Security Program Controls/Technologies, Channel partners, Content, Incident Response, MDR, XDR

Palo Alto Networks Expands Unit 42 Digital Forensics and Incident Response Service

Credit: Palo Alto Networks

Palo Alto Networks has upgraded its Unit 42 Digital Forensics and Incident Response Service (DFIR) to help global organizations quickly respond to and recover from cyberattacks, according to the company.

What's Unit 42 All About?

Unit 42's Digital Forensics and Incident Response Service offers:

  • Attack surface, compromise, ransomware readiness and other assessments that allow organizations to evaluate and test their security controls against real world threats
  • Penetration testing and purple teaming services and tabletop exercises that organizations can use to test their technical controls, network security, response playbooks and more
  • Cloud incident response, malware analysis, ransomware investigation and other services that help organizations speed up their incident response
  • Managed threat hunting performed by Unit 42 threat hunters
  • Managed detection and response (MDR) that combines Palo Alto Networks' Cortex XDR (eXtended detection and response) with Unit 42's threat intelligence

Commenting on the Digital Forensics and Incident Response Service enhancements, Wendi Whitmore, senior vice president of Palo Alto Networks Unit 42, said:

"No other security vendor in the industry can match Palo Alto Networks' telemetry or our breadth of products to stop attacks in real time. We analyze data from thousands of customers globally, generating over 500 billion daily events. This massive dataset enables responders to contextualize threats and respond effectively. Coupled with our expertise in cloud threats, SOC automation and network security, this advanced intelligence helps companies recover and emerge stronger than before."

Unit 42 specializes in cyber DFIR and responds to thousands of customer events annually from ransomware incidents, Palo Alto Networks stated. It is backed by a global team of incident responders, threat intelligence experts and consultants.

Palo Alto Networks Bolsters SASE, XSIAM Solutions

The Unit 42 Digital Forensics and Incident Response Service upgrades come after Palo Alto Networks in March 2023 added capabilities to its Prisma secure access service edge (SASE) solution. These capabilities allow organizations to use Prisma SASE to automate their IT and network operations center (NOC) functions, Palo Alto Networks said.

In March 2023, Palo Alto Networks released an Identity Threat Detection and Response (ITDR) module for its Cortex XSIAM (eXtended security intelligence and automation management) solution. The module allows Cortex XSIAM customers to ingest user identity and behavior data and leverage artificial intelligence to detect identity-based attacks, Palo Alto Networks stated.

Palo Alto Networks provides security products and solutions to global organizations. MSSPs, MSPs and other technology providers can join Palo Alto Networks' NextWave Partner Program to integrate these products and solutions into their portfolios.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.