Palo Alto Networks

Palo Alto Networks is a leading US cybersecurity company offering network security, cloud security, and AI-powered threat intelligence across its Strata, Prisma, and Cortex platforms. With revenues exceeding $8 billion in FY2025, it is one of the largest pure-play cybersecurity firms in the world and a primary vendor to governments and enterprises globally. Its threat research division, Unit 42, produces attribution intelligence and incident-response reports that feed directly into government and enterprise security programmes.

Palo Alto Networks is one of twelve organisations granted access to Anthropic's Claude Mythos Preview through Project Glasswing on 8 April 2026, receiving $100 million in shared model usage credits for a system that scored 83.1% on the CyberGym benchmark.

Palo Alto Networks attributed the Handala Hack group — responsible for a destructive wiper attack on Stryker Corporation in March 2026 — to Iran's Ministry of Intelligence.

In May 2026, Palo Alto's PAN-OS captive-portal component was found to contain CVE-2026-0300, an unauthenticated RCE flaw (CVSS 9.3), exploited since 16 April by state-sponsored cluster CL-STA-1132. Unit 42 confirmed post-exploitation tradecraft including Active Directory enumeration via the firewall's service account and methodical crash-log destruction. CISA added the CVE to KEV with a 9 May federal deadline — four days before Palo Alto's own patches were due. The company simultaneously acquired AI-gateway firm Portkey for approximately $130 million, signalling continued investment in AI security tooling. Palo Alto's dual exposure — as a CVE victim and as an active attributor of nation-state groups — illustrates the structural position of large security vendors at the centre of both the attack surface and the intelligence ecosystem.