2023 SecureIQLab: Command and Control Comparative Report

The Palo Alto Networks Unit 42 threat research team has reported more than a 73% increase in the use of Red Team tools such as Cobalt Strike by threat actors.* These tools are purpose-built to obfuscate network payloads and emulate real-world traffic to avoid detection. It is imperative that organizations today employ security solutions to protect against these kinds of sophisticated threats. In an effort to understand the breadth of coverage for attacks conducted by red team tools, SecureIQLab was commissioned to test the ability of cloud-delivered firewalls to block the command-and-control capabilities of the Cobalt Strike attack suite. Three products were tested: Palo Alto Networks Prisma Access Enterprise, Cisco Umbrella SIG Essentials, and Zscaler ZIA Transformation bundle. For a similar test on next-generation firewalls, please click here.