* [Blog](https://www2.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate)
* incident response report

# Palo Alto Networks

## incident response report

[![​​2025 Unit 42 Incident Response Report — Attacks Shift to Disruption](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2025/02/iStock-503418498-edit-scaled.jpg)](https://www2.paloaltonetworks.com/blog/2025/02/incident-response-report-attacks-shift-disruption/)  
[​​2025 Unit 42 Incident Response Report --- Attacks Shift to Disruption
\-----------------------------------------------------------------------](https://www2.paloaltonetworks.com/blog/2025/02/incident-response-report-attacks-shift-disruption/)

The 2025 Incident Response Report revealed that speed, sophistication and scale of attacks have reached unprecedented levels with AI-assisted threats.  
[Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown)  
[Reports](https://www.paloaltonetworks.com/blog/category/reports/?ts=markdown)  
[Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown)  
Feb 25, 2025  
By [Sam Rubin](https://www.paloaltonetworks.com/blog/author/sam-rubin/?ts=markdown "Posts by Sam Rubin")

## Palo Alto Networks

*** ** * ** ***

[Announcements](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown)

*** ** * ** ***

[Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown)

*** ** * ** ***

[Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown)

*** ** * ** ***

[Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

*** ** * ** ***

[Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

*** ** * ** ***

[Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown)

*** ** * ** ***

![Top Three Ways Organizations Were Unprepared for Cyberattacks in 2023](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2024/11/GettyImages-550215985-edit-1.jpg)  
[Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Reports](https://www.paloaltonetworks.com/blog/category/reports/?ts=markdown), [Threat Prevention](https://www.paloaltonetworks.com/blog/category/threat-prevention-2/?ts=markdown), [Threat Research](https://www.paloaltonetworks.com/blog/category/threat-research/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown)

## [Top Three Ways Organizations Were Unprepared for Cyberattacks in 2023](https://www2.paloaltonetworks.com/blog/2024/11/top-three-ways-organizations-were-unprepared-for-cyberattacks-in-2023/)

2024 Incident Response report reveals top three ways organizations were unprepared for cyberattacks, and the need to prioritize security fundamentals....  
Nov 05, 2024  
By [Michael J Graven](https://www.paloaltonetworks.com/blog/author/michael-j-graven/?ts=markdown "Posts by Michael J Graven")  
![The Top 5 Largest Scale Intrusions in 2023](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2024/10/GettyImages-646457692-edit.jpg)  
[Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Predictions](https://www.paloaltonetworks.com/blog/category/predictions/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown)

## [The Top 5 Largest Scale Intrusions in 2023](https://www2.paloaltonetworks.com/blog/2024/10/top-5-largest-scale-intrusions-in-2023/)

Unit 42 Incident Response Report analyzed thousands of incidents, revealing the top 5 large-scale intrusions, what tools and vulnerabilities they focus on.  
Oct 02, 2024  
By [Michael J Graven](https://www.paloaltonetworks.com/blog/author/michael-j-graven/?ts=markdown "Posts by Michael J Graven")  
![Unit 42 Incident Response Retainers Enhance Organizational Resilience](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2024/09/GettyImages-667849954-edit.jpg)  
[Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown)

## [Unit 42 Incident Response Retainers Enhance Organizational Resilience](https://www2.paloaltonetworks.com/blog/2024/09/unit-42-incident-response-retainers-enhance-organizational-resilience/)

Examine two Unit 42 incident response cases that provide valuable insights into how today's threat landscape evolves and the strategies needed against it.  
Sep 26, 2024  
By [Wendi Whitmore](https://www.paloaltonetworks.com/blog/author/wendi-whitmore/?ts=markdown "Posts by Wendi Whitmore")  
![Incident Response by the Numbers](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2024/08/GettyImages-508484039-edit.jpg)  
[Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown)

## [Incident Response by the Numbers](https://www2.paloaltonetworks.com/blog/2024/08/incident-response-by-the-numbers/)

Unit 42 helped hundreds of clients assess, respond and recover from attacks, collecting data and compiling our 2024 Incident Response Report.  
Aug 22, 2024  
By [Michael J Graven](https://www.paloaltonetworks.com/blog/author/michael-j-graven/?ts=markdown "Posts by Michael J Graven")  
![Attack Vectors at a Glance](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2024/08/SciFiAstro_00010_1024.png)  
[Incident Response](https://www.paloaltonetworks.com/blog/category/incident-response/?ts=markdown), [Zero Trust Security](https://www.paloaltonetworks.com/blog/category/zero-trust-security/?ts=markdown)

## [Attack Vectors at a Glance](https://www2.paloaltonetworks.com/blog/2024/08/attack-vectors-at-a-glance/)

The 2024 Incident Response Report details the most exploited attack vectors of the past year -- avoid these compromising your organization.  
Aug 07, 2024  
By [Michael J Graven](https://www.paloaltonetworks.com/blog/author/michael-j-graven/?ts=markdown "Posts by Michael J Graven")  
![Creating a Security Program with Less Complexity and More Visibility](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2024/05/AdobeStock_624078692.jpeg)  
[Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown)

## [Creating a Security Program with Less Complexity and More Visibility](https://www2.paloaltonetworks.com/blog/2024/05/creating-a-security-program/)

Our 2024 Incident Response Report shows how vulnerabilities go unpatched, and critical resources sit exposed.  
May 23, 2024  
By [Unit 42](https://www.paloaltonetworks.com/blog/author/unit-42/?ts=markdown "Posts by Unit 42")  
![Prowling the Wilds — Upgrade Your SOC and Hunt Down Threats](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2024/05/AdobeStock_621254974-edit-2.jpeg)  
[Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown)

## [Prowling the Wilds --- Upgrade Your SOC and Hunt Down Threats](https://www2.paloaltonetworks.com/blog/2024/05/upgrade-your-soc-and-hunt-down-threats/)

SOC leaders need to outfit their analysts with the right gear and training. Upgrade your SOC and analysts to hunt down the threats lurking in your net...  
May 21, 2024  
By [Unit 42](https://www.paloaltonetworks.com/blog/author/unit-42/?ts=markdown "Posts by Unit 42")  
![Today’s Attack Trends — Unit 42 Incident Response Report](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2024/02/GettyImages-1073786122-edit.jpg)  
[Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

## [Today's Attack Trends --- Unit 42 Incident Response Report](https://www2.paloaltonetworks.com/blog/2024/02/unit-42-incident-response-report/)

The 2024 Unit 42 Incident Response Report offers insights into attacker tactics and actionable recommendations to help you defend your organization.  
Feb 28, 2024  
By [Wendi Whitmore](https://www.paloaltonetworks.com/blog/author/wendi-whitmore/?ts=markdown "Posts by Wendi Whitmore")  
![7 Tips to Improve Your Existing Incident Response Plan](https://www2.paloaltonetworks.com/blog/wp-content/uploads/2022/09/Top-Down-Collaboration.jpg)  
[Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Unit 42](https://www.paloaltonetworks.com/blog/category/unit42/?ts=markdown)

## [7 Tips to Improve Your Existing Incident Response Plan](https://www2.paloaltonetworks.com/blog/2022/09/improve-your-existing-incident-response-plan/)

Take a proactive approach to improve your existing incident response plan to better respond to and mitigate ever-evolving cyberthreats.  
Sep 08, 2022  
By [Ashlie Blanca](https://www.paloaltonetworks.com/blog/author/ashlie-blanca/?ts=markdown "Posts by Ashlie Blanca")  
Load more blogs

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language