* [Blog](https://www2.paloaltonetworks.com/blog) * [Security Operations](https://www2.paloaltonetworks.com/blog/security-operations) * Use-Cases # Security Operations ## Use-Cases [![Cortex ITDR: Cyber Threats in Microsoft Teams and Their Detection](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/11/AdobeStock_233494953-scaled.jpeg)](https://www2.paloaltonetworks.com/blog/security-operations/cortex-itdr-cyber-threats-in-microsoft-teams-and-their-detection/) [Cortex ITDR: Cyber Threats in Microsoft Teams and Their Detection \-----------------------------------------------------------------](https://www2.paloaltonetworks.com/blog/security-operations/cortex-itdr-cyber-threats-in-microsoft-teams-and-their-detection/) A blog that demonstrates how PANW Cortex XSIAM provides detections on attacks within Microsoft Teams [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown) [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown) [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) Nov 19, 2025 By [Noam Sala](https://www.paloaltonetworks.com/blog/author/noam-sala/?ts=markdown "Posts by Noam Sala") and [Ofir Shlomo](https://www.paloaltonetworks.com/blog/author/ofir-shlomo/?ts=markdown "Posts by Ofir Shlomo") ## Security Operations *** ** * ** *** [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown) *** ** * ** *** [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown) *** ** * ** *** [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) *** ** * ** *** [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown) *** ** * ** *** [Partner Integrations](https://www.paloaltonetworks.com/blog/security-operations/category/partner-integrations/?ts=markdown) *** ** * ** *** [Playbook of the Week](https://www.paloaltonetworks.com/blog/security-operations/category/playbook-of-the-week/?ts=markdown) *** ** * ** *** ![Forrester TEI: Unlock 257% ROI with Cortex XSIAM](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/10/forrester-xsiam.png) [AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [Forrester TEI: Unlock 257% ROI with Cortex XSIAM](https://www2.paloaltonetworks.com/blog/security-operations/forrester-tei-unlock-257-roi-with-cortex-xsiam/) AI-driven SecOps platform delivered 257% ROI, cut breach risk 60%, and consolidated tools for significant savings. Learn more about Palo Alto Networks Cortex XSIAM. Oct 16, 2025 By [Greg Smith](https://www.paloaltonetworks.com/blog/author/greg-smith/?ts=markdown "Posts by Greg Smith") ![Real-World Email Attacks Detected by Cortex Advanced Email Security](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/04/iStock-1180225153-edit_800x600.png) [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [Real-World Email Attacks Detected by Cortex Advanced Email Security](https://www2.paloaltonetworks.com/blog/security-operations/real-world-email-attacks-detected-by-cortex-advanced-email-security/) Discover how unified email security stops brand impersonation, credential harvesting, and localized phishing attacks using AI and cross-domain analysi... Oct 09, 2025 By [Yitzy Tannenbaum](https://www.paloaltonetworks.com/blog/author/yitzy-tannenbaum/?ts=markdown "Posts by Yitzy Tannenbaum") ![The Case Files of Detective Aems: A Study in Digital Deduction](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/10/AdobeStock_1426820255-scaled.jpeg) [AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [The Case Files of Detective Aems: A Study in Digital Deduction](https://www2.paloaltonetworks.com/blog/security-operations/the-case-files-of-detective-aems-a-study-in-digital-deduction/) Discover how AI-powered email security defeats sophisticated phishing, BEC attacks, and brand impersonation through contextual analysis and unified th... Oct 08, 2025 By [Michael Heller](https://www.paloaltonetworks.com/blog/author/michael-heller/?ts=markdown "Posts by Michael Heller") and [Yitzy Tannenbaum](https://www.paloaltonetworks.com/blog/author/yitzy-tannenbaum/?ts=markdown "Posts by Yitzy Tannenbaum") ![From Silos to Synergy: How Cortex XDL Transforms XDR to Elevate Threat