Palo Alto Networks Company Cyber Security Posture

paloaltonetworks.com

Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before. For more information, visit www.paloaltonetworks.com.

PAN Company Details

Linkedin ID:

palo-alto-networks

Employees number:

17069 employees

Number of followers:

1431273.0

NAICS:

none

Industry Type:

Computer and Network Security

Homepage:

paloaltonetworks.com

IP Addresses:

123

Company ID:

PAL_3162000

Scan Status:

In-progress

AI scorePAN Risk Score (AI oriented)

Between 900 and 1000

This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.

Ailogo

Palo Alto Networks Company Scoring based on AI Models

Model NameDateDescriptionCurrent Score DifferenceScore
AVERAGE-Industry03-12-2025

This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers.

N/A

Between 900 and 1000

Palo Alto Networks Company Cyber Security News & History

Past Incidents
2
Attack Types
1
EntityTypeSeverityImpactSeenUrl IDDetailsView
Palo Alto NetworksVulnerability6014/2025PAL707041025Link
Rankiteo Explanation :
Attack without any consequences

Description: Palo Alto Networks' PAN-OS software was found to contain a significant denial-of-service (DoS) vulnerability, labeled CVE-2025-0128, affecting several versions and potentially putting organizations at risk of service interruptions. Unauthenticated attackers could exploit this vulnerability to force system reboots and maintenance mode engagement, leading to service unavailability for those reliant on the company's firewall appliances. The security flaw, while rated 'MEDIUM' in severity due to a CVSS score of 6.6, has a high impact on availability, albeit not directly threatening data confidentiality or integrity. Security recommendations encourage immediate updates to patched software versions to prevent exploitation.

Palo Alto NetworksVulnerability256/2025PAL304061225Link
Rankiteo Explanation :
Attack without any consequences: Attack in which data is not compromised

Description: A newly disclosed command injection vulnerability in Palo Alto Networksโ€™ PAN-OS operating system poses significant security risks to enterprise firewall infrastructures worldwide. The vulnerability, catalogued as CVE-2025-4230, enables authenticated administrators with command-line interface (CLI) access to execute arbitrary commands with root-level privileges, potentially compromising entire network security architectures. This flaw allows malicious actors to exploit insufficient input validation within the PAN-OS CLI interface, enabling them to bypass system restrictions and execute unauthorized commands with elevated privileges.

Palo Alto Networks Company Subsidiaries

SubsidiaryImage

Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before. For more information, visit www.paloaltonetworks.com.

Loading...

Access Data Using Our API

SubsidiaryImage

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=palo-alto-networks' -H 'apikey: YOUR_API_KEY_HERE'
newsone

PAN Cyber Security News

2025-07-10T12:00:00.000Z
GTT Expands Partnership with Palo Alto Networks to Offer Leading Managed Single-Vendor SASE Solution

GTT adds Palo Alto Networks Prisma SASE to its award-winning managed SASE solution, Secure Connect.

2025-07-09T12:00:00.000Z
Ingram Micro Attack Did Not Involve GlobalProtect VPN: Palo Alto Networks

Reports connecting the GlobalProtect VPN system to the ransomware attack against IT distribution giant Ingram Micro are โ€œfalse,โ€ according toย ...

2025-07-09T04:49:07.000Z
Fidelis and Palo Alto Networks integrate for better visibility

Fidelis Security announced an integration with Palo Alto Networks on an enhanced network detection and response (NDR) solution.

2025-06-23T07:00:00.000Z
Cybersecurity Giant Palo Alto Networks Caught Between Opportunity and Maturity

Cybersecurity giant Palo Alto Networks has much to gain from a splintering geopolitics, but growth is slowing at its business matures.

2025-07-03T14:29:00.000Z
Palo Alto Networks vs. Okta: Which Cybersecurity Stock is a Smart Buy?

With AI-powered tools and strong customer bases, PANW and OKTA are growing, but which stock deserves a place in your portfolio?

2025-07-09T05:00:02.000Z
Itโ€™s time to give AI security its own playbook and the people to run it

AI agent security needs real-time monitoring, identity logging, and clone-on-launch to keep pace with evolving threats and autonomy.

2025-07-10T10:04:13.000Z
Fix the Click: Preventing the ClickFix Attack Vector

ClickFix is an increasingly popular technique that threat actors use in social engineering lures. This technique tricks potential victims intoย ...

2025-07-09T11:00:00.000Z
3 Cybersecurity Stocks You Can Buy and Hold for the Next Decade

CrowdStrike is best known for addressing endpoint security solutions. Zscaler's no-trust platform is ideal for remote and hybrid workforces.

2025-05-22T07:00:00.000Z
Palo Alto Networks beats earnings estimates amid consolidation, AI concerns

Shares of Palo Alto Networks fell Wednesday after the company reported better-than-expected earnings in the third fiscal quarter but disappointed someย ...

similarCompanies

PAN Similar Companies

CrowdStrike

CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with the worldโ€™s most advanced cloud-native platform for protecting critical areas of enterprise risk โ€” endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-clas

Google Cloud Security

With comprehensive cybersecurity solutions, organizations can address their tough security challenges with many of the same capabilities Google uses to keep more people and organizations safe online than anyone else in the world. Experience Mandiant frontline intelligence and expertise, a modern, in

Thales Cyber Solutions

Drawing on a team of 6,000 experts and developers, Thales is a global leader in cybersecurity โ€šร„รฌ no.1 in data security - with solutions deployed in 148 countries, generating annual revenues in excess of โ€šร‡ยจ2 billion in the domain. Thales supports its enterprise and government customers in the cybe

faq

Frequently Asked Questions

Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.

PAN CyberSecurity History Information

How many cyber incidents has PAN faced?

