Attackers continue to update their tactics to remain ahead of enterprise defenses and use evasive techniques to avoid detection by traditional cybersecurity tools. Pre-built attack tools, stealthy communications and exfiltration avenues, and advanced phishing techniques are all used to compromise and exploit target organizations. While out-of-band and signature-based detection approaches remain critical in preventing known threats, a new approach is required to protect organizations from these attacks using evasive techniques. As a result, machine learning and advanced analytics have become a critical component of threat prevention tools. Yet, just as importantly, these mechanisms must be applied in line to prevent threats before they can impact even the first potential victim.
Palo Alto Networks is addressing these issues through the addition of in-line deep learning to its network security platform. Specifically, enhancements to its Advanced Threat Prevention, Advanced URL Filtering, and DNS Security services help prevent unknown command and control traffic, block attacks from tools such as Cobalt Strike, detect attacks that evade traditional URL databases and web crawlers, and ensure attackers cannot use DNS as an avenue of attack.