Palo Alto Networks debuts security platform to prevent credential theft and abuse
Palo Alto Networks announced on Tuesday advancements to its Next-Generation Security Platform that provide customer organizations with the ability to prevent the theft and abuse of stolen credentials, one of the most common methods cyber adversaries use to compromise and maneuver within an organization to steal valuable assets.
Traditional approaches to stopping credential phishing are rudimentary, manual, limited, and rely primarily on educating employees and classifying a phishing site before someone encounters it. If the organization’s security products miss a new phishing site, the only recourse is hoping the user doesn’t proceed to enter his or her credentials.
Further, password-only-based approaches to authentication remain very common due to the traditional complexities of implementing multi-factor authentication, leaving many applications exposed to simple credential abuse-based access by attackers.
Palo Alto Networks now delivers its initial multi-method, scalable and automated approach designed to prevent credential-based attacks. These capabilities, delivered from the next-generation firewall, prevent the theft and abuse of stolen credentials and complement additional malware and threat prevention and secure application enablement functionality, to extend customer organizations’ ability to prevent cyber breaches.
The Palo Alto Networks Next-Generation Security Platform has key characteristics that enable the prevention of successful cyberattacks by using natively integrated technologies that leverage a single-pass architecture to exert positive control based on applications, users and content to reduce organizational attack surface, support open communication, orchestration, and visibility, and enable consistent security posture, providing the same protection on the endpoint, in the data center, on the network, in public and private clouds, and across SaaS environments.
It also delivers automation of protection by creating and reprogramming security postures in real-time across the network, endpoint and cloud environments to counter new threats, allowing teams to scale with technology, not people. It also delivers extensibility and flexibility that allow for consistent protection as users move off physical networks – and as organizations expand – and adopt new technologies and architectures.
The threat intelligence sharing enhances prevention and minimizes the spread of attacks by taking advantage of the network effects of automated sharing of protections across a global community.
The security platform as part of PAN-OS security operating system version 8.0, credential theft prevention feature highlights include
automatically identify and block phishing sites by sending suspicious links from emails to the WildFire service for enhanced machine learning-based analysis. If the site is determined to be phishing, PAN-DB will automatically update the phishing URL category, block the site, and prevent users from accessing it.
It also prevents users from submitting credentials to phishing sites, by integrating with User-ID technology, the firewall can recognize the movement of enterprise credentials in the traffic. If a user unknowingly attempts to transmit a username and password to an unauthorized site, policies within the firewall can alert or drop the traffic and stop the transmission of corporate credentials.
It also prevents the use of stolen credentials by providing a policy-based multi-factor authentication framework natively in the next-generation firewall. This unique capability makes it easy to enforce multi-factor authentication from the firewall to stop cyber adversaries from moving laterally in a network and accessing sensitive resources with the help of stolen credentials or compromised endpoints.
This is achieved by working at the network level in conjunction with authentication and identity management frameworks, such as single sign-on and multi-factor authentication, and integrating with a number of next-generation identity access management vendors, including Okta, Ping Identity and Duo Security, as well as policy enforcement tools.
In addition to simplifying the overall administrative overhead, with this new centralized policy-based approach in PAN-OS 8.0, administrators will now be able to protect internal and custom applications with multi-factor authentication, a step that is often impossible to deploy with existing tools.
The Palo Alto Networks Next-Generation Security Platform is composed of natively engineered technologies that leverage a single-pass prevention architecture to exert positive control based on applications, users and content. The result is a reduced attack surface, increased visibility, and consistent security posture from the network to the cloud and the endpoint.
The Palo Alto Networks Next-Generation Security Platform also benefits from the powerful network effect of a growing community of comprehensive global threat data sharing to minimize the spread of attacks and raise the costs to attackers. No one organization will ever see all global threats, but as part of a network, they benefit from collective intelligence.
The detection of a new threat in one customer environment sharing threat information triggers the automatic creation and dissemination of prevention mechanisms across the entire network of thousands of customers. As the network grows, the wider protections propagate, limiting the spread of attacks and, consequently, their effectiveness.
“We have too often seen headlines that highlight credential theft as one of the primary methods cyber adversaries use to gain access to networks, systems and assets,” said Lee Klarich, executive vice president, Product Management, Palo Alto Networks. “For years, there has been an absence of an effective and scalable way for organizations to address this challenge. We are pleased to introduce these unique and industry-leading capabilities as part of our Next-Generation Security Platform and to deliver yet another innovation among many designed to help organizations prevent cyber breaches.”
PAN-OS 8.0 is now available globally to customers of Palo Alto Networks with a current support contract.