defines data loss prevention (DLP) as a technical control designed to prevent data loss in order to comply with personal data regulations, prevent unintended disclosure, minimize insider risk and ensure that sensitive data is not overly accessible. DLP controls are typically applied to reduce the data risk for two states of unstructured data: data at rest and data in motion. Depending on the state of the data, DLP applies detective, preventive or corrective controls, including alerting, quarantining, blocking, redaction or access restriction.
Palo Alto Networks has 1 product in Data Loss Prevention market
Data Security Posture Management
Data security posture management (DSPM) discovers previously unknown data across on-premises data centers and cloud service providers (CSPs). It also helps categorize and classify previously unknown and discovered unstructured and structured data. As data rapidly proliferates, DSPM assesses who has access to it to determine its security posture and exposure to privacy, security and AI-usage-related risks. DSPM is delivered as software or as a service.
Palo Alto Networks has 1 product in Data Security Posture Management market
Digital Experience Monitoring
Gartner defines digital experience monitoring (DEM) as the measurement of the availability, performance and quality of the user experience of applications. This can include internal users (employees), external users (customers and partners) or a digital agent connecting to an API. In addition to performance, DEM enables observability of user behavior and journeys based on their interaction with applications. DEM tools allow I&O leaders to understand the availability, performance and reliability of business applications, networks and infrastructure by focusing on understanding the user experience. This is in contrast to other performance monitoring approaches, such as observability platforms, that understand the inner workings of applications.
Palo Alto Networks has 1 product in Digital Experience Monitoring market
Endpoint Protection Platforms
Gartner defines an endpoint protection platform (EPP) as security software designed to protect managed endpoints — including desktop PCs, laptop PCs, virtual desktops, mobile devices and, in some cases, servers — against known and unknown malicious attacks. EPPs provide capabilities for security teams to investigate and remediate incidents that evade prevention controls. EPP products are delivered as software agents, deployed to endpoints, and connected to centralized security analytics and management consoles. EPPs provide a defensive security control to protect end-user endpoints against known and unknown malware infections and file-less attacks using a combination of security techniques (such as static and behavioral analysis) and attack surface reduction capabilities (such as device control, host firewall management and application control). EPP prevention and protection capabilities are deployed as a part of a defense-in-depth strategy to help reduce the endpoint attack surface and minimize the risk of compromise. EPP detection and response capabilities are used to uncover, investigate and respond to endpoint threats that evade security protection, often as a part of broader threat detection, investigation and response (TDIR) capable products.
Palo Alto Networks has 1 product in Endpoint Protection Platforms market
Extended Detection and Response
Extended detection and response (XDR) delivers security incident detection and automated response capabilities for security infrastructure. XDR integrates threat intelligence and telemetry data from multiple sources with security analytics to provide contextualization and correlation of security alerts. XDR must include native sensors, and can be delivered on-premises or as a SaaS offering. Typically, it is deployed by organizations with smaller security teams.
Palo Alto Networks has 1 product in Extended Detection and Response market
External Attack Surface Management
External attack surface management (EASM) refers to the processes, technology and professional services deployed to discover internet-facing enterprise assets and systems and exposures that could be exploited by malicious threat actors. EASM is useful in identifying unknown assets and providing information about the organization’s systems, cloud services and applications that are available and visible in the public domain and therefore can be exploited by an attacker/adversary. This visibility can also be extended to the organization’s subsidiaries or third parties. EASM are most commonly cloud-based products and services but can also be delivered ‘as a service’. EASM appeals to security operations functions involved with penetration testing, vulnerability management and threat hunting who want better visibility of their internet-facing assets to complement their threat and exposure management program.
Palo Alto Networks has 1 product in External Attack Surface Management market
Hybrid Mesh Firewall
A hybrid mesh firewall (HMF) is a multideployment mode firewall, including hardware, virtual appliance and cloud-based options, with a unified cloud-based management plane. HMF’s are designed to support hybrid environments and evolving use cases by offering mature continuous integration/continuous delivery (CI/CD) pipeline integration, native cloud integration, and advanced threat prevention capabilities extending to Internet of Things (IoT) devices and DNS-based attacks. With the adoption of hybrid environments, clients prefer the same firewall vendor with centralized management and visibility of firewall policies across environments to ease administration and reduce operational complexity. As a result, the demand and adoption of cloud firewalls from the same on-premises firewall vendor is growing. Hybrid mesh firewalls support this use case through hardware, virtual and dedicated cloud firewall deployment types, along with cloud-based centralized visibility and management capability.