Detection](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/10/AdobeStock_628395867-scaled.jpeg) [AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [From Silos to Synergy: How Cortex XDL Transforms XDR to Elevate Threat Dete...](https://www2.paloaltonetworks.com/blog/security-operations/from-silos-to-synergy-how-cortex-xdl-transforms-xdr-to-elevate-threat-detection/) Learn how Cortex XDL transforms Cortex XDR by breaking down data silos and fusing telemetry from endpoint, networks, cloud, and identity to deliver AI... Oct 07, 2025 By [Alice Nguyen](https://www.paloaltonetworks.com/blog/author/alice-nguyen/?ts=markdown "Posts by Alice Nguyen") ![SCCM: Enterprise Backbone or Attack Vector? Part 2](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/09/Thinking-2.jpg) [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [SCCM: Enterprise Backbone or Attack Vector? Part 2](https://www2.paloaltonetworks.com/blog/security-operations/sccm-enterprise-backbone-or-attack-vector-part-2/) Learn how attackers exploit Microsoft SCCM infrastructure through LDAP, WMI enumeration \& detection strategies to secure enterprise environments. Sep 17, 2025 By [Lee Azrati Edri](https://www.paloaltonetworks.com/blog/author/lee-azrati-edri/?ts=markdown "Posts by Lee Azrati Edri") and [Shachar Roitman](https://www.paloaltonetworks.com/blog/author/shachar-roitman/?ts=markdown "Posts by Shachar Roitman") ![SCCM: Enterprise Backbone or Attack Vector?](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/09/Professional-6.jpg) [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [SCCM: Enterprise Backbone or Attack Vector?](https://www2.paloaltonetworks.com/blog/security-operations/sccm-enterprise-backbone-or-attack-vector/) Learn how attackers exploit Microsoft SCCM infrastructure through LDAP, WMI enumeration \& detection strategies to secure enterprise environments. Sep 16, 2025 By [Lee Azrati Edri](https://www.paloaltonetworks.com/blog/author/lee-azrati-edri/?ts=markdown "Posts by Lee Azrati Edri") and [Shachar Roitman](https://www.paloaltonetworks.com/blog/author/shachar-roitman/?ts=markdown "Posts by Shachar Roitman") ![SE Labs Awards Palo Alto Networks AAA Rating and 100% Prevention Against Ransomware](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/08/Keyboard-Close-up-LI.jpg) [AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [SE Labs Awards Palo Alto Networks AAA Rating and 100% Prevention Against Ra...](https://www2.paloaltonetworks.com/blog/security-operations/se-labs-awards-palo-alto-networks-aaa-rating-and-100-prevention-against-ransomware/) SE Labs awards Palo Alto Networks Cortex XDR a perfect 100% accuracy rating and AAA grade for ransomware protection with zero false positives. Aug 05, 2025 By [Emran Mazumder](https://www.paloaltonetworks.com/blog/author/emran-mazumder/?ts=markdown "Posts by Emran Mazumder") ![How Apps and Your Phone Can Expose Your Life Without Permission](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/07/cortex_beyond-the-code_ep-5_blog-image_400x300-1.jpg) [Interview](https://www.paloaltonetworks.com/blog/category/interview/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [How Apps and Your Phone Can Expose Your Life Without Permission](https://www2.paloaltonetworks.com/blog/2025/07/apps-and-your-phone-expose-your-life/) Security challenges encompass the entire ecosystem of apps, services and IoT devices that modern consumers use without understanding the data exposure... Jul 22, 2025 By [Dena De Angelo](https://www.paloaltonetworks.com/blog/author/ddeangelo/?ts=markdown "Posts by Dena De Angelo") ![Disrupting Legacy Vulnerability Management](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/07/Pen-Pointing-5.jpg) [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [Disrupting Legacy Vulnerability Management](https://www2.paloaltonetworks.com/blog/security-operations/disrupting-legacy-vulnerability-management/) Introducing the general availability of Cortex Exposure Management, a groundbreaking solution that will redefine traditional vulnerability management. Jul 21, 2025 By [Madhuresh Anur](https://www.paloaltonetworks.com/blog/author/madhuresh-anur/?ts=markdown "Posts by Madhuresh Anur") and [Yvonne Le](https://www.paloaltonetworks.com/blog/author/yvonne-le/?ts=markdown "Posts by Yvonne Le") ![Cortex Advanced Email Security – Built for Today’s AI Threats](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/07/GettyImages-524759829-edit-3-scaled.jpg) [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [Cortex Advanced Email Security -- Built for Today's AI Threats](https://www2.paloaltonetworks.com/blog/security-operations/cortex-advanced-email-security-built-for-todays-ai-threats/) Cortex Advanced Email Security uses AI to stop sophisticated phishing, BEC, and GenAI-powered attacks that bypass traditional email security solutions... Jul 20, 2025 By [Yitzy Tannenbaum](https://www.paloaltonetworks.com/blog/author/yitzy-tannenbaum/?ts=markdown "Posts by Yitzy Tannenbaum") ![No More Guessing: Accurate AI Security with Palo Alto Networks](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/04/See-This-2.jpg) [AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [No More Guessing: Accurate AI Security with Palo Alto Networks](https://www2.paloaltonetworks.com/blog/security-operations/no-more-guessing-accurate-ai-security-with-palo-alto-networks/) Learn how our rigorous evaluation techniques ensure that Palo Alto Networks' precision AI solutions deliver the accuracy and reliability you need. Apr 30, 2025 By [Pamela Toman](https://www.paloaltonetworks.com/blog/author/pamela-toman/?ts=markdown "Posts by Pamela Toman") ![NL2XQL: Turning Natural Language into Powerful Cybersecurity Querying](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/04/Explaining.jpg) [AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [NL2XQL: Turning Natural Language into Powerful Cybersecurity Querying](https://www2.paloaltonetworks.com/blog/security-operations/nl2xql-turning-natural-language-into-powerful-cybersecurity-querying/) NL2XQL transforms natural language into powerful XQL queries, making cybersecurity investigations accessible to all security teams without requiring d... Apr 23, 2025 By [Gal Itzhak](https://www.paloaltonetworks.com/blog/author/gal-itzhak/?ts=markdown "Posts by Gal Itzhak") and [Lior Perry](https://www.paloaltonetworks.com/blog/author/lior-perry/?ts=markdown "Posts by Lior Perry") ![Cortex Xpanse Protects Against Malicious Domain Takeover Techniques](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/02/Professional-5.jpg) [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [Cortex Xpanse Protects Against Malicious Domain Takeover Techniques](https://www2.paloaltonetworks.com/blog/security-operations/cortex-xpanse-protects-against-malicious-domain-takeover-techniques/) Malicious domain takeovers have become an increasing concern for businesses as attackers exploit vulnerabilities by gaining unauthorized access to a d... Feb 26, 2025 By [Yvonne Le](https://www.paloaltonetworks.com/blog/author/yvonne-le/?ts=markdown "Posts by Yvonne Le") ![Democratize Threat Hunting with Cortex Copilot](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/02/NetSec-Adhoc-Updated-Blog-Image-Resize-666009646-1.png) [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [Democratize Threat Hunting with Cortex Copilot](https://www2.paloaltonetworks.com/blog/security-operations/democratize-threat-hunting-with-cortex-copilot/) Discover how Cortex Copilot democratizes threat hunting by enabling analysts to investigate security incidents with AI-powered guidance. Learn how a new threat hunter uncovered a privileged account breach. Feb 19, 2025 By [Jon David](https://www.paloaltonetworks.com/blog/author/jon-david/?ts=markdown "Posts by Jon David") ![Demystifying Impossible Traveler Detection](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/02/NetSec-Adhoc-Updated-Blog-Image-Resize-620929423.png) [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [Demystifying Impossible Traveler Detection](https://www2.paloaltonetworks.com/blog/security-operations/demystifying-impossible-traveler-detection/) Discover how Impossible Traveler Detection in Cortex XDR identifies suspicious logins from distant