Radically Simplifying Cybersecurity

Oct 15, 2024
5 minutes
... views

This post is also available in: 日本語 (Japanese)

Leveraging advanced technology in today's cyberthreat landscape is no longer optional — it's imperative. At Palo Alto Networks, we've pioneered the integration of AI-driven solutions specifically designed to empower security teams and enhance operational efficiencies. Our latest innovation, the AI copilots, stands at the forefront of this revolution.

Availability of AI Copilots

Palo Alto Networks AI Copilots are already transforming the way cybersecurity professionals interact with their technology environments. By automating and simplifying routine tasks, our AI tools allow teams to focus on strategic decision-making and complex problem solving. Immediate access to vast security knowledge bases and quick documentation retrieval is just the start. These AI assistants enrich intelligence, supporting informed decisions and guiding users through complex remediation tasks effortlessly. The overarching goal is clear: faster responses, accuracy in threat detection, and an overall more resilient security posture.

We’re excited to announce that we began rolling out availability for our copilots for the Strata, Prisma Cloud and Cortex platforms at no extra cost.

  • Strata Copilot: Strata Copilot helps network security teams quickly and easily find, understand and address threats before they turn into trouble leveraging the power and simplicity of natural language.
  • Prisma Cloud Copilot: Designed for the cloud environment, Prisma Cloud Copilot simplifies governance, security policy compliance and management across multiple cloud platforms, ensuring seamless security regardless of the complexity of your cloud infrastructure.
  • Cortex Copilot: Cortex Copilot helps security operations to identify and analyze threats while also providing actionable recommendations tailored to the specific dynamics of the incident.

We view this as a transformative approach to simplifying security operations and enabling teams to respond faster, with greater conviction and consistency.

Why This Matters

The core issue in security today isn’t just the volume of threats — it’s the complexity of managing threats. The traditional approach relies on an array of advanced tools that require deep expertise and manual effort. This not only slows down security teams but also leaves organizations exposed to risks caused by delayed decisions or inadvertent errors.

Palo Alto Networks Copilots address the core problem by leveraging AI to reduce friction in security workflows. Whether responding to threats, configuring systems or analyzing data, copilots enable teams to operate with greater speed and precision. They make advanced security capabilities accessible to all, allowing teams to act with confidence even in the most high-pressure situations.

Platform Copilots Benefits

More than just assistants, copilots reshape how security is performed. Since May, as part of an early beta program, our copilots have been used and tested by customers, who report strong positive results and benefits that include:

Information at Your Fingertips

We’ve seen how our copilots provide immediate access to the security knowledge of Palo Alto Networks, eliminating the need to hunt for documentation on product features. Whether answering questions about configuration or offering insights into indicators of compromise (IoCs), such as IP addresses or domain names, copilots quickly put information in the hands of teams who need it. This frees security professionals from manual searches and enables them to act faster with full confidence.

Each copilot has made an impact. The Prisma Cloud Copilot, for example, delivered an experience 24 times faster for documentation searches. When customers looked for integration information, it took only a few seconds. In the screenshot below, you can see how to generate a GDPR report without leaving the console.

Prisma Cloud Copilot compliance

AI-Driven Decision Support

Our copilots are more than just a source of information — they actively assist in decision-making by offering enriched intelligence and real-time analysis. For example, they visualize app, user and threat activity to present the full context of an incident. By connecting threat intelligence and delivering actionable insights, Palo Alto Networks Copilots empower teams to make faster, better informed decisions on where to focus their efforts without automating the actions themselves.

The Strata Copilot makes it radically simpler to take advantage of best practices developed from over 70,000 customers and years of experience. For example, when creating a new policy it is instantaneous to see whether the new configurations are in line with the proven ways to best deliver best in class security.

Strata Copilot and Rules

If an analyst finds something suspicious, a malicious file perhaps, they can immediately take action in Cortex Copilot. The image below shows how easily Cortex Copilot enables security operations center (SOC) analysts to add a malicious hash to a blocklist.

Cortex Copilot Blocklist feature

Advanced Guidance for Fast Execution — Especially with Support

Through guided automation, copilots help you perform complex remediation tasks using simple, natural language requests, significantly reducing the time and manual effort required to resolve security issues. From automating remediation workflows to opening support cases with all relevant details prefilled, copilots streamline execution, allowing teams to shift their focus from task execution to higher-level strategy and oversight.

In the SOC, the Cortex Copilot assists analysts with support issues or questions. Instead of searching through support documents for answers, analysts can ask Cortex Copilot for summarized information about a topic, reducing the learning curve and enabling new analysts to contribute immediately. Cortex Copilot not only answers support questions — as seen below — but also links to relevant documentation from the Cortex Help Center.

Cortex Copilot Help Center

Streamlining the support request process, Prisma Cloud Copilot, as the video below demonstrates, ensures necessary details are submitted at the start, which reduces the back-and-forth with teams and enables cases to be resolved expeditiously.

Prisma Cloud Copilot support case

A Glimpse into the Future — Autonomous Cybersecurity

The demands placed on security teams today are untenable without automation and intelligence. With AI-driven copilots, we’re proud to build the foundation for a world where security teams are proactive rather than reactive, focused on managing outcomes instead of managing alerts.

The future of cybersecurity is at your fingertips. For more information and a discussion about our AI copilots, make sure to join our Linkedin Live on Thursday, 10/17 at 11 am PT.


Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.