
Palo Alto Networks Uses AI, ML to Reimagine AI-Era Cybersecurity
DALLAS – June 4, 2025 — Several Palo Alto Networks executives took the stage for the company’s Ignite on Tour event in Dallas, delivering the clear message that complexity is the enemy of security, and AI is both the threat and the answer.
In a morning packed with insightful commentary, real-time attack simulations, and partner insights from Sabre, CDW, and others, the Palo Alto Networks team made the case for a new security architecture built from a unified, intelligent platform.
AI Is the New Oil — And Also the Fire
Kumar Ramachandran, president of network security at Palo Alto Networks, opened with a bold analogy: today’s AI inflection point mirrors the petroleum-fueled transformation of the 1900s. As in the dot-com era, he noted, companies faced a decision – lead the change or be changed by it.
Kumar described a seismic shift in the nature of cyberattacks, saying the time period between reconnaissance and impact is now greatly truncated.
“The time period has shrunk from what used to be weeks, if not multiple weeks, to a few small hours,” he said. “The much larger percentage of attacks feel like a zero-day attack.”
With attackers using LLMs for reconnaissance, phishing, and vulnerability discovery, traditional defenses are crumbling under speed and volume, he said.
Palo Alto Networks’ prescription? A fully integrated security platform that fulfills what he called the “three C’s” of modern data: complete, consistent, and correct. In a world where the average enterprise juggles 83 security tools across 30 vendors, that level of data quality isn’t achievable through manual integration.
The company outlined its three major platform pillars:
- Zero Trust Network Security: Combining firewalls, SD-WAN, and SASE into a unified stack with shared policy and AI-powered threat prevention.
- AI-Driven Security Operations (XSAIM): A unified SOC experience powered by more than 7,000 detection models and capable of reducing 19,000 alerts to 17 actionable incidents daily.
- Cloud-Native Security: Including posture management, application security, and real-time cloud detection and response.
The unifying thread is automation powered by AI – not just to detect threats, but to understand context and reduce human overhead across environments.
AI Is Transforming Work – and Creating Risk
Anupam Upadhyaya, SVP of SASE products, demonstrated how AI is both a productivity accelerant and a security nightmare. At Palo Alto Networks, internal developer productivity has increased by 20–30% thanks to AI copilots and code assistants, he said.
But these tools create new vulnerabilities. Anupam showcased AI Access Security, a tool that gives organizations visibility into which generative AI tools employees are using – including shadow AI – and how those tools are handling sensitive data. The platform allows teams to classify, tolerate, or block AI apps with contextual policy enforcement.
Also unveiled was Prisma AI Runtime Security, providing full-stack protection from agents to models to data sets. The demo showed real-time revocation of malicious model permissions and red teaming tools that simulate agentic AI attacks before they happen.
Sabre’s Story: From Chaos to Control
Scott Moser, senior vice president and CISO of Sabre Corporation, shared a compelling journey from 28 security incidents per year to near real-time remediation. After consolidating from four endpoint tools to one – Palo Alto’s XDR – Sabre reduced mean time to containment from days to hours, with 60% of alerts now fully automated.
He emphasized the importance of trust and partnership, citing Palo Alto’s support during previous incidents as the differentiator.
“They didn’t just sell us software,” he said. “They showed up.”
Live Fire: Inside a Real-Time GenAI Attack
The most riveting moment came from Unit 42’s Carl Bryant, who walked the audience through a red-teamed, AI-driven attack modeled on MITRE ATT&CK. What once took days – recon, privilege escalation, payload delivery – could now take minutes using agentic AI.
His warning to retailers was blunt: “You’re in the bullseye for the rest of the year.”
With GenAI tools being abused by threat actors in China, North Korea, Iran, and Russia, Carl emphasized that organizations need AI-powered defenses simply to survive.
The TechArena Take
Palo Alto Networks didn’t just pitch a product suite in Dallas – they delivered a clear and urgent thesis: cybersecurity must move as fast as attackers do, and the only viable response is platformization – as they call it – anchored in AI and automation.
The implication? If you’re still piecing together best-of-breed tools from a dozen vendors, you’re not solving security; you’re maintaining a jigsaw puzzle that’s missing critical pieces. From cloud runtime protection to AI access control to unified SOCs, Palo Alto is betting that convergence, not complexity, will define the next decade of enterprise security.
