{"id":154289,"date":"2022-02-17T08:00:27","date_gmt":"2022-02-17T16:00:27","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=154289"},"modified":"2022-02-28T16:02:57","modified_gmt":"2022-03-01T00:02:57","slug":"inline-deep-learning","status":"publish","type":"post","link":"https:\/\/www2.paloaltonetworks.com\/blog\/2022\/02\/inline-deep-learning\/","title":{"rendered":"Fundamentally Changing Network Security with Inline Deep Learning"},"content":{"rendered":"

When the ILOVEYOU virus hit in 2000, it was a simpler time: organizations knew when they had it and when it was gone. They also knew another attack wouldn\u2019t come around for a year or so because, at that time, that\u2019s generally how long it took bad actors to come up with something new. 20+ years later, we almost long for this type of virus\u2026 almost<\/em>.<\/p>\n

In those days, most cyberattacks could be prevented by signatures that detected known attacks. This was quite effective as many attacks tended to be variations of one another. Net-new attacks were rare, and generally only more capable, well-funded groups could launch them. In this landscape, defending against a zero-day attack was a reactive process, set into motion only after the initial target was impacted. Over many years, the industry focused on shortening the time it took to react to a new attack, from weeks to days to hours, and in our case even minutes. But, we need to do more.<\/p>\n

The cyberthreat landscape continues to change. This has been true for as long as it has existed, but we\u2019ve reached a new pinnacle. Bad actors of all kinds now have a powerful arsenal of nation state-level attacks at their fingertips. As a result, uniquely advanced (as well as previously rare and highly targeted) attacks are now rampant. Unfortunately, these days, every organization must assume they will be the target of a sophisticated attack.<\/p>\n

But, there is good news: this problem is solvable. And, not just in theory. What\u2019s common about these new attacks is that it is actually possible to both detect and stop them before<\/em> they successfully compromise a target \u2013 with inline deep learning.<\/p>\n

<\/a>Inline Deep Learning Stops Zero-Day Threats<\/h2>\n

With Nebula (PAN-OS 10.2), the latest upgrade of our industry-leading PAN-OS software, we\u2019ve brought deep learning (one of the most advanced forms of machine learning) inline. In doing so, we are solving a challenge that many thought was unsolvable \u2013 stopping zero day attacks without prior knowledge of the attack.<\/p>\n

For context, using deep learning in security is definitely not new. In fact, we\u2019ve been utilizing it for several years, but it was previously limited to out-of-band applications because inline detection and prevention has to be super fast. This is very difficult because it is computationally intensive. We\u2019ve solved this issue by utilizing a unique cloud delivery mechanism. This brand new, industry-first approach to network security fundamentally changes network security. In fact, we believe that this is how all network security will be done in the future. Here are just a couple examples:<\/p>\n