Free Consultation

Nir Zuk, Ignite 17, and Palo Alto Network's plans to disrupt cyber security

5 July 2017

We've been building an increasingly close partnership with Palo Alto Networks - the disruptive next-generation security company behind innovative products like Traps. Last month I was out in Vancouver for Ignite, PAN's annual cyber security conference, and as PAN's UK and Ireland Technical Champion of the Year 2016 I had the privilege of a one-to-one with its engaging founder, Nir Zuk.


Nir's own story is one of constant innovation, so it was fascinating to get his take on what's happening and what's next in our industry. One thing is certainly clear: despite PAN's success, he's determined the company needs to keep innovating, and that's embodied in new ideas like the Applications Framework.

The unstoppable move to SaaS

Ignite, and the conversations I had there, underlined how PAN recognises that the move to cloud-based computing and the consumption of Security as a Service (SaaS) is unstoppable. Moreover it believes that the current level of spending among existing security vendors and new startups is unsustainable, and argues that the way the entire technology industry consumes cyber security needs to change.

PAN's response? About 12 years after it first disrupted the network security industry (with the first next-generation firewall), it's poised to do it again in the wider cyber security industry.

PAN's Applications Framework consists of a suite of cloud APIs, services, compute, and native access to customer-specific data stores. 'Persistent agents', such as firewalls and instances of Traps and Aperture, gather data which is stored in the cloud, then consumed by security services offered by PAN, its customers, and trusted third-party vendors.

Palo Alto Networks Application Framework schematic diagram

PAN isn't just innovating with the technology itself, but also in the way that it's encouraging its uptake and growth. While it's usually the remit of governments to fund and encourage innovation, PAN has secured venture capitalist funding of $20 million, and is inviting developers and entrepreneurs to apply. The goal is to stimulate new security applications and innovations for the Applications Framework. It's a novel approach, but one that further indicates PAN's intent to drive cyber security in an entirely new direction.

All becomes clear for LightCyber

Talking of new directions, when, back in February, PAN acquired LightCyber, it was a clear statement that it sees automated behavioural analytics becoming a critical part of the security mix. In a nutshell, LightCyber's technology involves the use of machine learning to quickly, efficiently, and accurately identify attacks based on behavioural anomalies inside an organisation's network.

I wondered exactly how it would incorporate this 'new' technology into its platform, and at Ignite 17 it became clear: LightCyber is one of the three PAN apps announced for the Application Framework. No additional appliances will be required, as the data being analysed is that which is already passing through the PAN next-generation security platform, collected via the persistent agents I mentioned above.

As the threats (or behavioural anomalies) being identified are those actually inside the network, the LightCyber acquisition really did signal PAN's intent to ensure their platform covered all major cyber security control enforcement points: firewall, endpoint, cloud, and now the LAN/WAN itself.

I was fortunate to be able to directly discuss these developments and the Applications Framework with Nir, and get his view on whether he expected PAN's competitors to follow, as they did after PAN launched the first next-generation firewall.

Whatever does happen, PAN already has partnership or development agreements in place with major players in cyber security, such as IBM, Carbon Black, CrowdStrike, Splunk, Aruba, ProofPoint, Tanium, ForeScout, Tenable, and FireMon. Given this, and Nir's track record, it's a brave soul that would actually bet against the success of PAN's new vision.

Header image: Harshil Shah/Flickr, Creative Commons.