Palo Alto Networks has 7 products in Hybrid Mesh Firewall market
- 5 more products
IT Security
IT Security refers to products and services that protect digital systems and data from cyber threats and unauthorized access. This category includes markets that focus on network security, identity management, data protection, and cloud security, enabling organizations to reduce risk, ensure compliance, and operate securely in a digital world.
Palo Alto Networks has 2 products in IT Security market
Identity Threat Detection and Response (ITDR)
Identity Threat Detection and Response (ITDR) refers to a set of security practices and technologies designed to detect, investigate, and respond to threats targeting digital identities within an organization. These threats often involve compromised credentials, privilege escalation, or unauthorized access to sensitive systems. ITDR solutions work by continuously monitoring identity-related activities, analyzing behavior patterns, and identifying anomalies that may indicate malicious intent. Once a threat is detected, ITDR tools help security teams respond quickly by isolating affected accounts, enforcing multi-factor authentication, or initiating automated remediation workflows. As identity becomes a primary attack vector in modern cyber threats, ITDR plays a crucial role in strengthening an organization’s overall security posture.
Palo Alto Networks has 1 product in Identity Threat Detection and Response (ITDR) market
Intrusion Detection and Prevention Systems (Retired)
The network intrusion detection and prevention system (IDPS) appliance market is composed of stand-alone physical and virtual appliances that inspect defined network traffic either on-premises or in the cloud. They are often located in the network to inspect traffic that has passed through perimeter security devices, such as firewalls, secure Web gateways and secure email gateways. IDPS devices are deployed in-line and perform full-stream reassembly of network traffic. They provide detection via several methods — for example, signatures, protocol anomaly detection, behavioral monitoring or heuristics, advanced threat defense (ATD) integration, and threat intelligence (TI). When deployed in-line, IDPSs can also use various techniques to detect and block attacks that are identified with high confidence; this is one of the primary benefits of this technology. Next-generation IDPSs have evolved in response to advanced targeted threats that can evade first-generation IDPSs. (Retired as of Mar-12-2026).
Palo Alto Networks has 1 product in Intrusion Detection and Prevention Systems (Retired) market
IoT Security
The amount of information being transmitted from things continues to rise. Much of this data originates outside of the enterprise. The scale of security risks in the Internet of Things (IoT) era is therefore much greater than in the pre-IoT environment, and the 'attack surface' is much larger. Most sensor-based things have minimal computing resources, and the opportunities for antivirus, encryption and other forms of protection within things are more restricted. Therefore, IoT security products with a variety of capabilities emerged to help dispel some of these challenges.
Palo Alto Networks has 1 product in IoT Security market
Managed Detection and Response
Gartner defines managed detection and response (MDR) services as those that provide customers with remotely delivered security operations center (SOC) functions. These functions allow organizations to perform rapid detection, analysis, investigation and response through threat disruption and containment. They offer a turnkey experience, using a predefined technology stack that commonly covers endpoints, networks, logs and cloud. Telemetry is analyzed within a provider’s platform using a range of techniques. The MDR provider’s analyst team then performs threat hunting and incident management to deliver recommended actions to their clients. MDR offers outcome-driven security incident management that is predicated on the detection, analysis and investigation of potentially impactful security events and the delivery of active threat disruption and containment actions to respond to and mitigate the impact of cyber breaches.
Palo Alto Networks has 1 product in Managed Detection and Response market
Mobile Threat Defense (Transitioning to Workspace Security Platforms)
Mobile threat defense (MTD) products protect organizations from malicious threats on iOS and Android devices, at the device, network and application levels. To successfully attack a mobile device, mobile malware must circumvent the controls built into mobile OSs, such as those for app store curation and native mobile OS hardening. MTD products tend to focus on preventing and detecting anomalous behavior by collecting and analyzing indicators of compromise, as well as expected behavior. MTD products gather threat intelligence from the devices they support, as well as from external sources, and use an analysis engine that resides in the cloud, on-premises or on an MTD app installed on devices.
Palo Alto Networks has 2 products in Mobile Threat Defense (Transitioning to Workspace Security Platforms) market
SASE Platforms
Secure access service edge (SASE) platforms deliver converged network and security-as-a-service capabilities, such as software-defined WAN (SD-WAN) and secure access to the web, cloud services and private applications regardless of the user’s location, the device used or where that application is hosted. These offerings primarily use a cloud-centric architecture delivered as a platform by one vendor. SASE securely connects users and devices with applications, services and other users. It supports branch office and remote worker connectivity and on-premises general internet security, private application access and public cloud service provider access use cases.
Palo Alto Networks has 1 product in SASE Platforms market
SD-WAN
Gartner defines software-defined WAN (SD-WAN) as products used to connect branch locations to other enterprise and cloud locations. SD-WAN products provide dynamic path selection based on business or application policy, routing, centralized orchestration of policy and management of appliances, virtual private network (VPN) and zero-touch configuration. SD-WAN products are WAN transport/carrier-agnostic and create secure paths across physical WAN connections.