locations in a short time, and how to address challenges like VPN impacts and reduce false positives in complex... Feb 12, 2025 By [Yaniv Assor](https://www.paloaltonetworks.com/blog/author/yaniv-assor/?ts=markdown "Posts by Yaniv Assor") ![New Cortex Detectors for macOS Address Stealers and Malicious AppleScript](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/01/NetSec-Adhoc-Updated-Blog-Image-Resize-1135341681-2.png) [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [New Cortex Detectors for macOS Address Stealers and Malicious AppleScript](https://www2.paloaltonetworks.com/blog/security-operations/new-cortex-detectors-for-macos-address-stealers-and-malicious-applescript/) Cortex releases new detection analytics targeting macOS stealers and malicious applescript Feb 04, 2025 By [Dan Flaherty](https://www.paloaltonetworks.com/blog/author/dan-flaherty/?ts=markdown "Posts by Dan Flaherty") [](https://www2.paloaltonetworks.com/blog/security-operations/bye-whack-a-mole-the-new-cortex-generic-persistence-analytics-module/) [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [Bye Whack-a-Mole: The New Cortex Generic Persistence Analytics Module](https://www2.paloaltonetworks.com/blog/security-operations/bye-whack-a-mole-the-new-cortex-generic-persistence-analytics-module/) Discover Palo Alto Networks' new Generic Persistence Analytics module, detecting malware persistence across techniques for enhanced cybersecurity. Oct 10, 2024 By [Tom Fakterman](https://www.paloaltonetworks.com/blog/author/tom-fakterman/?ts=markdown "Posts by Tom Fakterman"), [Yoav Zemah](https://www.paloaltonetworks.com/blog/author/yoav-zemah/?ts=markdown "Posts by Yoav Zemah") and [Matan Haim Guez](https://www.paloaltonetworks.com/blog/author/matan-haim-guez/?ts=markdown "Posts by Matan Haim Guez") ![Boosting Identity Security with Cortex XDR/XSIAM Honey Users](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2024/10/Thinking-Twitter-2.jpg) [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [Boosting Identity Security with Cortex XDR/XSIAM Honey Users](https://www2.paloaltonetworks.com/blog/security-operations/boosting-identity-security-with-cortex-xdr-honey-users/) Learn how Cortex XDR's Identity Threat Detection and Response (ITDR) leverages honey users to enhance identity security by detecting and deceiving att... Oct 06, 2024 By [Stav Setty](https://www.paloaltonetworks.com/blog/author/stav-setty/?ts=markdown "Posts by Stav Setty") and [Shachar Roitman](https://www.paloaltonetworks.com/blog/author/shachar-roitman/?ts=markdown "Posts by Shachar Roitman") ![Leading with a Prevention-First Approach for Cloud Detection and Response](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2024/04/Content.jpg) [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [Leading with a Prevention-First Approach for Cloud Detection and Response](https://www2.paloaltonetworks.com/blog/security-operations/leading-with-a-prevention-first-approach-for-cloud-detection-and-response/) Discover the power of a prevention-first approach in cloud detection and response. Learn how agent-based solutions provide real-time visibility and control. Sep 27, 2024 By [Dena De Angelo](https://www.paloaltonetworks.com/blog/author/ddeangelo/?ts=markdown "Posts by Dena De Angelo") ![Black Hat NOC: Protecting One of the World's Most Dangerous Networks](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2024/08/image-84.png) [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown) ## [Black Hat NOC: Protecting One of the World's Most Dangerous Networks](https://www2.paloaltonetworks.com/blog/security-operations/black-hat-noc-protecting-one-of-the-worlds-most-dangerous-networks/) Palo Alto Networks and partners defend Black Hat's network, detecting and stopping nearly a billion threats, ensuring a seamless experience for attend... Aug 09, 2024 By [James Holland](https://www.paloaltonetworks.com/blog/author/james-holland/?ts=markdown "Posts by James Holland") Load more blogs Load more blogs ### Subscribe to Security Operations Blogs! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language