DALLAS – June 4, 2025 — Several Palo Alto Networks executives took the stage for the company’s Ignite on Tour event in Dallas, delivering the clear message that complexity is the enemy of security, and AI is both the threat and the answer.
In a morning packed with insightful commentary, real-time attack simulations, and partner insights from Sabre, CDW, and others, the Palo Alto Networks team made the case for a new security architecture built from a unified, intelligent platform.
AI Is the New Oil — And Also the Fire
Kumar Ramachandran, president of network security at Palo Alto Networks, opened with a bold analogy: today’s AI inflection point mirrors the petroleum-fueled transformation of the 1900s. As in the dot-com era, he noted, companies faced a decision – lead the change or be changed by it.
Kumar described a seismic shift in the nature of cyberattacks, saying the time period between reconnaissance and impact is now greatly truncated.
“The time period has shrunk from what used to be weeks, if not multiple weeks, to a few small hours,” he said. “The much larger percentage of attacks feel like a zero-day attack.”
With attackers using LLMs for reconnaissance, phishing, and vulnerability discovery, traditional defenses are crumbling under speed and volume, he said.
Palo Alto Networks’ prescription? A fully integrated security platform that fulfills what he called the “three C’s” of modern data: complete, consistent, and correct. In a world where the average enterprise juggles 83 security tools across 30 vendors, that level of data quality isn’t achievable through manual integration.
The company outlined its three major platform pillars:
- Zero Trust Network Security: Combining firewalls, SD-WAN, and SASE into a unified stack with shared policy and AI-powered threat prevention.
- AI-Driven Security Operations (XSAIM): A unified SOC experience powered by more than 7,000 detection models and capable of reducing 19,000 alerts to 17 actionable incidents daily.
- Cloud-Native Security: Including posture management, application security, and real-time cloud detection and response.
The unifying thread is automation powered by AI – not just to detect threats, but to understand context and reduce human overhead across environments.
AI Is Transforming Work – and Creating Risk
Anupam Upadhyaya, SVP of SASE products, demonstrated how AI is both a productivity accelerant and a security nightmare. At Palo Alto Networks, internal developer productivity has increased by 20–30% thanks to AI copilots and code assistants, he said.
But these tools create new vulnerabilities. Anupam showcased AI Access Security, a tool that gives organizations visibility into which generative AI tools employees are using – including shadow AI – and how those tools are handling sensitive data. The platform allows teams to classify, tolerate, or block AI apps with contextual policy enforcement.
Also unveiled was Prisma AI Runtime Security, providing full-stack protection from agents to models to data sets. The demo showed real-time revocation of malicious model permissions and red teaming tools that simulate agentic AI attacks before they happen.
Sabre’s Story: From Chaos to Control
Scott Moser, senior vice president and CISO of Sabre Corporation, shared a compelling journey from 28 security incidents per year to near real-time remediation. After consolidating from four endpoint tools to one – Palo Alto’s XDR – Sabre reduced mean time to containment from days to hours, with 60% of alerts now fully automated.
He emphasized the importance of trust and partnership, citing Palo Alto’s support during previous incidents as the differentiator.
“They didn’t just sell us software,” he said. “They showed up.”
Live Fire: Inside a Real-Time GenAI Attack
The most riveting moment came from Unit 42’s Carl Bryant, who walked the audience through a red-teamed, AI-driven attack modeled on MITRE ATT&CK. What once took days – recon, privilege escalation, payload delivery – could now take minutes using agentic AI.
His warning to retailers was blunt: “You’re in the bullseye for the rest of the year.”
With GenAI tools being abused by threat actors in China, North Korea, Iran, and Russia, Carl emphasized that organizations need AI-powered defenses simply to survive.
The TechArena Take
Palo Alto Networks didn’t just pitch a product suite in Dallas – they delivered a clear and urgent thesis: cybersecurity must move as fast as attackers do, and the only viable response is platformization – as they call it – anchored in AI and automation.
The implication? If you’re still piecing together best-of-breed tools from a dozen vendors, you’re not solving security; you’re maintaining a jigsaw puzzle that’s missing critical pieces. From cloud runtime protection to AI access control to unified SOCs, Palo Alto is betting that convergence, not complexity, will define the next decade of enterprise security.