Palo Alto Networks has 2 products in SD-WAN market
Secure Enterprise Browsers
Gartner defines a secure enterprise browser (SEB) as a solution that delivers enterprise security policies and controls through a centrally managed browser extension, and optionally, a full-stack custom web browser. SEBs provide security and policy enforcement for web, SaaS and private applications, as well as browser hardening delivered through the browser rather than at the endpoint OS or network level. SEBs also enable visibility, control, and auditability of web application data accessed by end users from managed, lightly managed or unmanaged devices without the need for in-line decryption of web traffic.
Palo Alto Networks has 1 product in Secure Enterprise Browsers market
Security Information and Event Management
Security information and event management (SIEM) is a configurable system of record that collects, aggregates and analyzes security event data from on-premises and cloud environments. SIEM processes security event data for the purposes of threat detection, investigation and response. It natively supports data normalization and offers user-configurable detection content and reporting to orchestrate threat mitigation and satisfy compliance requirements. These solutions are delivered via a SaaS platform or client-hosted on-premises or private cloud. The security information and event management (SIEM) system must assist with: 1. Aggregating and normalizing data from various IT and operational technology (OT) environments. 2. Designing and executing near real-time monitoring and alerting content. 3. Enriching and investigating security events of interest. 4. Supporting manual and automated response actions. 5. Maintaining and reporting on current and historical event data.
Palo Alto Networks has 1 product in Security Information and Event Management market
Security Orchestration, Automation and Response Solutions (Transitioning to Security Information and Event Management)
Security orchestration, automation and response (SOAR) solutions combine incident response, orchestration and automation, and threat intelligence (TI) management capabilities in a single platform. SOAR tools are also used to document and implement processes (aka playbooks, workflows and processes); support security incident management; and apply machine-based assistance to human security analysts and operators. SOAR solutions must provide: - Highly customizable workflow process management that enables repeatable automated tasks to be turned into playbooks that run in isolation or joined together into more sophisticated workflows. - The ability to store (locally or in a third-party system) incident management data to support SecOps investigations. - Manually instigated and automated triggers that augment human security analyst operators to carry out operational tasks consistently. - A mechanism to collate and better operationalize the use of threat intelligence. - Support for a broad range of existing security technologies that supports improved analyst efficiency and acts as an abstraction layer between the desired outcomes and the custom-made set of solutions in place in your environment.
Palo Alto Networks has 1 product in Security Orchestration, Automation and Response Solutions (Transitioning to Security Information and Event Management) market
Security Service Edge
Gartner defines security service edge (SSE) as an offering that secures access to the web, cloud services and private applications regardless of the location of the user, the device they are using or where that application is hosted. SSE protects users from malicious and inappropriate content on the web and provides enhanced security and visibility for the SaaS and private applications accessed by end users. Security service edge provides a primarily cloud-delivered solution to control access from end users and devices to applications, as well as websites and the internet. It provides a range of security capabilities, including adaptive access based on identity and context, malware protection, data security and threat prevention, as well as the associated analytics and visibility. It enables more direct connectivity for hybrid users by reducing latency and providing the potential for improved user experience. Capabilities that are integrated across multiple traffic types and destinations allow a more seamless experience for both users and administrators while maintaining a consistent security stance.
Palo Alto Networks has 3 products in Security Service Edge market
- 1 more product
Security Threat Intelligence Products and Services (Transitioning to Cyber Threat Intelligence Technologies)
The security threat intelligence products and services market refers to the combination of products and services that deliver knowledge (context, mechanisms, indicators, implications and action-oriented advice), information and data about cybersecurity threats, threat actors and other cybersecurity-related issues. The output of these products and services aims to provide or assist in the curation of information about the identities, motivations, characteristics and methods of threats, commonly referred to as tactics, techniques and procedures (TTPs). The intent is to enable better decision making and improve security technology capabilities to reduce the likelihood and impact of a potential compromise. Threat intelligence (TI) products and services support the different stages of a TI process life cycle. In particular, this involves defining the aims and objectives, collecting and processing intelligence originating from various sources, analyzing and disseminating it to different stakeholders within the organization, and regularly providing feedback on the entire process. These products and services support ongoing security investigations and assist in preventing future breaches by prioritizing infrastructure hardening. TI tools and services are most commonly cloud-based products and services, but can also be delivered “as a service.”
Palo Alto Networks has 1 product in Security Threat Intelligence Products and Services (Transitioning to Cyber Threat Intelligence Technologies) market