How Palo Alto Networks is Setting Expectations for Prevention Readiness

We continue to learn more about how to make threat prevention a core component to IT architecture and how to measure prevention readiness. As part of the learning, we are building confidence that our mission to protect our digital way of life across the world is achievable.

Interestingly, we consistently observe a few things from IT and security leaders when we speak with them:

• They lack confidence that they know what is happening in their enterprise.
• They look to the cybersecurity community – us – to help them create a modern architecture strategy based on prevention. The legacy best-of-breed approach and auditing relationship between IT and security professionals is costly, outdated, and fails to protect organizations from successful attacks.

When you think about it, both of these observations make sense. If we are honest with each other, we would agree that we know a lot more about attackers including:

• Attacker techniques
• Vectors that attackers use to successfully attack an organization
• Tools attackers employ
• Indicators of compromise

However, we don’t extensibly use what we know about attackers to defeat the attackers – we don’t know what’s actually happening in our own organizations, much of the time.

That’s why Palo Alto Networks created a standard prevention methodology to help set expectations with our new customers and reset our expectations with existing customers. As part of the methodology, we created metrics to measure our progress. More and more Palo Alto Networks customers see the value in this approach, and it is making a difference.

The methodology provides deliverables that are free for our customers to use and ensures that Palo Alto Networks customers fully utilize all integrated capabilities extensibly across their architectures. The expectation placed on our sales teams is that the deliverables are provided on a regular basis so customers can use them as needed. We are scaling this entire methodology as part of a commitment that our leadership team has made to prevention and to protecting organizations from successful attacks.

When you get the chance, reach out to one of our representatives and ask them to explain our prevention methodology. There are three deliverables our prevention architecture trusted advisors will provide to you on a regular basis. All the deliverables enable our advisors to contribute as value-added team members for your organization. We are committed to helping you and your IT and security professionals create a modern, prevention-based strategy and measuring its effectiveness.

Our three tools include:

1. Prevention posture assessment
2. Panorama configuration heat maps
3. Metrics to build IT and security leadership confidence

As a next-generation security platform provider, we realize it is not sufficient to focus our account teams and partners on individual IT and security projects.  Our desire is to contribute in making prevention a core component of your global enterprise architecture. In the next blog of this series, we will explain the prevention posture assessment in more detail and the way we use it to help make prevention capabilities core components of your IT infrastructure.

Have you received your prevention posture assessment yet? If you're an existing customer, why not? If you're a potential customer, do the assessment soon. The only cost is some time for your team, but it will be time well spent, as professionals and leaders.