* [Blog](https://www2.paloaltonetworks.com/blog)
* [Network Security](https://www2.paloaltonetworks.com/blog/network-security/)
* [Precision AI](https://www2.paloaltonetworks.com/blog/category/precision-ai/)
* Eliminate Blind Spots in ...

# Eliminate Blind Spots in Encrypted Traffic to Outsmart Hidden Threats

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Feliminate-blind-spots-in-encrypted-traffic-to-outsmart-hidden-threats%2F)  
[](https://twitter.com/share?text=Eliminate+Blind+Spots+in+Encrypted+Traffic+to+Outsmart+Hidden+Threats&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Feliminate-blind-spots-in-encrypted-traffic-to-outsmart-hidden-threats%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Feliminate-blind-spots-in-encrypted-traffic-to-outsmart-hidden-threats%2F&title=Eliminate+Blind+Spots+in+Encrypted+Traffic+to+Outsmart+Hidden+Threats&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/network-security/eliminate-blind-spots-in-encrypted-traffic-to-outsmart-hidden-threats/&ts=markdown)  
\[\](mailto:?subject=Eliminate Blind Spots in Encrypted Traffic to Outsmart Hidden Threats)  
Link copied  
By [Srinivas Avasarala](https://www.paloaltonetworks.com/blog/author/srinivas-avasarala/?ts=markdown "Posts by Srinivas Avasarala") and [Rajesh Gwalani](https://www.paloaltonetworks.com/blog/author/rajesh-gwalani/?ts=markdown "Posts by Rajesh Gwalani")  
Aug 12, 2025  
4 minutes  
[Precision AI](https://www.paloaltonetworks.com/blog/category/precision-ai/?ts=markdown)  
[Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)  
[Advanced Threat Prevention](https://www.paloaltonetworks.com/blog/tag/advanced-threat-prevention/?ts=markdown)  
[command and control](https://www.paloaltonetworks.com/blog/tag/command-and-control/?ts=markdown)

# *Palo Alto Networks Announces New Detection for Encrypted Sliver Command and Control in Advanced Threat Prevention*

Cyberattackers aren't just getting bolder. They're getting better at staying hidden. Many now use advanced tools to break into an organization's network, remain undetected and quietly steal data without setting off any alarms. One of the biggest challenges organizations face today is detecting these hidden communications, especially when attackers use strong encryption to blend in with everyday internet traffic.

A growing number of threat actors are turning to an open-source tool called Sliver to silently take control of compromised systems. Once inside, they issue commands, exfiltrate data, or move laterally, often without being noticed. What makes this more challenging to detect is their use of the latest and most secure version of the Transport Layer Security protocol, TLSv1.3, which conceals malicious activity by encrypting more of the communication than ever before. While this encryption is great for protecting user privacy, it limits visibility for traditional security tools, leaving many organizations unaware of active threats within their networks.

That's why we're announcing a powerful new detection capability in our Precision AI^Ⓡ^-powered [Advanced Threat Prevention (ATP)](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention), called Encrypted Sliver Command and Control (C2) Detection. This patent-pending technology is specifically designed to identify and stop these hard-to-spot attacks, even when they're hidden behind TLSv1.3 encryption, via a deep learning model that analyzes subtle behavioral signals to recognize Sliver activity without requiring traffic decryption. And because it runs seamlessly in the background, there's no extra setup or disruption required.

# Encrypted Sliver C2 Detection with Advanced Threat Prevention

With Encrypted Sliver C2 Detection, organizations get better security without the added complexity. Advanced Threat Prevention takes another significant step forward in helping organizations stop today's most advanced threats, even when attackers attempt to hide behind modern encryption.

This new detection closes a critical security gap by identifying threats that were previously invisible, giving security teams a significant advantage. Precision AI, our deep learning model for detecting Encrypted Sliver C2, is trained to spot subtle patterns of malicious behavior with high accuracy, reducing false alarms and allowing your team to focus on what truly matters. And because it's delivered through the cloud, there's no need for complex configuration or decryption. It operates quietly in the background, enabling smooth operations while providing strong, consistent protection.

