How Palo Alto Networks is leveraging AI

At Palo Alto Networks, just 12 people in its security operations team are responsible for making sense of 90 billion security events that originate from its eight datacentres, five different cloud environments and 59 office locations each day.

That’s only possible through the use of the agentic artificial intelligence (AI) capabilities that come with the company’s Cortex Extended Security Intelligence and Automation Management platform, which whittles that sea of data down to 25 million alerts before distilling them to just 75 to 80 actionable alerts that require attention.

Over half of those alerts require no human review and are automatically resolved by AI agents through the use of security playbooks, Meerah Rajavel, the global CIO of Palo Alto Networks, told Computer Weekly on the sidelines of Singapore International Cyber Week last month.

“The rest require human-in-the-loop confirmation, and on average, only one or two incidents require deep analysis by a human expert,” she said, adding that the company’s mean time to respond for security incidents is just under a minute today.

Across its 85,000 customers, Palo Alto Networks is now stopping some 3.5 billion attacks daily. To achieve this, it embeds what it calls “precision AI” into its products, using a mix of machine learning, deep learning and generative AI technologies.

“In security, we cannot be correct nine out of 10 times when we give recommendations to customers – we have to be right all the time,” she said, adding that machine learning and deep learning are used for deterministic use cases where high accuracy is non-negotiable.

Rajavel noted that AI is particularly useful for mitigating zero-day attacks, which are cyber threats that have not been seen before and can bypass traditional signature-based defences. “AI plays a huge role – it’s not only looking at known patterns, but also mutations and future patterns so we can take down those attacks,” she said.

Amid the growing threat of software supply chain attacks, where malicious code that takes advantage of security loopholes is inserted during development, Palo Alto Networks also relies on the AI capabilities of its Prisma Cloud product to scan for code vulnerabilities, exposed secrets like passwords and issues with open-source components.

This practice of drinking its own champagne as “customer zero” is a key part of Palo Alto Networks’ product development strategy. When ChatGPT was released in November 2022, the company’s leadership saw it as a pivotal moment that would disrupt its business. So, instead of banning it over security risks, they chose to leverage the technology and allow its use responsibly.

Within six months, Rajavel’s team helped design and roll out the company’s AI access security product, which gives organisations, including Palo Alto Networks, full visibility of the AI tools employees are using and lets them enforce granular policies.

“We want people to have access to ChatGPT because it’s a very powerful tool, but we don’t want them to use it for code development because our code is our IP [intellectual property],” said Rajavel, adding that if an engineer tries to paste proprietary code into the public version of ChatGPT, the action will be blocked, and the engineer redirected to an internal securely hosted AI tool for coding.

But ultimately, Rajavel believes that security controls, when implemented correctly, should not hinder, but accelerate business. She likened it to the brakes of a car, an analogy also used by Singapore’s cyber security leaders. “One can think about brakes, which stop your vehicle,” she said. “But the better the brakes are, the faster you can go.”

She argued that security and user experience are in fact both sides of the same coin. Bolting on security measures at the end of a project creates friction, which she compared to pouring oil over an already-cooked meal. The key is to integrate security from the onset.

An example was the company’s move to a passwordless environment. When the security team wanted to enforce multi-factor authentication (MFA) on every single application to achieve zero trust, Rajavel challenged them to first eliminate the friction.

“Imagine a salesperson who’s in the field,” she said. “Every time they access Salesforce or their email, I’m going to ask them to put in a username and password. It’s a huge productivity loss, and they are going to find a way to get around that.”

In just three months, the team rolled out a passwordless system, allowing employees to use biometrics on their devices or physical keys like a YubiKey for authentication. Only then was universal MFA enabled, enhancing security without frustrating users.

Rajavel said the quick roll-out was achieved by consolidating multiple identity management systems on Okta, a popular identity and access management platform, and leveraging authentication and authorisation standards such as security assertion markup language and open authorisation.

The challenge, however, was legacy applications, which could not be easily modified to use modern security protocols. For these, Rajavel’s team built an application programming interface that owners of legacy applications can use to abstract the complexities of authenticating with the Okta platform.

On what worries her the most as CIO of a major cyber security supplier, Rajavel cited the need to keep up with the rapid pace of technology innovation. “A year ago, the primary concern was large language models, but today, the focus is on AI agents,” she said. “If somebody exposes an MCP [model context protocol] server in an unintended way, you’ll be giving away the keys to the kingdom.”