Total Incidents: According to Rankiteo, PAN has faced 2 incidents in the past.

What types of cybersecurity incidents have occurred at PAN?

Incident Types: The types of cybersecurity incidents that have occurred incidents Vulnerability.

How does PAN detect and respond to cybersecurity incidents?

Detection and Response: The company detects and responds to cybersecurity incidents through remediation measures with Upgrade to PAN-OS 11.2.6, 11.1.10, 10.2.14, or 10.1.14-h15 and remediation measures with Immediate updates to patched software versions.

Incident Details

Can you provide details on each incident?

Incident : Command Injection

Title: PAN-OS Admin Command Injection Vulnerability

Description: A newly disclosed command injection vulnerability in Palo Alto Networksโ€™ PAN-OS operating system poses significant security risks to enterprise firewall infrastructures worldwide.

Date Publicly Disclosed: 2025-06-11

Type: Command Injection

Attack Vector: Authenticated administrator with CLI access

Vulnerability Exploited: CVE-2025-4230

Incident : Denial of Service (DoS)

Title: Palo Alto Networks PAN-OS DoS Vulnerability

Description: Palo Alto Networks' PAN-OS software was found to contain a significant denial-of-service (DoS) vulnerability, labeled CVE-2025-0128, affecting several versions and potentially putting organizations at risk of service interruptions. Unauthenticated attackers could exploit this vulnerability to force system reboots and maintenance mode engagement, leading to service unavailability for those reliant on the company's firewall appliances. The security flaw, while rated 'MEDIUM' in severity due to a CVSS score of 6.6, has a high impact on availability, albeit not directly threatening data confidentiality or integrity. Security recommendations encourage immediate updates to patched software versions to prevent exploitation.

Type: Denial of Service (DoS)

Attack Vector: Unauthenticated Exploitation

Vulnerability Exploited: CVE-2025-0128

Threat Actor: Unauthenticated Attackers

What are the most common types of attacks the company has faced?

Common Attack Types: The most common types of attacks the company has faced is Vulnerability.

How does the company identify the attack vectors used in incidents?

Identification of Attack Vectors: The company identifies the attack vectors used in incidents through CLI access.

Impact of the Incidents

What was the impact of each incident?

Incident : Command Injection PAL304061225

Systems Affected: PAN-OS 11.2 versions prior to 11.2.6, PAN-OS 11.1 versions before 11.1.10, PAN-OS 10.2 versions earlier than 10.2.14, and PAN-OS 10.1 versions before 10.1.14-h15

Incident : Denial of Service (DoS) PAL707041025

Systems Affected: Firewall appliances

Downtime: System reboots and maintenance mode engagement

Operational Impact: Service unavailability

Which entities were affected by each incident?

Incident : Command Injection PAL304061225

Entity Type: Enterprise

Industry: Network Security

Incident : Denial of Service (DoS) PAL707041025

Entity Type: Organization

Industry: Cybersecurity

Response to the Incidents

What measures were taken in response to each incident?

Incident : Command Injection PAL304061225

Remediation Measures: Upgrade to PAN-OS 11.2.6, 11.1.10, 10.2.14, or 10.1.14-h15

Incident : Denial of Service (DoS) PAL707041025

Remediation Measures: Immediate updates to patched software versions

Data Breach Information

What measures does the company take to prevent data exfiltration?

Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Upgrade to PAN-OS 11.2.6, 11.1.10, 10.2.14, or 10.1.14-h15, Immediate updates to patched software versions.

Lessons Learned and Recommendations

What recommendations were made to prevent future incidents?

Incident : Command Injection PAL304061225

Recommendations: Implement additional access controls limiting CLI access to essential personnel only.

Incident : Denial of Service (DoS) PAL707041025

Recommendations: Immediate updates to patched software versions

What recommendations has the company implemented to improve cybersecurity?

Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Implement additional access controls limiting CLI access to essential personnel only.Immediate updates to patched software versions.

Initial Access Broker

How did the initial access broker gain entry for each incident?

Incident : Command Injection PAL304061225

Entry Point: CLI access

Post-Incident Analysis

What were the root causes and corrective actions taken for each incident?

Incident : Command Injection PAL304061225

Root Causes: Insufficient input validation within the PAN-OS CLI interface

Corrective Actions: Patching and restricting administrative access

What corrective actions has the company taken based on post-incident analysis?

Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Patching and restricting administrative access.

Additional Questions

General Information

Who was the attacking group in the last incident?

Last Attacking Group: The attacking group in the last incident was an Unauthenticated Attackers.

Incident Details

What was the most recent incident publicly disclosed?

Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-06-11.

Impact of the Incidents

What was the most significant system affected in an incident?

Most Significant System Affected: The most significant system affected in an incident were PAN-OS 11.2 versions prior to 11.2.6, PAN-OS 11.1 versions before 11.1.10, PAN-OS 10.2 versions earlier than 10.2.14, and PAN-OS 10.1 versions before 10.1.14-h15 and Firewall appliances.

Lessons Learned and Recommendations

What was the most significant recommendation implemented to improve cybersecurity?

Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Implement additional access controls limiting CLI access to essential personnel only., Immediate updates to patched software versions.

Initial Access Broker

What was the most recent entry point used by an initial access broker?

Most Recent Entry Point: The most recent entry point used by an initial access broker was an CLI access.

What Do We Measure?

revertimgrevertimgrevertimgrevertimg
Incident
revertimgrevertimgrevertimgrevertimg
Finding
revertimgrevertimgrevertimgrevertimg
Grade
revertimgrevertimgrevertimgrevertimg
Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network Security

Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)

Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)

Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat Intelligence

Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Top LeftTop RightBottom LeftBottom Right
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
Users Love Us Badge