The unmatched scale and effectiveness of Advanced Threat Prevention support all of this. Every day, Advanced Threat Prevention [analyzes over 673 million new sessions,](https://www.paloaltonetworks.com/resources/ebooks/strata-revolutionize-your-security-posture-with-cloud-delivered-security-services-powered-by-precision-AI) prevents more than 512,000 newly identified malicious sessions, and blocks over 28.2 billion threats inline. That's the power of machine learning and cloud intelligence working together to help keep your organization secure, no matter how advanced or hidden the threat.

# Next-Level Detection for Today's Most Advanced Threats

Today's attackers don't play by yesterday's rules. They're stealthy and increasingly use encryption to avoid detection. That's why we've designed [our latest security innovation](https://www.paloaltonetworks.com/resources/infographics/rethink-reinforce-reimagine-security-with-cloud-delivered-security-services-powered-by-precision-ai) to meet today's threats head-on, with smarter protection that works in real time.

With Encrypted Sliver C2 Detection, organizations gain a strategic edge against the most evasive threats:

* **Inline Prevention of Encrypted, Unknown C2:** Leverages advanced deep learning models to identify anomalous patterns indicative of malicious C2 traffic, regardless of encryption. Prevention occurs inline and in real time.
* **Neutralizes Sliver C2 Communications:** Specifically designed to identify and prevent the unique communication fingerprints associated with the Sliver red team tool, preventing their ability to establish persistent control and exfiltrate data.
* **Enhanced Threat Prevention:** Goes beyond simple detection by actively preventing the establishment of these encrypted C2 channels, effectively severing the adversary's connection to compromised systems.
* **Patent-Pending Innovation:** Our proprietary and patent-pending technology, powered by Precision AI, provides a unique and highly effective approach to a critical cybersecurity challenge.
* **Seamless Integration:** Fully integrated into the existing Advanced Threat Prevention suite, it provides a unified and comprehensive defense against sophisticated attacks.

This game-changing capability puts your organization ahead of attackers, with powerful innovations designed to see what others miss.

# Start Defending Against Invisible Threats Today

Enable Encrypted Sliver C2 Detection in [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention) to uncover threats hidden in encrypted traffic and prevent attackers before damage occurs. Watch our latest video to see advanced techniques for detecting [Sliver framework C2 traffic,](https://players.brightcove.net/1050259881001/default_default/index.html?videoId=6376844305112)especially in the challenging scenario where it's encrypted with TLS 1.3.

With Precision AI working behind the scenes, you get real-time, disruption-free protection that stays ahead of today's most evasive threats. Close critical security gaps and keep adversaries at bay. To get started, [contact](https://start.paloaltonetworks.com/secure-your-enterprise-contact-us.html) your Palo Alto Networks representative.

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/network-security/category/data-security/?ts=markdown), [Precision AI](https://www.paloaltonetworks.com/blog/category/precision-ai/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Redefining DNS Protection](https://www2.paloaltonetworks.com/blog/2025/07/redefining-dns-protection/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### The Rise of Advanced Attacks --- What Business Leaders Need to Know](https://www2.paloaltonetworks.com/blog/2025/03/rise-advanced-attacks-what-business-leaders-need-to-know/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Data Security](https://www.paloaltonetworks.com/blog/network-security/category/data-security/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Meet Exfiltration Shield: Prevent Relayed Data Exfiltration Attacks](https://www2.paloaltonetworks.com/blog/network-security/exfiltration-shield-prevents-relayed-data-exfiltration-attacks/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Precision AI](https://www.paloaltonetworks.com/blog/category/precision-ai/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Radically Simplifying Cybersecurity](https://www2.paloaltonetworks.com/blog/2024/10/ai-copilot-simplified-security/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Precision AI](https://www.paloaltonetworks.com/blog/category/precision-ai/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Precision AI --- Revolutionizing Cybersecurity with Our Latest Campaign](https://www2.paloaltonetworks.com/blog/2024/06/precision-ai-revolutionizing-cybersecurity/)

### [AI Security](https://www.paloaltonetworks.com/blog/category/ai-security/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### The Power of Glean and Prisma AIRS Integration](https://www2.paloaltonetworks.com/blog/2026/02/power-of-glean-and-prisma-airs-integration/)

### Subscribe to Network Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language